Security Protocols

1. Front Matter

   PDF

2. Introduction (Transcript)

   • Bruce Christianson

   Pages 1-1

3. Keynote Address

   • Roger Needham

   Pages 2-4

4. Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties

   • Jari Arkko, Pekka Nikander

   Pages 5-19

5. Is Entity Authentication Necessary?

   • Chris J. Mitchell, Paulo S. Pagliusi

   Pages 20-33

6. A Structured Operational Modelling of the Dolev-Yao Threat Model

   • Wenbo Mao

   Pages 34-46

7. On Trust Establishment in Mobile Ad-Hoc Networks

   • Laurent Eschenauer, Virgil D. Gligor, John Baras

   Pages 47-66

8. Legally Authorized and Unauthorized Digital Evidence

   • Hiroshi Yoshiura, Kunihiko Miyazaki, Shinji Itoh, Kazuo Takaragi, Ryoichi Sasaki

   Pages 67-73

9. Shrink-Wrapped Optimism: The DODA Approach to Distributed Document Processing

   • Bruce Christianson, Jean F. Snook

   Pages 74-95

10. Contractual Access Control

    • Babak Sadighi Firozabadi, Marek Sergot

    Pages 96-103

11. Confidentiality Levels and Deliberate/Indeliberate Protocol Attacks

    • Giampaolo Bella, Stefano Bistarelli

    Pages 104-119

12. Analyzing Delegation Properties

    • Giampaolo Bella, Lawrence C. Paulson

    Pages 120-127

13. Combinatorial Optimization of Countermeasures against Illegal Copying

    • Ryoichi Sasaki, Hiroshi Yoshiura, Shinji Itoh

    Pages 128-144

14. Protocols with Certified-Transfer Servers

    • Raphael Yahalom

    Pages 145-157

15. An Architecture for an Adaptive Intrusion-Tolerant Server

    • Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy et al.

    Pages 158-178

16. Supporting Imprecise Delegation in KeyNote

    • Simon N. Foley

    Pages 179-188

17. Modeling Protocols for Secure Group Communications in Ad Hoc Networks

    • Alec Yasinsac, James A. Davis

    Pages 189-202

18. Delegation of Signalling Rights

    • Pekka Nikander, Jari Arkko

    Pages 203-214

19. Mobile IPv6 Security

    • Tuomas Aura

    Pages 215-234

20. Concluding Discussion: Accounting for Resources

    • Bruce Christianson

    Pages 235-241

Once again we bring you the proceedings of the International Workshop on Security Protocols. It seems hard to believe that we have reached the tenth event in this annual series. This year our theme was “Discerning the Protocol Participants.” Security protocols are usually described in terms of the active participants – Alice c- putes foo and sends it to Bob. However most security protocols also include o?-line participants, which are not synchronously involved in the exchange of messages: a bank may participate on behalf of a customer, and an arbiter may subsequently be asked to interpret the meaning of a run. These silent partners to the protocol have their own security policies, and assumptionsaboutidentity,authorizationandcapabilityneedtobere-examined when the agenda of a hidden participant may change. We hope that the position papers published here, which have been rewritten and rethought in the light of the discussions at the workshop, will be of interest, not just for the speci?c contributions they make but also for the deeper issues which they expose. In order to identify these issues more clearly, we include transcripts for some of the discussions which took place in Cambridge during the workshop. What would you have liked to add? Do let us know.

• Bridge
• IPv6
• Internet security
• access control
• authentication
• communication
• cryptographic protocols
• information security
• mobile security
• network security
• privacy
• protocol attacks
• secure communications
• security
• security protocols
• algorithm analysis and problem complexity

• Computer Science Department, University of Hertfordshire,  

  Bruce Christianson

• Computer Systems Group, Vrije Universiteit, Amsterdam, The Netherlands

  Bruno Crispo

• Georgia Institute of Technology, Atlanta

  James A. Malcolm

• Microsoft Research, Cambridge, UK

  Michael Roe

Policies and ethics