Partial constraint satisfaction
Artificial Intelligence - Special volume on constraint-based reasoning
Possibilistic constraint satisfaction problems or “how to handle soft constraints?”
UAI '92 Proceedings of the eighth conference on Uncertainty in Artificial Intelligence
Concurrent constraint programming
Concurrent constraint programming
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Prudent Engineering Practice for Cryptographic Protocols
IEEE Transactions on Software Engineering
Semiring-based constraint satisfaction and optimization
Journal of the ACM (JACM)
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
Secrecy by typing in security protocols
Journal of the ACM (JACM)
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
A lattice model of secure information flow
Communications of the ACM
Security analysis using flow logics
Current trends in theoretical computer science
Semiring-based constraint logic programming: syntax and semantics
ACM Transactions on Programming Languages and Systems (TOPLAS)
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Soft constraint propagation and solving in CHRs
Proceedings of the 2002 ACM symposium on Applied computing
Cryptography: Theory and Practice
Cryptography: Theory and Practice
Abstracting soft constraints: framework, properties, examples
Artificial Intelligence
Soft Concurrent Constraint Programming
ESOP '02 Proceedings of the 11th European Symposium on Programming Languages and Systems
Secrecy by Typing inSecurity Protocols
TACS '97 Proceedings of the Third International Symposium on Theoretical Aspects of Computer Software
Uncertainty in Constraint Satisfaction Problems: a Probalistic Approach
ECSQARU '93 Proceedings of the European Conference on Symbolic and Quantitative Approaches to Reasoning and Uncertainty
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
A Meta-Notation for Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Information Flow Analysis in a Discrete-Time Process Algebra
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Smartcard integration with Kerberos V5
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Valued constraint satisfaction problems: hard and easy problems
IJCAI'95 Proceedings of the 14th international joint conference on Artificial intelligence - Volume 1
Verifying the SET registration protocols
IEEE Journal on Selected Areas in Communications
A soft constraint-based approach to the cascade vulnerability problem
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Electronic Notes in Theoretical Computer Science (ENTCS)
Semiring-Based Soft Constraints
Concurrency, Graphs and Models
An Overview of FORCES: An INRIA Project on Declarative Formalisms for Emergent Systems
ICLP '09 Proceedings of the 25th International Conference on Logic Programming
Electronic Notes in Theoretical Computer Science (ENTCS)
Electronic Notes in Theoretical Computer Science (ENTCS)
A 25-year perspective on logic programming
Security protocol deployment risk
Security'08 Proceedings of the 16th International conference on Security protocols
A secure coordination of agents with nonmonotonic soft Concurrent Constraint Programming
Proceedings of the 27th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
Security protocols stipulate how the remote principals of a computer network should interact in order to obtain specific security goals. The crucial goals of confidentiality and authentication may be achieved in various forms, each of different strength. Using soft (rather than crisp) constraints, we develop a uniform formal notion for the two goals. They are no longer formalised as mere yes/no properties as in the existing literature, but gain an extra parameter, the security level. For example, different messages can enjoy different levels of confidentiality, or a principal can achieve different levels of authentication with different principals. The goals are formalised within a general framework for protocol analysis that is amenable to mechanisation by model checking. Following the application of the framework to analysing the asymmetric Needham-Schroeder protocol (Bella and Bistarelli 2001; Bella and Bistarelli 2002), we have recently discovered a new attack on that protocol as a form of retaliation by principals who have been attacked previously. Having commented on that attack, we then demonstrate the framework on a bigger, largely deployed protocol consisting of three phases, Kerberos.