From compa at dist.unige.it Fri Dec 2 20:25:54 2005 From: compa at dist.unige.it (Luca Compagna) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] AVISPA web interface down In-Reply-To: <438D664C.30208@dist.unige.it> References: <438CDDFA.8000506@sims.berkeley.edu> <438D664C.30208@dist.unige.it> Message-ID: <43909FC2.4090203@dist.unige.it> Dear AVISPA users, the AVISPA web interface is again up-and-running! All these troubles have been due to intensive memory swap in the machine running the AVISPA backends (i.e. OFMC, SATMC, CL-AtSe, and TA4SP). To solve this issue we have imposed that a limited number of AVISPA backends can be run concurrently. When the message "Sorry too many backends are running and there are not enough resources available. Please try later.." is returned to you means that this limit has been exceeded. Moreover each backend process is limited to run up to 200 MB RAM. As soon as the backend process requires more than 200MB, the process is killed by the Operating System. This is the best we can do at the moment. Notice that the AVISPA web interface is not meant to be used for time and memory intensive experiments but just as a demo for presenting the tool. For intensive test we recommend to download the AVISPA package. Best regards, Luca -- Luca Compagna, Ph.D. Research Scientist E-mail: compa@dist.unige.it http://www.ai.dist.unige.it/compagna ======================================================= AI-Lab - DIST - University of Genova Viale Causa 13, 16145 Genova, ITALY phone: ++39.(0)10.353-6545 fax: ++39.(0)10.353-2948 ======================================================= Jacopo Mantovani wrote: > Hi Jeffrey, > > you're right, the same problem has occurred again. Currently, > the machine that hosts the backends and the translator is down and > we're checking what's going on with it. A proper notice has > been put online on the AVISPA web pages. > > We will inform you (and all the mailing list members) as soon > as we fix the problem. > > Sorry, we apologize for this inconvenient. > > Best Regards, > > Jacopo. > > Jeffrey Kalvass wrote: > >> Hello. I am experiencing the same issue with the web-interface as >> reported a few weeks back. > > >> I think this has occured again. Can somebody please check into this? >> Thank you, >> >> Jeff > > From compa at dist.unige.it Mon Dec 5 06:55:44 2005 From: compa at dist.unige.it (Luca Compagna) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] Re: AVISPA web tool down again In-Reply-To: <200512040053.jB40rhMI032717@taverner.CS.Berkeley.EDU> References: <200512040053.jB40rhMI032717@taverner.CS.Berkeley.EDU> Message-ID: <4393D660.9070205@dist.unige.it> Dear David, we apologize for all these troubles. Unfortunately the machine on which the AVISPA web interface runs crashed over the week-end. I have just rebooted it, but given the last events this machine is not reliable. We will have a meeting today for seeing if possible to setup a new machine soon. David Wagner wrote: >FYI, the AVISPA web interface seems to be having trouble again. >It gives the following error: > > >AVISPA Web Tool >=============== > >The HLPSL2IF translator is reporting the following error: > >Secure connection to 130.251.7.42 refused. > > > >Is the software to run my own copy of the AVISPA web page interface >available in the AVISPA distribution? > The software of the web-interface is not distributed. It will be soon. >I'm having my undergraduate class >use this in their class project, and I'd be happy to run a separate copy >of the web page on my own machine just for my class if that makes things >any easier. > > I am going to send to you the source code of the web interface with details on how to install it in a separate mail. Best regards, Luca >Thanks. > > > From daw at cs.berkeley.edu Sun Dec 4 01:53:43 2005 From: daw at cs.berkeley.edu (David Wagner) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] AVISPA web tool down again Message-ID: <200512040053.jB40rhMI032717@taverner.CS.Berkeley.EDU> FYI, the AVISPA web interface seems to be having trouble again. It gives the following error: AVISPA Web Tool =============== The HLPSL2IF translator is reporting the following error: Secure connection to 130.251.7.42 refused. Is the software to run my own copy of the AVISPA web page interface available in the AVISPA distribution? I'm having my undergraduate class use this in their class project, and I'd be happy to run a separate copy of the web page on my own machine just for my class if that makes things any easier. Thanks. From daw at cs.berkeley.edu Mon Dec 5 09:15:47 2005 From: daw at cs.berkeley.edu (David Wagner) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] Re: AVISPA web tool down again In-Reply-To: <4393D660.9070205@dist.unige.it> from "Luca Compagna" at Dec 05, 2005 06:55:44 AM Message-ID: <200512050815.jB58FlBv017101@taverner.CS.Berkeley.EDU> > Dear David, > we apologize for all these troubles. Unfortunately the machine on which > the > AVISPA web interface runs crashed over the week-end. I have just rebooted > it, but given the last events this machine is not reliable. We will have a > meeting today for seeing if possible to setup a new machine soon. No problem. I'm sorry to cause you trouble. > I am going to send to you the source code of the web interface with > details on how to install it in a separate mail. Wonderful! Thank you very much! This is a great resource, and I very much appreciate your help in enabling my students to learn to use the AVISPA tools. Thanks again, -- David From bhavin.desai at logicacmg.com Fri Dec 9 11:02:52 2005 From: bhavin.desai at logicacmg.com (Desai, Bhavin) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] Hello and Introduction Message-ID: <6216396AEBE36247BF62B505A88ADA0A0C222E83@uk-ex002.groupinfra.com> Hello, How are you? I am taking the (part time) MSc in Information Security at Royal Holloway University of London. I would appreciate any comments or suggestions that you have regarding my initial ideas as described below. I would like to do my MSc project (to be completed by 8 September 2006) on mathematical analysis of security protocols. The BAN logic (Mike Burrows, Martin Abadi, and Roger Needham) may provide a good starting point since it was the first and is probably the most famous analytical method. However, there are other formal methodologies. Some suitable websites that I have found as a result of an initial search are as follows (although I have not investigated them very deeply at present): * http://www.avispa-project.org/ (of course) * http://www.cl.cam.ac.uk/users/lcp/papers/protocols.html * http://www.stcatz.ox.ac.uk/academic_staff_pages/lowe_gavin.htm * http://portal.surrey.ac.uk/portal/page?