We use a compositional framework to model security architectures involving heterogeneous and distributed security functions. Our goal is to assist the ITSEC evaluation of suitabil...
Belief-logic deductions are used in the analysis of cryptographic protocols. We show a new method to decide such logics. In addition to the familiar BAN logic, it is also applicab...
The term "intransitive noninterference" refers to the information flow properties required of systems like downgraders, in which it may be legitimate for information to ...
The combination of two security protocols, a simple shared-key communication protocol and the Di e-Hellman key distribution protocol, is modeled formally and proved correct. The m...