Books

Books : reviews

Peter Y. A. Ryan, Steve Schneider, Michael Goldsmith, Gavin Lowe, A. W. Roscoe.
The Modelling and Analysis of Security Protocols: the CSP approach.
Addison Wesley. 2001

Security protocols are one of the most critical elements in enabling the secure communication and processing of information, ensuring its confidentiality, integrity, authenticity and availability. These protocols are vulnerable to a host of subtle attacks, so designing protocols to be impervious to such attacks has proved to be extremely challenging and error prone.

This book provides a thorough and detailed understanding of one of the most effective approaches to the design and evaluation of security critical systems, describing the role of security protocols in distributed secure systems and the vulnerabilities to which they are prey.

The authors introduce security protocols, the role they play and the cryptographic mechanisms they employ, and progress to detail their role in security architectures, e-commerce, e-cash and so on. Precise characterizations of key concepts in information security, such as confidentiality, authentication and integrity are discussed and a range of tools and techniques are described which will ensure that a protocol guarantees certain security services under appropriate assumptions.

Ali E. Abdallah, Peter Y. A. Ryan, Steve Schneider, eds.
Formal Aspects of Security: FASec 2002 revised papers.
Springer. 2003

(read but not reviewed)

Contents

Fred B. Schneider. Lifting reference models from the kernel. 2003
(keynote talk: extended abstract)
Andy Gordon. Authenticity types for cryptographic protocols. 2003
(invited talk: extended abstract)
Lawrence C. Paulson. Verifying the SET protocol: overview. 2003
(invited talk)
David von Oheimb. Interacting State Machines: a stateful approach to proving security. 2003
Frederic Oehl, Gerard Cece, Olga Kouchnarenko, David Sinclair. Automatic approximation for the verification of cryptographic protocols. 2003
Colin Boyd, Kapali Viswanathan. Towards a formal specification of the Bellare-Rogaway model for protocol analysis. 2003
Susan Stepney. Critical critical systems. 2003
(invited talk) full paper
Dieter Gollmann. Analysing security protocols. 2003
(invited talk)
Gethin Norman, Vitaly Shmatikov. Analysis of probabilistic contract signing. 2003
Sigrid Gurgens, Carsten Rudolph. Security analysis of (un-)fair non-repudiation protocols. 2003
Joseph Y. Halpern, Riccardo Pucella. Modeling adversaries in a logic for security protocol analysis. 2003
M. Debbabi, J. Desharnais, M. Fourati, E. Menif, F. Painchaud, N. Tawbi. Secure self-certified code for Java. 2003
J. Anthony Hall. Z styles for security properties and modern user interfaces. 2003
B. Preneel. Cryptographic challenges: the past and the future. 2003
(invited talk)
Ernie Cohen. TAPS: the last few slides. 2003
(invited talk)
Antonio Durante, Roberto Di Pietro, Luigi V. Mancini. Formal specification for fast automatic IDS training. 2003
Gordon Thomas Rohrmair, Gavin Lowe. Using CSP to detect insertion and evasion possibilities within the intrusion detection area. 2003
Felix C. Gartner. Revisiting liveness properties in the context of secure systems. 2003