1,068 research outputs found
Formal Analysis of Vulnerabilities of Web Applications Based on SQL Injection (Extended Version)
We present a formal approach that exploits attacks related to SQL Injection
(SQLi) searching for security flaws in a web application. We give a formal
representation of web applications and databases, and show that our
formalization effectively exploits SQLi attacks. We implemented our approach in
a prototype tool called SQLfast and we show its efficiency on real-world case
studies, including the discovery of an attack on Joomla! that no other tool can
find
Effective reduction of cryptographic protocols specification for model-checking with Spin
In this article a practical application of the Spin model checker for verifying cryptographic
protocols was shown. An efficient framework for specifying a minimized protocol model while
retaining its functionality was described. Requirements for such a model were discussed, such
as powerful adversary, multiple protocol runs and a way of specifying validated properties as
formulas in temporal logic
Analysis of security protocols as open systems
We propose a methodology for the formal analysis of security protocols. This originates from the observation that the verification of security protocols can be conveniently treated as the verification of open systems, i.e. systems which may have unspecified components. These might be used to represent a hostile environment wherein the protocol runs and whose behavior cannot be predicted a priori. We define a language for the description of security protocols, namely Crypto-CCS, and a logical language for expressing their properties. We provide an effective verification method for security protocols which is based on a suitable extension of partial model checking. Indeed, we obtain a decidability result for the secrecy analysis of protocols with a finite number of sessions, bounded message size and new nonce generation
- âŚ