To ensure that a trust negotiation succeeds whenever possible, authorization policy compliance checkers must be able to find all minimal sets of their owners' credentials tha...
When users run a group key exchange (GKE) protocol, they usually extract the key from some auxiliary (ephemeral) secret information generated during the execution. Strong corrupti...
Cross-Site Request Forgery (CSRF) is a widely exploited web site vulnerability. In this paper, we present a new variation on CSRF attacks, login CSRF, in which the attacker forges...
In the Horn theory based approach for cryptographic protocol analysis, cryptographic protocols and (Dolev-Yao) intruders are modeled by Horn theories and security analysis boils d...
The requirements for secure document workflows in enterprises become increasingly sophisticated, with employees performing different tasks under different roles using the same pro...
Yacine Gasmi, Ahmad-Reza Sadeghi, Patrick Stewin, ...