Strand spaces: proving security protocols correct
Journal of Computer Security
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Checking secrecy by means of partial order reduction
SAM'04 Proceedings of the 4th international SDL and MSC conference on System Analysis and Modeling
Operational semantics of security protocols
SMTT'03 Proceedings of the 2003 international conference on Scenarios: models, Transformations and Tools
A framework for compositional verification of security protocols
Information and Computation
Towards Automated Secure Web Service Execution
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Middleware for Automated Implementation of Security Protocols
ESWC 2009 Heraklion Proceedings of the 6th European Semantic Web Conference on The Semantic Web: Research and Applications
A tool-supported method for the design and implementation of secure distributed applications
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Analysing TLS in the strand spaces model
Journal of Computer Security
| Hi-index | 0.00 |
The application of formal methods to security protocol analysis has been extensively researched during the last 25 years. Several formalisms and (semi-)automatic tools for the verification of security protocols have been developed. However, their applicability is limited to relatively small protocols that run in isolation. Many of the protocols that are in use today cannot be verified using these methods. One of the main reasons for this is that these protocols are composed of several sub-protocols. Such a composition of protocols is not addressed in the majority of formalisms. In this paper we identify a number of issues that are relevant to applying formal methods to the problem of security protocol composition. Additionally, we describe what research needs to be done to meet this challenge.