Security by typing

Debbabi, Mourad; Durgin, Nancy Ann; Mejri, Mohamed; Mitchell, John C.

doi:10.1007/s10009-002-0100-7

Cited by 5 publications

(3 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When we designed our protocol, we bore in mind this famous sort of attack. Therefore, we designed it in such a way that any two messages exchanged in the protocol do not overlap by carefully choosing the position [19], [20] of agent identities, signed messages, nonces, etc. in every single message.…”

Section: Resistance Against Man-in-the-middle Attacksmentioning

confidence: 99%

Cryptographic protocol for multipart missions involving two independent and distributed decision levels in a military context

Fattahi

Mejri

Ziadia

et al. 2017

2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC)

Self Cite

View full text Add to dashboard Cite

In several critical military missions, more than one decision level are involved. These decision levels are often independent and distributed, and sensitive pieces of information making up the military mission must be kept hidden from one level to another even if all of the decision levels cooperate to accomplish the same task. Usually, a mission is negotiated through insecure networks such as the Internet using cryptographic protocols. In such protocols, few security properties have to be ensured. However, designing a secure cryptographic protocol that ensures several properties at once is a very challenging task. In this paper, we propose a new secure protocol for multipart military missions that involve two independent and distributed decision levels having different security levels. We show that it ensures the secrecy, authentication, and non-repudiation properties. In addition, we show that it resists against man-in-the-middle attacks.

show abstract

Section: Resistance Against Man-in-the-middle Attacksmentioning

confidence: 99%

Cryptographic protocol for multipart missions involving two independent and distributed decision levels in a military context

Fattahi

Mejri

Ziadia

et al. 2017

2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC)

Self Cite

View full text Add to dashboard Cite

show abstract

“…These generalized roles are not necessarily prefixes of each others and show the different messages that can be accepted by a role to successfully reach a given step in the protocol. More details related to the generalized roles are in [39]. The rolesbased specification (the set of generalized roles) of the Woo and Lam protocol is as follow.…”

Section: Roles-based Specificationmentioning

confidence: 99%

Formal Analysis of SET and NSL Protocols Using the Interpretation Functions-Based Method

Houmani

Mejri

2012

Journal of Computer Networks and Communications

Self Cite

View full text Add to dashboard Cite

Most applications in the Internet such as e-banking and e-commerce use the SET and the NSL protocols to protect the communication channel between the client and the server. Then, it is crucial to ensure that these protocols respect some security properties such as confidentiality, authentication, and integrity. In this paper, we analyze the SET and the NSL protocols with respect to the confidentiality (secrecy) property. To perform this analysis, we use the interpretation functions-based method. The main idea behind the interpretation functions-based technique is to give sufficient conditions that allow to guarantee that a cryptographic protocol respects the secrecy property. The flexibility of the proposed conditions allows the verification of dailylife protocols such as SET and NSL. Also, this method could be used under different assumptions such as a variety of intruder abilities including algebraic properties of cryptographic primitives. The NSL protocol, for instance, is analyzed with and without the homomorphism property. We show also, using the SET protocol, the usefulness of this approach to correct weaknesses and problems discovered during the analysis.

show abstract

“…At the communication level the use of cryptographic protocols aims at protecting from security breaches. This issue is being actively studied in order to ensure the absence of flaws in such protocols [1,7,[11][12][13]. At the application level, malicious code could be inserted in applications without the consent nor the knowledge of end users.…”

Section: Motivationmentioning

confidence: 99%

A formal dynamic semantics of Java: an essential ingredient of Java security

Debbabi,

Tawbi,

Yahyaoui

2002

JTIT

View full text Add to dashboard Cite

Security is becoming a major issue in our highly networked and computerized era. Malicious code detection is an essential step towards securing the execution of applications in a highly inter-connected context. In this paper, we present a formal definition of Java dynamic semantics. This semantics has been used as a basis to develop efficient, rigorous and provably correct static analysis tools and a certifying compiler aimed to detect and prevent the presence of malicious code in Java applications. We propose a small step operational semantics of a large subset for Java. The latter includes features that have not been completely addressed in the related work or addressed in another semantics style. We provide a fully-fledged semantic handling of exceptions, reachable statements, modifiers and class initialization.

show abstract

Security by typing

Cited by 5 publications

References 33 publications

Cryptographic protocol for multipart missions involving two independent and distributed decision levels in a military context

Cryptographic protocol for multipart missions involving two independent and distributed decision levels in a military context

Formal Analysis of SET and NSL Protocols Using the Interpretation Functions-Based Method

A formal dynamic semantics of Java: an essential ingredient of Java security

Contact Info

Product

Resources

About