Security protocols are widely used to ensure secure communications over insecure networks, such as the internet or airwaves. These protocols use strong cryptography to prevent intruders from reading or modifying the messages. However, using cryptography is not enough to ensure their correctness. Combined with their typical small size, which suggests that one could easily assess their correctness, this often results in incorrectly designed protocols.

The authors present a methodology for formally describing security protocols and their environment. This methodology includes a model for describing protocols, their execution model, and the intruder model. The models are extended with a number of well-defined security properties, which capture the notions of correct protocols, and secrecy of data. The methodology can be used to prove that protocols satisfy these properties. Based on the model they have developed a tool set called Scyther that can automatically find attacks on security protocols or prove their correctness. In case studies they show the application of the methodology as well as the effectiveness of the analysis tool.

The methodology s strong mathematical basis, the strong separation of concerns in the model, and the accompanying tool set make it ideally suited both for researchers and graduate students of information security or formal methods and for advanced professionals designing critical security protocols.

"

This book constitutes revised selected papers from the 4th International Workshop on Graphical Models for Security, GraMSec 2017, held in Santa Barbara, CA, USA, in August 2017. The 5 full and 4 short papers presented in this volume were carefully reviewed and selected from 19 submissions. The book also contains one invited paper from the WISER project. The contributions deal with the latest research and developments on graphical models for security.

This book constitutes the refereed proceedings of the 10th International Workshop on Security and Trust Management, STM 2014, held in Wroclaw, Poland, in September 2014, in conjunction with the 19th European Symposium Research in Computer Security, ESORICS 2014. The 11 revised full papers were carefully reviewed and selected from 29 submissions and cover topics as access control, data protection, digital rights, security and trust policies, security and trust in social networks.

This book contains the proceedings of the 5th European Public Key Infrastr- ture Workshop: Theory and Practice, EuroPKI 2008, which was held on the NTNU campus Gloshaugen in Trondheim, Norway, in June 2008. The EuroPKI workshop series focuses on all research and practice aspects of public key infrastructures, services and applications, and welcomes original research papers and excellent survey contributions from academia, government, and industry. Simplyput, publickeysareeasiertodistributethansecretkeys.Nevertheless, constructing e?ective, practical, secure and low cost means for assuring auth- ticity and validity of public keys used in large-scale networked services remains both a technological and organizational challenge. In a nutshell, this is the PKI problem, and the papers presented herein propose new solutions and insight for these questions. This volume holds 16 refereedpapers including the presentationpaper by the invited speaker P. Landrock. In response to the EuroPKI 2008 call for papers, a total of 37 paper proposalswere received. All submissions underwenta thorough blind review by at least three PC members, resulting in a careful selection and revision of the accepted papers. The authors came from 10 countries: Belgium, Brazil, Canada, Finland, Germany, Japan, Malaysia, Norway, Spain, and the USA.Theacceptedpaperswereorganizedintothe topicalsessions: InvitedTalk, Certi?cates, Authentication, Practice, Signatures, Analysis, and Networks.

This volume contains the proceedings of the 10th International Conference on Concurrency Theory (CONCUR'99) held in Eindhoven, The Netherlands, 24-27 August 1999. ThepurposeoftheCONCURconferencesistobringtogetherresearchers, - velopersandstudentsinordertoadvancethetheoryofconcurrencyandpromote its applications. Interest in this topic is continuously growing, as a consequence oftheimportanceandubiquityofconcurrentsystemsandtheirapplications, and of the scienti?c relevance of their foundations. The scope of CONCUR'99 covers all areas of semantics, logics and veri?cation techniques for concurrent systems. A list of speci?c topics includes (but is not limited to) concurrency-related - pects of: models of computation and semantic domains, process algebras, Petri nets, event structures, real-time systems, hybrid systems, stochastic systems, - cidability, model-checking, veri?cation techniques, re?nement techniques, term and graph rewriting, distributed programming, logic constraint programming, object-oriented programming, typing systems and algorithms, case studies, and tools and environments for programming and veri?cation. The ?rst two CONCUR conferences were held in Amsterdam (NL) in 1990 and 1991, the following ones in Stony Brook (USA), Hildesheim (D), Uppsala (S), Philadelphia (USA), Pisa (I), Warsaw (PL) and Nice (F). The proceedings have appeared in Springer LNCS, as Volumes 458, 527, 630, 715, 836, 962, 1119, 1243, and 1466.

This book constitutes the proceedings of the 15th International Workshop on Security and Trust Management, STM 2019, held in Luxembourg City, Luxembourg, in September 2019, and co-located with the 24th European Symposium Research in Computer Security, ESORICS 2019. The 9 full papers and 1 short paper were carefully reviewed and selected from 23 submissions. The papers present novel research on all theoretical and practical aspects of security and trust in ICTs.

This volume constitutes the thoroughly refereed post-conference proceedings of the Second International Workshop on Graphical Models for Security, GraMSec 2015, held in Verona, Italy, in July 2015.The 5 revised full papers presented together with one short tool paper and one invited lecture were carefully reviewed and selected from 13 submissions. The workshop contributes to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage, thus providing an intuitive but systematic methodology to analyze security weaknesses of systems and to evaluate potential protection measures.