, A calculus for cryptographic protocols, Proceedings of the 4th ACM conference on Computer and communications security , CCS '97, pp.36-47, 1997.
DOI : 10.1145/266420.266432
, Security vulnerability categories in major software systems, Proceedings of the Third IASTED International Conference on Communication, Network, and Information Security, pp.138-143, 2006.
, Why information security is hard - an economic perspective, Seventeenth Annual Computer Security Applications Conference, pp.358-365, 2001.
DOI : 10.1109/ACSAC.2001.991552
, A Privacy-Aware Conceptual Model for Handling Personal Data, these proceedings
DOI : 10.1007/978-3-319-31456-3_12
, Principles of model checking, 2008.
, Complete Guide to Internet Privacy, Anonymity & Security. Nerel, 2011.
, Formal certification of code-based cryptographic proofs, ACM SIGPLAN Notices, vol.44, issue.1, pp.90-101, 2009.
DOI : 10.1145/1594834.1480894
, Uppaal ? a Tool Suite for Automatic Verification of Real?Time Systems, Proc. of Workshop on Verification and Control of Hybrid Systems III, number 1066 in Lecture Notes in Computer Science, pp.232-243, 1995.
, Quantifying information leakage of randomized protocols, Theoretical Computer Science, vol.597, pp.62-87, 2015.
DOI : 10.1016/j.tcs.2015.07.034
URL : https://hal.archives-ouvertes.fr/hal-01242614
, QUAIL: A Quantitative Security Analyzer for Imperative Code, Computer Aided Verification -25th International Conference, CAV 2013 Proceedings, pp.702-707, 2013.
DOI : 10.1007/978-3-642-39799-8_49
URL : https://hal.archives-ouvertes.fr/hal-01242615
, Computer Security Handbook, 2002.
, Quantitative Notions of Leakage for One-try Attacks, Electronic Notes in Theoretical Computer Science, vol.249, pp.75-91, 2009.
DOI : 10.1016/j.entcs.2009.07.085
URL : https://hal.archives-ouvertes.fr/inria-00424852
, A logic of authentication, Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences, pp.233-271, 1989.
, Automatic verification of finite-state concurrent systems using temporal logic specifications, ACM Transactions on Programming Languages and Systems, vol.8, issue.2, pp.244-263, 1986.
DOI : 10.1145/5397.5399
, A lattice model of secure information flow, Communications of the ACM, vol.19, issue.5, pp.236-243, 1976.
DOI : 10.1145/360051.360056
, The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities, 2006.
, Differential privacy models for location-based services, these proceedings
URL : https://hal.archives-ouvertes.fr/hal-01418136
, Cryptography Engineering: Design Principles and Practical Applications, 2010.
DOI : 10.1002/9781118722367
, Non Interference for the Analysis of Cryptographic Protocols, International Colloquium on Automata, Languages, and Programming, pp.354-372, 2000.
DOI : 10.1007/3-540-45022-X_31
, Attack Surfaces: A Taxonomy for Attacks on Cloud Services, 2010 IEEE 3rd International Conference on Cloud Computing, pp.276-279, 2010.
DOI : 10.1109/CLOUD.2010.23
, Quantifying information leaks in software, Proceedings of the 26th Annual Computer Security Applications Conference on, ACSAC '10, pp.261-269, 2010.
DOI : 10.1145/1920261.1920300
, The model checker SPIN, IEEE Transactions on Software Engineering, vol.23, issue.5, 2003.
DOI : 10.1109/32.588521
, Attack surface: Mitigate security risks by minimizing the code you expose to untrusted users, MSDN Magazine, 2004.
, A Platform for High Performance Statistical Model Checking ??? PLASMA, TACAS 2012 -18th International Conference Tools and Algorithms for the Construction and Analysis of Systems, pp.498-503, 2012.
DOI : 10.1007/978-3-642-28756-5_37
URL : https://hal.archives-ouvertes.fr/hal-01087824
, Automated verification of equivalence properties for cryptographic protocols, these proceedings
, Formal Models for Computer Security, ACM Computing Surveys, vol.13, issue.3, pp.247-278, 1981.
DOI : 10.1145/356850.356852
, Algebraic foundations for quantitative information flow, Mathematical Structures in Computer Science, vol.253, issue.02, pp.404-428, 2015.
DOI : 10.1007/978-3-642-13678-8_3
, Information Leakage Analysis of Complex C Code and Its application to OpenSSL, these proceedings
DOI : 10.1007/978-3-319-47166-2_63
, Formal methods for cryptographic protocol analysis: emerging issues and trends, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.44-54, 2003.
DOI : 10.1109/JSAC.2002.806125
, Integrated Modeling Workflow for Security Assurance, these proceedings
DOI : 10.1007/978-3-319-47166-2_64
, Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software, 2005.
, A structured approach to computer security, p.33, 1992.
, Comparative Analysis of Formal Model Checking Tools for Security Protocol Verification, pp.152-163, 2010.
DOI : 10.1007/978-3-642-14478-3_16
, Anonymous Communication Networks: Protecting Privacy on the Web, 2014.
DOI : 10.1201/b16756
, The temporal logic of programs, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977), pp.46-57, 1977.
DOI : 10.1109/SFCS.1977.32
, Guaranteeing Privacy-Observing Data Exchange, these proceedings
DOI : 10.1007/978-3-319-47166-2_66
, A large scale study of programming languages and code quality in github, Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2014, pp.155-165, 2014.
DOI : 10.1145/2635868.2635922
, Process algebra and non-interference, Journal of Computer Security, vol.9, issue.1-2, pp.75-103, 2001.
DOI : 10.3233/JCS-2001-91-204
, A Model-Based Approach to Secure Multiparty Distributed Systems, these proceedings
DOI : 10.1007/978-3-319-28934-2_6
, Sp 800-123. guide to general server security, 2008.
, A structured approach to classifying security vulnerabilities, 2005.
, On the foundations of quantitative information flow Held as Part of the Joint European Conferences on Theory and Practice of Software, Foundations of Software Science and Computational Structures, 12th International Conference Proceedings, volume 5504 of Lecture Notes in Computer Science, pp.288-302, 2009.
, Cloud computing security issues and challenges, International Journal of Computer Networks, vol.3, issue.5, 2011.
, BitBlaze: A New Approach to Computer Security via Binary Analysis, International Conference on Information Systems Security, pp.1-25, 2008.
DOI : 10.1007/978-3-540-73368-3_52
, Precisely Measuring Quantitative Information Flow: 10K Lines of Code and Beyond, 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp.31-46, 2016.
DOI : 10.1109/EuroSP.2016.15
, A taxonomy for information security technologies, Computers & Security, vol.22, issue.4, pp.299-307, 2003.
DOI : 10.1016/S0167-4048(03)00406-1
, Model checking programs, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering, pp.203-232, 2003.
DOI : 10.1109/ASE.2000.873645