发布求助
文献互助 智能选刊 最新文献

16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.最新文献

筛选
英文 中文
Probabilistic noninterference through weak probabilistic bisimulation 通过弱概率双模拟实现概率不干扰
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212701
Geoffrey Smith
{"title":"Probabilistic noninterference through weak probabilistic bisimulation","authors":"Geoffrey Smith","doi":"10.1109/CSFW.2003.1212701","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212701","url":null,"abstract":"To be practical, systems for ensuring secure information flow must be as permissive as possible. To this end, the author recently proposed a type system for multi-threaded programs running under a uniform probabilistic scheduler; it allows the running times of threads to depend on the values of H variables, provided that these timing variations cannot affect the values of L variables. But these timing variations preclude a proof of the soundness of the type system using the framework of probabilistic bisimulation, because probabilistic bisimulation is too strict regarding time. To address this difficulty, this paper proposes a notion of weak probabilistic bisimulation for Markov chains, allowing two Markov chains to be regarded as equivalent even when one \"runs\" more slowly that the other. The paper applies weak probabilistic bisimulation to prove that the type system guarantees the probabilistic noninterference property. Finally, the paper shows that the language can safely be extended with a fork command that allows new threads to be spawned.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116939843","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 75
Symbolic protocol analysis with products and Diffie-Hellman exponentiation 带有乘积和Diffie-Hellman指数的符号协议分析
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212704
J. Millen, Vitaly Shmatikov
{"title":"Symbolic protocol analysis with products and Diffie-Hellman exponentiation","authors":"J. Millen, Vitaly Shmatikov","doi":"10.1109/CSFW.2003.1212704","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212704","url":null,"abstract":"We demonstrate that for any well-defined cryptographic protocol, the symbolic trace reachability problem in the presence of an Abelian operator (e.g., multiplication) can be reduced to solvability of a particular system of quadratic Diophantine equations. This result enables formal analysis of protocols that employ primitives such as Diffie-Hellman exponentiation, products, and xor, with a bounded number of role instances, but without imposing any bounds on the size of terms created by the attacker. In the case of xor, the resulting system of Diophantine equations is decidable. In the case of a general Abelian group, decidability remains an open equation, but our reduction demonstrates that standard mathematical techniques for solving systems of Diophantine equations are sufficient for the discovery of protocol insecurities.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122608598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 70
Identity based authenticated key agreement protocols from pairings 基于身份的身份验证密钥协议协议
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212715
Liqun Chen, C. Kudla
{"title":"Identity based authenticated key agreement protocols from pairings","authors":"Liqun Chen, C. Kudla","doi":"10.1109/CSFW.2003.1212715","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212715","url":null,"abstract":"We investigate a number of issues related to identity based authenticated key agreement protocols in the Diffie-Hellman family enabled by the Weil or Tate pairings. These issues include how to make protocols efficient; to avoid key escrow by a Trust Authority (TA) who issues identity based private keys for users, and to allow users to use different TAs. We describe a few authenticated key agreement (AK) protocols and AK with key confirmation (AKC) protocols by modifying Smart's AK protocol (2002). We discuss the security of these protocols heuristically and give formal proofs of security for our AK and AKC protocols (using a security model based on the model defined in (Blake-Wilson et al., 1997)). We also prove that our AK protocol has the key compromise impersonation property. We also show that our second protocol has the TA forward secrecy property (which we define to mean that the compromise of the TA's private key will not compromise previously established session keys), and we note that this also implies that it has the perfect forward secrecy property.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122137647","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 301
Type-based distributed access control 基于类型的分布式访问控制
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212712
Tom Chothia, Dominic Duggan, J. Vitek
{"title":"Type-based distributed access control","authors":"Tom Chothia, Dominic Duggan, J. Vitek","doi":"10.1109/CSFW.2003.1212712","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212712","url":null,"abstract":"The key-based decentralized label model (KDLM) is a type system that combines a weak form of information flow control, termed distributed access control in the article, with typed cryptographic operations. The motivation is to have a type system that ensures access control while giving the application the responsibility to secure network communications, and to do this safely. KDLM introduces the notion of declassification certificates to support the declassification of encrypted data.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124711109","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
A procedure for verifying security against type confusion attacks 用于验证针对类型混淆攻击的安全性的程序
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212705
C. Meadows
{"title":"A procedure for verifying security against type confusion attacks","authors":"C. Meadows","doi":"10.1109/CSFW.2003.1212705","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212705","url":null,"abstract":"A type confusion attack is one in which a principal accepts data of one type as data of another. Although it has been shown by Heather (et al., 2000) that there are simple formatting conventions that will guarantee that protocols are free from simple type confusions in which fields of one type are substituted for fields of another, it is not clear how well they defend against more complex attacks, or against attacks arising from interaction with protocols that are formatted according to different conventions. In this paper we show how type confusion attacks can arise in realistic situations even when the types are explicitly defined in at least some of the messages, using examples from our recent analysis of the Group Domain of Interpretation Protocol. We then develop a formal model of types that can capture potential ambiguity of type notation, and outline a procedure for determining whether or not the types of two messages can be confused. This work extends our earlier work on the subject in that it includes an explicit model of attacker and defender and extends the informal model of the type confusion attacks in terms of a game between an intruder and a set of honest principals in or earlier work to a more formal model in which actions of intruder and honest principals are described explicitly. This gives us a simpler, more intuitive approach that allows us to calculate probabilities in a more systematic manner, and to compare different intruder strategies and different assumptions about the way in which the protocol is implemented in terms of their effects on type confusion.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132195904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Secure contexts for confidential data 机密数据的安全上下文
