Wihem Arsac scite author profile

Wihem Arsac

5Publications

147Citation Statements Received

74Citation Statements Given

How they've been cited

How they cite others

Affiliations

Systems, Applications & Products in Data Processing (United Kingdom), Fondation Sophia Antipolis, Centre Azuréen de Cancérologie

Publications

Order By: Most citations

The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures

Armando

Arsac

Avanesov

et al. 2012

View full text Add to dashboard Cite

International audienceThe AVANTSSAR Platform is an integrated toolset for the formal specification and automated validation of trust and security of service-oriented architectures and other applications in the Internet of Services. The platform supports application-level specification languages (such as BPMN and our custom languages) and features three validation backends (CL-AtSe, OFMC, and SATMC), which provide a range of complementary automated reasoning techniques (including service orchestration, compositional reasoning, model checking, and abstract interpretation). We have applied the platform to a large number of industrial case studies, collected into the AVANTSSAR Library of validated problem cases. In doing so, we unveiled a number of problems and vulnerabilities in deployed services. These include, most notably, a serious flaw in the SAML-based Single Sign-On for Google Apps (now corrected by Google as a result of our findings). We also report on the migration of the platform to industry

show abstract

Security Validation of Business Processes via Model-Checking

Arsac

Compagna

Pellegrino

et al. 2011

View full text Add to dashboard Cite

Validating Security Protocols under the General Attacker

Arsac¹,

Bella

Chantry³

et al. 2009

View full text Add to dashboard Cite

Multi-Attacker Protocol Validation

Arsac¹,

Bella

Chantry³

et al. 2010

J Autom Reasoning

View full text Add to dashboard Cite

Security protocols have been analysed focusing on a variety of properties to withstand the Dolev-Yao attacker. The Multi-Attacker treat model allows each protocol participant to behave maliciously intercepting and forging messages. Each principal may then behave as a Dolev-Yao attacker while neither colluding nor sharing knowledge with anyone else. This feature rules out the applicability of existing equivalence results in the Dolev-Yao model. The analysis of security protocols under the Multi-Attacker threat model brings forward yet more insights, such as retaliation attacks and anticipation attacks, which formalise currently realistic scenarios of principals competing each other for personal profit. They are variously demonstrated on a classical protocol, Needham-Schroeder's, and on a modern deployed protocol, Google's SAML-based single sign-on protocol. The general threat model for security protocols based on set-rewriting that was adopted in AVISPA (Armando et al. 2005) is extended to formalise the Multi-Attacker. The state-of-the-art model checker SATMC (Armando and Compagna, Int J Inf Secur 6(1):3-32, 2007) is then used to automatically validate the protocols under the new threats, so that retaliation and anticipation attacks can automatically be found. The tool support scales up to the 354 W. Arsac et al.Multi-Attacker threat model at a reasonable price both in terms of human interaction effort and of computational time.

show abstract

Security validation tool for business processes

Arsac¹,

Compagna²,

Kaluvuri³

et al. 2011

View full text Add to dashboard Cite

To evaluate whether a business process (BP) under-design enjoys certain security desiderata is hardly manageable by business analysts without a proper tool support, as the BP runtime environment is highly dynamic, e.g., delegation. We describe a novel security validation tool for BPs that employs model checking for evaluating security-relevant aspects of BPs in dynamic environments and offers accessible user interfaces and apprehensive feedback for business analysts. As proof-of-concept we integrate our tool within SAP NetWeaver Business Process Management.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Wihem Arsac

The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures

Security Validation of Business Processes via Model-Checking

Validating Security Protocols under the General Attacker

Multi-Attacker Protocol Validation

Security validation tool for business processes

Contact Info

Product

Resources

About