A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Reachability analysis for role-based administration of attributes
2013
Proceedings of the 2013 ACM workshop on Digital identity management - DIM '13
Preserved Fulltext
The algorithms not only answer reachability problem but also provide a plan of sequential attribute updates by one or more administrators in order to reach particular values for user attributes. rGURA ...
We formalize rGURA as a state transition system and show that the reachability problems for its general cases are PSPACE-complete. ...
Based on this observation, the reachability problem instance I = γ, q for the scheme [rGURA0-atomic] can be reduced to finding whether, for an attribute att ∈ ATTR, it is possible to reach a state γ ′ ...
doi:10.1145/2517881.2517891
dblp:conf/dim/JinKS13
fatcat:3pmx5q2lfzgrdhrq2yhucalamy
Efficient construction of machine-checked symbolic protocol security proofs
2013
Journal of Computer Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
We additionally give an algorithm that automatically generates Isabelle/HOL proof scripts based on this theory. ...
Our theory is based on two key ingredients. The first is an inference rule for enumerating the possible origins of messages known to the intruder. ...
We thank Christoph Sprenger and the anonymous reviewers for their comments, which greatly improved the presentation of this paper. ...
doi:10.3233/jcs-2012-0455
fatcat:5xtucgogtzbothxyctpxb5tg4m
CRYPTOGRAPHIC PROTOCOLS SPECIFICATION AND VERIFICATION TOOLS - A SURVEY
2017
ICTACT Journal on Communication Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Cryptographic protocols cannot guarantee the secure operations by merely using state-of-the-art cryptographic mechanisms. Validation of such protocols is done by using formal methods. ...
In this paper, we discuss the brief history of formal methods and tools that are useful for the formal verification of the cryptographic protocols. ...
It is based on pattern refinement algorithm. Bounded and unbounded numbers of runs are verified in Scyther, using a symbolic backwards search based on patterns. ...
doi:10.21917/ijct.2017.0226
fatcat:cjtshuv25rbvjggalyzy7xtdkq
Integrated Specification and Verification of Security Protocols and Policies
2011
2011 IEEE 24th Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We propose a language for formal specification of serviceoriented architectures. ...
We show that the reachability problem is decidable for a fragment of service-oriented architectures. ...
Acknowledgements We are grateful to David Basin, Samuel Burri, Silvio Ranise and Eugen Zalinescu for their comments on this paper. ...
doi:10.1109/csf.2011.9
dblp:conf/csfw/FrauD11
fatcat:lcmxhaenhzhgxiv4gwxtiuhira
Formal Verification of Distributed Algorithms (Dagstuhl Seminar 13141)
2013
Dagstuhl Reports
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
The Dagstuhl Seminar 13141 "Formal Verification of Distributed Algorithms" brought together researchers from the areas of distributed algorithms, model checking, and semi-automated proofs with the goal ...
to establish a common base for approaching the many open problems in verification of distributed algorithms. ...
We also briefly report on the mechanisation of state-machine-based correctness proofs within the proof assistant Isabelle. ...
doi:10.4230/dagrep.3.4.1
dblp:journals/dagstuhl-reports/Charron-BostMRW13
fatcat:huhbi7pdkvfafg5dpmc7ikyffi
Strong Invariants for the Efficient Construction of Machine-Checked Protocol Security Proofs
2010
2010 23rd IEEE Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Moreover, we develop an algorithm that automatically generates proof scripts based on these invariants. Both interactive and automatic proof construction are faster than competing approaches. ...
The two rules form the core of a theory that is well-suited for interactively constructing natural, human-readable, correctness proofs. ...
Based on this theory, we developed an algorithm for the automatic generation of machine-checked security proofs. ...
doi:10.1109/csf.2010.23
dblp:conf/csfw/MeierCB10
fatcat:ajle3ju7mjhndm2fqx35icm7km
Information leak detection in business process models: Theory, application, and tool support
2015
Information Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Building on the concept of placebased non-interference and declassification, the core contribution of this paper is the application of Petri net reachability to detect places in which information leaks ...
Such a feature allows for the use of state-of-the-art tool support to model-check business process models and detect leaks. ...
The work is partially funded by the German Research Foundation in the project WS4Dsec of the priority program Reliably Secure Software Systems (SPP 1496). ...
doi:10.1016/j.is.2013.12.006
fatcat:ev25aru23zeltpr6gb52pkq63i
The Role of Abstract Interpretation in Formal Methods
2007
Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Its main current application is on the safety and security of complex hardware and software computer systems. ...
s t n r t . . c o Co f u i @e s k a P r Formal methods In computer science and software engineering, formal methods are mathematically-based techniques for the specification, development and verification ...
