Casper: a compiler for the analysis of security protocols
Journal of Computer Security
Towards an Automatic Analysis of Security Protocols in First-Order Logic
CADE-16 Proceedings of the 16th International Conference on Automated Deduction: Automated Deduction
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Static validation of security protocols
Journal of Computer Security
SAT-based model-checking for security protocols analysis
International Journal of Information Security
On the relationships between models in protocol verification
Information and Computation
Refinement Types for Secure Implementations
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
On the security of multi-party ping-pong protocols
SFCS '83 Proceedings of the 24th Annual Symposium on Foundations of Computer Science
System Description: Spass Version 3.0
CADE-21 Proceedings of the 21st international conference on Automated Deduction: Automated Deduction
Automatic verification of correspondences for security protocols
Journal of Computer Security
Towards formal validation of trust and security in the internet of services
The future internet
ASLan++ -- a formal security specification language for distributed systems
FMCO'10 Proceedings of the 9th international conference on Formal Methods for Components and Objects
TACAS'12 Proceedings of the 18th international conference on Tools and Algorithms for the Construction and Analysis of Systems
The TAMARIN prover for the symbolic analysis of security protocols
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
Hi-index | 0.00 |
The abstraction and over-approximation of protocols and web services by a set of Horn clauses is a very successful method in practice. It has however limitations for protocols and web services that are based on databases of keys, contracts, or even access rights, where revocation is possible, so that the set of true facts does not monotonically grow with state transitions. We extend the scope of these over-approximation methods by defining a new way of abstraction that can handle such databases, and we formally prove that the abstraction is sound. We realize a translator from a convenient specification language to standard Horn clauses and use the verifier ProVerif and the theorem prover SPASS to solve them. We show by a number of examples that this approach is practically feasible for wide variety of verification problems of security protocols and web services