发布求助
文献互助 智能选刊 最新文献

Proceedings 10th Computer Security Foundations Workshop最新文献

筛选
英文 中文
Separation of duty in role-based environments 基于角色的环境中的职责分离
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596811
Richard T. Simon, M. Zurko
{"title":"Separation of duty in role-based environments","authors":"Richard T. Simon, M. Zurko","doi":"10.1109/CSFW.1997.596811","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596811","url":null,"abstract":"The separation of duty is a principle that has a long history in computer security research. Many computing systems provide rudimentary support for this principle, but often the support is inconsistent with the way the principle is applied in non-computing environments. Furthermore, there appears to be no single accepted meaning of the term. We examine the ways in which separation of duty has been used, adding the notion of history-based separation of duty. We assess ways in which computing systems may support separation of duty. We discuss the mechanisms we are implementing to support separation of duty and roles in Adage, a general-purpose authorization language and toolkit.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127070916","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 387
Mechanized proofs for a recursive authentication protocol 递归认证协议的机械化证明
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596790
Lawrence Charles Paulson
{"title":"Mechanized proofs for a recursive authentication protocol","authors":"Lawrence Charles Paulson","doi":"10.1109/CSFW.1997.596790","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596790","url":null,"abstract":"A novel protocol has been formally analyzed using the prover Isabelle/HOL, following the inductive approach described in earlier work (L.C. Paulson, 1997). There is no limit on the length of a run, the nesting of messages or the number of agents involved. A single run of the protocol delivers session keys for all the agents, allowing neighbours to perform mutual authentication. The basic security theorem states that session keys are correctly delivered to adjacent pairs of honest agents, regardless of whether other agents in the chain are compromised. The protocol's complexity caused some difficulties in the specification and proofs, but its symmetry reduced the number of theorems to prove.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"229 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122909508","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 140
Towards the formal verification of electronic commerce protocols 迈向电子商务协议的正式验证
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596802
D. Bolignano
{"title":"Towards the formal verification of electronic commerce protocols","authors":"D. Bolignano","doi":"10.1109/CSFW.1997.596802","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596802","url":null,"abstract":"Generalizes the approach defined by the author in Proc. 3rd ACM Conf. on Comput. & Commun. Security (1996) so as to be able to formally verify electronic payment protocols. The original approach is based on the use of general-purpose formal methods. It is complementary with modal logic-based approaches as it allows for a description of protocols, hypotheses and authentication properties at a finer level of precision and with more freedom. The proposed generalization mainly requires being able to express and verify payment properties. Such properties are indeed much more elaborate than authentication ones and require a significant generalization in the way properties are expressed. The modelling of the protocol and of the potential knowledge held by intruders, on the other hand, is left unchanged. The approach is currently being applied to the C-SET and SET (secure electronic transactions) protocols, and has already led to significant results.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116499421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 79
Strategies against replay attacks 防范重放攻击的策略
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596787
T. Aura
{"title":"Strategies against replay attacks","authors":"T. Aura","doi":"10.1109/CSFW.1997.596787","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596787","url":null,"abstract":"The goal of the paper is to present a set of design principles for avoiding replay attacks in cryptographic protocols. The principles are easily applied to real protocols and they do not consume excessive computing power or communications bandwidth. In particular we describe how to type-tag messages with unique cryptographic functions, how to inexpensively implement the full information principle with hashes, and how to produce unique session keys without assuming mutual trust between the principals. The techniques do not guarantee security of protocols, but they are concrete ways for improving the robustness of the protocol design with relatively low cost.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116537602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 91
Security engineering of lattice-based policies 基于格的策略安全工程
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596813
C. Bryce
{"title":"Security engineering of lattice-based policies","authors":"C. Bryce","doi":"10.1109/CSFW.1997.596813","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596813","url":null,"abstract":"Describes an algebraic approach to the security engineering of lattice policies. The approach has two main goals. First, it seeks to model access control policies with anti-symmetry, reflexivity and transitivity exceptions using a lattice, and to propose an information flow security definition for the resulting set of policies (POL). Second, it supports a constructive approach to policy specification through an algebraic structure (POL, AND, OR, NOT, /spl equiv/, /spl les/). This structure is homomorphic to Boolean algebra. The approach's goals and design decisions are influenced by the context in which it is being used: a library of reusable security components with tools to facilitate their reuse for securing application systems.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129267207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
An efficient non-repudiation protocol 一个有效的不可否认协议
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596801
Jianying Zhou, D. Gollmann
{"title":"An efficient non-repudiation protocol","authors":"Jianying Zhou, D. Gollmann","doi":"10.1109/CSFW.1997.596801","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596801","url":null,"abstract":"Fairness may be a desirable property of a non-repudiation service. Protocols can achieve fairness through the involvement of a trusted third party but the extent of the trusted third party's involvement can vary between protocols. Hence, one of the goals of designing an efficient non-repudiation protocol is to reduce the workload of the trusted third party. In this paper, we present a variant of our fair non-repudiation protocol (1996), where the trusted third party is involved only in the case that one party cannot obtain the expected non-repudiation evidence from the other party. This variant is efficient in an environment where the two parties are likely to resolve communications problems between themselves.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"184 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116650988","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 182
A logic for state transformations in authorization policies 授权策略中状态转换的逻辑
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596810
Y. Bai, V. Varadharajan
{"title":"A logic for state transformations in authorization policies","authors":"Y. Bai, V. Varadharajan","doi":"10.1109/CSFW.1997.596810","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596810","url":null,"abstract":"In a multi-user information-sharing system, an authorization policy provides the ability to limit and control access to system, applications and information. In the real world, an authorization policy has temporal properties. That is, it needs to be updated to capture the changing requirements of applications, systems and users. These updates are implemented via transformations of the authorization policies. In this paper, we propose a logic-based approach to specify and to reason about state transformations in authorization policies. An authorization policy is specified using a policy base which comprises a finite set of facts and access constraints. We define the structure of the policy transformation and employ a model-based semantics to perform the transformation under the principle of minimal change. Furthermore, we extend the model-based semantics by introducing preference ordering to resolve possible conflicts during the transformation of policies. We also discuss the implementation of the model-based transformation approach and outline the relevant algorithms.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125997394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Verifying authentication protocols with CSP 使用CSP验证认证协议
Proceedings 10th Computer Security Foundations Workshop Pub Date : 1997-06-10 DOI: 10.1109/CSFW.1997.596775
Steve A. Schneider
{"title":"Verifying authentication protocols with CSP","authors":"Steve A. Schneider","doi":"10.1109/CSFW.1997.596775","DOIUrl":"https://doi.org/10.1109/CSFW.1997.596775","url":null,"abstract":"The paper presents a general approach for analysis and verification of authentication properties in the language of communicating sequential processes (CSP). It is illustrated by an examination of the Needham-Schroeder public key protocol (R. Needham and M. Schroeder, 1978). The contribution of the article is to develop a specific theory appropriate to the analysis of authentication protocols, built on top of the general CSP semantic framework. This approach aims to combine the ability to express such protocols in a natural and precise way with the facility to reason formally about the properties they exhibit.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121695293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 323
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信