Formalization and Analysis of a Resource Allocation Security Protocol for Secure Service Migration

摘要

The advent of virtual machine technology for example, VMware, and container technology, such as Docker, have made the migration of services between different Cloud Systems possible. This enables the development of mobile services that can ensure low latencies between servers and their mobile clients resulting in better QOS. Though there are many mechanisms in place to support for mobile services, a key component that is missing is the development of security protocols that allow the safe transfer of servers to different Cloud environments. In this paper, we propose a Resource Allocation Security Protocol for secure service migration. We explore two approaches; In the first approach, the protocol is developed and formally verified by Automated Validation of Internet Security Protocols and Applications tool. The protocol satisfies the security properties of secrecy and authentication. In addition, nonces are used for replay protection and to ensure freshness. In the second approach, a secure symmetrical session key is used to do the safe transfer and an automatic cryptographic protocol verifier ProVerif is employed to verify secrecy, authentication and key exchange.