Last update:
Sat Oct 14 18:00:08 MDT 2017
Ravi Sandhu Editorial . . . . . . . . . . . . . . . 1--2
Francesco Bergadano and
Bruno Crispo and
Giancarlo Ruffo High dictionary compression for
proactive password checking . . . . . . 3--25
Elisa Bertino and
Sabrina De Capitani Di Vimercati and
Elena Ferrari and
Pierangela Samarati Exception-based information flow control
in object-oriented systems . . . . . . . 26--65
Michael K. Reiter and
Aviel D. Rubin Crowds: anonymity for Web transactions 66--92
Ravi Sandhu and
Fang Chen The multilevel relational (MLR) data
model . . . . . . . . . . . . . . . . . 93--132
Ravi Sandhu Editorial . . . . . . . . . . . . . . . 1--2
Matunda Nyanchama and
Sylvia Osborn The role graph model and conflict of
interest . . . . . . . . . . . . . . . . 3--33
David F. Ferraiolo and
John F. Barkley and
D. Richard Kuhn A role-based access control model and
reference implementation within a
corporate intranet . . . . . . . . . . . 34--64
Elisa Bertino and
Elena Ferrari and
Vijay Atluri The specification and enforcement of
authorization constraints in workflow
management systems . . . . . . . . . . . 65--104
Ravi Sandhu and
Venkata Bhamidipati and
Qamar Munawer The ARBAC97 model for role-based
administration of roles . . . . . . . . 105--135
Michael K. Reiter and
Stuart G. Stubblebine Authentication metric analysis and
design . . . . . . . . . . . . . . . . . 138--158
Bruce Schneier and
John Kelsey Secure Audit Logs to Support Computer
Forensics . . . . . . . . . . . . . . . 159--176
Trent Jaeger and
Atul Prakash and
Jochen Liedtke and
Nayeem Islam Flexible Control of Downloaded
Executable Content . . . . . . . . . . . 177--228
Shai Halevi and
Hugo Krawczyk Public-Key Cryptography and Password
Protocols . . . . . . . . . . . . . . . 230--268
Jun Xu and
Mukesh Singhal Design of a High-Performance ATM
Firewall . . . . . . . . . . . . . . . . 269--294
Terran Lane and
Carla E. Brodley Temporal sequence learning and data
reduction for anomaly detection . . . . 295--331
Lawrence C. Paulson Inductive analysis of the Internet
protocol TLS . . . . . . . . . . . . . . 332--351
Stuart G. Stubblebine and
Paul F. Syverson and
David M. Goldschlag Unlinkable serial transactions:
protocols and applications . . . . . . . 354--389
Eran Gabber and
Phillip B. Gibbons and
David M. Kristol and
Yossi Matias and
Alain Mayer On secure and pseudonymous
client-relationships with multiple
servers . . . . . . . . . . . . . . . . 390--415
Alejandro Hevia and
Marcos Kiwi Strength of Two Data Encryption Standard
Implementations under Timing Attack . . 416--437
Deborah Frincke Balancing Cooperation and Risk in
Intrusion Detection . . . . . . . . . . 1--29
Fred B. Schneider Enforceable Security Policies . . . . . 30--50
Diomidis Spinellis Reflection as a Mechanism for Software
Integrity Verification . . . . . . . . . 51--62
Shlomi Dolev and
Rafail Ostrovsky Xor-Trees for Efficient Anonymous
Multicast and Reception . . . . . . . . 63--84
Sylvia Osborn and
Ravi Sandhu and
Qamar Munawer Configuring Role-Based Access Control to
Enforce Mandatory and Discretionary
Access Control Policies . . . . . . . . 85--106
Avishai Wool Key Management for Encrypted Broadcast 107--134
Refik Molva and
Alain Pannetrat Scalable Multicast Security with Dynamic
Recipient Groups . . . . . . . . . . . . 136--160
Ronald Cramer and
Victor Shoup Signature Schemes Based on the Strong
RSA Assumption . . . . . . . . . . . . . 161--185
Stefan Axelsson The Base-Rate Fallacy and the Difficulty
of Intrusion Detection . . . . . . . . . 186--205
Gail-Joon Ahn and
Ravi Sandhu Role-based Authorization Constraints
Specification . . . . . . . . . . . . . 207--226
Wenke Lee and
Salvatore J. Stolfo A Framework for Constructing Features
and Models for Intrusion Detection
Systems . . . . . . . . . . . . . . . . 227--261
John McHugh Testing Intrusion detection systems: a
critique of the 1998 and 1999 DARPA
intrusion detection system evaluations
as performed by Lincoln Laboratory . . . 262--294
Ho-Yen Chang and
S. Felix Wu and
Y. Frank Jou Real-Time Protocol Analysis for
Detecting Link-State Routing Protocol
Attacks . . . . . . . . . . . . . . . . 1--36
Joon S. Park and
Ravi Sandhu and
