testo

Working Group of IFIP TC1 on

Theoretical Foundations of Security Analysis and Design

Prepared by Roberto Gorrieri November, 1998

MOTIVATION

Security is a fast growing area of Computer Science, with increasing relevance to real life applications such as internet transactions and electronic commerce. Theoretical foundations for the analysis (or the design) of security aspects of these applications are badly needed in order to validate and prove (or guarantee) their correctness.

AIMS

To investigate the theoretical foundations of security as an independent discipline with firm grounds in logic, semantics and complexity.
To discover and promote new areas of application of theoretical techniques in computer security.
To provide a platform for presenting and discussing emerging ideas and trends.
To strengthen research efforts in current and emerging applications of formal methods and related approaches to the design and analysis of secure systems and applications.
To make formal methods amenable to the security practicioners, hence increasing awareness of formal verification techniques for security in the computer science community at large.
To support and promote the systematic use of formal techniques in the development of security related applications.
To encourage researchers, especially younger ones, to enter this field.
To promote or support the organization of meetings in this and related areas.
To provide a clearinghouse for dissemination of information and publications, also with industry.

SCOPE

The main research topics relevant for the Working Group include:

formal definition and verification of the various aspects of security: confidentiality, integrity, authentication and availability;
new theoretically-based techniques for the formal analysis and design of cryptographic protocols and their manifold applications (e.g., electronic commerce);
information flow modelling and its application to the theory of confidentiality policies, composition of systems, and covert channel analysis;
formal techniques for the analysis and verification of mobile code;
formal analysis and design for prevention of denial of service.

Hence, the scope of the Working Group encompasses all aspects of the fundamental mathematical theory of system specification and verification, which shares with TC1 the basic fields of logic (first-order logic, temporal logic, epistemic logic), semantics (static analysis, type theory), formal methods and related approaches (model-checking, theorem-proving, process algebra) and complexity. With TC2 the WG has a scope intersection with formal models of software concepts and also shares some basic techniques; nonetheless, the focus in this WG is not on advances in the software development process, rather on developing a theory of security, nowadays simply absent.

With TC11 (the IFIP Technical Committee on Security and Protection in Information Processing Systems) the Working Group shares the application domain, even if there the focus is mainly on applications and professional aspects of managing secure information systems. Potential collaboration with TC2 and TC11 to reach some of the aims listed above will be discussed.

MEMBERSHIP

The following is the list of initial members:

Abadi, Martin (USA)
Bolignano, Dominique (France)
Boyd, Colin (Australia)
Degano, Pierpaolo (Italy)
Focardi, Riccardo (Italy)
Foley, Simon (Ireland)
Gollman, Dieter (UK)
Gong, Li (USA)
Gorrieri, Roberto (Italy)
Guttman, Joshua (USA)
Jonsson, Bengt (Sweden)
Leduc, Guy (Belgium)
Lowe, Gavin (UK)
Maurer, Ueli (CH)
Meadows, Catherine (USA)
Millen, Jonathan (USA)
Mitchell, John (USA)
Moses, Yoram (Israel)
Syverson, Paul (USA)
Yahalom, Raphael (USA/Israel)
Yung, Moti (USA)

Back to the IFIP WG 1.7 Home page