David Basin
YOU?
Author Swipe
View article: Looping for Good: Cyclic Proofs for Security Protocols
Looping for Good: Cyclic Proofs for Security Protocols Open
View article: Protocols to Code: Formal Verification of a Secure Next-Generation Internet Router
Protocols to Code: Formal Verification of a Secure Next-Generation Internet Router Open
View article: Testing Graph Databases with Synthesized Queries
Testing Graph Databases with Synthesized Queries Open
Graph databases (GDBs) are increasingly used in many applications. However, their advanced features make them prone to logic bugs. Despite advances in GDB testing, a common limitation of current approaches is the lack of ground truth for t…
View article: It Takes a Village: Bridging the Gaps between Current and Formal Specifications for Protocols
It Takes a Village: Bridging the Gaps between Current and Formal Specifications for Protocols Open
Formal specifications have numerous benefits for both designers and users of network protocols. They provide clear, unambiguous representations, which are useful as documentation and for testing. They can help reveal disagreements about wh…
View article: SoK: Attacks on Modern Card Payments
SoK: Attacks on Modern Card Payments Open
EMV is the global standard for smart card payments and its NFC-based version, EMV contactless, is widely used, also for mobile payments. In this systematization of knowledge, we examine attacks on the EMV contactless protocol. We provide a…
View article: Reachability Analysis of the Domain Name System
Reachability Analysis of the Domain Name System Open
The high complexity of DNS poses unique challenges for ensuring its security and reliability. Despite continuous advances in DNS testing, monitoring, and verification, protocol-level defects still give rise to numerous bugs and attacks. In…
View article: Scaling Up Proactive Enforcement
Scaling Up Proactive Enforcement Open
Runtime enforcers receive events from a system and output commands ensuring the system’s policy compliance. Proactive enforcers extend traditional (reactive) enforcers by emitting commands at any time, rather only as a response to system a…
View article: Pushing the Limit: Verified Performance-Optimal Causally-Consistent Database Transactions
Pushing the Limit: Verified Performance-Optimal Causally-Consistent Database Transactions Open
Modern web services crucially rely on high-performance distributed databases, where concurrent transactions are isolated from each other using concurrency control protocols. Relaxed isolation levels, which permit more complex concurrent be…
View article: Pushing the Limit: Verified Performance-Optimal Causally-Consistent Database Transactions
Pushing the Limit: Verified Performance-Optimal Causally-Consistent Database Transactions Open
Modern web services crucially rely on high-performance distributed databases, where concurrent transactions are isolated from each other using concurrency control protocols. Relaxed isolation levels, which permit more complex concurrent be…
View article: Plume: Efficient and Complete Black-Box Checking of Weak Isolation Levels
Plume: Efficient and Complete Black-Box Checking of Weak Isolation Levels Open
Modern databases embrace weak isolation levels to cater for highly available transactions. However, weak isolation bugs have recently manifested in many production databases. This raises the concern of whether database implementations actu…
View article: Getting Chip Card Payments Right
Getting Chip Card Payments Right Open
EMV is the international protocol standard for smart card payments and is used in billions of payment cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws t…
View article: Specifying and Verifying Information Flow Control in SELinux Configurations
Specifying and Verifying Information Flow Control in SELinux Configurations Open
Security Enhanced Linux (SELinux) is a security architecture for Linux implementing Mandatory Access Control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. However, its application is chall…
View article: IsoVista: Black-Box Checking Database Isolation Guarantees
IsoVista: Black-Box Checking Database Isolation Guarantees Open
Transactional isolation is critical to the functional correctness of database management systems (DBMSs). Much effort has recently been devoted to finding isolation bugs and validating isolation fulfilment in production DBMSs. However, the…
View article: Protocols to Code: Formal Verification of a Next-Generation Internet Router
Protocols to Code: Formal Verification of a Next-Generation Internet Router Open
We present the first formally-verified Internet router, which is part of the SCION Internet architecture. SCION routers run a cryptographic protocol for secure packet forwarding in an adversarial environment. We verify both the protocol's …
View article: Automating Website Registration for Studying GDPR Compliance
Automating Website Registration for Studying GDPR Compliance Open
660k websites from Tranco 1M 25.7% found registration form 23.6% errors 50.7% no form 5.2% of forms are insecure 22.8% of forms submitted successfully 33.9k websites send us emails 12 605 (37.2%) potentially non-compliant senders Automated…
View article: NOC-NOC: Towards Performance-optimal Distributed Transactions
NOC-NOC: Towards Performance-optimal Distributed Transactions Open
