10th IEEE Computer Security Foundations Workshop June 10-12, 1997 Rockport, Massachusetts, USA Sponsored by the IEEE Computer Society --------------- Technical Programme Tuesday, June 10 ================ 8:50-9:00 Welcome Simon Foley (Program Chair) & Jonathan Millen (General Chair). 9:00-10:30 Session 1: Protocol Checking in CSP Chair: Roberto Gorrieri Verifying Authentication Protocols with CSP Steve Schneider (University of London, UK). Casper: A Compiler for the Analysis of Security Protocols Gavin Lowe (University of Leicester, UK). A Hierarchy of Authentication Specifications Gavin Lowe (University of Leicester, UK). 10:30-11:00 Coffeebreak 11:00-12:00 Session 2: Protocol Engineering Chair: Paul Syverson Provable Security for Cryptographic Protocols---Exact Analysis and Engineering Applications. James Gray III and Kin Fai Epsilon Ip (HK University of S&T, Hong Kong) Strategies Against Replay Attacks Tuomas Aura (Helsinki University of Technology, Finland). 12:00-14:00 Lunch 14:00-15:30 Session 3: Protocol Verification in Higher Order Logic Chair: Michael Merritt Proving Properties of Security Protocols by Induction Lawrence C. Paulson (University of Cambridge, UK). Mechanized Proofs for a Recursive Authentication Protocol Lawrence C. Paulson (University of Cambridge, UK). 15:00-15:30 Coffeebreak 15:30-17:30 Panel 1: Languages for Formal Specification of Cryptographic Protocols Moderator: Catherine Meadows (Naval Research Laboratory, USA). Panel Members: Martin Abadi (DEC Systems Research Center, USA); Steve Brackin (Arca, USA); Gavin Lowe (University of Leicester, UK), and Jonathan Millen (MITRE, USA). 18:30-21:30 Dinner Wednesday, June 11, 1997 ======================== 9:00-10:30 Session 4: Distributed System Security Chair: Li Gong On SDSI's Linked Local Name Spaces Martin Abadi (DEC Systems Research Center, USA). A Different Look at Secure Distributed Computation Paul F Syverson (Naval Research Laboratory, USA). Unreliable Intrusion Detection in Distributed Computations Dahlia Malkhi and Michael Reiter (AT&T Labs, USA). 10:30-11:00 Coffeebreak 11:00-12:00 Session 5: Protocol Applications Chair: Peter Ryan An Efficient Non-repudiation Protocotol Jianying Zhou and Dieter Gollmann (University of London, UK). Towards the Formal Verification of Electronic Commerce Protocols Dominique Bolignano (GIE Dyade, France). 12:00-14:00 Lunch 14:00-15:00 Session 6: Information Flow Chair: Stewart Lee A Theory for System Security Kan Zhang (University of Cambridge, UK). Minimizing Covert Flows with Minimum Typings Geoffrey Smith (Florida International University, USA) and Dennis Volpano (Naval Postgraduate School, USA). 15:00-15:30 Coffeebreak 15:30-17:30 Panel 2: The Computer Security Foundations Workshop: ten years on and ten years ahead. Moderator: Jane Sinclair (Open University, UK). Panel Members: Li Gong (JavaSoft, USA), John McLean(Naval Research Laboratory, USA), Jonathan Millen (MITRE, USA), Peter Ryan (Defense Research Agency, UK). 18:30-21:30 Dinner Thursday, June 12, 1997 ======================= 9:00-10:30 Session 7: Security Policies Chair: John McLean A Logic Based Approach for the Transformation of Authorization Policies Yun Bai and Vijay Varadharajan (University of W. Sidney, Australia). Separation of Duty in Role-based Environments Rich Simon and Mary Ellen Zurko (Open Group Research Institute, USA). Security Engineering of Lattice-Based Policies Ciaran Bryce (GMD, Germany) 10:30-11:00 Coffeebreak 11:00-12:00 Business Meeting.