Email this article Testing the Conformance of Implementations of the EAP Protocol and Its Methods to Internet Specifications
- Authors: Nikeshin A.V.1, Shnitman V.Z.1,2
-
Affiliations:
- Ivannikov Institute for System Programming, Russian Academy of Sciences
- Moscow Institute of Physics and Technology
- Issue: Vol 45, No 7 (2019)
- Pages: 417-423
- Section: Article
- URL: https://journals.rcsi.science/0361-7688/article/view/176958
- DOI: https://doi.org/10.1134/S0361768819070090
- ID: 176958
Cite item
Open Access
Access granted
Subscription Access
Abstract
Generation of tests for checking the conformance of implementations of the Extensible Authentication Protocol (EAP) and its methods to Internet specifications is described. The project is based on the UniTESK technology that allows one to automate the verification of network protocols using their formal models and the extension JavaTesK, which implements the UniTESK technology in Java. The additional use of mutation testing techniques makes it possible to test the stability of a protocol implementation to corrupt messages. This approach proved to be effective in finding a number of critical vulnerabilities and other deviations from the EAP in some implementations.
About the authors
A. V. Nikeshin
Ivannikov Institute for System Programming, Russian Academy of Sciences
Author for correspondence.
Email: alexn@ispras.ru
Russian Federation, Moscow, 109004
V. Z. Shnitman
Ivannikov Institute for System Programming, Russian Academy of Sciences; Moscow Institute of Physics and Technology
Author for correspondence.
Email: vzs@ispras.ru
Russian Federation, Moscow, 109004; Dolgoprudnyi, Moscow oblast, 141700
