Sciweavers

IFIP
2009
Springer
14 years 6 months ago
Applied Quantitative Information Flow and Statistical Databases
We firstly describe an algebraic structure which serves as solid basis to quantitatively reason about information flows. We demonstrate how programs in form of partition of state...
Jonathan Heusser, Pasquale Malacaria
IFIP
2009
Springer
14 years 6 months ago
Analysing the Information Flow Properties of Object-Capability Patterns
We consider the problem of detecting covert channels within security-enforcing object-capability patterns. Traditional formalisms for reasoning about the security properties of obj...
Toby C. Murray, Gavin Lowe
IFIP
2009
Springer
14 years 6 months ago
Probable Innocence in the Presence of Independent Knowledge
Abstract. We analyse the C anonymity protocol under the novel assumption that the attacker has independent knowledge on behavioural patterns of individual users. Und...
Sardaouna Hamadou, Catuscia Palamidessi, Vladimiro...
IFIP
2009
Springer
14 years 6 months ago
Towards a Type System for Security APIs
Security API analysis typically only considers a subset of an API’s functions, with results bounded by the number of function calls. Furthermore, attacks involving partial leakag...
Gavin Keighren, David Aspinall, Graham Steel
IFIP
2009
Springer
14 years 6 months ago
Transformations between Cryptographic Protocols
Abstract. A transformation F between protocols associates the messages sent and received by participants in a protocol Π1 with messages sent and received in some Π2. Transformati...
Joshua D. Guttman
IFIP
2009
Springer
14 years 6 months ago
Specifying and Modelling Secure Channels in Strand Spaces
We adapt the Strand Spaces model to reason abstractly about layered security protocols, where an Application Layer protocol ed on top of a secure transport protocol. The model abst...
Allaa Kamil, Gavin Lowe
IFIP
2009
Springer
14 years 6 months ago
Trusted Multiplexing of Cryptographic Protocols
Abstract. We present an analysis that determines when it is possible to multiplex a pair of cryptographic protocols. We present a transformation that improves the coverage of this ...
Jay A. McCarthy, Shriram Krishnamurthi
IFIP
2009
Springer
14 years 6 months ago
Static Detection of Logic Flaws in Service-Oriented Applications
Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often...
Chiara Bodei, Linda Brodo, Roberto Bruni