Its main current application is on the safety and security of complex hardware and software computer systems. ...
doi:10.1109/sefm.2007.42
dblp:conf/sefm/Cousot07
fatcat:o4ibupglszeebd25nfun2xua54
Automatic Information Flow Analysis of Business Process Models
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
Building on the concept of Place-based Non-Interference, the novelty is that Petri net reachability is employed to detect places in which information leaks occur. ...
Anica employs state of the art modelchecking algorithms to test reachability. ...
The work is partially funded by the German Research Foundation in the project WS4Dsec of the priority program Reliably Secure Software Systems (SPP 1496). ...
doi:10.1007/978-3-642-32885-5_13
fatcat:hs3le67s2vg3rkpwnxf5bdhb7y
Verification of the IBOS Browser Security Properties in Reachability Logic
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This paper presents a rewriting logic specification of the Illinois Browser Operating System (IBOS) and defines several security properties, including the same-origin policy (SOP) in reachability logic ...
It shows how these properties can be deductively verified using our constructor-based reachability logic theorem prover. ...
Our work on constructor-based reachability logic [44, 45] builds upon previous work on reachability logic [37, 38, 47, 48] as a language-generic approach to program verification, parametric on the ...
arXiv:2005.12232v1
fatcat:cix33wr27fh6fhib34j2ainmte
Reachability Analysis for Attributes in ABAC with Group Hierarchy
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
In this paper, we study the user attribute reachability problem based on directly assigned attributes of the user and attributes inherited via group memberships. ...
Attribute-based access control (ABAC) models are widely used to provide fine-grained and adaptable authorization based on the attributes of users, resources, and other relevant entities. ...
In Section 5, we formally define our user attribute reachability problem. Formal proofs for general rGURA G schemes are discussed in Section 6. ...
arXiv:2101.03736v1
fatcat:3nhv2wkouffinnb6md4bxnc5jy
Comparing the expressive power of access control models
2004
Proceedings of the 11th ACM conference on Computer and communications security - CCS '04
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Such comparisons are generally based on simulations between different access control schemes. ...
Comparing the expressive power of access control models is recognized as a fundamental problem in computer security. ...
Acknowledgements Portions of this work were supported by NSF ITR and by sponsors of CERIAS. ...
doi:10.1145/1030083.1030093
dblp:conf/ccs/TripunitaraL04
fatcat:azq5imk37veuph3mgvw3lrgkuq
Security analysis in role-based access control
2004
Proceedings of the ninth ACM symposium on Access control models and technologies - SACMAT '04
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
The reduction gives efficient algorithms for answering most kinds of queries in these two classes and establishes the complexity bounds for the intractable cases. determining whether a query is true or ...
The HRU scheme is based on the access matrix model [Graham and Denning 1972; Lampson 1971] . ...
Security analysis uses conditions specified on what kinds of state changes are allowed and infer security properties on all reachable states. ...
doi:10.1145/990036.990058
dblp:conf/sacmat/LiT04
fatcat:cpx4txhdxvcznhl2jv5duvtqqi
Formal Language Constrained Reachability and Model Checking Propositional Dynamic Logics
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We show interreducibility under (Turing) reductions of low polynomial degree between three families of problems parametrised by classes of formal languages: the problem of reachability in a directed graph ...
This allows several decidability and complexity results to be transferred, mainly from the area of formal languages to the areas of modal logics and formal language constrained reachability. ...
Suppose we were interested in detecting whether on all possible system executions the call of f 3 is preceded by a successful return of f 1 (security check). ...
doi:10.1007/978-3-642-24288-5_6
fatcat:7yt52h34bnaprhtbfnr2jy3ag4
How to Evaluate the Security of Real-Life Cryptographic Protocols?
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Governments and international standards bodies have established certification procedures for security-critical technologies, such as cryptographic algorithms. ...
As a case study in the application of our proposal, we also present the plan for the open evaluation of entityauthentication protocols within the CRYPTREC project. ...
[20] presents a refinement of the game-based approach to security proofs and its implementation using the proof assistant Coq. ...
doi:10.1007/978-3-642-14992-4_16
fatcat:tywbtwtxmndxzi4mbomwryprvu
« Previous
Showing results 1 — 15 out of 4,405 results