By Topic

Computer Security Foundations Workshop, 2004. Proceedings. 17th IEEE

Date 28-30 June 2004

Filter Results

Displaying Results 1 - 25 of 28
  • A theory of dictionary attacks and its complexity

    Publication Year: 2004, Page(s):2 - 15
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (432 KB) | HTML iconHTML

    We consider the problem of automating proofs of cryptographic protocols when some data, like poorly chosen passwords, can be guessed by dictionary attacks. First, we define a theory of these attacks: we introduce an inference system modeling the guessing capabilities of an intruder. This system extends the classical Dolev-Yao rules. Using proof rewriting techniques, we show a locality lemma for ou... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure information flow by self-composition

    Publication Year: 2004, Page(s):100 - 114
    Cited by:  Papers (18)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1353 KB) | HTML iconHTML

    Non-interference is a high-level security property that guarantees the absence of illicit information leakages through executing programs. More precisely, non-interference for a program assumes a separation between secret inputs and public inputs on the one hand, and secret outputs and public outputs on the other hand, and requires that the value of public outputs does not depend on the value of s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Selecting appropriate counter-measures in an intrusion detection framework

    Publication Year: 2004, Page(s):78 - 87
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (393 KB) | HTML iconHTML

    Since current computer infrastructures are increasingly vulnerable to malicious activities, intrusion detection is necessary but unfortunately not sufficient. We need to design effective response techniques to circumvent intrusions when they are detected. Our approach is based on a library that implements different types of counter-measures. The idea is to design a decision support tool to help th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Cassandra: flexible trust management, applied to electronic health records

    Publication Year: 2004, Page(s):139 - 154
    Cited by:  Papers (24)  |  Patents (10)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (407 KB) | HTML iconHTML

    We study the specification of access control policy in large-scale distributed systems. We present Cassandra, a language and system for expressing policy, and the results of a substantial case study, a security policy for a national electronic health record system, based on the requirements for the ongoing UK National Health Service procurement exercise. Cassandra policies are expressed in a langu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Enforcing robust declassification

    Publication Year: 2004, Page(s):172 - 186
    Cited by:  Papers (20)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (424 KB) | HTML iconHTML

    Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems perform intentional release of sensitive information as part of their correct functioning and therefore violate noninterference. To control information flow while permitting intentional information release, some systems have a downgrading or declassification mechanism. ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using active learning in intrusion detection

    Publication Year: 2004, Page(s):88 - 98
    Cited by:  Papers (10)  |  Patents (8)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (391 KB) | HTML iconHTML

    Intrusion detection systems (IDSs) have become an important part of operational computer security. They are the last line of defense against malicious hackers and help detect ongoing attacks as well as mitigate their damage. However, intrusion detection systems are not turnkey solutions but are heavily dependent on expensive and scarce security experts for successful operation. By emphasizing self... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • From stack inspection to access control: a security analysis for libraries

    Publication Year: 2004, Page(s):61 - 75
    Cited by:  Papers (4)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (706 KB) | HTML iconHTML

    We present a new static analysis for reviewing the security of libraries for systems, such as JVMs or the CLR, that rely on stack inspection for access control. We describe its implementation for the CLR. Our tool inputs a set of libraries plus a description of the permissions granted to unknown, potentially hostile code. It constructs a permission-sensitive call graph, which can be queried to ide... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • By reason and authority: a system for authorization of proof-carrying code

    Publication Year: 2004, Page(s):236 - 250
    Cited by:  Papers (1)  |  Patents (8)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (467 KB) | HTML iconHTML

    We present a system, BLF, that combines an authorization logic based on the Binder language with a logical framework, LF, able to express semantic properties of programs. BLF is a general system for specifying and enforcing policies that rely on both reason and trust. In particular, BLF supports extensible software systems that employ both digitally signed code and language-based security, especia... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A distributed calculus for role-based access control

    Publication Year: 2004, Page(s):48 - 60
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (380 KB) | HTML iconHTML

    Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the π calculus to study the behavior of concurrent systems in a RBAC scenario. We define a type system ensur... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A formal foundation for XrML

    Publication Year: 2004, Page(s):251 - 263
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (407 KB) | HTML iconHTML

    XrML is becoming a popular language in industry for writing software licenses. The semantics for XrML is implicitly given by an algorithm that determines if a permission follows from a set of licenses. We focus on a representative fragment of the language and use it to highlight some problematic aspects of the algorithm. We then correct the problems, introduce formal semantics, and show that our s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Lenient array operations for practical secure information flow

    Publication Year: 2004, Page(s):115 - 124
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (382 KB) | HTML iconHTML

    Our goal in this paper is to make secure information flow typing more practical. We propose simple and permissive typing rules for array operations in a simple sequential imperative language. Arrays are given types of the form τ1 arr τ2, where τ1 is the security class of the array's contents and τ2 is the security class of the array's len... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The consistency of task-based authorization constraints in workflow