_pageid=798,332537&_dad=portal&_s chema=PORTAL * And many others!!! It would be interesting to see if the newer methods can find known (and possibly additional) vulnerabilities that have already been found by utilisation of the traditional methods, but perhaps shorter, faster or more elegantly. It may also be interesting to see whether security protocols that have not yet been formally analysed could be subjected to modern mathematical analyses. To find a significant vulnerability in a relatively new protocol would be an excellent bonus for this MSc project, although the time constraints may preclude this eventuality. In addition to the MSc in Information Security which is in progress at present, my formal academic & professional qualifications are as follows: * BSc, Grade II(i), Pure Mathematics, University of Kent, 1984. * MPhil (by thesis), Mathematical Logic, University of Nottingham, 1987. * BCS ISEB Certificate in Information Security Management Principles, 2000. * Certified Information Systems Security Professional (CISSP), 2004. * (plus many other smaller/specialised security courses and training.) A brief overview of my career and experience is as follows. In the Systems Assurance Division of EDS in the early 1990s I was in a team that developed a Z tool in Lisp on Sun workstations, for CESG. Then I moved into projects performing safety critical static source code analysis using SPADE and MALPAS. We also developed a proprietary static code analysis tool written initially in Prolog and then completely rewritten in SML. After that I joined the CLEF part of EDS to do an ITSEC E3 evaluation of a database. In 1996 I joined the Logica CLEF to do further ITSEC and Common Criteria evaluations covering operating systems, databases, firewalls, crypto tools, etc. From 2000 to 2002 I worked for Platform 7 Limited (which was bought by Datacard) on smart card security. I am currently in the LogicaCMG CLEF at Leatherhead, doing Common Criteria security evaluations and consultancy. Thanks in advance for your general comments on the above. I look forward to your reply. Bhavin. _____________ Bhavin Desai Security Consultant Security Practice LogicaCMG Chaucer House Springfield Drive Leatherhead Surrey KT22 7LP United Kingdom T: +44 (0) 1372 369 639 F: +44 (0) 1372 369834 e: bhavin.desai@logicacmg.com w: http://www.logicacmg.com/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://carroll.ai.dist.unige.it/pipermail/avispa-users/attachments/20051209/7c3d8a2f/attachment-0002.htm From compa at dist.unige.it Mon Dec 12 18:35:10 2005 From: compa at dist.unige.it (Luca Compagna) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] CFP: 5th Conference on Security and Network Architectures (SAR 2006) Message-ID: <439DB4CE.9070406@dist.unige.it> ========================================================================== We apologize for multiple copies of this call for papers ========================================================================== Call for Papers / Appel ? soumissions 5th Conference on Security and Network Architectures (SAR 2006) Co-located with the 3rd Conference on Security in Information Systems (SSI) VVF Les Tuquets, Seignosse, France - 6-9 juin 2006 http://csysec.univ-pau.fr/sarssi/ ========================================================================== After the success of the four former SAR conferences, SAR 2006 will take place in Seignosse, France. SAR 2006 covers a large spectrum of research on security and network architectures. The purpose of the conference is to offer to the computer science community - engineers, researchers, teachers and students - the opportunity to discuss advances in research and development in network security. The conference will enable scientists to present the last advances in the network security domain and to analyze the impact of these emerging technologies on this domain. Part of the conference is devoted to tutorials in advanced fields of security in order to encourage interactions and exchanges between participants. Papers offering novel research contributions in any aspect of computer security or electronic privacy are solicited for submission to the 2006 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. This Year: SAR 2006 is open to submissions not only of full-length papers but also short papers (extended abstracts) describing less mature work. Submissions can be either in French or English, see the web site for details. From Michael.Rusinowitch at loria.fr Fri Dec 16 15:49:45 2005 From: Michael.Rusinowitch at loria.fr (Michael Rusinowitch) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] postdoc position at loria Message-ID: <17314.54281.880523.817419@villette.loria.fr> Postdoctoral position at LORIA Nancy: ------------------------------------ A postdoctoral position is available starting from january 2006 (can be renewed for a second year). The researcher will work in Cassis project and will investigate the application of automated proof systems developed by Cassis to testing security policies for embedded systems in the context of an industrial project with LEIRIOS and Axalto. For application please send a CV, brief statement, and addresses of references to: Michael Rusinowitch E-mail: " rusi at loria.fr " Web page: http://www.loria.fr/equipes/cassis/