AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations
暂无分享,去创建一个
Jun Sun | Yang Liu | Jin Song Dong | Prateek Saxena | Guozhu Meng | Guangdong Bai | Jike Lei | Sai Sathyanarayan Venkatraman | P. Saxena | Jun Sun | Guozhu Meng | Yang Liu | J. Dong | Guangdong Bai | Jike Lei
[1] Kirstie Hawkey,et al. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures , 2012, Computers & security.
[2] Martín Abadi,et al. A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..
[3] Cas J. F. Cremers,et al. The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.
[4] Guofei Gu,et al. TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection , 2010, 2010 IEEE Symposium on Security and Privacy.
[5] John Ulrich,et al. Automated Analysis of Cryptographic Protocols Using Mur ' , 1997 .
[6] Martín Abadi,et al. A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.
[7] Gavin Lowe,et al. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.
[8] XiaoFeng Wang,et al. InteGuard: Toward Automatic Protection of Third-Party Web Service Integrations , 2013, NDSS.
[9] P. Saxena,et al. The Emperor ’ s New APIs : On the ( In ) Secure Usage of New Client-side Primitives , 2010 .
[10] Bruno Blanchet,et al. An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..
[11] Jun Sun,et al. PAT: Towards Flexible Verification under Fairness , 2009, CAV.
[12] Steve Hanna,et al. A Symbolic Execution Framework for JavaScript , 2010, 2010 IEEE Symposium on Security and Privacy.
[13] Thomas Groß,et al. Security analysis of the SAML single sign-on browser/artifact profile , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[14] Dawn Xiaodong Song,et al. Athena: a new efficient automatic checker for security protocol analysis , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.
[15] Gavin Lowe,et al. A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.
[16] Dawn Xiaodong Song,et al. Towards a Formal Foundation of Web Security , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.
[17] Avik Chaudhuri,et al. Automated Formal Analysis of a Protocol for Secure File Sharing on Untrusted Storage , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[18] XiaoFeng Wang,et al. Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services , 2012, 2012 IEEE Symposium on Security and Privacy.
[19] Martín Abadi,et al. A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.
[20] Jörg Schwenk,et al. On Breaking SAML: Be Whoever You Want to Be , 2012, USENIX Security Symposium.
[21] Steve Hanna,et al. FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications , 2010, NDSS.
[22] Giorgio Delzanno,et al. Automatic Verification of Time Sensitive Cryptographic Protocols , 2004, TACAS.
[23] Danny Dolev,et al. On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).
[24] Caterina Urban,et al. Formal analysis of Facebook Connect Single Sign-On authentication protocol , 2010 .
[25] John C. Mitchell,et al. Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).
[26] Alessandro Armando,et al. Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.
[27] Bruno Blanchet,et al. Computationally Sound Mechanized Proofs of Correspondence Assertions , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).
[28] Bruce Schneier,et al. Analysis of the SSL 3.0 protocol , 1996 .
[29] Andy Chou,et al. A simple method for extracting models from protocol code , 2001, Proceedings 28th Annual International Symposium on Computer Architecture.
[30] Martín Abadi,et al. A semantics for a logic of authentication (extended abstract) , 1991, PODC '91.
[31] Hanne Riis Nielson,et al. Using static analysis to validate the SAML single sign-on protocol , 2005, WITS '05.
[32] Simon S. Lam,et al. A semantic model for authentication protocols , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.
[33] Jan Jürjens,et al. Extracting and verifying cryptographic models from C protocol code by symbolic execution , 2011, CCS '11.