60,305 Hits in 4.9 sec

A Verification Framework for Stateful Security Protocols [chapter]

Li Li, Naipeng Dong, Jun Pang, Jun Sun, Guangdong Bai, Yang Liu, Jin Song Dong
2017 Lecture Notes in Computer Science  
We prove the correctness of the verification algorithm, implement both of the specification framework and the algorithm, and evaluate our implementation using a number of stateful security protocols.  ...  We propose a protocol specification framework, which facilitates explicit modeling of states and state transformations.  ...  Case Studies We have implemented the proposed approach in a tool named SSPA (Stateful Security Protocol Analyzer).  ... 
doi:10.1007/978-3-319-68690-5_16 fatcat:h4px2vljpzavpkeyemevwpra3u


Youssef Hanna, Hridesh Rajan, Wensheng Zhang
2008 Proceedings of the first ACM conference on Wireless network security - WiSec '08  
Our approach is sound and complete within bounds, i.e. if it reports a fault scenario for a protocol, there is indeed a fault and our framework terminates for a network topology of given size; otherwise  ...  The key contribution of this work is an approach for automated formal verification of sensor network security protocols.  ...  Thanks to Samik Basu for pointing out an appropriate intrusion model for Slede. Thanks are also due to Sencun Zhu for the discussion about the results in this paper.  ... 
doi:10.1145/1352533.1352551 dblp:conf/wisec/HannaRZ08 fatcat:2iyy73unsrcx7l2gdc22iuke34

A Static Verification Framework for Secure Peer-to-Peer Applications

Andrea Zisman
2007 Second International Conference on Internet and Web Applications and Services (ICIW'07)  
In this paper we present a static verification framework to support the design and verification of secure peer-to-peer applications.  ...  The approach avoids security issues to be taken into consideration as a separate layer that is added to the system as an afterthought by the use of security protocols.  ...  The use of security protocols and cryptographic techniques gave rise to the development of formal verification techniques for security protocols [1] [17] [18] [25] [29] .  ... 
doi:10.1109/iciw.2007.11 dblp:conf/iciw/Zisman07 fatcat:ctrexhk7hrbgxj5wxr573xhgeu

How to Evaluate the Security of Real-Life Cryptographic Protocols? [chapter]

Shin'ichiro Matsuo, Kunihiko Miyazaki, Akira Otsuka, David Basin
2010 Lecture Notes in Computer Science  
This is a serious problem as many protocols proposed in the past have failed to achieve their stated security properties. In this paper, we propose a framework for certifying cryptographic protocols.  ...  Our framework specifies procedures for both protocol designers and evaluators for certifying protocols with respect to three different assurance levels.  ...  As explained in the previous section, ISO/IEC 29128 is a framework for certifying cryptographic protocols using formal verification methods.  ... 
doi:10.1007/978-3-642-14992-4_16 fatcat:tywbtwtxmndxzi4mbomwryprvu

Automatic security verification for 3-party authentication and key exchange protocols

Haruki Ota, Shinsaku Kiyomoto, Yutaka Miyake
2011 2011 5th International Conference on Network and System Security  
In order to meet these requirements, we proposed the security verification method (OKT method) for the aforementioned protocols based on Bellare et al.'  ...  We show the novel verification points for each security property in the authentication and key exchange protocols in accordance with the aforementioned revisions.  ...  In the framework of f (A, B) , there are no verification points for which the key exchange protocols are secure against an active attack.  ... 
doi:10.1109/icnss.2011.6060010 dblp:conf/nss/OtaKM11 fatcat:lsnwnejbhjccjjjo2gl2gfqtye


Youssef Hanna
2007 The 6th Joint Meeting on European software engineering conference and the ACM SIGSOFT symposium on the foundations of software engineering companion papers - ESEC-FSE companion '07  
We contribute the design and implementation of a verification framework that we call Slede which emulates our approach to extract a PROMELA model from nesC security protocol implementations.  ...  from the nesC implementations of a security protocol.  ...  CONCLUSION We propose Slede [10] , a verification framework that allows verification of security protocols for sensor networks through automatic model extraction from nesC implementations of the security  ... 
doi:10.1145/1295014.1295050 fatcat:5rr46s673vdl3ddixfcrfjpi54


Youssef Hanna
2007 Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering - ESEC-FSE '07  
We contribute the design and implementation of a verification framework that we call Slede which emulates our approach to extract a PROMELA model from nesC security protocol implementations.  ...  from the nesC implementations of a security protocol.  ...  CONCLUSION We propose Slede [10] , a verification framework that allows verification of security protocols for sensor networks through automatic model extraction from nesC implementations of the security  ... 
doi:10.1145/1287624.1287718 dblp:conf/sigsoft/Hanna07 fatcat:pawgxfgzr5bbbmpnzhefwhx7m4

AC-Framework for Privacy-Preserving Collaboration [chapter]

Wei Jiang, Chris Clifton
2007 Proceedings of the 2007 SIAM International Conference on Data Mining  
Increasing security concerns have led to a surge in work on practical secure multi-party computation protocols.  ...  In this paper, we present the full spectrum of the accountable computing (AC) framework, which is sufficient or practical for many applications without the complexity and cost of an SMC-protocol under  ...  The authors wish to thank anonymous reviewers for their valuable suggestions, as well as Murat Kantarcıoglu for his software implementation and insightful discussions.  ... 
doi:10.1137/1.9781611972771.5 dblp:conf/sdm/JiangC07 fatcat:ihsd3j4lxbbzriiwiaqupgz2ny

