{"id":"https://openalex.org/W1721673008","doi":"https://doi.org/10.3233/jcs-2009-0394","title":"Formal security analysis of PKCS#11 and proprietary extensions","display_name":"Formal security analysis of PKCS#11 and proprietary extensions","publication_year":2010,"publication_date":"2010-09-20","ids":{"openalex":"https://openalex.org/W1721673008","doi":"https://doi.org/10.3233/jcs-2009-0394","mag":"1721673008"},"language":"en","primary_location":{"id":"doi:10.3233/jcs-2009-0394","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-2009-0394","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068404835","display_name":"St\u00e9phanie Delaune","orcid":"https://orcid.org/0000-0002-9744-8834"},"institutions":[{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1294671590"]},{"id":"https://openalex.org/I11559806","display_name":"\u00c9cole Normale Sup\u00e9rieure Paris-Saclay","ror":"https://ror.org/00hx6zz33","country_code":"FR","type":"education","lineage":["https://openalex.org/I11559806","https://openalex.org/I277688954"]},{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en informatique et en automatique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"St\u00e9phanie Delaune","raw_affiliation_strings":["LSV, ENS Cachan & CNRS & INRIA, France","LSV, ENS Cachan & CNRS & INRIA, France#TAB#"],"affiliations":[{"raw_affiliation_string":"LSV, ENS Cachan & CNRS & INRIA, France","institution_ids":["https://openalex.org/I11559806","https://openalex.org/I1326498283","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"LSV, ENS Cachan & CNRS & INRIA, France#TAB#","institution_ids":["https://openalex.org/I1326498283","https://openalex.org/I1294671590"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085316790","display_name":"Steve Kremer","orcid":"https://orcid.org/0009-0004-6946-0678"},"institutions":[{"id":"https://openalex.org/I11559806","display_name":"\u00c9cole Normale Sup\u00e9rieure Paris-Saclay","ror":"https://ror.org/00hx6zz33","country_code":"FR","type":"education","lineage":["https://openalex.org/I11559806","https://openalex.org/I277688954"]},{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en informatique et en automatique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1326498283"]},{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1294671590"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Steve Kremer","raw_affiliation_strings":["LSV, ENS Cachan & CNRS & INRIA, France","LSV, ENS Cachan & CNRS & INRIA, France#TAB#"],"affiliations":[{"raw_affiliation_string":"LSV, ENS Cachan & CNRS & INRIA, France","institution_ids":["https://openalex.org/I11559806","https://openalex.org/I1326498283","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"LSV, ENS Cachan & CNRS & INRIA, France#TAB#","institution_ids":["https://openalex.org/I1326498283","https://openalex.org/I1294671590"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019612833","display_name":"Graham Steel","orcid":"https://orcid.org/0000-0003-4681-8011"},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en informatique et en automatique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1326498283"]},{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1294671590"]},{"id":"https://openalex.org/I11559806","display_name":"\u00c9cole Normale Sup\u00e9rieure Paris-Saclay","ror":"https://ror.org/00hx6zz33","country_code":"FR","type":"education","lineage":["https://openalex.org/I11559806","https://openalex.org/I277688954"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Graham Steel","raw_affiliation_strings":["LSV, ENS Cachan & CNRS & INRIA, France","(Correspd. Tel.: +33 1 47 40 77 80; Fax: +33 1 47 40 75 21; E-mail: graham.Steel@lsv.ens-cachan.fr) LSV, ENS Cachan & CNRS & INRIA, France#TAB#"],"affiliations":[{"raw_affiliation_string":"LSV, ENS Cachan & CNRS & INRIA, France","institution_ids":["https://openalex.org/I11559806","https://openalex.org/I1326498283","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"(Correspd. Tel.: +33 1 47 40 77 80; Fax: +33 1 47 40 75 21; E-mail: graham.Steel@lsv.ens-cachan.fr) LSV, ENS Cachan & CNRS & INRIA, France#TAB#","institution_ids":["https://openalex.org/I1326498283","https://openalex.org/I1294671590"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5019612833"],"corresponding_institution_ids":["https://openalex.org/I11559806","https://openalex.org/I1294671590","https://openalex.org/I1326498283"],"apc_list":null,"apc_paid":null,"fwci":5.3419,"has_fulltext":false,"cited_by_count":42,"citation_normalized_percentile":{"value":0.95804263,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"18","issue":"6","first_page":"1211","last_page":"1245"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13999","display_name":"Digital Rights Management and