Abstract
Mobile Edge Computing (MEC) is proposed to meet the requirements of mobile users for low latency and response time, and its edge nodes will download data from the cloud server in advance, which arouses researchers to pay attention to the privacy-preserving authentication of mobile users and edge nodes, as well as the data integrity verification of edge nodes. Therefore, it is essential and crucial to integrate the authentication methods into data integrity verification protocol. In this paper, we propose a new integrated protocol AICE, i.e., a uthentication and i ntegrity c hecking on e dges, and then formally analyze and automatically validate the correctness and authentication security of the protocol. We first give the information flows of the AICE protocol by combining the privacy-preserving authentication (PPA) protocol and integrity checking protocol for MEC (ICE) together. According to the features of the AICE protocol, we then select the SVO logic to conduct the formal analysis of the protocol from the perspective of theoretical analysis of modal logic. Furthermore, we employ the AVISPA tool to validate the correctness of the protocol from the perspective of mechanical automatic analysis. The theoretical analysis and mechanical results demonstrate that the integrated protocol AICE satisfies the correctness and authentication.
Similar content being viewed by others
References
Sabella D, Vaillant A, Kuure P, Rauschenbach U, Giust F (2016) Mobile-edge computing architecture: The role of MEC in the Internet of things. IEEE Consumer Electron Mag 5(4):84–91
Tong L, Li Y, Gao WA (2016) Hierarchical edge cloud architecture for mobile computing. In: Proc. the 35th Annual IEEE International Conference on Computer Communications, April 10-14, pp 1–9
López PG, Montresor A, Epema DHJ, Datta A, Higashino T, Iamnitchi A, Barcellos MP, Felber P, Rivière E (2015) Edge-centric computing: vision and challenges. Comput Commun Rev 45(5):37–42
Ogiela U (2020) Cognitive cryptography for data security in cloud computing. Concurr. Comput. Pract. Exp., 32(18)
Namasudra S (2019) An improved attribute-based encryption technique towards the data security in cloud computing. Concurr. Comput. Pract. Exp., 31(3)
Gupta BB, Yamaguchi S, Agrawal DP (2018) Advances in security and privacy of multimedia big data in mobile and cloud computing. Multim. Tools Appl. 77(7):9203–9208
Tong W, Jiang B, Xu F, Li Q, Zhong S (2019) Privacy-preserving data integrity verification in mobile edge computing. In: Proc. the 39th IEEE International Conference on Distributed Computing Systems, July 7-10, pp 1007–1018
Kaur K, Garg S, Kaddoum G, Guizani M, Jayakody DNK (2019) A lightweight and Privacy-preserving authentication protocol for mobile edge computing. In: Proc. IEEE Global Communications Conference, December 9-13, pp 1–6
Imamoto K, Sakurai K (2005) Design and analysis of diffie-hellman-based key exchange using one-time ID by SVO logic. Electron. Notes Theor Comput Sci 135(1):79–94
Heintze N, Tygar JD (1996) A model for secure protocols and their compositions. IEEE Trans Software Eng 22(1):16–30
Gong L, Needham RM, Yahalom R (1990) Reasoning about belief in cryptographic protocols. In: Proc. IEEE Symposium on Security and Privacy May 7-9, pp 234–248
Burrows M, Abadi M, Needham RMA (1989) Logic of authentication. In: Andrews GR (ed) Proc. the 12th ACM Symposium on Operating System Principles, December 3-6, pp 1–13
Abadi M, Tuttle MRA (1991) Semantics for a logic of authentication (extended abstract). In: Logrippo L (ed) Proc. the 10th Annual ACM Symposium on Principles of Distributed Computing, August 19-21, pp 201–216
Oorschot PC (1993) Extending cryptographic logics of belief to key agreement protocols. In: Denning DE, Pyle R, Ganesan R, Sandhu RS, Ashby V (eds) Proc. the 1st ACM Conference on Computer and Communications Security, November 3-5, pp 232–243
You I, Hori Y, Sakurai K, Enhancing SVO (2011) Logic for mobile IPv6 security protocols. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 2(3):26–52
Buttyan L (1999) Formal methods in the design of cryptographic protocols (state of the art) technical report