Composable Security for Multipartite Entanglement Verification [article]

Raja Yehia, Eleni Diamanti, Iordanis Kerenidis
2020 arXiv   pre-print
Here, we improve the protocol to make it more suitable for practical use in a quantum network and we study its security in the Abstract Cryptography framework to highlight composability issues and avoid  ...  This allows us to readily compose our basic protocol in order to create a composably secure multi-round protocol enabling honest parties to obtain a state close to a GHZ state or an abort signal, even  ...  Acknowledgements We would like to thank Simon Neves, Léo Colisson, Atul Mantri, Anna Pappa, Damian Markham and Frédéric Grosshans for fruitful discussions.  ... 
arXiv:2004.07679v3 fatcat:vbwdcu5omjdvjbfmewh2vi3gaq

Practical and Scalable Security Verification of Secure Architectures [article]

Jakub Szefer and Tianwei Zhang and Ruby B. Lee
2018 arXiv   pre-print
We present a new and practical framework for security verification of secure architectures. Specifically, we break the verification task into external verification and internal verification.  ...  This verification framework is general-purpose and can be applied to a stand-alone server, or a large-scale distributed system.  ...  In summary, our contributions are: • A new, general-purpose security verification framework for secure architectures and systems. • A methodology to break the verification task of secure architectures  ... 
arXiv:1807.01854v1 fatcat:dh27iaifmrce3jqtm2jcmylfmm

A Formal Model for Verification of ZigBee Protocol for Secure Network Authentication

Rana Muhammad Nadeem, Abdul Aziz Gill
2017 Indian Journal of Science and Technology  
The latest formal verification method called Event-B is used now a day to frame a model for verification of different wireless security protocols like IEEE 802.11 and IEEE 802.15.4.  ...  In this paper we developed a model/ framework in Event-B for the formal verification of ZigBee protocol and simulate it using RODIN tool.  ...  In this paper, we developed a framework for the formal verification of ZigBee protocol. The system has been developed by using stepwise approach of Event-B.  ... 
doi:10.17485/ijst/2017/v10i19/113927 fatcat:6jndetpdjneaxjnf25ioejahoq

Aegis: A Trusted, Automatic and Accurate Verification Framework for Vertical Federated Learning [article]

Cengguang Zhang, Junxue Zhang, Di Chai, Kai Chen
2021 arXiv   pre-print
In this paper, we present Aegis, a trusted, automatic, and accurate verification framework to verify the security of VFL jobs.  ...  Aegis is separated from local parties to ensure the security of the framework.  ...  Aegis uses a finite state machine for automatic verification. For data verification, we use rule tables and local replication experiments to verify the security ( §4).  ... 
arXiv:2108.06958v2 fatcat:f2ybr7cx4bbm7po6blet4kib7u

Modeling and verification of Extensible Authentication Protocol for Transport layer Security in Wireless LAN environment

Humayra Binte Ali, Md. Rezaul Karim, Manzur Ashraf, David M W Powers
2010 2010 2nd International Conference on Software Technology and Engineering  
Specifically, we show how SPIN, a tool used for the formal systems verification purposes, can be used to verify as well as quickly identify problematic behaviors (if any) in core component of emergent  ...  Wireless LAN with non trivial communication authentication constructs -such as Extensible Authentication Protocol (EAP) for Transport layer Security (TLS).In our analysis, we identify essential elements  ...  OVERVIEW OF EAP-TLS The EAP protocol provides a framework for IEEE 802.1X authentication and works in co-operation with Pointto-Point Protocol (PPP).  ... 
doi:10.1109/icste.2010.5608759 fatcat:ikashat3sne27pvmabsrsxmkyq

Knowledge Based Approach for Mechanically Verifying Security Protocols

Xiaoqi Ma, Xiaochun Cheng, Rachel McCrindle
2005 International Joint Conference on Artificial Intelligence  
A new knowledge-based security protocol verification approach is proposed in this paper.  ...  This approach can prove protocols concerning interleaving protocol sessions and can prove the correctness of a medium-sized security protocol in a couple of seconds.  ...  To gain effectiveness from state based methods and efficiency from rule based methods, we propose in this paper a new security protocol verification method, which is based on a knowledge-based framework  ... 
dblp:conf/ijcai/MaCM05 fatcat:5kf4ijcvszgfnf27ehsemro6zm

Tools for model-based security engineering

Jan Jürjens, Jorge Fox
2006 Proceeding of the 28th international conference on Software engineering - ICSE '06  
Advanced users can use this open-source framework to implement verification routines for the constraints of selfdefined security requirements.  ...  We focus on a verification routine that automatically verifies crypto-based software for security requirements by using automated theorem provers.  ...  At the hand of the verification of security properties, we use automated theorem provers for first-order logic for automated verification of state machines generated from code in a combination with using  ... 
doi:10.1145/1134285.1134423 dblp:conf/icse/JurjensF06 fatcat:amyu7yvrjvg4bgin5atfaidcce
« Previous Showing results 1 — 15 out of 60,305 results