Techniques for Security Checking: Non Interference vs Control Flow Analysis

Abstract We model, in a process algebra framework, a variant of the well known Wide Mouthed Frog security protocol. Its relevant security properties are addressed both from a dynamic and static point of view, having operational semantics as a common starting point. In one case, we exploit techniques based on Non-Interference, while in the other one we rely on Control Flow Analysis. We then compare these techniques

A Global Occurrence Counting Analysis for Brane Calculi

We propose a polynomial static analysis for Brane Calculi, based on Abstract Interpretation techniques. The analysis provides a description of the possible hierarchical structure of membranes and of the processes possibly associated to each membrane, together with global occurrence counting information. Our analysis can be applied in the biological setting to investigate systems in which the information on the number of membranes occurring in the system plays a crucial role

What Are Polymorphically-Typed Ambients?

Abstract: The Ambient Calculus was developed by Cardelli and Gordon as a formal framework to study issues of mobility and migrant code. We consider an Ambient Calculus where ambients transport and exchange programs rather that just inert data. We propose different senses in which such a calculus can be said to be polymorphically typed, and design accordingly a polymorphic type system for it. Our type system assigns types to embedded programs and what we call behaviors to processes; a denotational semantics of behaviors is then proposed, here called trace semantics, underlying much of the remaining analysis. We state and prove a Subject Reduction property for our polymorphically typed calculus. Based on techniques borrowed from finite automata theory, type-checking of fully type-annotated processes is shown to be decidable; the time complexity of our decision procedure is exponential (this is a worst-case in theory, arguably not encountered in practice). Our polymorphically-typed calculus is a conservative extension of the typed Ambient Calculus originally proposed by Cardelli and Gordon

Bounding Reactions in the Pi-calculus using Interpretations

Resource control ; concurrency ; interpretation methodsInternational audienceWe present a new resource static analysis for the pi-calculus that provides upper bounds on the number of reactions that might occur at runtime for a given process. This work is complementary to previous results on termination of processes by capturing strictly more processes, since it captures all the strongly normalizing processes, and by providing precise upper bounds on the number of communications on each channel. For that purpose, it combines interpretation methods, inspired by polynomial interpretations introduced in order to study the complexity of term rewrite systems, with a notion of resource process that mimics reaction keeping information about resource consumption in terms of communication. We also show that presented analysis is general and can be easily adapted to study space properties of processes (for example, upper bounds on the size of the maximal value sent on a given channel during reaction)

Analysis of security protocols as open systems

We propose a methodology for the formal analysis of security protocols. This originates from the observation that the verification of security protocols can be conveniently treated as the verification of open systems, i.e. systems which may have unspecified components. These might be used to represent a hostile environment wherein the protocol runs and whose behavior cannot be predicted a priori. We define a language for the description of security protocols, namely Crypto-CCS, and a logical language for expressing their properties. We provide an effective verification method for security protocols which is based on a suitable extension of partial model checking. Indeed, we obtain a decidability result for the secrecy analysis of protocols with a finite number of sessions, bounded message size and new nonce generation

A static analysis for Brane Calculi providing global occurrence counting information

In this paper we propose a static analysis for Brane Calculi [1], based on Abstract Interpretation [2] techniques. Our analysis statically approximates the dynamic behaviour of Brane systems, by providing a description of the possible hierarchical structure of membranes and of the processes possibly associated to each membrane, together with global occurrence counting information. Our analysis can be computed in polynomial time. We apply it to investigate several biological systems in which occurrence counting information plays a crucial role. In particular, our case study concerns the formation of the haemoglobin polymer in presence of alterations and investigate the influence that such alterations have on the ability of the haemoglobin polymer to bind oxygen molecules

Analysis of Security Protocols as Open Systems

We propose a methodology for the formal analysis of security protocols. This originates from the observation that the verification of security protocols can be conveniently treated as the verification of {em open} systems, i.e. systems which may have unspecified components. These might be used to represent a hostile environment wherein the protocol runs and whose behavior cannot be predicted a priori. We define a language for the description of security protocols, namely Crypto-CCS, and a logical language for expressing their properties. We provide an effective verification method for security protocols which is based on a suitable extension of partial model checking. Indeed, we obtain a decidability result for the secrecy analysis of protocols with a finite number of sessions, bounded message size and new nonce generation