SS > book reviews > Peter Y. A. Ryan

Security protocols are one of the most critical elements in enabling the secure communication and processing of information, ensuring its confidentiality, integrity, authenticity and availability. These protocols are vulnerable to a host of subtle attacks, so designing protocols to be impervious to such attacks has proved to be extremely challenging and error prone.

This book provides a thorough and detailed understanding of one of the most effective approaches to the design and evaluation of security critical systems, describing the role of security protocols in distributed secure systems and the vulnerabilities to which they are prey.

The authors introduce security protocols, the role they play and the cryptographic mechanisms they employ, and progress to detail their role in security architectures, e-commerce, e-cash and so on. Precise characterizations of key concepts in information security, such as confidentiality, authentication and integrity are discussed and a range of tools and techniques are described which will ensure that a protocol guarantees certain security services under appropriate assumptions.

• Fred B. Schneider. Lifting reference models from the kernel. 2003: (keynote talk: extended abstract)
• Andy Gordon. Authenticity types for cryptographic protocols. 2003: (invited talk: extended abstract)
• Lawrence C. Paulson. Verifying the SET protocol: overview. 2003: (invited talk)
• David von Oheimb. Interacting State Machines: a stateful approach to proving security. 2003
• Frederic Oehl, Gerard Cece, Olga Kouchnarenko, David Sinclair. Automatic approximation for the verification of cryptographic protocols. 2003
• Colin Boyd, Kapali Viswanathan. Towards a formal specification of the Bellare-Rogaway model for protocol analysis. 2003
• Susan Stepney. Critical critical systems. 2003: (invited talk) full paper
• Dieter Gollmann. Analysing security protocols. 2003: (invited talk)
• Gethin Norman, Vitaly Shmatikov. Analysis of probabilistic contract signing. 2003
• Sigrid Gurgens, Carsten Rudolph. Security analysis of (un-)fair non-repudiation protocols. 2003
• Joseph Y. Halpern, Riccardo Pucella. Modeling adversaries in a logic for security protocol analysis. 2003
• M. Debbabi, J. Desharnais, M. Fourati, E. Menif, F. Painchaud, N. Tawbi. Secure self-certified code for Java. 2003
• J. Anthony Hall. Z styles for security properties and modern user interfaces. 2003
• B. Preneel. Cryptographic challenges: the past and the future. 2003: (invited talk)
• Ernie Cohen. TAPS: the last few slides. 2003: (invited talk)
• Antonio Durante, Roberto Di Pietro, Luigi V. Mancini. Formal specification for fast automatic IDS training. 2003
• Gordon Thomas Rohrmair, Gavin Lowe. Using CSP to detect insertion and evasion possibilities within the intrusion detection area. 2003
• Felix C. Gartner. Revisiting liveness properties in the context of secure systems. 2003

author : Peter Y. A. Ryan

Books

Books : reviews

Peter Y. A. Ryan, Steve Schneider, Michael Goldsmith, Gavin Lowe, A. W. Roscoe.
The Modelling and Analysis of Security Protocols: the CSP approach.
Addison Wesley. 2001

Ali E. Abdallah, Peter Y. A. Ryan, Steve Schneider, eds.
Formal Aspects of Security: FASec 2002 revised papers.
Springer. 2003

Contents