Gail-Joon Ahn Role-based access control on the Web . . 37--71
Richard E. Smith Cost Profile of a Highly Assured, Secure
Operating System . . . . . . . . . . . . 72--101
Deborah Shands and
Jay Jacobs and
Richard Yee and
E. John Sebes Secure Virtual Enclaves: Supporting
Coalition Use of Distributed Application
Technologies . . . . . . . . . . . . . . 103--133
Michael Steiner and
Peter Buhler and
Thomas Eirich and
Michael Waidner Secure Password-Based Cipher Suite for
TLS . . . . . . . . . . . . . . . . . . 134--157
Trent Jaeger and
Jonathon E. Tidswell Practical Safety in Flexible Access
Control Models . . . . . . . . . . . . . 158--190
Elisa Bertino and
Piero Andrea Bonatti and
Elena Ferrari TRBAC: a Temporal Role-based Access
Control Model . . . . . . . . . . . . . 191--223
David F. Ferraiolo and
Ravi Sandhu and
Serban Gavrila and
D. Richard Kuhn and
Ramaswamy Chandramouli Proposed NIST standard for role-based
access control . . . . . . . . . . . . . 224--274
Burton S. Kaliski An unknown key-share attack on the MQV
key agreement protocol . . . . . . . . . 275--288
Ohad Rodeh and
Kenneth P. Birman and
Danny Dolev The Architecture and Performance of
Security Protocols in the Ensemble Group
Communication System: Using Diamonds to
Guard the Castle . . . . . . . . . . . . 289--319
Elisa Bertino and
Barbara Catania and
Elena Ferrari A Nested Transaction Model for
Multilevel Secure Database Management
Systems . . . . . . . . . . . . . . . . 321--370
Kim Potter Kihlstrom and
L. E. Moser and
P. M. Melliar-Smith The SecureRing group communication
system . . . . . . . . . . . . . . . . . 371--406
Peng Ning and
Sushil Jajodia and
Xiaoyang Sean Wang Abstraction-based intrusion detection in
distributed environments . . . . . . . . 407--452
Pierangela Samarati and
Michael K. Reiter and
Sushil Jajodia An authorization model for a public key
management service . . . . . . . . . . . 453--482
Piero Bonatti and
Sabrina De Capitani di Vimercati and
Pierangela Samarati An Algebra for Composing Access Control
Policies . . . . . . . . . . . . . . . . 1--35
Massimo Bernaschi and
Emanuele Gabrielli and
Luigi V. Mancini REMUS: a Security-Enhanced Operating
System . . . . . . . . . . . . . . . . . 36--61
Vijayalakshmi Atluri and
Avigdor Gal An authorization model for temporal and
derived data: securing information
portals . . . . . . . . . . . . . . . . 62--94
Matt Blaze and
John Ioannidis and
Angelos D. Keromytis Trust Management for IPsec . . . . . . . 95--118
Drew Dean and
Matt Franklin and
Adam Stubblefield An Algebraic Approach to IP Traceback 119--137
Algis Rudys and
Dan S. Wallach Termination in language-based systems 138--168
Ernesto Damiani and
Sabrina De Capitani di Vimercati and
Stefano Paraboschi and
Pierangela Samarati A Fine-Grained Access Control System for
XML Documents . . . . . . . . . . . . . 169--202
C. C. Michael and
Anup Ghosh Simple, state-based approaches to
program-based anomaly detection . . . . 203--237
John Viega and
J. T. Bloch and
Tadayoshi Kohno and
Gary McGraw Token-based scanning of source code for
security problems . . . . . . . . . . . 238--261
Joe Loughry and
David A. Umphress Information leakage from optical
emanations . . . . . . . . . . . . . . . 262--289
Elisa Bertino and
Elena Ferrari Secure and Selective Dissemination of
XML Documents . . . . . . . . . . . . . 290--331
Manuel Koch and
Luigi V. Mancini and
Francesco Parisi-Presicce A graph-based formalism for RBAC . . . . 332--365
Francesco Bergadano and
Daniele Gunetti and
Claudia Picardi User authentication through keystroke
dynamics . . . . . . . . . . . . . . . . 367--397
Michael M. Swift and
Anne Hopkins and
Peter Brundrett and
Cliff Van Dyke and
Praerit Garg and
Shannon Chan and
Mario Goertzel and
Gregory Jensenworth Improving the granularity of access
control for Windows 2000 . . . . . . . . 398--437
Lawrence A. Gordon and
Martin P. Loeb The economics of information security
investment . . . . . . . . . . . . . . . 438--457
Alan Harbitter and
Daniel A. Menascé A methodology for analyzing the
performance of authentication protocols 458--491
Jean Bacon and
Ken Moody and
Walt Yao A model of OASIS role-based access
control and its support for active
