Skip to main content Accessibility help
×
Home

Channel abstractions for network security

  • MICHELE BUGLIESI (a1) and RICCARDO FOCARDI (a1)

Abstract

Process algebraic techniques for distributed systems are increasingly being targeted at identifying abstractions that are adequate for both high-level programming and specification and security analysis and verification. Drawing on our earlier work in Bugliesi and Focardi, (2008), we investigate the expressive power of a core set of security and network abstractions that provide high-level primitives for specifying the honest principals in a network, while at the same time enabling an analysis of the network-level adversarial attacks that may be mounted by an intruder.

We analyse various bisimulation equivalences for security that arise from endowing the intruder with:

  1. (i)different adversarial capabilities; and
  2. (ii)increasingly powerful control over the interaction among the distributed principals of a network.
By comparing the relative strength of the bisimulation equivalences, we obtain a direct measure of the intruder's discriminating power, and hence of the expressiveness of the corresponding intruder model.

Copyright

References

Hide All
Abadi, M. (1998) Protection in programming-language translations. In: Larsen, K. G., Skyum, S. and Winskel, G. (eds.) ICALP. Springer-Verlag Lecture Notes in Computer Science 1443 868–883.
Abadi, M. and Fournet, C. (2001) Mobile values, new names, and secure communication. In: POPL 2001: The 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, London 104–115.
Abadi, M. and Fournet, C. (2004) Private authentication. Theor. Comput. Sci. 322 (3)427476.
Abadi, M., Fournet, C. and Gonthier, G. (2000) Authentication primitives and their compilation. In: POPL 2000, Proceedings of the 27th ACM SIGPLAN-SIGACT on Principles of Programming Languages, 19-21 January 2000, Boston, Massachusetts 302–315.
Abadi, M., Fournet, C. and Gonthier, G. (2002) Secure implementation of channel abstractions. Inf. Comput. 174 (1)3783.
Abadi, M. and Gordon, A. D. (1999) A calculus for cryptographic protocols: The spi calculus. Inf. Comput. 148 (1)170.
Adão, P. and Fournet, C. (2006) Cryptographically sound implementations for communicating processes. In: Bugliesi, M., Preneel, B., Sassone, V. and Wegener, I. (eds.) ICALP (2). Springer-Verlag Lecture Notes in Computer Science 4052 83–94.
Bugliesi, M. and Focardi, R. (2008) Language based secure communication. In: Proceedings of the 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, Pennsylvania, 23-25 June 2008, IEEE Computer Society 316.
Bugliesi, M. and Focardi, R. (2009) Security abstractions and intruder models. In: Proceedings of the 15th Workshop on Expressiveness in Concurrency (EXPRESS 2008). Electronic Notes in Theoretical Computer Science 242 99112.
Corin, R., Deniélou, P.-M., Fournet, C., Bhargavan, K. and Leifer, J. J. (2007) Secure implementations for typed session abstractions. In: 20th IEEE Computer Security Foundations Symposium, CSF 2007, 6-8 July 2007, Venice, Italy, IEEE Computer Society 170186.
Fournet, C. and Rezk, T. (2008) Cryptographically sound implementations for typed information-flow security. In: Proceedings of the 35th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2008, San Francisco, California 323–335.
Honda, K. and Yoshida, N. (1995) On reduction-based process semantics. Theor. Comput. Sci. 151 (2)437486.
Laud, P. (2005) Secrecy types for a simulatable cryptographic library. In Atluri, V., Meadows, C. and Juels, A. (eds.) ACM Conference on Computer and Communications Security, ACM 2635.
Merro, M. and Sangiorgi, D. (1998) On asynchrony in name-passing calculi. In: Proceedings of ICALP 98. Springer-Verlag Lecture Notes in Computer Science 1443.
Merro, M. and Sangiorgi, D. (2004) On asynchrony in name-passing calculi. Mathematical Structures in Computer Science 14 (5)715767.
Milner, R., Parrow, J. and Walker, D. (1992) A calculus of mobile processes, Parts I and II. Information and Computation 100 177.

Related content

Powered by UNSILO

Channel abstractions for network security

  • MICHELE BUGLIESI (a1) and RICCARDO FOCARDI (a1)

Metrics

Full text views

Total number of HTML views: 0
Total number of PDF views: 0 *
Loading metrics...

Abstract views

Total abstract views: 0 *
Loading metrics...

* Views captured on Cambridge Core between <date>. This data will be updated every 24 hours.

Usage data cannot currently be displayed.