English
Related papers

Related papers: TulaFale: A Security Tool for Web Services

200 papers

Modern web applications often rely on third-party services to provide their functionality to users. The secure integration of these services is a non-trivial task, as shown by the large number of attacks against Single Sign On and…

Cryptography and Security · Computer Science 2021-01-18 Lorenzo Veronese , Stefano Calzavara , Luca Compagna

We report on the software engineering design and implementation of an web- and LDAP-based secure file exchange system with bi-directional authentication of all parties involved in the process that is the user's browsers and the application…

Cryptography and Security · Computer Science 2011-01-25 Serguei A. Mokhov , Marc-André Laverdière , Ali Benssam , Djamel Benredjem

Static analysis approximates the results of a program by examining only its syntax. For example, control-flow analysis (CFA) determines which syntactic lambdas (for functional languages) or (for object-oriented) methods may be invoked at…

Programming Languages · Computer Science 2021-07-28 Davis Ross Silverman , Yihao Sun , Kristopher Micinski , Thomas Gilray

Authors of cryptographic software are well aware that their code should not leak secrets through its timing behavior, and, until 2018, they believed that following industry-standard constant-time coding guidelines was sufficient. However,…

Cryptography and Security · Computer Science 2025-09-11 Shixin Song , Tingzhen Dong , Kosi Nwabueze , Julian Zanders , Andres Erbsen , Adam Chlipala , Mengjia Yan

Security of cryptographic protocols can be analysed by creating a model in a formal language and verifying the model in a tool. All such tools focus on the last part of the analysis, verification, and the interpretation of the specification…

Cryptography and Security · Computer Science 2022-04-06 Roberto Metere , Luca Arnaboldi

The pi calculus is a basic theory of mobile communication based on the notion of interaction, which, aimed at analyzing and modelling the behaviors of communication process in communicating and mobile systems, is widely applied to the…

Cryptography and Security · Computer Science 2023-12-06 Fusheng Wu , Jinhui Liu , Yanbing Li , Mingtao Ni

Security APIs, key servers and protocols that need to keep the status of transactions, require to maintain a global, non-monotonic state, e.g., in the form of a database or register. However, most existing automated verification tools do…

Cryptography and Security · Computer Science 2018-05-29 Steve Kremer , Robert Künnemann

Privacy analysis is critical but also a time-consuming and tedious task. We present a formalization which eases designing and auditing high-level privacy properties of software architectures. It is incorporated into a larger policy analysis…

Cryptography and Security · Computer Science 2018-06-11 Marcel von Maltitz , Cornelius Diekmann , Georg Carle

Explainable Artificial Intelligence (XAI) aims to make machine learning models transparent and trustworthy, yet most current approaches communicate explanations visually or through text. This paper introduces an information theoretic…

Human-Computer Interaction · Computer Science 2026-02-10 Mona Rajhans , Vishal Khawarey

TAP, the Table Access Protocol, is a Virtual Observatory (VO) protocol for executing queries in remote relational databases using ADQL, an SQL-like query language. It is one of the most powerful components of the VO, but also one of the…

Instrumentation and Methods for Astrophysics · Physics 2015-12-22 Mark Taylor

Single Sign-On (SSO) protocols streamline user authentication with a unified login for multiple online services, improving usability and security. One of the most common SSO protocol frameworks - the Security Assertion Markup Language V2.0…

Cryptography and Security · Computer Science 2026-01-21 Zvonimir Hartl , Ante Đerek

In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application's own code. This leaves the application's confidential data vulnerable to theft and leakage by…

Cryptography and Security · Computer Science 2023-05-09 Abhishek Bichhawat , Vineet Rajani , Jinank Jain , Deepak Garg , Christian Hammer

The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this…

Logic in Computer Science · Computer Science 2017-01-11 Chen Chen , Limin Jia , Hao Xu , Cheng Luo , Wenchao Zhou , Boon Thau Loo

APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…

Cryptography and Security · Computer Science 2025-07-24 Senthilkumar Gopal

In this work we present and formally analyze CHAT-SRP (CHAos based Tickets-Secure Registration Protocol), a protocol to provide interactive and collaborative platforms with a cryptographically robust solution to classical security issues.…

Cryptography and Security · Computer Science 2012-09-07 Jesus Diaz , David Arroyo , Francisco B. Rodriguez

Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities…

Cryptography and Security · Computer Science 2016-06-03 Mohsen Toorani

This paper describes a new password-based mutual authentication protocol for Web systems which prevents various kinds of phishing attacks. This protocol provides a protection of user's passwords against any phishers even if dictionary…

Cryptography and Security · Computer Science 2009-11-30 Yutaka Oiwa , Hajime Watanabe , Hiromitsu Takagi

We introduce a scalable, modular, and sound approach for automatically constructing formal security specifications for Java bytecode programs in the form of method summaries. A summary provides an abstract representation of a method's…

Cryptography and Security · Computer Science 2025-12-24 Narges Khakpour , Nicolas Berthier

Use of formal techniques for verifying the security features of electronic commerce protocols would facilitate, the enhancement of reliability of such protocols, thereby increasing their usability. This paper projects the application of…

Cryptography and Security · Computer Science 2011-01-11 Suvansh Lal

Context: The goal of specification pattern catalogs for real-time requirements is to mask the complexity of specifying such requirements in a timed temporal logic for verification. For this purpose, they provide frontends to express and…

Software Engineering · Computer Science 2022-11-09 Thomas Vogel , Marc Carwehl , Genaína Nunes Rodrigues , Lars Grunske