From Mohamed-Salah.Bouassida at loria.fr Fri Jan 20 18:23:51 2006 From: Mohamed-Salah.Bouassida at loria.fr (Mohamed Salah Bouassida) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] problem in the AVISPA web page Message-ID: <43D11CA7.8090600@loria> Hello, there is a problem in the web page of the AVISPA tool, at any execution, we obtain the following message: Sorry too many backends are running and there are not enough resources available. Please try later.. Best regards, Mohamed Salah From armando at armandobook.mrg.dist.unige.it Mon Jan 23 17:11:10 2006 From: armando at armandobook.mrg.dist.unige.it (Alessandro Armando) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] Hello and Introduction In-Reply-To: Message from "Desai, Bhavin" of "Fri, 09 Dec 2005 10:02:52 GMT." <6216396AEBE36247BF62B505A88ADA0A0C222E83@uk-ex002.groupinfra.com> Message-ID: <20060123161115.73BFE1E72F4@armandobook.mrg.dist.unige.it> Dear Desai, sorry for taking so long to reply. You may find a concise description of the AVISPA Tool as well as a brief summary of experimental results showing the level of automation that our tool is capable of at the following URL: http://www.avispa-project.org/papers/avispa-cav05.ps This paper, together with the information available at the AVISPA web page, provides a good starting point. Should you need further information please do not hesitate to contact us. We will be more reactive next time. I promise! :-) Best Regards, alessandro -- Alessandro Armando e-mail: armando@dist.unige.it Artificial Intelligence Laboratory http://www.ai.dist.unige.it/armando DIST - Universita' di Genova, phone: +39-0103532216 viale Causa 13, fax: +39-0103532948 16145 GENOVA, ITALY mobile: +39-3281003201 > Hello, > > > > How are you? I am taking the (part time) MSc in Information Security at > Royal Holloway University of London. I would appreciate any comments or > suggestions that you have regarding my initial ideas as described below. > > > > I would like to do my MSc project (to be completed by 8 September 2006) > on mathematical analysis of security protocols. The BAN logic (Mike > Burrows, Martin Abadi, and Roger Needham) may provide a good starting > point since it was the first and is probably the most famous analytical > method. However, there are other formal methodologies. Some suitable > websites that I have found as a result of an initial search are as > follows (although I have not investigated them very deeply at present): > > > > * http://www.avispa-project.org/ (of course) > > * http://www.cl.cam.ac.uk/users/lcp/papers/protocols.html > > * http://www.stcatz.ox.ac.uk/academic_staff_pages/lowe_gavin.htm > > * > http://portal.surrey.ac.uk/portal/page?_pageid=798,332537&_dad=portal&_s > chema=PORTAL > > * And many others!!! > > > > It would be interesting to see if the newer methods can find known (and > possibly additional) vulnerabilities that have already been found by > utilisation of the traditional methods, but perhaps shorter, faster or > more elegantly. It may also be interesting to see whether security > protocols that have not yet been formally analysed could be subjected to > modern mathematical analyses. To find a significant vulnerability in a > relatively new protocol would be an excellent bonus for this MSc > project, although the time constraints may preclude this eventuality. > > > > In addition to the MSc in Information Security which is in progress at > present, my formal academic & professional qualifications are as > follows: > > > > * BSc, Grade II(i), Pure Mathematics, University of Kent, 1984. > > * MPhil (by thesis), Mathematical Logic, University of > Nottingham, 1987. > > * BCS ISEB Certificate in Information Security Management > Principles, 2000. > > * Certified Information Systems Security Professional (CISSP), > 2004. > > * (plus many other smaller/specialised security courses and > training.) > > > > A brief overview of my career and experience is as follows. In the > Systems Assurance Division of EDS in the early 1990s I was in a team > that developed a Z tool in Lisp on Sun workstations, for CESG. Then I > moved into projects performing safety critical static source code > analysis using SPADE and MALPAS. We also developed a proprietary static > code analysis tool written initially in Prolog and