Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
On the symbolic reduction of processes with cryptographic functions
Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
On the Reachability Problem in Cryptographic Protocols
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
Protocol insecurity with a finite number of sessions and composed keys is NP-complete
Theoretical Computer Science
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Proving Security Protocols with Model Checkers by Data Independence Techniques
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
On protection in operating systems
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
An NP decision procedure for protocol insecurity with XOR
Theoretical Computer Science
Privacy and Contextual Integrity: Framework and Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Theoretical Computer Science - Automated reasoning for security protocol analysis
Privacy and Utility in Business Processes
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Breaking and fixing public-key Kerberos
Information and Computation
Policy Compliance in Collaborative Systems
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Collaborative Planning with Confidentiality
Journal of Automated Reasoning
Towards an automated assistant for clinical investigations
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
On the Complexity of Linear Authorization Logics
LICS '12 Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer Science
| Hi-index | 0.00 |
This paper extends existing models for collaborative systems. We investigate how much damage can be done by insiders alone, without collusion with an outside adversary. In contrast to traditional intruder models, such as in protocol security, all the players inside our system, including potential adversaries, have similar capabilities. They have bounded storage capacity, that is, they can only remember at any moment a bounded number of facts. This is technically imposed by only allowing balanced actions, that is, actions that have the same number of facts in their pre and post conditions. On the other hand, the adversaries inside our system have many capabilities of the standard Dolev-Yao intruder, namely, they are able, within their bounded storage capacity, to compose, decompose, overhear, and intercept messages as well as update values with fresh ones. We investigate the complexity of the decision problem of whether or not an adversary is able to discover secret data. We show that this problem is PSPACE-complete when all actions are balanced and can update values with fresh ones. As an application we turn to security protocol analysis and demonstrate that many protocol anomalies, such as the Lowe anomaly in the Needham-Schroeder public key exchange protocol, can also occur when the intruder is one of the insiders with bounded memory.