We firstly describe an algebraic structure which serves as solid basis to quantitatively reason about information flows. We demonstrate how programs in form of partition of state...
We consider the problem of detecting covert channels within security-enforcing object-capability patterns. Traditional formalisms for reasoning about the security properties of obj...
Abstract. We analyse the C anonymity protocol under the novel assumption that the attacker has independent knowledge on behavioural patterns of individual users. Und...
Security API analysis typically only considers a subset of an API’s functions, with results bounded by the number of function calls. Furthermore, attacks involving partial leakag...
Abstract. A transformation F between protocols associates the messages sent and received by participants in a protocol Π1 with messages sent and received in some Π2. Transformati...
We adapt the Strand Spaces model to reason abstractly about layered security protocols, where an Application Layer protocol ed on top of a secure transport protocol. The model abst...
Abstract. We present an analysis that determines when it is possible to multiplex a pair of cryptographic protocols. We present a transformation that improves the coverage of this ...
Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often...