then completely > rewritten in SML. After that I joined the CLEF part of EDS to do an > ITSEC E3 evaluation of a database. In 1996 I joined the Logica CLEF to > do further ITSEC and Common Criteria evaluations covering operating > systems, databases, firewalls, crypto tools, etc. From 2000 to 2002 I > worked for Platform 7 Limited (which was bought by Datacard) on smart > card security. I am currently in the LogicaCMG CLEF at Leatherhead, > doing Common Criteria security evaluations and consultancy. > > > > Thanks in advance for your general comments on the above. > > > > I look forward to your reply. > > > > Bhavin. > > _____________ > > > > Bhavin Desai > > Security Consultant > > Security Practice > > LogicaCMG > > Chaucer House > > Springfield Drive > > Leatherhead > > Surrey > > KT22 7LP > > United Kingdom > > T: +44 (0) 1372 369 639 > > F: +44 (0) 1372 369834 > > e: bhavin.desai@logicacmg.com > > w: http://www.logicacmg.com/ > > > > > > > > > > > > > > > > This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. > _______________________________________________ > Avispa-users mailing list > Avispa-users@avispa-project.org > http://www.avispa-project.org/mailman/listinfo/avispa-users From Michael.Rusinowitch at loria.fr Tue Jan 24 17:49:39 2006 From: Michael.Rusinowitch at loria.fr (Michael Rusinowitch) Date: Tue May 2 17:43:48 2006 Subject: [Avispa-users] Workshop on Collaboration and Security Message-ID: <43D65AA3.7000704@loria> CALL FOR PAPERS Workshop on Collaboration and Security (COLSEC'06) The 2006 International Symposium on Collaborative Technologies and Systems (CTS'06) May 14-17, 2006 Las Vegas, Nevada, USA http://www.engr.udayton.edu/faculty/wsmari/cts06/ ------------------------------------------------------------------------- Submission Deadline: February 7, 2006 ------------------------------------------------------------------------- Brief Description: Collaboration relies on distributed systems that provide the required security properties. Virtual organizations often use the Internet to support collaboration. The Internet, operating systems and distributed environments currently suffer from poor security support and cannot resist common attacks (spamming, worms, session hijacking, buffer overflow, denial of service, social engineering, etc.). Collaborative organizations require better security properties (strong authentication, efficient encryption, Mandatory Access Control, insurance of confidentiality, integrity, non-repudiation and availability). Nowadays, collaborative organizations use new technologies such as mobile devices, smartcards, wireless networks, high performance networks and grid computing. These environments introduce new needs, requirements and difficulties related to security. Hence, collaborative organizations and technologies face several challenges in the field of security. This Workshop on Security and Collaboration - to be held as part of the 2006 International Symposium on Collaborative Technologies and Systems (CTS'06) - will focus on security issues related to collaborative systems with emphasis on distributed environments, smartcards, grid or clustering systems for cooperation, mobile and wireless cooperation. The aim is to have a dedicated workshop that fosters closer interactions among researchers and users communities, providing an excellent opportunity for them to meet and discuss their ideas. It addresses specifically relationships between collaborative systems and security. It intends to present new challenges and solutions related to latest security requirements, specific methods of access control enabling large scale cooperation, usage of mobile technologies and smartcards, new security infrastructures supporting better prevention, detection, recovery and healing in the context of cooperative systems. It will also consider security in different domains of application (e.g., e-Government, e-Business, Public Services, P2P, e-Social Security, Medical Collaboration, ...). We invite original contributions from researchers in academia, research institutions and industry on these emerging and important areas of information technology. Workshop topics include, but are not limited to, the following: * Frameworks for Security in Collaborative Systems * Access Control in Collaborative