4,405 Hits in 5.2 sec

Reachability analysis for role-based administration of attributes

Xin Jin, Ram Krishnan, Ravi Sandhu
2013 Proceedings of the 2013 ACM workshop on Digital identity management - DIM '13  
The algorithms not only answer reachability problem but also provide a plan of sequential attribute updates by one or more administrators in order to reach particular values for user attributes. rGURA  ...  We formalize rGURA as a state transition system and show that the reachability problems for its general cases are PSPACE-complete.  ...  Based on this observation, the reachability problem instance I = γ, q for the scheme [rGURA0-atomic] can be reduced to finding whether, for an attribute att ∈ ATTR, it is possible to reach a state γ ′  ... 
doi:10.1145/2517881.2517891 dblp:conf/dim/JinKS13 fatcat:3pmx5q2lfzgrdhrq2yhucalamy

Efficient construction of machine-checked symbolic protocol security proofs

Simon Meier, Cas Cremers, David Basin
2013 Journal of Computer Security  
We additionally give an algorithm that automatically generates Isabelle/HOL proof scripts based on this theory.  ...  Our theory is based on two key ingredients. The first is an inference rule for enumerating the possible origins of messages known to the intruder.  ...  We thank Christoph Sprenger and the anonymous reviewers for their comments, which greatly improved the presentation of this paper.  ... 
doi:10.3233/jcs-2012-0455 fatcat:5xtucgogtzbothxyctpxb5tg4m


Amol H. Shinde, Umbarkar A.J., Pillai N.R.
2017 ICTACT Journal on Communication Technology  
Cryptographic protocols cannot guarantee the secure operations by merely using state-of-the-art cryptographic mechanisms. Validation of such protocols is done by using formal methods.  ...  In this paper, we discuss the brief history of formal methods and tools that are useful for the formal verification of the cryptographic protocols.  ...  It is based on pattern refinement algorithm. Bounded and unbounded numbers of runs are verified in Scyther, using a symbolic backwards search based on patterns.  ... 
doi:10.21917/ijct.2017.0226 fatcat:cjtshuv25rbvjggalyzy7xtdkq

Integrated Specification and Verification of Security Protocols and Policies

Simone Frau, Mohammad Torabi-Dashti
2011 2011 IEEE 24th Computer Security Foundations Symposium  
We propose a language for formal specification of serviceoriented architectures.  ...  We show that the reachability problem is decidable for a fragment of service-oriented architectures.  ...  Acknowledgements We are grateful to David Basin, Samuel Burri, Silvio Ranise and Eugen Zalinescu for their comments on this paper.  ... 
doi:10.1109/csf.2011.9 dblp:conf/csfw/FrauD11 fatcat:lcmxhaenhzhgxiv4gwxtiuhira

Formal Verification of Distributed Algorithms (Dagstuhl Seminar 13141)

Bernadette Charron-Bost, Stephan Merz, Andrey Rybalchenko, Josef Widder, Marc Herbstritt
2013 Dagstuhl Reports  
The Dagstuhl Seminar 13141 "Formal Verification of Distributed Algorithms" brought together researchers from the areas of distributed algorithms, model checking, and semi-automated proofs with the goal  ...  to establish a common base for approaching the many open problems in verification of distributed algorithms.  ...  We also briefly report on the mechanisation of state-machine-based correctness proofs within the proof assistant Isabelle.  ... 
doi:10.4230/dagrep.3.4.1 dblp:journals/dagstuhl-reports/Charron-BostMRW13 fatcat:huhbi7pdkvfafg5dpmc7ikyffi

Strong Invariants for the Efficient Construction of Machine-Checked Protocol Security Proofs

Simon Meier, Cas Cremers, David Basin
2010 2010 23rd IEEE Computer Security Foundations Symposium  
Moreover, we develop an algorithm that automatically generates proof scripts based on these invariants. Both interactive and automatic proof construction are faster than competing approaches.  ...  The two rules form the core of a theory that is well-suited for interactively constructing natural, human-readable, correctness proofs.  ...  Based on this theory, we developed an algorithm for the automatic generation of machine-checked security proofs.  ... 
doi:10.1109/csf.2010.23 dblp:conf/csfw/MeierCB10 fatcat:ajle3ju7mjhndm2fqx35icm7km

Information leak detection in business process models: Theory, application, and tool support

Rafael Accorsi, Andreas Lehmann, Niels Lohmann
2015 Information Systems  
Building on the concept of placebased non-interference and declassification, the core contribution of this paper is the application of Petri net reachability to detect places in which information leaks  ...  Such a feature allows for the use of state-of-the-art tool support to model-check business process models and detect leaks.  ...  The work is partially funded by the German Research Foundation in the project WS4Dsec of the priority program Reliably Secure Software Systems (SPP 1496).  ... 
doi:10.1016/ fatcat:ev25aru23zeltpr6gb52pkq63i

