Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
ACM Transactions on Computer Systems (TOCS)
Efficient implementation of a BDD package
DAC '90 Proceedings of the 27th ACM/IEEE Design Automation Conference
A note on the use of timestamps as nonces
ACM SIGOPS Operating Systems Review
Optimal privacy and authentication on a portable communications system
ACM SIGOPS Operating Systems Review
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Strand spaces: proving security protocols correct
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Authentication tests and the structure of bundles
Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Authentication and Confidentiality via IPSEC
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Open Issues in Formal Methods for Cryptographic Protocol Analysis
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Protocol Interactions and the Chosen Protocol Attack
Proceedings of the 5th International Workshop on Security Protocols
A Bound on Attacks on Authentication Protocols
TCS '02 Proceedings of the IFIP 17th World Computer Congress - TC1 Stream / 2nd IFIP International Conference on Theoretical Computer Science: Foundations of Information Technology in the Era of Networking and Mobile Computing
PROCOMET '98 Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Verifying authentication protocols with CSP
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Proving Properties of Security Protocols by Induction
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Towards a Completeness Result for Model Checking of Security Protocols
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Towards Automatic Verification of Authentication Protocols on an Unbounded Network
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Protocol Independence through Disjoint Encryption
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
How to Prevent Type Flaw Attacks on Security Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Prudent Engineering Practice for Cryptographic Protocols
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Filtering postures: local enforcement for global policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
The verification of an industrial payment protocol: the SET purchase phase
Proceedings of the 9th ACM conference on Computer and communications security
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Security Protocol Design via Authentication Tests
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Towards provable security for ad hoc routing protocols
Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
Firmato: A novel firewall management toolkit
ACM Transactions on Computer Systems (TOCS)
Verifying information flow goals in security-enhanced Linux
Journal of Computer Security - Special issue on WITS'03
Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks
IEEE Transactions on Mobile Computing
Skeletons, Homomorphisms, and Shapes: Characterizing Protocol Executions
Electronic Notes in Theoretical Computer Science (ENTCS)
Authentication tests and disjoint encryption: A design method for security protocols
Journal of Computer Security - Special issue on CSFW15
From security protocols to systems security
Proceedings of the 11th international conference on Security Protocols
Provable security of on-demand distance vector routing in wireless ad hoc networks
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Completeness of the authentication tests
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Analysing TLS in the strand spaces model
Journal of Computer Security
Establishing and preserving protocol security goals
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
This material was presented in a series of lectures at fosad, a summer school on Foundations of Security Analysis and Design, at the University of Bologna Center at Bertinoro in September 2000. It has two main purposes.The first purpose is to explain how to model and analyze two important security problems, and how to derive systematic solutions to them. One problem area is the "packet protection problem," concerning how to use the security services provided by routers-services such as packet filtering and the IP security protocols-to achieve useful protection in complex networks. The other problem area, the "Dolev-Yao" problem, concerns how to determine, given a cryptographic protocol, what authentication and confidentiality properties it achieves, assuming that the cryptographic primitives it uses are ideal.Our secondary purpose is to argue in favor of an overall approach to modeling and then solving information security problems. We argue in favor of discovering security goals for specific domains by examining the threats and enforcement mechanisms available in those domains. Mathematical modeling allows us to develop algorithms and proof methods to ensure that the mechanisms achieve particular security goals. This leads to a systematic approach to trust management, often a more pressing information security problem than inventing new and improved security mechanisms.