Substantial research efforts have been devoted to studying the performance optimality problem for distributed database transactions. However, they focus just on optimizing transactional reads, and thus overlook crucial factors, such as the…
View article: SOAP: A Social Authentication Protocol
SOAP: A Social Authentication Protocol Open
Social authentication has been suggested as a usable authentication ceremony to replace manual key authentication in messaging applications. Using social authentication, chat partners authenticate their peers using digital identities manag…
View article: Enforcing the GDPR
Enforcing the GDPR Open
View article: Proactive Real-Time First-Order Enforcement
Proactive Real-Time First-Order Enforcement Open
Modern software systems must comply with increasingly complex regulations in domains ranging from industrial automation to data protection. Runtime enforcement addresses this challenge by empowering systems to not only observe, but also ac…
View article: Efficient Evaluation of Arbitrary Relational Calculus Queries
Efficient Evaluation of Arbitrary Relational Calculus Queries Open
The relational calculus (RC) is a concise, declarative query language. However, existing RC query evaluation approaches are inefficient and often deviate from established algorithms based on finite tables used in database management system…
View article: SealClub: Computer-aided Paper Document Authentication
SealClub: Computer-aided Paper Document Authentication Open
Paper documents, where digital signatures are not directly applicable, are still widely utilized due to usability and legal reasons. We propose a novel approach to authenticating paper documents by taking short videos of them with smartpho…
View article: Is Modeling Access Control Worth It?
Is Modeling Access Control Worth It? Open
Implementing access control policies is an error-prone task that can have severe consequences for the security of software applications. Model-driven approaches have been proposed in the literature and associated tools have been developed …
View article: Model-driven Privacy
Model-driven Privacy Open
Data protection regulations in many countries require IT systems to implement baseline privacy requirements like purpose limitation and consent as mandated by the GDPR. Such requirements are often specified in the system’s privacy policy a…
View article: User-Controlled Privacy: Taint, Track, and Control
User-Controlled Privacy: Taint, Track, and Control Open
We develop the first language-based, Privacy by Design approach that provides support for a rich class of privacy policies. The policies are user-defined, rather than programmer-defined, and support fine-grained information flow restrictio…
View article: Locality-Sensitive Hashing Does Not Guarantee Privacy! Attacks on Google's FLoC and the MinHash Hierarchy System
Locality-Sensitive Hashing Does Not Guarantee Privacy! Attacks on Google's FLoC and the MinHash Hierarchy System Open
Recently proposed systems aim at achieving privacy using locality-sensitive hashing. We show how these approaches fail by presenting attacks against two such systems: Google's FLoC proposal for privacy-preserving targeted advertising and t…
View article: FABRID: Flexible Attestation-Based Routing for Inter-Domain Networks
FABRID: Flexible Attestation-Based Routing for Inter-Domain Networks Open
In its current state, the Internet does not provide end users with transparency and control regarding on-path forwarding devices. In particular, the lack of network device information reduces the trustworthiness of the forwarding path and …
View article: Locality-Sensitive Hashing Does Not Guarantee Privacy! Attacks on Google's FLoC and the MinHash Hierarchy System
Locality-Sensitive Hashing Does Not Guarantee Privacy! Attacks on Google's FLoC and the MinHash Hierarchy System Open
Recently proposed systems aim at achieving privacy using locality-sensitive hashing. We show how these approaches fail by presenting attacks against two such systems: Google's FLoC proposal for privacy-preserving targeted advertising and t…
View article: Efficient Black-box Checking of Snapshot Isolation in Databases
Efficient Black-box Checking of Snapshot Isolation in Databases Open
Snapshot isolation (SI) is a prevalent weak isolation level that avoids the performance penalty imposed by serializability and simultaneously prevents various undesired data anomalies. Nevertheless, SI anomalies have recently been found in…
View article: Efficient Evaluation of Arbitrary Relational Calulus Queries
Efficient Evaluation of Arbitrary Relational Calulus Queries Open
The relational calculus (RC) is a concise, declarative query language. However, existing RC query evaluation approaches are inefficient and often deviate from established algorithms based on finite tables used in database management system…
View article: Sound Verification of Security Protocols: From Design to Interoperable Implementations (extended version)
Sound Verification of Security Protocols: From Design to Interoperable Implementations (extended version) Open
We provide a framework consisting of tools and metatheorems for the end-to-end verification of security protocols, which bridges the gap between automated protocol verification and code-level proofs. We automatically translate a Tamarin pr…