Some papers on security
These are papers we are thinking about reading. There is nothing comprehensive or representative about this list.
Background
M. Burrows, M. Abadi and R. Needham,
A Logic of Authentication
. Proceedings of the Royal Society, Series A, 426, 1871 (December 1989), 233-271. Also appeared as SRC Research Report 39 and, in a shortened form, in ACM Transactions on Computer Systems 8, 1 (February 1990), 18-36.
J. McLean
Security Models,
Encyclopedia of Software Engineering (ed. John Marciniak), Wiley & Sons, Inc., 1994.
P. Neumann,
Architectures and Formal Representations for Secure Systems
.
L. Lamport,
Temporal logic of action
. (This page has pointers to a number of papers.)
Meadows' Example
Catherine Meadows,
Applying Formal Methods to the Analysis of a Key Managment Protocol,
The Journal of Computer Security," vol 1, no 1, Jan. 1992.
Gray, J. and McLean, J.
Using Temporal Logic to Specify and Verify Cryptographic Protocols (Progress Report),
Proceedings of the 8th IEEE Computer Security Foundations Workshop, IEEE Press, 1995.
S.A. Schneider,
Security Properties and CSP
. IEEE Computer Society Symposium on Security and Privacy, Oakland, 1996. (A longer version appears to be the earlier
Modelling Security Properties with CSP
. Royal Holloway Technical Report CSD-TR-96-04.)
Needham-Schroeder Protocol
Needham-Schroeder Public-Key Protocol Case Study
(Gavin Lowe at Oxford.)
Meadows, Catherine A.,
Analyzing the Needham-Schroeder Public Key Protocol: A Comparison of Two Approaches,
Proceedings of ESORICS, Springer Verlag, To appear.
Languages and Systems
Java Security: From HotJava to Netscape and Beyond
. Princeton web page.
L. van Doorn, M. Burrows, M. Abadi and Ted Wobber,
Secure Network Objects
. Proceedings of the 1996 IEEE Symposium on Security and Privacy (May 1996), 211-221.
Some relevant pages
Martin Abadi
at DEC SRC
Li Gong at SRI
Catherine Meadows
Formal Verification of Cryptographic Protocols project at NRL
John McLean at NRL
Peter Neumann at SRI
Oxford security group
CAPSL home page
with link to bibliography.
John C. Mitchell
Department of Computer Science
Stanford University
Stanford CA 94305-9045
Phone: (415) 723-8634
Fax: (415) 725-4671