Integrating security in a large distributed system
ACM Transactions on Computer Systems (TOCS)
Authentication primitives and their compilation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Strand spaces: proving security protocols correct
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
End-to-end arguments in system design
ACM Transactions on Computer Systems (TOCS)
Using encryption for authentication in large networks of computers
Communications of the ACM
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
From Secrecy to Authenticity in Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Validating a Web service security abstraction by typing
Proceedings of the 2002 ACM workshop on XML security
Towards securing XML Web services
Proceedings of the 2002 ACM workshop on XML security
TAPS: A First-Order Verifier for Cryptographic Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Hiding names: private authentication in the applied pi calculus
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Verifying policy-based security for web services
Proceedings of the 11th ACM conference on Computer and communications security
Proving a WS-federation passive requestor profile with a browser model
Proceedings of the 2005 workshop on Secure web services
Tailoring the Dolev-Yao abstraction to web services realities
Proceedings of the 2005 workshop on Secure web services
Trust but verify: authorization for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Secure sessions for web services
SWS '04 Proceedings of the 2004 workshop on Secure web service
Proving a WS-Federation passive requestor profile
SWS '04 Proceedings of the 2004 workshop on Secure web service
Securing the drop-box architecture for assisted living
Proceedings of the fourth ACM workshop on Formal methods in security
A semantics for web services authentication
Theoretical Computer Science - Theoretical foundations of security analysis and design II
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Computationally secure two-round authenticated message exchange
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Foundations of security analysis and design IV
A framework towards enhancing trust and authorisation for e-commerce service
International Journal of Internet Technology and Secured Transactions
Symbolic and cryptographic analysis of the secure WS-ReliableMessaging scenario
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Development and runtime support for situation-aware security in autonomic computing
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Choreography and orchestration: a synergic approach for system design
ICSOC'05 Proceedings of the Third international conference on Service-Oriented Computing
Security issues in service composition
FMOODS'06 Proceedings of the 8th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
Automatic verification of protocols with lists of unbounded length
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
We consider the problem of specifying and verifying cryptographic security protocols for XML web services. The security specification WS-Security describes a range of XML security tokens, such as username tokens, public-key certificates, and digital signature blocks, amounting to a flexible vocabulary for expressing protocols. To describe the syntax of these tokens, we extend the usual XML data model with symbolic representations of cryptographic values. We use predicates on this data model to describe the semantics of security tokens and of sample protocols distributed with the Microsoft WSE implementation of WS-Security. By embedding our data model within Abadi and Fournet's applied pi calculus, we formulate and prove security properties with respect to the standard Dolev-Yao threat model. Moreover, we informally discuss issues not addressed by the formal model. To the best of our knowledge, this is the first approach to the specification and verification of security protocols based on a faithful account of the XML wire format.