• Publications
  • Influence
Constraint solving for bounded-process cryptographic protocol analysis
The reachability problem for cryptographic protocols with non-atomic keys can be solved via a simple constraint satisfaction procedure.
CAPSL: Common Authentication Protocol Specification Language
  • J. Millen
  • Computer Science
  • NSPW '96
  • 17 September 1996
TLDR
It is hoped that proponents of different analysis techniques will offer algorithms for compiling this language into whatever form they require, to go a long way toward ensuring that the assumptions made by different techniques, as well as the analysis results, are comparable. Expand
Covert Channel Capacity
  • J. Millen
  • Computer Science
  • IEEE Symposium on Security and Privacy
  • 27 April 1987
TLDR
This paper establishes a connection between Shannon's theory of communication and information flow models, such as the Goguen-Meseguer model, that view a reference monitor as a state-transition automaton that takes the channel associated with a machine and a compromise policy as a measure of covert channel information rate. Expand
A resource allocation model for denial of service
  • J. Millen
  • Computer Science
  • Proceedings IEEE Computer Society Symposium on…
  • 4 May 1992
A denial-of-service protection base (DPB) is characterized as a resource monitor closely related to a TCB, supporting a waiting-time policy for benign processes. Resource monitor algorithms andExpand
Protocol-independent secrecy
  • J. Millen, H. Ruess
  • Computer Science
  • Proceeding IEEE Symposium on Security and…
  • 14 May 2000
TLDR
The secrecy theorem encapsulates the use of induction so that the discharge of protocol-specific proof obligations is reduced to first-order reasoning. Expand
The Interrogator: Protocol Secuity Analysis
TLDR
The Interrogator is a Prolog program that searches for security vulnerabilities in network protocols for automatic cryptographic key distribution, and has been able to rediscover a known vulnerability in a published protocol. Expand
Security for object-oriented database systems
  • J. Millen, T. Lunt
  • Computer Science
  • Proceedings IEEE Computer Society Symposium on…
  • 4 May 1992
TLDR
It is shown how typical database security and integrity policies can be supported by this model, with special attention to inference problems and integrity constraints. Expand
Principles of remote attestation
TLDR
Virtualized platforms, which are increasingly well supported on stock hardware, provide a natural basis for the architecture for attestation guided by five central principles. Expand
20 years of covert channel modeling and analysis
  • J. Millen
  • Computer Science
  • Proceedings of the IEEE Symposium on Security…
  • 9 May 1999
TLDR
The article traces the history of covert channel modeling from 1980 to the present, by tracing the low-order two bits of each pixel in a picture for your secret message, since no one would notice if they were changed. Expand
CAPSL integrated protocol environment
  • G. Denker, J. Millen
  • Computer Science
  • Proceedings DARPA Information Survivability…
  • 25 January 2000
TLDR
Connectors are being written to adapt CIL to supply input to different security analysis tools, including PVS for inductive verification and Maude for model-checking. Expand
...
1
2
3
4
5
...