Steve Schneider

Bio: Steve Schneider is an academic researcher from University of Surrey. The author has contributed to research in topics: Voting & Cryptographic protocol. The author has an hindex of 38, co-authored 197 publications receiving 7013 citations. Previous affiliations of Steve Schneider include University of Oxford & University of London.

Concurrent and Real-time Systems: The CSP Approach

Abstract: From the Publisher: The CSP approach has been widely used in the specification, analysis and verification of concurrent and real-time systems, and for understanding the particular issues that can arise when concurrency is present. It provides a language which enables specifications and designs to be clearly expressed and understood, together with a supporting theory which allows them to be analyzed and shown to be correct. This book supports advanced level courses on concurrency covering timed and untimed CSP. The first half introduces the language of CSP, the primary semantic models (traces, failures, divergences and infinite traces), and their use in the modelling, analysis and verification of concurrent systems. The second half of the book introduces time into the language, brings in the timed semantic model (timed failures) and finally presents the theory of timewise refinement which links the two halves together. Containing the following: -Exercises and solutions -Instructors resources - Example CSP programs to run on FDR and ProBe -Links to useful sites Partial Contents: Part I: The Language of CSP; Sequential Processes; Concurrency; Abstraction and Control Flow; Part II: Analyzing Processes; Traces; Specification and Verification with Traces; Stable Failures; Specification and Verification with Failures; Failures, Divergences, and Infinite Traces; Part III: Introducing Time; The Timed Language; Timed transition systems; Part IV: Timed Analysis; Semantics of Timed CSP; Timed Specification and Verification; Timewise Refinement; Appendix A: Event-based Time; A.1 Standard CSP and $tock$; A.2 Translating from Timed CSP; A.3 Notes; Appendix B:Model-checking with FDR; B.1 Interacting with FDR; B.2 How FDR Checks Refinement; B.3 Machine readable CSP; Index of Processes.

A practical voter-verifiable election scheme

Abstract: We present an election scheme designed to allow voters to verify that their vote is accurately included in the count. The scheme provides a high degree of transparency whilst ensuring the secrecy of votes. Assurance is derived from close auditing of all the steps of the vote recording and counting process with minimal dependence on the system components. Thus, assurance arises from verification of the election rather than having to place trust in the correct behaviour of components of the voting system. The scheme also seeks to make the voter interface as familiar as possible.

Modelling and analysis of security protocols

Abstract: This is the definitive technical reference to security protocols: their goals, mechanisms, properties, and especially their vulnerabilities.

The modelling and analysis of security protocols: the csp approach

Abstract: Security protocols are one of the most critical elements in enabling the secure communication and processing of information, ensuring its confidentiality, integrity, authenticity and availability. These protocols are vulnerable to a host of subtle attacks, so designing protocols to be impervious to such attacks has proved to be extremely challenging and error prone.This book provides a thorough and detailed understanding of one of the most effective approaches to the design and evaluation of security critical systems, describing the role of security protocols in distributed secure systems and the vulnerabilities to which they are prey.The authors introduce security protocols, the role they play and the cryptographic mechanisms they employ, and detail their role in security architectures, e-commerce, e-cash etc. Precise characterizations of key concepts in information security, such as confidentiality, authentication and integrity are introduced and a range of tools and techniques are described which will ensure that a protocol guarantees certain security services under appropriate assumptions.Modeling and Analysis of Security Protocols provides: An in-depth discussion of the nature and role of security protocols and their vulnerabilities. A rigorous framework in which security protocols and properties can be defined in detail. An understanding of the tools and techniques used to design and evaluate security protocols.

Security properties and CSP

Abstract: Security properties such as confidentiality and authenticity may be considered in terms of the flow of messages within a network. To the extent that this characterisation is justified, the use of a process algebra such as Communicating Sequential Processes (CSP) seems appropriate to describe and analyse them. This paper explores ways in which security properties may be described as CSP specifications, how security mechanisms may be captured, and how particular protocols designed to provide these properties may be analysed within the CSP framework. The paper is concerned with the theoretical basis for such analysis. A sketch verification of a simple example is carried out as an illustration.

