An Extended UML Method for the Verification of Security Protocols

This paper presents a formal modeling method of security protocols based on the extended UML framework. In order to simplify the process and reduce the difficulty of security protocol modelling, extending mechanisms for the class diagram and sequence diagram of UML are presented, which provide an engineering specification for the security protocol formalizing. Therefore, for verifying the confidentiality and correspondence of security protocols by ProVerif, a transformation from extended UML model to ProVerif Spi calculus model is realized with matching rules and knowledge reasoning, and then the verifying results are analyzed through a regular expression. Finally, the handshake, NS public key and buyer-seller watermarking protocols are verified, the attack traces of unsatisfied security properties are exported, that show the validity and applicability of the approach provided by this paper.