4th International Symposium, eSSoS 2012, EindhovenThe
Netherlands, February 2012 Proceedings
Gilles Barthe, Benjamin Livshits, Riccardo Scandariato (Eds.)
 |
| Engineering Secure Software and Systems |
It is our pleasure to welcome you to the fourth edition of the International
Symposium on Engineering Secure Software and Systems.
This unique event aims at bringing together researchers from software engineering and security engineering, which might help to unite and further develop the two communities in this and future editions. The parallel technical sponsorship from the ACM SIGSAC (the ACM interest group in security) and ACM
SIGSOFT (the ACM interest group in software engineering) is a clear sign of the importance of this interdisciplinary research area and its potential.
The difficulty of building secure software systems is no longer focused on mastering security technology such as cryptography or access control models.
Other important factors include the complexity of modern networked software systems, the unpredictability of practical development life cycles, the intertwining of and trade-off between functionality, security and other qualities, the difficulty of dealing with human factors, and so forth. Over the last few years, an entire research
domain has been building up around these problems.
The conference program include two major keynotes from Cristian Cadar
(Imperial College London) on improving software reliability and security via symbolic execution and Thorsten Holz (Ruhr University Bochum) on an overview of modern security threats, and an interesting blend of research and idea papers. In response to the call for papers, 53 papers were submitted.
The Program Committee selected seven contributions as research papers (13%), presenting new research results in the realm of engineering secure software and systems.
It further selected seven idea papers, which gave crisp expositions of interesting, novel ideas in the early stages of development. Many individuals and organizations contributed to the success of this event.
First of all, we would like to express our appreciation to the authors of the submitted papers and to the Program Committee members and external referees, who provided timely and relevant reviews. Many thanks go to the Steering Committee for supporting this and future editions of the symposium, and to all the members of the Organizing Committee for their tremendous work and for excelling in their respective tasks. The DistriNet research group of the K.U. Leuven did an excellent job with the website and the advertising for the conference. Finally, we are also grateful to Andrei Voronkov for his EasyChair system.
We owe gratitude to ACM SIGSAC/SIGSOFT, IEEE TCSP and LNCS for
supporting us in this new scientific endeavor.
December 2011
Gilles Barthe
Benjamin Livshits
Riccardo Scandariato
Springer is part of Springer Science+Business Media (www.springer.com)Table of Contents
Application-Replay Attack on Java Cards: When the Garbage Collector
Gets Confused ................................................... 1
Guillaume Barbu, Philippe Hoogvorst, and Guillaume Duc
Supporting the Development and Documentation of ISO 27001
Information Security Management Systems through Security
Requirements Engineering Approaches (Idea Paper) .................. 14
Kristian Beckers, Stephan Faßbender, Maritta Heisel,
Jan-Christoph K¨uster, and Holger Schmidt
Typed Assembler for a RISC Crypto-Processor (Idea Paper)........... 22
Peter T. Breuer and Jonathan Bowen
Transversal Policy Conflict Detection ............................... 30
Matteo Maria Casalino, Henrik Plate, and Slim Trabelsi
Challenges in Implementing an End-to-End Secure Protocol
for Java ME-Based Mobile Data Collection in Low-Budget
Settings (Idea Paper) ............................................. 38
Samson Gejibo, Federico Mancini, Khalid A. Mughal,
Remi Valvik, and Jørn Klungsøyr
Runtime Enforcement of Information Flow Security in Tree
Manipulating Processes ........................................... 46
M´at´e Kov´acs and Helmut Seidl
Formalisation and Implementation of the XACML Access Control
Mechanism ...................................................... 60
Massimiliano Masi, Rosario Pugliese, and Francesco Tiezzi
A Task Ordering Approach for Automatic Trust Establishment ........ 75
Francisco Moyano, Carmen Fernandez-Gago, Isaac Agudo, and Javier Lopez
An Idea of an Independent Validation of Vulnerability Discovery
Models (Idea Paper).............................................. 89
Viet Hung Nguyen and Fabio Massacci
A Sound Decision Procedure for the Compositionality of Secrecy
(Idea Paper) .................................................... 97
Mart´ın Ochoa, Jan J¨urjens, and Daniel Warzecha
XII Table of Contents
Plagiarizing Smartphone Applications: Attack Strategies and Defense
Techniques ...................................................... 106
Rahul Potharaju, Andrew Newell, Cristina Nita-Rotaru, and Xiangyu Zhang
Design of Adaptive Security Mechanisms for Real-Time Embedded
Systems ........................................................ 121
Mehrdad Saadatmand, Antonio Cicchetti, and Mikael Sj¨odin
Hunting Application-Level Logical Errors (Idea Paper) ............... 135
George Stergiopoulos, Bill Tsoumas, and Dimitris Gritzalis
Optimal Trust Mining and Computing on Keyed MapReduce
(Idea Paper) .................................................... 143
Huafei Zhu and Hong Xiao
Author Index .................................................. 151
● Screenshot ●
Purchase Now !
Just with Paypal
Just with Paypal
Product details
Price
|
|
|---|---|
File Size
| 3,192 KB |
Pages
|
161 p |
File Type
|
PDF format |
ISBN
| 978-3-642-28165-5 |
Copyright
| Springer-Verlag Berlin Heidelberg 2012 |
●▬▬❂❂▬▬●
●▬❂▬●
●❂●
═════● ●═════