Environments * Trusted Operating Systems for Distributed Environments * Security of Grid and Cluster Architectures Supporting Cooperative Applications * Honeypots for Collaborative Systems * Intrusion and Attacks Detection for Collaborative Systems * Role Based, Reputation, and Trust * Encryption and Cryptography Systems Supporting Cooperative Systems * Use of Smartcards in the Context of Collaboration * Security in Mobile and Wireless Networks * Disclosure and Integrity Issues * Resistance to Denial of Service * Detection and Self-Recovery Schemes and Strategies Supporting Cooperation * Security for Specific Collaboration Domains (e.g., e-Government, e-Business, Public Services, P2P, e-Social Security, Medical Collaboration) Submission Instructions: Papers reporting original and unpublished research results on above and any other related topics are solicited. Submission should include a cover page with authors' names, affiliations, addresses, fax and phone numbers, and email addresses. Please indicate clearly the corresponding author. Include up to 6 keywords from the above list and an abstract of no more than 300 words. Please submit a PDF copy of your full manuscript (not to exceed 15 double-spaced pages including figures, tables, and references, or not to exceed 8 pages in length in single-space, two columns IEEE format Conference style) to christian.toinard@ensi-bourges.fr and jean-francois.lalande@ensi-bourges.fr. Electronic submissions will be accepted only in PDF format, sent at the email address above or uploaded at http://www.univ-orleans.fr/lifo/Manifestations/CTS2006/COLSEC2006/. For other electronic formats, please check with the organizers. Consistent with standard practice, each submitted paper will receive a minimum of three reviews. Papers will be selected based on their originality, timeliness, significance, relevance, and clarity of presentation. Initial selection will be based on full papers. Submission implies the willingness of at least one of the authors to register and present the paper, if accepted. All accepted papers in the Workshop are required to be presented and will be included in the Symposium proceedings. It is our intent to have the proceedings formally published in hard and soft copies and be available at the time of the conference. Further instructions will be provided at http://www.univ-orleans.fr/lifo/Manifestations/CTS2006/COLSEC2006/ Organizers Information: Prof. Christian Toinard and Dr Jean-Fran?ois Lalande Laboratoire d'Informatique Fondamentale d'Orl?ans (LIFO) ENSI-Bourges 10 Bld Lahitolle 18020 Bourges Cedex France Emails: christian.toinard@ensi-bourges.fr , jean-francois.lalande@ensi-bourges.fr Technical Program Committee: All submitted papers will be rigorously reviewed by the workshop technical program committee members. Dr. Elisa Bertino (Purdue University, USA) Dr. Jorge R. Cuellar(Siemens AG Corporate Technology, Germany) Dr. Nora Cuppens (ENST Bretagne, France) Dr. Michel Cukier (University of Maryland, USA) Dr. Jean-Bernard Fisher (Oberthur Card Systems, France) Mr. Vincent Glaume (CEA, France) Pr. Claude Godard (INRIA Lorraine, France) Pr. Herv? Guyennet (LIFC, France) Dr. Fabien Laguillaumie (INRIA Futurs/LIX, France) Dr. Volkmar Lotz (SAP, France) Pr. Pierre Paradinas (CNAM Paris, France) Dr. Emmanuel Prouff (Oberthur Card Systems, France) Dr. Michael Rusinowitch (INRIA Lorraine, France) Dr. Luca Spalazzi (Universita' Politecnica delle Marche, Italy) Pr. Pascal Urien (ENST, France) Important Dates: Extended Paper Submission Deadline: --------------------- February 7, 2006 Notification of Acceptance: ----------------------------- February 23, 2006 Registration & Camera-Ready Paper Due: ------------------ March 10, 2006 For information or questions about the workshop and the paper submission procedure, please contact the Workshop organizers. For information or questions about Symposium's paper submission, tutorials, exhibits, demos, panel and special sessions organization, please consult the conference web site at URL: http://www.engr.udayton.edu/faculty/wsmari/cts06/ or contact the symposium co-chairs: Bill McQuay at AFRL/IFSD, WPAFB (William.McQuay@wpafb.af.mil) or Waleed W. Smari at the Dept. of Electrical and Computer Engineering, University of Dayton (Waleed.Smari@notes.udayton.edu).