Web services security specifications are typically expressed as a mixture of XML schemas, example messages, and narrative explanations. We propose a new specification language fo...
In an optimistic approach to security, one can often simplify protocol design by relying on audit logs, which can be analyzed a posteriori. Such auditing is widely used in practice...
Protecting data is not simply a case of encrypt and forget: even data with full cryptographic confidentiality and integrity protection can still be subject to information leakage. ...
tographic Abstract Machine Dean Rosenzweig and Davor Runje University of Zagreb The Cryptographic Abstract Machine is an executional model of cryptographic actions, independent of ...
We present the first type and effect system for proving authenticity properties of security protocols based on asymmetric cryptography. The most significant new features of our ...