Universally composable security: a new paradigm for cryptographic protocols

Abstract: We propose a novel paradigm for defining security of cryptographic protocols, called universally composable security. The salient property of universally composable definitions of security is that they guarantee security even when a secure protocol is composed of an arbitrary set of protocols, or more generally when the protocol is used as a component of an arbitrary system. This is an essential property for maintaining security of cryptographic protocols in complex and unpredictable environments such as the Internet. In particular, universally composable definitions guarantee security even when an unbounded number of protocol instances are executed concurrently in an adversarially controlled manner, they guarantee non-malleability with respect to arbitrary protocols, and more. We show how to formulate universally composable definitions of security for practically any cryptographic task. Furthermore, we demonstrate that practically any such definition can be realized using known techniques, as long as only a minority of the participants are corrupted. We then proceed to formulate universally composable definitions of a wide array of cryptographic tasks, including authenticated and secure communication, key-exchange, public-key encryption, signature, commitment, oblivious transfer, zero knowledge and more. We also make initial steps towards studying the realizability of the proposed definitions in various settings.

Language-based information-flow security

Abstract: Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow. Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies. Previously, a promising new approach has been developed: the use of programming-language techniques for specifying and enforcing information-flow policies. In this paper, we survey the past three decades of research on information-flow security, particularly focusing on work that uses static program analysis to enforce information-flow policies. We give a structured view of work in the area and identify some important open challenges.

The Theory and Practice of Concurrency

Abstract: From the Publisher: Since the introduction of Hoares' Communicating Sequential Processes notation, powerful new tools have transformed CSP into a practical way of describing industrial-sized problems. This book gives you the fundamental grasp of CSP concepts you'll need to take advantage of those tools.Part I provides a detailed foundation for working with CSP, using as little mathematics as possible. It introduces the ideas behind operational, denotational and algebraic models of CSP. Parts II and III go into greater detail about theory and practice. Topics include: parallel operators, hiding and renaming, piping and enslavement, buffers and communication, termination and sequencing, and semantic theory. Three detailed practical case studies are also presented.For anyone interested in modeling sequential processes.

Software Abstractions: Logic, Language, and Analysis

Abstract: In Software Abstractions Daniel Jackson introduces an approach to software design that draws on traditional formal methods but exploits automated tools to find flaws as early as possible. This approach--which Jackson calls "lightweight formal methods" or "agile modeling"--takes from formal specification the idea of a precise and expressive notation based on a tiny core of simple and robust concepts but replaces conventional analysis based on theorem proving with a fully automated analysis that gives designers immediate feedback. Jackson has developed Alloy, a language that captures the essence of software abstractions simply and succinctly, using a minimal toolkit of mathematical notions. This revised edition updates the text, examples, and appendixes to be fully compatible with the latest version of Alloy (Alloy 4). The designer can use automated analysis not only to correct errors but also to make models that are more precise and elegant. This approach, Jackson says, can rescue designers from "the tarpit of implementation technologies" and return them to thinking deeply about underlying concepts. Software Abstractions introduces the key elements: a logic, which provides the building blocks of the language; a language, which adds a small amount of syntax to the logic for structuring descriptions; and an analysis, a form of constraint solving that offers both simulation (generating sample states and executions) and checking (finding counterexamples to claimed properties).

A calculus for cryptographic protocols: the spi calculus

Abstract: We introduce the spi calculus, an extension of the pi calculus designed for describing and analyzing cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication protocols. The pi calculus (without extension) suffices for some abstract protocols; the spi calculus enables us to consider cryptographic issues in more detail. We represent protocols as processes in the spi calculus and state their security properties in terms of coarse-grained notions of protocol equivalence. ] 1999 Academic Press