D. Akhawe, A. Barth, P. Lam, J. Mitchell, and D. Song, Towards a Formal Foundation of Web Security, 2010 23rd IEEE Computer Security Foundations Symposium, pp.23-290, 2010.
DOI : 10.1109/CSF.2010.27

A. Armando, W. Arsac, T. Avanesov, M. Barletta, A. Calvi et al., The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures, Tools and Algorithms for the Construction and Analysis of Systems, pp.267-282, 2012.
DOI : 10.1007/978-3-642-28756-5_19
URL : https://hal.archives-ouvertes.fr/hal-00759725

M. Büchler, J. Oudinet, and A. Pretschner, SPaCiTE -- Web Application Testing Engine, 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation, pp.858-859, 2012.
DOI : 10.1109/ICST.2012.187

A. C. Dias-neto, R. Subramanyan, M. Vieira, and G. H. Travassos, A Survey on Modelbased Testing Approaches: A Systematic Review, WEASELTech '07, pp.31-36, 2007.

D. Dolev and A. Yao, On the Security of Public-Key Protocols, IEEE Transactions on Information Theory, vol.2, issue.29, 1983.

A. Doupé, M. Cova, and G. Vigna, Why Johnny Can???t Pentest: An Analysis of Black-Box Web Vulnerability Scanners, Detection of Intrusions and Malware, and Vulnerability Assessment, pp.111-131, 2010.
DOI : 10.1007/978-3-642-14215-4_7

D. Jackson, Software Abstractions: Logic, Language, and Analysis, 2012.

R. Schemers and R. Allbery, WebAuth v3 technical specification, 2009.

T. Thornburgh, Social engineering, Proceedings of the 1st annual conference on Information security curriculum development , InfoSecCD '04, pp.133-135, 2004.
DOI : 10.1145/1059524.1059554

T. Tidwell, R. Larson, K. Fitch, and J. Hale, Modeling Internet Attacks, Proceedings of the 2001 IEEE Workshop on Information Assurance and security, 2001.

D. Oheimb and S. Mödersheim, ASLan++ ??? A Formal Security Specification Language for Distributed Systems, LNCS, vol.24, issue.5, pp.1-22, 2010.
DOI : 10.1007/978-3-540-70545-1_38