4 Feb. 2004
5331 CS
11:00 AM - 12:00 PM
|
E. M. Clarke ( web),
Somesh Jha ( web),
W. Marrero ( web)
CMU /
University of Wisconsin, Madison /
DePaul Univ., Chicago, IL
Verifying security protocols with Brutus
Published in TOSEM October 2000
URL: http://doi.acm.org/10.1145/363516.363528
Due to the rapid growth of Internet the World Wide
Web has become a very important concern in the
design and implementation of software
systems. Since security has become an important
issue, the number of protocols in this domain has
become very large. These protocols are very
diverse in nature. If a software architect wants
to deploy some of these protocols in a system,
they have to be sure that the protocol has the
right properties as dictated by the requirements
of the system. In this article we present BRUTUS,
a tool for verifying properties of security
protocols. This tool can be viewed as a
special-purpose model checker for security
protocols. We also present reduction techniques
that make the tool efficient. Experimental results
are provided to demonstrate the efficiency of
BRUTUS.
|
9 Feb. 2004
3331 CS
2:30 - 3:30 PM
|
Michael A. Harrison, Walter L. Ruzzo, Jeffrey D. Ullman
Berkeley / Berkeley / Princeton
Protection in operating systems
Published in CACM August 1976
URL: http://doi.acm.org/10.1145/360303.360333
A model of protection mechanisms in
computing systems is presented and its
appropriateness is argued. The
"safety" problem for protection
systems under this model is to
determine in a given situation whether
a subject can acquire a particular
right to an object. In restricted
cases, it can be shown that this
problem is decidable, i.e. there is an
algorithm to determine whether a
system in a particular configuration
is safe. In general, and under
surprisingly weak assumptions, it
cannot be decided if a situation is
safe. Various implications of this
fact are discussed.
|
16 Feb. 2004
3331 CS
2:30 - 3:30 PM
|
Jones, Lipton, Snyder
A Linear Time Algorithm for Deciding Security
Published in FOCS'76
URL: http://www.cs.wisc.edu/~mihai/_/JonesLiptonSnyder1976.pdf
|
23 Feb. 2004
3331 CS
2:30 - 3:30 PM
|
Stephen Weeks
InterTrust STAR Lab
Understanding Trust Management Systems
Published in Oakland'01
URL: http://citeseer.nj.nec.com/weeks01understanding.html
This paper presents a mathematical framework for
expressing trust management systems. The framework
makes it easier to understand existing systems and
to compare them to one another, as well as to design
new systems. The framework defines the semantics of
a trust management engine via a least fixpoint in a
lattice, which, in some situations, leads to an
efficient implementation. To demonstrate its
flexibility, we present KeyNote and SPKI as
instantiations of the framework.
|
Created and maintained by Mihai Christodorescu (
http://www.cs.wisc.edu/~mihai)
Created: Wed Aug 13 10:30:10 CDT 2003
Last modified: Thu Apr 01 10:30:38 Central Standard Time 2004