A Theory of Communicating Sequential Processes
Journal of the ACM (JACM)
Communicating sequential processes
Communicating sequential processes
On the Identification of Covert Storage Channels in Secure Systems
IEEE Transactions on Software Engineering
CCS expressions finite state processes, and three problems of equivalence
Information and Computation
The concurrency workbench: a semantics-based tool for the verification of concurrent systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
A calculus of mobile processes, I
Information and Computation
A classical mind
Using encryption for authentication in large networks of computers
Communications of the ACM
Formal verification of parallel programs
Communications of the ACM
Communication and Concurrency
Introduction to Automata Theory, Languages and Computability
Introduction to Automata Theory, Languages and Computability
Non-Interference Through Determinism
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Comparing Two Information Flow Security Properties
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Word problems requiring exponential time(Preliminary Report)
STOC '73 Proceedings of the fifth annual ACM symposium on Theory of computing
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
A compiler for analyzing cryptographic protocols using noninterference
ACM Transactions on Software Engineering and Methodology (TOSEM)
Analyzing security protocols with secrecy types and logic programs
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow vs. resource access in the asynchronous pi-calculus
ACM Transactions on Programming Languages and Systems (TOPLAS)
A notion of non-interference for timed automata
Fundamenta Informaticae
Analysis of security protocols as open systems
Theoretical Computer Science
A comparison of three authentication properties
Theoretical Computer Science - Special issue: Algebraic methodology and software technology
Secure Information Flow as Typed Process Behaviour
ESOP '00 Proceedings of the 9th European Symposium on Programming Languages and Systems
Message Authentication through Non Interference
AMAST '00 Proceedings of the 8th International Conference on Algebraic Methodology and Software Technology
Transforming Processes to Check and Ensure Information Flow Security
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Classification of Security Properties (Part I: Information Flow)
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Non Interference for the Analysis of Cryptographic Protocols
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
Information Flow vs. Resource Access in the Asynchronous Pi-Calculus
ICALP '00 Proceedings of the 27th International Colloquium on Automata, Languages and Programming
Automatic Verification of Cryptographic Protocols through Compositional Analysis Techniques
TACAS '99 Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems
Proofs Methods for Bisimulation Based Information Flow Security
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Bisimulation and Unwinding for Verifying Possibilistic Security Properties
VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
Secure Information Flow for Concurrent Processes
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
Probabilistic Information Flow in a Process Algebra
CONCUR '01 Proceedings of the 12th International Conference on Concurrency Theory
CVS at Work: A Report on New Failures upon Some Cryptographic Protocols
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
Automated Reasoning and the Verification of Security Protocols
TABLEAUX '99 Proceedings of the International Conference on Automated Reasoning with Analytic Tableaux and Related Methods
A Uniform Approach for the Definition of Security Properties
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
Static Analysis of Processes for No and Read-Up nad No Write-Down
FoSSaCS '99 Proceedings of the Second International Conference on Foundations of Software Science and Computation Structure, Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS'99
Control flow analysis of mobile ambients with security boundaries
FMOODS '02 Proceedings of the IFIP TC6/WG6.1 Fifth International Conference on Formal Methods for Open Object-Based Distributed Systems V
CVS: A Compiler for the Analysis of Cryptographic Protocols
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Information Flow Security in Dynamic Contexts
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A decidable notion of timed non-interference
Fundamenta Informaticae - Concurrency specification and programming
From Bisimulation to Simulation: Coarsest Partition Problems
Journal of Automated Reasoning
An efficient algorithm for computing bisimulation equivalence
Theoretical Computer Science
Security check: a formal yet practical framework for secure software architecture
Proceedings of the 2003 workshop on New security paradigms
Embedding role-based access control model in object-oriented systems to protect privacy
Journal of Systems and Software
A model-checking verification environment for mobile processes
ACM Transactions on Software Engineering and Methodology (TOSEM)
A process-algebraic approach for the analysis of probabilistic noninterference
Journal of Computer Security
Information flow in hybrid systems
ACM Transactions on Embedded Computing Systems (TECS)
Providing flexible access control to an information flow control model
Journal of Systems and Software
Analyzing security protocols with secrecy types and logic programs
Journal of the ACM (JACM)
Relating multiset rewriting and process algebras for security protocol analysis
Journal of Computer Security - Special issue on WITS'03
An information flow control model for C applications based on access control lists
Journal of Systems and Software
Information flow security in dynamic contexts
Journal of Computer Security
A framework for compositional verification of security protocols
Information and Computation
Information flow security in Boundary Ambients
Information and Computation
Towards Information Flow Properties for Distributed Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Petri Net Security Checker: Structural Non-interference at Work
Formal Aspects in Security and Trust
Models and Proofs of Protocol Security: A Progress Report
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
Synthesis of Non-Interferent Timed Systems
FORMATS '09 Proceedings of the 7th International Conference on Formal Modeling and Analysis of Timed Systems
Optimizing Pointer Analysis Using Bisimilarity
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Symbolic algorithmic verification of generalized noninterference
WSEAS Transactions on Computers
An Automata Based Approach for Verifying Information Flow Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
Electronic Notes in Theoretical Computer Science (ENTCS)
Structural non-interference in elementary and trace nets
Mathematical Structures in Computer Science
A proof system for information flow security
LOPSTR'02 Proceedings of the 12th international conference on Logic based program synthesis and transformation
Rule formats for non interference
ESOP'03 Proceedings of the 12th European conference on Programming
Security protocols: principles and calculi tutorial notes
Foundations of security analysis and design IV
Model-checking trace-based information flow properties
Journal of Computer Security
A team automaton scenario for the analysis of security properties of communication protocols
Journal of Automata, Languages and Combinatorics
On intransitive non-interference in some models of concurrency
Foundations of security analysis and design VI
A protocol's life after attacks...
Proceedings of the 11th international conference on Security Protocols
Creating objects in the flexible authorization framework
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Bridging language-based and process calculi security
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
A generic model for analyzing security protocols
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Quantifying probabilistic information flow in computational reactive systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Verifying security protocols: an application of CSP
CSP'04 Proceedings of the 2004 international conference on Communicating Sequential Processes: the First 25 Years
Security boundaries in mobile ambients
Computer Languages, Systems and Structures
Verifying persistent security properties
Computer Languages, Systems and Structures
A Decidable Notion of Timed Non-Interference
Fundamenta Informaticae - Concurrency Specification and Programming (CS&P'2002), Part 1
A Notion of Non-Interference for Timed Automata
Fundamenta Informaticae - Concurrency Specification and Programming Workshop (CS&P'2001)
Decidability of parameterized probabilistic information flow
CSR'07 Proceedings of the Second international conference on Computer Science: theory and applications
| Hi-index | 0.01 |
The Compositional Security Checker (CoSeC for short) is a semantic-based tool for the automatic verification of some compositional information flow properties. The specifications given as inputs to CoSeC are terms of the Security Process Algebra, a language suited for the specification of concurrent systems where actions belong to two different levels of confidentiality. The information flow security properties which can be verified by CoSeC are some of those classified in [8]. They derive from some classic notions, e.g., Noninterference [11]. The tool is based on the same architecture as the Concurrency Workbench [5], from which some modules have been imported unchanged. The usefulness of the tool is tested with the significant case-study of an access-monitor, presented in several versions in order to illustrate the relative merits of the various information flow properties that CoSeC can check. Finally, we present an application in the area of network security: we show that the theory (and the tool) can be reasonably applied also for singling out security flaws in a simple, yet paradigmatic, communication protocol.