Formal Method of Analyzing Security Property of Android Application

Formal Method of Analyzing Security Property of Android Application

It is a general process of a successful SSO login. However,the details might be different under different SSO implemen-tations.1) First, a user sends a request to login to the SP with itsidentity on an IdP.2) The SP requires user to provide an access token fromthe IdP to prove that the user is who it claims to be. TheSP redirects the user to IdP.3) User logs in to IdP and asks IdP to generate the accesstoken for it.4) The IdP redirects the user back to the SP with thegenerated access token.5) User provides the access token to SP. SP verifies theaccess token with IdP and logs the user inhows the implementation of Facebook SSO loginprotocol on Android. User is not shown on Fig. 2 for concisionand the user will interact with Android when it needs to suchas clicking login button or inputting user’s credentials.1) User requests to login to SP and SP initiates a requestto Facebook SDK asking for user’s access token.2) Facebook SDK relays the request to Facebook serverwith user’s credentials of its Facebook account identity.3) Facebook server verifies the credentials from the userand upon successful verification, cookies are returnedback to the user together with a form indicating whatdata will the SP has access to user’s Facebook account.4) User consents the authorization.5) Facebook generates the access token and returns it toFacebook SDK.6) Facebook SDK delivers the access token to SP and SPlogs the user in.Method OverviewIn order to formally verify the Facebook SSO implemen-tation on Android, one needs to build a formal model of theprotocol out of its implementation beforehand. In this section,the author first introduces the overview of the method he usesto model the protocol.Basically, the analysis consists of four stages. They are pro-tocol extraction stage; protocol modelling stage; verificationstage and finally result analysis stage. Each stage generatesartifacts and the artifacts are used as input in the next stage.The security analyst needs to manually analyze the artifactsgenerated in the final stage to identify and to confirm possiblevulnerabilities in the model.1) Protocol Extraction:Because Facebook does not docu-ment how they implement the SSO protocol, in order to buildthe formal model correctly, one needs to understand what aretransmitted between Facebook SDK and Facebook server andwhat are the semantics of the transmitted messages. To findout these information, the author performs a static analysisto Facebook SDK by manually inspecting its source code tounderstand what the SDK does during the login process andhow the SDK communicates with SP and Facebook server.Then, by dynamically running the protocol the author capturesthe network traffic between Facebook SDK and Facebookserver. After that, by removing the redundant messages andparameters, the captured network traffic is refined for theconvenience of modelling process.2) Protocol Modelling:With the refined protocol derivedin the previous stage, the author builds the formal model intyped Pi-calculus [16].CodeShoppy

To ease this problem, the author first intuitively transformsthe refined protocol into an intermediate representation whichis close to typed Pi-calculus. Later, the intermediate repre-sentation can be translated to typed Pi-calculus much easier.The refined protocol is then modelled in a basic formal modelin typed Pi-calculus which contains no adversaries. Based onthe basic model, the author introduces four different attackerson top of the model and derives four formal models withproperties to be check. The first attacker model is the networkattacker which the attacker eavesdrops on the communicationchannel, namely, the network; the second is the maliciousSP which provides the user with services and let the userslogin with their identities on the IdP; the third and fourthare a malicious app in the system and they differs only atwhether the malicious app in the system can obtain the rootprivilege or not. The properties defined by security analyston these four attacker models include authentication property,authorization property and secrecy property which are mostrelevant to protocol security and user’s privacy

Formal Method of Analyzing Security Property of Android Application
https://codeshoppy.com/php-projects-titles-topics.html

Categories