Applications of Constraint Satisfaction and Programming to Computer Security Problems

The security of distributed systems such as e-commerce, virtual private networks, e-administration. . . heavily depends on the possibility of securely transferring data over an insecure medium. This is the role of cryptographic protocols, which have been intensively studied during the past years. This line of research was fruitful since, during the AVISPA project, several flaws were detected by an automated analysis of industrial-scale protocols [1]. In particular we will consider the Human Equivalent Privacy properties of authentication and secrecy. We will first present how the search on a violation of these properties can be reduced to the satisfiability of some specially constructed reachability problems. After having presented the most important results in this area, we will present a result obtained in a joint work with M. Rusinowitch [2] on the combination of such problems and the application to the decidability and complexity of protocol analysis. We will also discuss the shortcomings of this approach with respect to cryptographically sound proofs, and present the AVISPA tool for automated protocol analysis in the case of perfect cryptography assumption.

[1]  Moni Naor,et al.  On Memory-Bound Functions for Fighting Spam , 2003, CRYPTO.

[2]  Andrew D. Gordon,et al.  Types and effects for asymmetric cryptographic protocols , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[3]  Emden R. Gansner,et al.  An open graph visualization system and its applications to software engineering , 2000 .

[4]  Adrian Walker,et al.  Towards a Theory of Declarative Knowledge , 1988, Foundations of Deductive Databases and Logic Programming..

[5]  Michael J. Fischer,et al.  The String-to-String Correction Problem , 1974, JACM.

[6]  Catherine A. Meadows,et al.  The NRL Protocol Analyzer: An Overview , 1996, J. Log. Program..

[7]  Paul Syverson,et al.  A formal language for cryptographic protocol requirements , 1996 .

[8]  Georgios Paliouras,et al.  Filtron: A Learning-Based Anti-Spam Filter , 2004, CEAS.

[9]  Joshua D. Guttman,et al.  Programming Cryptographic Protocols , 2005, TGC.

[10]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[11]  Peter Van Roy,et al.  Concepts, Techniques, and Models of Computer Programming , 2004 .

[12]  Giorgio Delzanno,et al.  A bottom-up semantics for linear logic programs , 2000, PPDP '00.

[13]  Mads Haahr,et al.  Personalised, Collaborative Spam Filtering , 2004, CEAS.

[14]  Flemming Nielson,et al.  Flow Logic: A Multi-paradigmatic Approach to Static Analysis , 2002, The Essence of Computation.

[15]  David Harel,et al.  Computable Queries for Relational Data Bases , 1980, J. Comput. Syst. Sci..

[16]  Sandro Etalle,et al.  Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols , 2001, LOPSTR.

[17]  Peter Van Roy,et al.  A Practical Formal Model for Safety Analysis in Capability-Based Systems , 2005, TGC.

[18]  Brett Watson,et al.  Beyond Identity: Addressing Problems that Persist in an Electronic Mail System with Reliable Sender Identification , 2004, CEAS.

[19]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[20]  Andrew McCallum,et al.  A comparison of event models for naive bayes text classification , 1998, AAAI 1998.

[21]  Kang Li,et al.  Shall We Stop All Unsolicited Email Messages? , 2004, CEAS.

[22]  William S. Yerazunis,et al.  Spam filtering using a Markov random field model with variable weighting schemas , 2004, Fourth IEEE International Conference on Data Mining (ICDM'04).

[23]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .

[24]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[25]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[26]  Jack B. Dennis,et al.  Programming semantics for multiprogrammed computations , 1966, CACM.

[27]  Moni Naor,et al.  VERI CATION OF A HUMAN IN THE LOOP OR IDENTI CATION VIA THE TURING TEST , 1996 .

[28]  Yannick Chevalier,et al.  Combining Intruder Theories , 2005, ICALP.

[29]  Stéphanie Delaune,et al.  A decision procedure for the verification of security protocols with explicit destructors , 2004, CCS '04.

