Foundations and Applications of Security Analysis

1. Front Matter

   PDF

2. A Policy Model for Secure Information Flow

   • Adedayo O. Adetoye, Atta Badii

   Pages 1-17

3. A General Framework for Nondeterministic, Probabilistic, and Stochastic Noninterference

   • Alessandro Aldini, Marco Bernardo

   Pages 18-33

4. Validating Security Protocols under the General Attacker

   • Wihem Arsac, Giampaolo Bella, Xavier Chantry, Luca Compagna

   Pages 34-51

5. Usage Automata

   • Massimo Bartoletti

   Pages 52-69

6. Static Detection of Logic Flaws in Service-Oriented Applications

   • Chiara Bodei, Linda Brodo, Roberto Bruni

   Pages 70-87

7. Improving the Semantics of Imperfect Security

   • Niklas Broberg, David Sands

   Pages 88-91

8. Analysing PKCS#11 Key Management APIs with Unbounded Fresh Data

   • Sibylle Fröschle, Graham Steel

   Pages 92-106

9. Transformations between Cryptographic Protocols

   • Joshua D. Guttman

   Pages 107-123

10. Formal Validation of OFEPSP+ with AVISPA

    • Jorge L. Hernandez-Ardieta, Ana I. Gonzalez-Tablas, Benjamin Ramos

    Pages 124-137

11. On the Automated Correction of Protocols with Improper Message Encoding

    • Dieter Hutter, Raúl Monroy

    Pages 138-154

12. Finite Models in FOL-Based Crypto-Protocol Verification

    • Jan Jürjens, Tjark Weber

    Pages 155-172

13. Towards a Type System for Security APIs

    • Gavin Keighren, David Aspinall, Graham Steel

    Pages 173-192

14. Separating Trace Mapping and Reactive Simulatability Soundness: The Case of Adaptive Corruption

    • Laurent Mazaré, Bogdan Warinschi

    Pages 193-210

15. How Many Election Officials Does It Take to Change an Election?

    • P. Y. A. Ryan

    Pages 211-221

16. Back Matter

    PDF

This book constitutes the thoroughly refereed post-conference
proceedings of the Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security, ARSPA-WITS 2009, held in York, UK, in March 2009, in association with ETAPS 2009.

The 12 revised full papers presented together with 2 invited talks were
carefully reviewed and selected from 27 submissions. The papers feature

topics including formal specification, analysis and design of security protocols and their applications, the formal definition of various aspects of security such as access control mechanisms, mobile code security and denial-of-service attacks, the modeling of information flow and its application to confidentiality policies, system composition and covert channel analysis.

• access control
• automated reasoning
• code
• cryptographic protocol
• cryptographic protocols
• formal specification
• formal validation
• imperfect security
• information
• key management
• policy models
• security APIs
• security protocols
• verification
• algorithm analysis and problem complexity

• Dipartimento di Informatica, Università di Pisa, Pisa, Italy

  Pierpaolo Degano

• Dipartimento di Informatica, Università di Verona, Verona, Italy

  Luca Viganò

Policies and ethics