Rick Smith at Secure Computing [EMAIL PROTECTED] writes:
At 09:00 AM 11/1/2001, Roop Mukherjee wrote:
Can someone offer some criticism of the practice formal verification in
general ?
Okay, I'll grab this hot potato.
I may as well speak up as well then... I spent most of a chapter of my thesis
Also see the National Research Council report Trust in Cyberspace (I
served on that committee). The section on formal methods can be found
at http://www.nap.edu/readingroom/books/trust/trust-3.htm#Page 95
(yes, there's a blank in the URL...)
--Steve Bellovin,
At 09:00 AM 11/1/2001, Roop Mukherjee wrote:
Can someone offer some criticism of the practice formal verification in
general ?
Okay, I'll grab this hot potato.
There are a few cases where a commercial development organization performs
formal verification, which would seem to indicate that it
I have being trying to read about formally proving security protocols. I
have seen the work of Needham, Paulson et. al., Meadows among others.
I was wondering if anyone here has seen a comparison between these
approaches to evaluate things like ease of use and effectiveness. I mean
something
no
comprehensive work on the literature.
best,
Ariel
Roop Mukherjee wrote:
I have being trying to read about formally proving security protocols. I
have seen the work of Needham, Paulson et. al., Meadows among others.
I was wondering if anyone here has seen a comparison between
I have been trying to read about formally proving security
protocols. ... I was wondering if anyone here has seen a
comparison between these approaches to evaluate things like
ease of use and effectiveness.
5 years ago, i saw meadows give an interesting talk,
comparing the various state
Might try,
Modelling and Analysis of Security Protocols
P. Ryan, S. Schneider
ISBN 0-201-67471-8
Can't say it has exactly what you're looking for though.
On Thu, 1 Nov 2001, Roop Mukherjee wrote:
I have being trying to read about formally proving security protocols. I
have seen the work