We present a new technique for verifying correspondences in security protocols. In particular, correspondences can be used to formalize authentication. Our technique is fully auto...
A type confusion attack is one in which a principal accepts data of one type as data of another. Although it has been shown by Heather et al. that there are simple formatting conv...
WS-SecurityPolicy is a declarative configuration language for driving web services security mechanisms. We describe a formal sefor WS-SecurityPolicy, and propose a more abstract ...
WS-SecurityPolicy is a declarative language for configuring web services security mechanisms. We describe a formal semantics for WS-SecurityPolicy and propose a more abstract lang...
We adapt the Strand Spaces model to reason abstractly about layered security protocols, where an Application Layer protocol ed on top of a secure transport protocol. The model abst...