Program

Monday September 12, 2005

 

09:15 - 09:30 Welcome and Opening

09:30 - 10:30 Invited talk

Computerized Voting Machines: A View from the Trenches
B. Simons

10:30 - 11:00 Coffee break

 

11:00 - 12:30 Session 1: Access control (Chair: S. De Capitani di Vimercati)

XML Access Control with Policy Matching Tree
N. Qi, M. Kudo (IBM Research, Tokyo Research Laboratory, Japan)

Semantic Access Control Model: A Formal Specification
M. I. Yague, M. Gallardo, A. Mana (University of Malaga, Spain)

A Generic XACML Based Declarative Authorization scheme for Java
R. Gupta, M. Bhide (IBM India Research Lab, India)

12:30 - 14:00 Lunch

 

14:00 - 15:30 Session 2: Advanced Authorization Specifications (Chair: M.I. Yague)

Specification and Validation of Authorisation Constraints Using UML and OCL
K. Sohr (Universitat Bremen, Germany), G. Ahn (University of North Carolina at Charlotte, USA), M. Gogolla (Universitat Bremen, Germany), L. Miggen (Universitat Bremen, Germany)

Unified Index for Mobile Object Data and Authorizations
V. Atluri, Q. Guo (Rutgers University, USA)

On Obligations
M. Hilty, D. Basin, A. Pretschner (ETH Zurich, Switzerland)

15:30 - 16:00 Coffe break

 

16:00 - 17:30 Session 3: Cryptographic Schemes (Chair: V. Teague)

A Practical, Voter-Verifiable Election Scheme
D. Chaum (DigiCash Inc., USA), P.Y.A. Ryan (University of Newcastle upon Tyne, UK), S. Schneider (University of Surrey, UK)

Machine-Checked Security Proofs of Cryptographic Signature Schemes
S. Tarento (INRIA, France)

Sanitizable Signatures
G. Ateniese, D. Chou (Johns Hopkins University, USA), B. de Medeiros (Florida State University, USA), G. Tsudik (University of California, USA)

 

Tuesday September 13, 2005

 

09:00 - 10:30 Session 4: Cryptographic Protocols (Chair: K. Sako)

Limits of the Cryptographic Realization of Dolev-Yao-style XOR
M. Backes, B. Pfitzmann (IBM Zurich Research Lab, Switzerland)

Secure Implementation of Cryptographic Protocols: A Case Study Of Mutual Distrust
A. Askarov, A. Sabelfeld (Chalmers University of Technology, Sweden)

Augmented oblivious Polynomial Evaluation Protocol and Its Applications
H. Zhu (Institute for Infocomm Research, Singapore)

10:30 - 11:00 Coffee break

 

11:00 - 12:30 Session 5: Intrusion detection (Chair: V. Atluri)

Using Attack Trees to Identify Malicious Attacks from Authorized Insiders
I. Ray, N. Poolsapassit (Colorado State University, USA)

An Efficient and Unified Approach to Correlating, Hypothesizing, and Predicting Network Intrusion Alerts
L. Wang, A. Liu, S. Jajodia (George Mason University, USA)

Towards a Theory of Intrusion Detection
G. Di Crescenzo, A. Ghosh, R. Talpade (Telcordia, USA)

12:30 - 14:00 Lunch

 

14:00 - 15:30 Session 6: Network security (Chair: M. Backes)

On Scalability and Modularisation in the Modelling of Network Security Systems
J. de Albuquerque (State University of Campinas, Brazil), H. Krumm (University of Dortmund, Germany), P. de Geus (State University of Campinas, Brazil)

Sybil resistant DHT routing
G. Danezis, C. Lesniewski-Laas, M. Frans Kaashoek, R. Anderson (University of Cambridge, UK)

Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks
F.C. Freiling, T. Holz, G. Wicherski (RWTH Aachen University, Germany)

15:30 - 16:00 Coffee break

 

16:00 - 17:30 Session 7: Information Flow and Formal Security Properties (Chair: P. Ryan)

Quantifying Probabilistic Information Flow in Computational Reactive Systems
M. Backes (IBM Zurich Research Lab, Switzerland)

Enforcing Non-safety Security Policies with Program Monitors
J. Ligatti (Princeton University, USA), L. Bauer (Carnegie Mellon University, USA), D. Walker (Princeton University, USA)

Soundness of Formal Encryption in the Presence of Key-Cycles
P. Adao (IST, Portugal), G. Bana (University of Pennsylvania, USA), J. Herzog (The MITRE Corporation, USA), A. Scedrov (University of Pennsylvania, USA)

 

19:00 Social dinner

 

Wednesday September 14, 2005

 

09:00 - 10:30 Session 8: Privacy and Data Protection (Chair: G. Danezis)

Privacy Preserving Clustering
S. Jha, L. Kruger (University of Wisconsin, USA), P. McDaniel (Pennsylvania State University, USA)

Abstractions Preserving Parameter Confidentiality
S. Guergens, P. Ochsenschlaeger, C. Rudolph (Institute for Secure Information Technology, Germany)

Minimal Disclosure in Hierarchical Hippocratic Databases with Delegation
F. Massacci (University of Trento, Italy), J. Mylopoulos (University of Toronto, Canada), N. Zannone (University of Trento, Italy)

10:30 - 11:00 Coffee break

 

11:00 - 12:30 Session 9: Security for protocols and devices (Chair: P. Syverson)

Security Notions for Disk Encryption
K. Gjosteen (NTNU, Norway)

Local View Attack on Anonymous Communication
M. Gogolewski, M. Klonowski, M. Kutylowski (Wroclaw University of Technology, Poland)

Browser Model for Security Analysis of Browser-Based Protocols
T. Gross, B. Pfitzmann (IBM Zurich Research Lab, Switzerland), A. Sadeghi (Ruhr-University Bochum, Germany)