Programming from specifications (2nd ed.)
Programming from specifications (2nd ed.)
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
A Refinement Theory that Supports Reasoning About Knowledge and Time
LPAR '01 Proceedings of the Artificial Intelligence on Logic for Programming
Preserving Information Flow Properties under Refinement
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Fairplay—a secure two-party computation system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Formalized Information-Theoretic Proofs of Privacy Using the HOL4 Theorem-Prover
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
The Shadow Knows: Refinement and security in sequential programs
Science of Computer Programming
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
The shadow knows: refinement of ignorance in sequential programs
MPC'06 Proceedings of the 8th international conference on Mathematics of Program Construction
Security, Probability and Nearly Fair Coins in the Cryptographers' Café
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Developing security protocols by refinement
Proceedings of the 17th ACM conference on Computer and communications security
Compositional closure for Bayes Risk in probabilistic noninterference
ICALP'10 Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II
Hi-index | 0.00 |
A truly secure protocol is one which never violates its security requirements, no matter how bizarre the circumstances, provided those circumstances are within its terms of reference. Such cast-iron guarantees, as far as they are possible, require formal techniques: proof or model-checking. Informally, they are difficult or impossible to achieve. Our technique is refinement , until recently not much applied to security. We argue its benefits by giving rigorous formal developments, in refinement-based program algebra, of several security case studies. A conspicuous feature of our studies is their layers of abstraction and ---for the main study, in particular--- that the protocol is unbounded in state, placing its verification beyond the reach of model checkers. Correctness in all contexts is crucial for our goal of layered, refinement-based developments. This is ensured by our semantics in which the program constructors are monotonic with respect to "security-aware" refinement, which is in turn a generalisation of compositionality.