Establishing the security foundations for network protocol design

The foundation of network security have not been paid enough concentrations, and the comprehensive considerations for the solution models in network security have not been explored thoroughly. In this paper, we make the first attempt to establish several models for the security of network protocols. We divide the security of network protocols into two folders: the implementation security of network protocols, and the design security of network protocols. Four models are proposed to clarify the security problems: software vulnerability model, scalability model, authentication model, and covert model. We also propose several defense principles for all models. The security reduction is also proposed to transform the solution method for security problems to other available security verification and testing approaches. For example, the implementation security of network protocols is reduced to the security of software implementation for parsing protocols, so that the fuzzy test can be used for verification. The pressure test are used for scalability model. The exploration of the paper can help to stimulate the further discussions on the foundations of network security, especially the design security of network protocols.