[30]  Flemming Nielson,et al.  Automatic validation of protocol narration , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[31]  Zohar Manna,et al.  The optimal approach to recursive programs , 1977, Commun. ACM.

[32]  Paul Resnick,et al.  Reputation systems , 2000, CACM.

[33]  David Chan,et al.  Constructive Negation Based on the Completed Database , 1988, ICLP/SLP.

[34]  Sandro Etalle,et al.  PS-LTL for Constraint-Based Security Protocol Analysis , 2005, ICLP.

[35]  A. Karr,et al.  Computer Intrusion: Detecting Masquerades , 2001 .

[36]  Gert Smolka,et al.  The Oz Programming Model , 1996, Computer Science Today.

[37]  Emden R. Gansner,et al.  Drawing graphs with dot , 2006 .

[38]  Pieter H. Hartel,et al.  A Trace Logic for Local Security Properties , 2005, Electron. Notes Theor. Comput. Sci..

[39]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[40]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[41]  Matthias Schonlau,et al.  Detecting masquerades in intrusion detection based on unpopular commands , 2000, Inf. Process. Lett..

[42]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[43]  Sebastian Mödersheim,et al.  Constraint differentiation: A new reduction technique for constraint-based analysis of security protocols , 2003 .

[44]  Emden R. Gansner,et al.  An open graph visualization system and its applications to software engineering , 2000, Softw. Pract. Exp..

[45]  Melvin Fitting,et al.  A Kripke-Kleene Semantics for Logic Programs , 1985, J. Log. Program..

[46]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[47]  Sushil Jajodia,et al.  A logic-based framework for attribute based access control , 2004, FMSE '04.

[48]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[49]  Grigore Rosu,et al.  Testing Linear Temporal Logic Formulae on Finite Execution Traces , 2001 .

[50]  Peter J. Stuckey,et al.  Negation and Constraint Logic Programming , 1995, Inf. Comput..

[51]  Duminda Wijesekera,et al.  A policy driven approach to email services , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[52]  Trevor Tompkins,et al.  Giving e-mail back to the users: Using digital signatures to solve the spam problem , 2003, First Monday.

[53]  Richard J. Lipton,et al.  A Linear Time Algorithm for Deciding Subject Security , 1977, JACM.

[54]  François Fages,et al.  Constructive Negation by Pruning , 1997, J. Log. Program..

[55]  Sjouke Mauw,et al.  Defining authentication in a trace model , 2003 .

[56]  Sandro Etalle,et al.  An Improved Constraint-Based System for the Verification of Security Protocols , 2002, SAS.

[57]  Michael J. Maher A Transformation System for Deductive Database Modules with Perfect Model Semantics , 1989, FSTTCS.

[58]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[59]  Vitaly Shmatikov,et al.  Constraint solving for bounded-process cryptographic protocol analysis , 2001, CCS '01.

[60]  Lawrence Snyder,et al.  The transfer of information and authority in a protection system , 1979, SOSP '79.

[61]  Jonathan S. Shapiro,et al.  Paradigm Regained: Abstraction Mechanisms for Access Control , 2003, ASIAN.

[62]  Calton Pu,et al.  Resisting SPAM Delivery by TCP Damping , 2004, CEAS.

[63]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[64]  Bruno Blanchet,et al.  Automatic proof of strong secrecy for security protocols , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[65]  Matt Bishop,et al.  Extending The Take-Grant Protection System , 1996 .

[66]  Catherine A. Meadows,et al.  Formal specification and analysis of the Group Domain Of Interpretation Protocol using NPATRL and the NRL Protocol Analyzer , 2004, J. Comput. Secur..

[67]  Christian Schulte Programming Constraint Services: High-Level Programming of Standard and New Constraint Services , 2002 .

[68]  Richard Clayton,et al.  Stopping Spam by Extrusion Detection , 2004, CEAS.

[69]  Nathaniel S. Borenstein,et al.  A Multifaceted Approach to Spam Reduction , 2004, CEAS.