Security protocols : 10th International Workshop, Cambridge, UK, April 17-19, 2002 : revised papers

Once again we bring you the proceedings of the International Workshop on Security Protocols. It seems hard to believe that we have reached the tenth event in this annual series. This year our theme was "Discerning the Protocol Participants." Security protocols are usually described in terms of the active participants - Alice c- putes foo and sends it to Bob. However most security protocols also include o?-line participants, which are not synchronously involved in the exchange of messages: a bank may participate on behalf of a customer, and an arbiter may subsequently be asked to interpret the meaning of a run. These silent partners to the protocol have their own security policies, and assumptionsaboutidentity,authorizationandcapabilityneedtobere-examined when the agenda of a hidden participant may change. We hope that the position papers published here, which have been rewritten and rethought in the light of the discussions at the workshop, will be of interest, not just for the speci?c contributions they make but also for the deeper issues which they expose. In order to identify these issues more clearly, we include transcripts for some of the discussions which took place in Cambridge during the workshop. What would you have liked to add? Do let us know.

(Transcript).- Keynote Address.- Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties.- Is Entity Authentication Necessary?.- A Structured Operational Modelling of the Dolev-Yao Threat Model.- On Trust Establishment in Mobile Ad-Hoc Networks.- Legally Authorized and Unauthorized Digital Evidence.- Shrink-Wrapped Optimism: The DODA Approach to Distributed Document Processing.- Contractual Access Control.- Confidentiality Levels and Deliberate/Indeliberate Protocol Attacks.- Analyzing Delegation Properties.- Combinatorial Optimization of Countermeasures against Illegal Copying.- Protocols with Certified-Transfer Servers.- An Architecture for an Adaptive Intrusion-Tolerant Server.- Supporting Imprecise Delegation in KeyNote.- Modeling Protocols for Secure Group Communications in Ad Hoc Networks.- Delegation of Signalling Rights.- Mobile IPv6 Security.- Concluding Discussion: Accounting for Resources.- Back to the Beginning.