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212702
A. Bossi, Damiano Macedonio, C. Piazza, S. Rossi
{"title":"Secure contexts for confidential data","authors":"A. Bossi, Damiano Macedonio, C. Piazza, S. Rossi","doi":"10.1109/CSFW.2003.1212702","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212702","url":null,"abstract":"Information flow security in a multilevel system aims at guaranteeing that no high level information is revealed to low level users, even in the presence of any possible malicious process. This requirement could be too demanding when some knowledge about the environment (context) in which the process is going to run is available. To deal with these simulations we introduce the notion of secure contexts for a class of processes. This notion is parametric with respect to both the observation equivalence and the operation used to characterize the low level behavior of a process. We mainly analyze the cases of bisimulation and trace equivalence. We describe how to build secure contexts in these cases and we show that two well-known security properties, named BNDC and NDC, are just special instances of our general notion.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125671794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
A computational analysis of the Needham-Schroeder-(Lowe) protocol Needham-Schroeder-(Lowe)协议的计算分析
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212717
B. Warinschi
{"title":"A computational analysis of the Needham-Schroeder-(Lowe) protocol","authors":"B. Warinschi","doi":"10.1109/CSFW.2003.1212717","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212717","url":null,"abstract":"We provide the first computational analysis of the well known Needham-Schroeder-(Lowe) protocol. We show that Lowe's attack to the original protocol can naturally be cast to the computational framework. Then we prove that chosen-plaintext security for encryption schemes is not sufficient to ensure soundness of formal proofs with respect to the computational setting, by exhibiting an attack against the corrected version of the protocol implemented using an ElGamal encryption scheme. Our main result is a proof that, when implemented using an encryption scheme that satisfies indistinguishability under chosen-ciphertext attack, the Needham-Schroeder-Lowe protocol is indeed a secure mutual authentication protocol. The technicalities of our proof reveal new insights regarding the relation between formal and computational models for system security.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116025901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 72
On generalized authorization problems 关于广义授权问题
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212714
Stefan Schwoon, S. Jha, T. Reps, S. Stubblebine
{"title":"On generalized authorization problems","authors":"Stefan Schwoon, S. Jha, T. Reps, S. Stubblebine","doi":"10.1109/CSFW.2003.1212714","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212714","url":null,"abstract":"This paper defines a framework in which one can formalize a variety of authorization and policy issues that arise in access control of shared computing resources. Instantiations of the framework address such issues as privacy, recency, validity, and trust. The paper presents an efficient algorithm for solving all authorization problems in the framework; this approach yields new algorithms for a number of specific authorization problems.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125705147","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
Using access control for secure information flow in a Java-like language 在类java语言中对安全信息流使用访问控制
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212711
A. Banerjee, D. Naumann
{"title":"Using access control for secure information flow in a Java-like language","authors":"A. Banerjee, D. Naumann","doi":"10.1109/CSFW.2003.1212711","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212711","url":null,"abstract":"Access control mechanisms are widely used with the intent of enforcing confidentiality and other policies, but few formal connections have been made between information flow and access control. Java and C# are object-oriented languages that provide fine-grained access control. An access control list specifies local policy by authorizing permissions for principals (code sources) associated with class declarations; a mechanism called stack inspection checks permissions at run time. An example is given to show how this mechanism can be used to achieve confidentiality goals in situations where a single system call serves callers of differing confidentiality levels and dynamic access control prevents release of high information to low callers. A static analysis is given which applies to such examples. The analysis is shown to ensure a noninterference property formalizing confidentiality.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114457475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 60
A derivation system for security protocols and its logical formalization 安全协议的派生系统及其逻辑形式化
16th IEEE Computer Security Foundations Workshop, 2003. Proceedings. Pub Date : 2003-07-15 DOI: 10.1109/CSFW.2003.1212708
Anupam Datta, Ante Derek, John C. Mitchell, Dusko Pavlovic
{"title":"A derivation system for security protocols and its logical formalization","authors":"Anupam Datta, Ante Derek, John C. Mitchell, Dusko Pavlovic","doi":"10.1109/CSFW.2003.1212708","DOIUrl":"https://doi.org/10.1109/CSFW.2003.1212708","url":null,"abstract":"Many authentication and key exchange protocols are built using an accepted set of standard concepts such as Diffie-Hellman key exchange, nonces to avoid replay, certificates from an accepted authority, and encrypted or signed messages. We introduce a basic framework for deriving security protocols from such simple components. As a case study, we examine the structure of a family of key exchange protocols that includes station-to-station (STS), ISO-9798-3, just fast keying (JFK), IKE and related protocols, deriving all members of the family from two basic protocols using a small set of refinements and protocol transformations. As initial steps toward associating logical derivations with protocol derivations, we extend a previous security protocol logic with preconditions and temporal assertions. Using this logic, we prove the security properties of the standard signature based challenge-response protocol and the Diffie-Hellman key exchange protocol. The ISO-9798-3 protocol is then proved correct by composing the correctness proofs of these two simple protocols.","PeriodicalId":283743,"journal":{"name":"16th IEEE Computer Security Foundations Workshop, 2003. Proceedings.","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2003-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125550795","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 75
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信