Trust and partial typing in open systems of mobile agents
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A calculus for cryptographic protocols
Information and Computation
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Communicating and mobile systems: the &pgr;-calculus
Communicating and mobile systems: the &pgr;-calculus
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
A Typed Process Calculus for Fine-Grained Resource Access Control in Distributed Computation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Proceedings of the 15th Conference on Foundations of Software Technology and Theoretical Computer Science
From Secrecy to Authenticity in Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Secrecy types for asymmetric communication
Theoretical Computer Science - Foundations of software science and computation structures
Typing correspondence assertions for communication protocols
Theoretical Computer Science
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Authenticity by tagging and typing
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Analyzing security protocols with secrecy types and logic programs
Journal of the ACM (JACM)
On Declassification and the Non-Disclosure Policy
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
Information and Computation
Typing one-to-one and one-to-many correspondences in security protocols
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Timed spi-calculus with types for secrecy and authenticity
CONCUR 2005 - Concurrency Theory
Information and Computation
P-congruences as non-interference for the pi-calculus
Proceedings of the fourth ACM workshop on Formal methods in security
Controlling information release in the π-calculus
Information and Computation
A type discipline for authorization policies
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Dynamic types for authentication
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
A type system for data-flow integrity on windows vista
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Cryptographically-masked flows
Theoretical Computer Science
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Proceedings of the 15th ACM conference on Computer and communications security
A type system for data-flow integrity on Windows Vista
ACM SIGPLAN Notices
Type Inference for Correspondence Types
Electronic Notes in Theoretical Computer Science (ENTCS)
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Cryptographically-Masked flows
SAS'06 Proceedings of the 13th international conference on Static Analysis
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Reflections on trust: trust assurance by dynamic discovery of static properties
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
From typed process calculi to source-based security
SAS'05 Proceedings of the 12th international conference on Static Analysis
Dynamic access control in a concurrent object calculus
CONCUR'06 Proceedings of the 17th international conference on Concurrency Theory
Journal of Computer Security - Foundational Aspects of Security
| Hi-index | 0.00 |
A realistic threat model for cryptographic protocols or for language-based security should include a dynamically growing population of principals (or security levels), some of which may be compromised, that is, come under the control of the adversary. We explore such a threat model within a pi-calculus. A new process construct records the ordering between security levels, including the possibility of compromise. Another expresses the expectation of conditional secrecy of a message--that a particular message is unknown to the adversary unless particular levels are compromised. Our main technical contribution is the first system of secrecy types for a process calculus to support multiple, dynamically-generated security levels, together with the controlled compromise or downgrading of security levels. A series of examples illustrates the effectiveness of the type system in proving secrecy of messages, including dynamically-generated messages. It also demonstrates the improvement over prior work obtained by including a security ordering in the type system. Perhaps surprisingly, the soundness proof for our type system for symbolic cryptography is via a simple translation into a core typed pi-calculus, with no need to take symbolic cryptography as primitive.