    Publication Year: 2004, Page(s):155 - 169
    Cited by:  Papers (13)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (434 KB) | HTML iconHTML

    Workflow management systems (WFMSs) have attracted a lot of interest both in academia and the business community. A workflow consists of a collection of tasks that are organized to facilitate some business process specification. To simplify the complexity of security administration, it is common to use role-based access control (RBAC) to grant authorization to roles and users. Typically, security ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Abstraction and refinement in protocol derivation

    Publication Year: 2004, Page(s):30 - 45
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (505 KB) | HTML iconHTML

    Protocols may be derived from initial components by composition, refinement, and transformation. Adding function variables to a previous protocol logic, we develop an abstraction-instantiation method for reasoning about a class of protocol refinements. The main idea is to view changes in a protocol as a combination of finding a meaningful "protocol template" that contains function variables in mes... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Symbolic model checking the knowledge of the dining cryptographers

    Publication Year: 2004, Page(s):280 - 291
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (405 KB) | HTML iconHTML

    This paper describes the application of symbolic techniques (in particular, OBDDs) to model checking specifications in the logic of knowledge for an agent operating with synchronous perfect recall in an environment of which it has incomplete knowledge. It discusses the application of these techniques to the verification of a security protocol: Chaum's Dining Cryptographers protocol, which provides... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Universally composable signature, certification, and authentication

    Publication Year: 2004, Page(s):219 - 233
    Cited by:  Papers (10)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1622 KB) | HTML iconHTML

    Recently some efforts were made towards capturing the security requirements from digital signature schemes as an ideal functionality within a composable security framework. This modeling of digital signatures potentially has some significant analytical advantages (such as enabling component-wise analysis of complex systems that use signature schemes, as well as symbolic and automatable analysis of... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Owned policies for information security

    Publication Year: 2004, Page(s):126 - 138
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (427 KB) | HTML iconHTML

    In many systems, items of information have owners associated with them. An owner of an item of information may want the system to enforce a policy that restricts use of that information; we call such a policy an owned policy. Owned policies can be used in many contexts, including information flow, access control, and software licensing. In this paper, we introduce and study a general framework for... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Formal analysis of multi-party contract signing

    Publication Year: 2004, Page(s):266 - 279
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (439 KB) | HTML iconHTML

    We analyze the multi-party contract-signing protocols of Garay and MacKenzie (GM) and of Baum and Waidner (BW). We use a finite-state tool, MOCHA, which allows specification of protocol properties in a branching-time temporal logic with game semantics. While our analysis does not reveal any errors in the BW protocol, in the GM protocol we discover serious problems with fairness for four signers an... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modelling downgrading in information flow security

    Publication Year: 2004, Page(s):187 - 201
    Cited by:  Papers (5)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (824 KB) | HTML iconHTML

    Information flow security properties such as noninterference ensure the protection of confidential data by strongly limiting the flow of sensitive information. However, to deal with real applications, it is often necessary to admit mechanisms for downgrading or declassifying information. In this paper, we propose a general unwinding framework for formalizing different noninterference properties pe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Generic insecurity of cliques-type authenticated group key agreement protocols

    Publication Year: 2004, Page(s):16 - 29
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (439 KB) | HTML iconHTML

    The A-GDH.2 and SA-GDH.2 authenticated group key agreement protocols were shown to be flawed at CSFW 2001. Even though the corresponding attacks (or some variants of them) have been rediscovered in several different frameworks, no fixed version of these protocols has been proposed until now. In this paper, we describe a proof that it is in fact impossible to design a scalable authenticated group k... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Symmetric encryption in a simulatable Dolev-Yao style cryptographic library

    Publication Year: 2004, Page(s):204 - 218
    Cited by:  Papers (15)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (464 KB) | HTML iconHTML

    Recently we showed how to justify a Dolev-Yao type model of cryptography as used in virtually all automated protocol provers under active attacks and in arbitrary protocol environments. The justification was done by defining an ideal system handling Dolev-Yao-style terms and a cryptographic realization with the same user interface, and by showing that the realization is as secure as the ideal syst... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proceedings. 17th IEEE Computer Security Foundations Workshop

    Publication Year: 2004
    Request permission for commercial reuse | PDF file iconPDF (968 KB)
    Freely Available from IEEE
  • Proceedings 17th IEEE Computer Security Foundations Workshop

    Publication Year: 2004, Page(s): ii
    Request permission for commercial reuse | PDF file iconPDF (158 KB)
    Freely Available from IEEE
  • Proceedings 17th IEEE Computer Security Foundations Workshop

    Publication Year: 2004, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (193 KB)
    Freely Available from IEEE
  • Copyright page

    Publication Year: 2004, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (191 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2004, Page(s):v - vi
    Request permission for commercial reuse | PDF file iconPDF (185 KB)
    Freely Available from IEEE