د/ايمان زغلول قاسم

استاذ تكنولوجيا التعليم المشارك بكلية التربية بالزلفي

security protocol2

RELATED WORK
2.1 Construction Sets
Construction sets have a venerable place in the history of
education. Records show that as early as in 1,800 appeared a
building set for castles and walled towns [4]. In America,
building blocks have been recommended to parents since
1826 [5].
Recently, the educational role of construction sets has
been enhanced by the integration of computational media.
For example, building blocks with sensors and fiber optic
output were used to construct a speech-enabled alphabet
set [6] or 3D structures for communicating to a computer
[7]. Particularly, construction sets have been widely used in
undergraduate robotics education. For example, Lego
bricks [8] were used as the controllers for large Lego sets.
The sets provided a wide space for students to make
hypotheses about how things work and validate their
assumptions [9]. Similar digital manipulations have been
used in artificial intelligence, programming, and general
engineering courses [10], [11], [2]. Inspired by the success in
robotics education, digital construction sets have been
applied to the design of space habitat and vehicle [12]
and computer systems [13]. For example, the functional
decomposition approach [13] has been applied to many
systems, including analog electronics, digital design, VLSI,
and software.
In this paper, we present an approach that adopts the
concept of Legos to help students understand the relationships
among security protocols and the involving primitives.
Different from previous methods, our approach can
automatically generate specialized digital Legos for various
security protocols.
2.2 Achievements in Security Education
This project is inspired by the fact that various security
protocols are constructed by a limited number of primitives.
For example, Millen et al. [14] have summarized ten
reduction rules to decompose security protocols into simple
units, and Cremers [15] has investigated how to decompose
a complicated protocol into subprotocols. Therefore, we
believe that a suitable design of digital Legos can be used to
assist us in teaching security protocols. Previously, we have
developed a 2D Lego system for security courses [16], in
which, special 2D Lego pieces are designed to visualize the
operations such as encryption. Our experiences show that
the 2D shapes may cause some difficulty in understanding
the security protocols, since the message contents are
represented as embedded boundaries. Therefore, in this
paper, we present a more intuitive approach that can
simulate the real 3D Legos.
Several other graphical approaches have been proposed
for security education. For example, Burger and Rothermel
presented a general purpose simulation architecture for
teaching security protocols [17]. Saul and Hutchison
developed a graphic environment for analyzing security
protocols [18]. Schweitzer [19] designed an interactive
visualization tool for demonstrating protocols, visually in
a user-controlled stepwise manner. Elmqvist also developed
an animation function to display protocols in a step-by-step
fashion [20]. In contrast to our approach, these methods are
mainly designed to use graphics or interactions to emphasize
the sequential events associated with a protocol.
Compared to previous methods, our approach can illustrate
the messages of a protocol in visual forms and demonstrate
the relationships among primitives and protocols.
3 CONSTRUCTION WITH REAL LEGOS
3.1 Notation
We first introduce the notations that are used to describe a
security protocol in the remainder of the paper. A security
protocol usually consists of the interactions among multiple
entities. We adopt the Dolev-Yao model [21] to represent the
deduction capabilities of the legitimate entities and attackers.
Table 1 lists the notations of the security protocols.
To build a generic approach that can represent a wide
range of security protocols and attacks, we have adopted a
flexible two-tier construction method [16].
We use the subindex of an item to label its owner so that
the end users of our system can directly edit the protocol
files. For example, N B represents a random number
generated by entity B. If the subindex contains two entity
names, it is shared between them. For example, Ks AB
represents a secret key shared between entity A and entity B.
As illustrated in Fig. 1, this approach represents messages of
security protocols with plain text and they can be easily
understood by the end users.

الوقت من ذهب

اذكر الله


المصحف الالكتروني