Section: Partnerships and Cooperations
National Initiatives
ANR
AnaStaSec
-
Title: Static Analysis for Security Properties (ANR générique 2014.)
-
Other partners: Inria/Antique, Inria/Celtique, Airbus Operations SAS, AMOSSYS, CEA-LIST, TrustInSoft
-
Abstract: The project aims at using automated static analysis techniques for verifying security and confidentiality properties of critical avionics software.
AJACS
-
Title: AJACS: Analyses of JavaScript Applications: Certification and Security
-
Other partners: Inria-Rennes/Celtique, Inria-Saclay/Toccata, Inria-Sophia Antipolis/INDES, Imperial College London
-
Abstract: The goal of the AJACS project is to provide strong security and privacy guarantees for web application scripts. To this end, we propose to define a mechanized semantics of the full JavaScript language, the most widely used language for the Web, to develop and prove correct analyses for JavaScript programs, and to design and certify security and privacy enforcement mechanisms.
SafeTLS
-
Title: SafeTLS: La sécurisation de l'Internet du futur avec TLS 1.
-
Other partners: Université Rennes 1, IRMAR, Inria Sophia Antipolis, SGDSN/ANSSI
-
Coordinator: Pierre-Alain Fouque, Univesité de Rennes 1 (France)
-
Abstract: Our project, SafeTLS, addresses the security of both TLS 1.3 and of TLS 1.2 as they are (expected to be) used, in three important ways: (1) A better understanding: We will provide a better understanding of how TLS 1.2 and 1.3 are used in real-world applications; (2) Empowering clients: By developing a tool that will show clients the quality of their TLS connection and inform them of potential security and privacy risks; (3) Analyzing implementations: We will analyze the soundness of current TLS 1.2 implementations and use automated verification to provide a backbone of a secure TLS 1.3 implementation.