Viganó L (2005) Automated security protocol analysis with the AVISPA tool. In: Proc. the 21st Annual Conference on Mathematical Foundations of Programming Semantics, May 18-21, pp 61–86
Mir O, Weide TP, Lee C (2015) A secure user anonymity and authentication scheme using AVISPA for telecare medical information systems. J Medical Syst 39(9):89:1–89:16
Ravari AN, Fallah MS (2015) A nonmonotonic modal authorization logic for pervasive computing. Scur Commun Networks 8(6):1077–1091
Hella L, Järvisalo M, Kuusisto A, Laurinharju J, Lempiäinen T, Luosto K, Suomela J, Virtema J (2015) Weak models of distributed computing, with connections to modal logic. Distributed Comput 28(1):31–53
Fei Y, Zhu H, Vinh PC (2020) Security analysis of the access control solution of NDN using BAN logic. Mob Networks Appl 25(3):1162–1173
Coffey T, Dojen R, Flanagan T (2003) On the automated implementation of modal logics used to verify security protocols. In: Proc. the 1st International Symposium on Information and Communication Technologies, September 24-26, vol 49, pp 329–334
You I, Sakurai K, Hori Y (2009) A security analysis on kempf-koodli’s security scheme for fast mobile IPv6. IEICE Trans Commun 92-B(6):2287–2290
Liu D, Shen J, Vijayakumar P, Wang A, Zhou T (2020) Efficient data integrity auditing with corrupted data recovery for edge computing in enterprise multimedia security. Multim Tools Appl 79 (15-16):10851–10870
Echeverría S, Klinedinst D, Williams K, Lewis GA (2016) Establishing trusted identities in disconnected edge environments. In: Proc. IEEE/ACM Symposium on Edge Computing, October 27-28, pp 51–63
Bhardwaj K, Shih M, Agarwal P, Gavrilovska A, Kim T, Schwan K (2016) Fast, Scalable and secure onloading of edge functions using airbox. In: Proc. IEEE/ACM Symposium on Edge Computing, October 27-28, pp 14–27
Deswarte Y, Quisquater J, Saïdane A (2003) Remote integrity checking - how to trust files stored on untrusted servers. In: Proc. the 6th Working Conference on Integrity and Internal Control in Information Systems, November 13-14, pp 1–11
K A, Moses MB (2020) An efficient SG-DACM framework for data integrity with user revocation in role based multiuser cloud environment. Comput. Commun. 155:84–92
Garg N, Bawa S, Kumar N (2020) An efficient data integrity auditing protocol for cloud computing. Future Gener Comput. Syst. 109:306–316
Almuhaideb AM, Srinivasan B, Le PD, Wilson C, Malhotra V (2012) Analysis of mobile authentication protocols by SVO logic. In: Proc. the 1st International Conference on Security of Internet of Things, August 17-19, pp 126–134
Alegria JAH, Bastarrica MC, Bergel A (2010) Analyzing the scrum process model with AVISPA. In: Proc. the 29th International Conference of the Chilean Computer Science Society, November 15-19, pp 60–65
Mohamadi HE, Kara N, Lagha M (2018) Formal verification of RGR-SEC, a secured RGR routing for UAANETs using AVISPA, Scyther and Tamarin. In: Proc. the 4th International Conference on Future Network Systems and Security, July 9-11, pp 3–16
Aciobanitei I, Guinea R, Pura M (2018) AVISPA versus AVANTSSAR in the model checking of secure communication protocols. In: Proc. the 15th International Joint Conference on e-Business and Telecommunications, July 26-28, pp 686–691
Zhang J, Zhong H, Cui J, Tian M, Xu Y, Liu L (2020) Edge computing-based privacy-preserving authentication framework and protocol for 5G-enabled vehicular networks. IEEE Trans Veh Edge computing-based privacy-preserving authentication Technol 69(7):7940–7954
Acknowledgements
This work was partly supported by the National Key Research and Development Program of China (Grant No. 2018YFB2101300), the National Natural Science Foundation of China (Grant Nos. 61872145, 62032024), and the Excellent Doctoral Students’ Academic Innovation Ability Improvement Program of East China Normal University (Grant No. YBNLTS2021-034).
Author information
Authors and Affiliations
Corresponding authors
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Yin, J., Zhu, H. & Fei, Y. Formal analysis and automated validation of privacy-preserving AICE protocol in mobile edge computing. Mobile Netw Appl 26, 2258–2271 (2021). https://doi.org/10.1007/s11036-021-01850-1
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-021-01850-1