Security","score":0.9902999997138977,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9817000031471252,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7427216172218323},{"id":"https://openalex.org/keywords/decidability","display_name":"Decidability","score":0.7027559876441956},{"id":"https://openalex.org/keywords/model-checking","display_name":"Model checking","score":0.7014970183372498},{"id":"https://openalex.org/keywords/formalism","display_name":"Formalism (music)","score":0.5565252900123596},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5085355043411255},{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.4693635106086731},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.42090943455696106},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4164761006832123},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3227185606956482}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7427216172218323},{"id":"https://openalex.org/C153269930","wikidata":"https://www.wikidata.org/wiki/Q430001","display_name":"Decidability","level":2,"score":0.7027559876441956},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.7014970183372498},{"id":"https://openalex.org/C73301696","wikidata":"https://www.wikidata.org/wiki/Q5469984","display_name":"Formalism (music)","level":3,"score":0.5565252900123596},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5085355043411255},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.4693635106086731},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.42090943455696106},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4164761006832123},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3227185606956482},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C558565934","wikidata":"https://www.wikidata.org/wiki/Q2743","display_name":"Musical","level":2,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.3233/jcs-2009-0394","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-2009-0394","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.41999998688697815}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W141091997","https://openalex.org/W176419977","https://openalex.org/W203757321","https://openalex.org/W1489391022","https://openalex.org/W1489516665","https://openalex.org/W1496867651","https://openalex.org/W1514302123","https://openalex.org/W1518401470","https://openalex.org/W1800123991","https://openalex.org/W1827306861","https://openalex.org/W2022203768","https://openalex.org/W2029693536","https://openalex.org/W2066210260","https://openalex.org/W2109266092","https://openalex.org/W2114497629","https://openalex.org/W2139017685","https://openalex.org/W2144319444","https://openalex.org/W3139746733","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2801622120","https://openalex.org/W2164141394","https://openalex.org/W3036524962","https://openalex.org/W4240977217","https://openalex.org/W1967649051","https://openalex.org/W2508088450","https://openalex.org/W2389434635","https://openalex.org/W4214750239","https://openalex.org/W2279908259","https://openalex.org/W2031130420"],"abstract_inverted_index":{"PKCS#11":[0],"defines":[1],"an":[2,81],"API":[3,60,107],"for":[4,29,67,76],"cryptographic":[5],"devices":[6],"that":[7,27,64],"has":[8,16],"been":[9,17],"widely":[10],"adopted":[11],"in":[12,63,108],"industry.":[13],"However,":[14],"it":[15,65],"shown":[18],"to":[19,22,124],"be":[20],"vulnerable":[21],"a":[23,45],"variety":[24],"of":[25,48,51,83,102,105,128],"attacks":[26,97],"could,":[28],"example,":[30],"compromise":[31],"the":[32,37,49,84,89,100,106,126],"sensitive":[33],"keys":[34],"stored":[35],"on":[36],"device.":[38],"In":[39],"this":[40],"paper,":[41],"we":[42],"set":[43],"out":[44],"formal":[46],"model":[47,90],"operation":[50],"th":[52],"e":[53],"API,":[54],"which":[55],"differs":[56],"from":[57],"previous":[58],"security":[59],"models":[61],"notably":[62],"accounts":[66],"non-monotonic":[68],"mutable":[69],"global":[70],"state.":[71],"We":[72,93,111],"give":[73],"decidability":[74],"results":[75],"our":[77,109],"formalism,":[78],"and":[79,98,120],"describe":[80],"implementation":[82],"resulting":[85],"decision":[86],"procedure":[87],"using":[88],"checker":[91],"NuSMV.":[92],"report":[94],"some":[95,103],"new":[96],"prove":[99],"safety":[101],"configurations":[104],"model.":[110],"also":[112],"analyse":[113],"proprietary":[114],"extensions":[115],"proposed":[116],"by":[117],"nCipher":[118],"(Thales)":[119],"Eracom":[121],"(Safenet),":[122],"designed":[123],"address":[125],"shortcomings":[127],"PKCS#11.":[129]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":6},{"year":2015,"cited_by_count":5},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":5},{"year":2012,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}