The core problem in risk analysis - determining exploitable paths between attackers and system assets is essentially a problem of determining information flow. It is relatively st...
Communications systems, encompassing VoIP, IM, and other personal media, present different challenges for P2P environments than other P2P applications. In particular, reliable com...
This paper presents a formal approach to threat-driven modeling and verification of secure software using aspect-oriented Petri nets. Based on the behavior model of intended funct...
We describe a faithful embedding of the Dolev-Yao model of Backes, Pfitzmann, and Waidner (CCS 2003) in the theorem prover Isabelle/HOL. This model is cryptographically sound in ...
Christoph Sprenger, Michael Backes, David A. Basin...
The feature interaction problem is prominent in telephone service development. Through a number of case studies, we have discovered that no single semantic framework is suitable f...
J. Paul Gibson, Geoff Hamilton, Dominique Mé...