The Role of Abstract Interpretation in Formal Methods

Patrick Cousot
2007 Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007)  
Its main current application is on the safety and security of complex hardware and software computer systems.  ...  s t n r t . . c o Co f u i @e s k a P r Formal methods In computer science and software engineering, formal methods are mathematically-based techniques for the specification, development and verification  ...  Its main current application is on the safety and security of complex hardware and software computer systems.  ... 
doi:10.1109/sefm.2007.42 dblp:conf/sefm/Cousot07 fatcat:o4ibupglszeebd25nfun2xua54

Automatic Information Flow Analysis of Business Process Models [chapter]

Rafael Accorsi, Andreas Lehmann
2012 Lecture Notes in Computer Science  
Building on the concept of Place-based Non-Interference, the novelty is that Petri net reachability is employed to detect places in which information leaks occur.  ...  Anica employs state of the art modelchecking algorithms to test reachability.  ...  The work is partially funded by the German Research Foundation in the project WS4Dsec of the priority program Reliably Secure Software Systems (SPP 1496).  ... 
doi:10.1007/978-3-642-32885-5_13 fatcat:hs3le67s2vg3rkpwnxf5bdhb7y

Verification of the IBOS Browser Security Properties in Reachability Logic [article]

Stephen Skeirik and José Meseguer and Camilo Rocha
2020 arXiv   pre-print
This paper presents a rewriting logic specification of the Illinois Browser Operating System (IBOS) and defines several security properties, including the same-origin policy (SOP) in reachability logic  ...  It shows how these properties can be deductively verified using our constructor-based reachability logic theorem prover.  ...  Our work on constructor-based reachability logic [44, 45] builds upon previous work on reachability logic [37, 38, 47, 48] as a language-generic approach to program verification, parametric on the  ... 
arXiv:2005.12232v1 fatcat:cix33wr27fh6fhib34j2ainmte

Reachability Analysis for Attributes in ABAC with Group Hierarchy [article]

Maanak Gupta, Ravi Sandhu
2021 arXiv   pre-print
In this paper, we study the user attribute reachability problem based on directly assigned attributes of the user and attributes inherited via group memberships.  ...  Attribute-based access control (ABAC) models are widely used to provide fine-grained and adaptable authorization based on the attributes of users, resources, and other relevant entities.  ...  In Section 5, we formally define our user attribute reachability problem. Formal proofs for general rGURA G schemes are discussed in Section 6.  ... 
arXiv:2101.03736v1 fatcat:3nhv2wkouffinnb6md4bxnc5jy

Comparing the expressive power of access control models

Mahesh V. Tripunitara, Ninghui Li
2004 Proceedings of the 11th ACM conference on Computer and communications security - CCS '04  
Such comparisons are generally based on simulations between different access control schemes.  ...  Comparing the expressive power of access control models is recognized as a fundamental problem in computer security.  ...  Acknowledgements Portions of this work were supported by NSF ITR and by sponsors of CERIAS.  ... 
doi:10.1145/1030083.1030093 dblp:conf/ccs/TripunitaraL04 fatcat:azq5imk37veuph3mgvw3lrgkuq

Security analysis in role-based access control

Ninghui Li, Mahesh V. Tripunitara
2004 Proceedings of the ninth ACM symposium on Access control models and technologies - SACMAT '04  
The reduction gives efficient algorithms for answering most kinds of queries in these two classes and establishes the complexity bounds for the intractable cases. determining whether a query is true or  ...  The HRU scheme is based on the access matrix model [Graham and Denning 1972; Lampson 1971] .  ...  Security analysis uses conditions specified on what kinds of state changes are allowed and infer security properties on all reachable states.  ... 
doi:10.1145/990036.990058 dblp:conf/sacmat/LiT04 fatcat:cpx4txhdxvcznhl2jv5duvtqqi

Formal Language Constrained Reachability and Model Checking Propositional Dynamic Logics [chapter]

Roland Axelsson, Martin Lange
2011 Lecture Notes in Computer Science  
We show interreducibility under (Turing) reductions of low polynomial degree between three families of problems parametrised by classes of formal languages: the problem of reachability in a directed graph  ...  This allows several decidability and complexity results to be transferred, mainly from the area of formal languages to the areas of modal logics and formal language constrained reachability.  ...  Suppose we were interested in detecting whether on all possible system executions the call of f 3 is preceded by a successful return of f 1 (security check).  ... 
doi:10.1007/978-3-642-24288-5_6 fatcat:7yt52h34bnaprhtbfnr2jy3ag4

How to Evaluate the Security of Real-Life Cryptographic Protocols? [chapter]

Shin'ichiro Matsuo, Kunihiko Miyazaki, Akira Otsuka, David Basin
2010 Lecture Notes in Computer Science  
Governments and international standards bodies have established certification procedures for security-critical technologies, such as cryptographic algorithms.  ...  As a case study in the application of our proposal, we also present the plan for the open evaluation of entityauthentication protocols within the CRYPTREC project.  ...  [20] presents a refinement of the game-based approach to security proofs and its implementation using the proof assistant Coq.  ... 
doi:10.1007/978-3-642-14992-4_16 fatcat:tywbtwtxmndxzi4mbomwryprvu
« Previous Showing results 1 — 15 out of 4,405 results