security . . . . . . . . . . . . . . . . 492--540
Ting Yu and
Marianne Winslett and
Kent E. Seamons Supporting structured credentials and
sensitive policies through interoperable
strategies for automated trust
negotiation . . . . . . . . . . . . . . 1--42
Joseph Y. Halpern and
Riccardo Pucella On the relationship between strand
spaces and multi-agent systems . . . . . 43--70
Elisa Bertino and
Barbara Catania and
Elena Ferrari and
Paolo Perlasca A Logical Framework for Reasoning about
Access Control Models . . . . . . . . . 71--127
Ninghui Li and
Benjamin N. Grosof and
Joan Feigenbaum Delegation logic: a logic-based approach
to distributed authorization . . . . . . 128--171
Suresh N. Chari and
Pau-Chen Cheng BlueBoX: a policy-driven, host-based
intrusion detection system . . . . . . . 173--200
Jason Crampton and
George Loizou Administrative scope: a foundation for
role-based administrative models . . . . 201--231
Günter Karjoth Access control with IBM Tivoli access
manager . . . . . . . . . . . . . . . . 232--257
Jung Min Park and
Edwin K. P. Chong and
Howard Jay Siegel Efficient multicast stream
authentication using erasure codes . . . 258--285
Duminda Wijesekera and
Sushil Jajodia A propositional policy algebra for
access control . . . . . . . . . . . . . 286--325
Trent Jaeger and
Xiaolan Zhang and
Fidel Cacheda Policy management using access control
spaces . . . . . . . . . . . . . . . . . 327--364
Phillip Rogaway and
Mihir Bellare and
John Black OCB: a block-cipher mode of operation
for efficient authenticated encryption 365--403
Longhua Zhang and
Gail-Joon Ahn and
Bei-Tseng Chu A rule-based framework for role-based
delegation and revocation . . . . . . . 404--441
Klaus Julisch Clustering intrusion detection alarms to
support root cause analysis . . . . . . 443--471
Pino Persiano and
Ivan Visconti A secure and private system for
subscription-based remote services . . . 472--500
Steve Barker and
Peter J. Stuckey Flexible access control policy
specification with constraint logic
programming . . . . . . . . . . . . . . 501--546
Carl Ellison and
Steve Dohrmann Public-key support for group
collaboration . . . . . . . . . . . . . 547--565
Mary R. Thompson and
Abdelilah Essiari and
Srilekha Mudumbai Certificate-based authorization policy
in a PKI environment . . . . . . . . . . 566--588
Giuseppe Ateniese Verifiable encryption of digital
signatures and applications . . . . . . 1--20
Albert Levi and
M. Ufuk Caglayan and
Cetin K. Koc Use of nested certificates for
efficient, dynamic, and trust preserving
public key infrastructure . . . . . . . 21--59
Yongdae Kim and
Adrian Perrig and
Gene Tsudik Tree-based group key agreement . . . . . 60--96
Gabriel Montenegro and
Claude Castelluccia Crypto-based identifiers (CBIDs):
Concepts and applications . . . . . . . 97--127
Jaehong Park and
Ravi Sandhu The UCON$_{ABC}$ usage control model . . 128--174
Trent Jaeger and
Antony Edwards and
Xiaolan Zhang Consistency analysis of authorization
hook placement in the Linux security
modules framework . . . . . . . . . . . 175--205
Mihir Bellare and
Tadayoshi Kohno and
Chanathip Namprempre Breaking and provably repairing the SSH
authenticated encryption scheme: a case
study of the Encode-then-Encrypt-and-MAC
paradigm . . . . . . . . . . . . . . . . 206--241
William Aiello and
Steven M. Bellovin and
Matt Blaze and
Ran Canetti and
John Ioannidis and
Angelos D. Keromytis and
Omer Reingold Just fast keying: Key agreement in a
hostile Internet . . . . . . . . . . . . 242--273
Peng Ning and
Yun Cui and
Douglas S. Reeves and
Dingbang Xu Techniques and tools for analyzing
intrusion alerts . . . . . . . . . . . . 274--318
Adam Stubblefield and
John Ioannidis and
Aviel D. Rubin A key recovery attack on the 802.11b
wired equivalent privacy protocol (WEP) 319--332
Brian Carrier and
Clay Shields The session token protocol for forensics
and traceback . . . . . . . . . . . . . 333--362
Horst F. Wedde and
Mario Lischka Modular authorization and administration 363--391
Mark Strembeck and
Gustaf Neumann An integrated approach to engineer and
enforce context constraints in RBAC
environments . . . . . . . . . . . . . . 392--427
Adam Hess and
Jason Holt and
Jared Jacobson and
Kent E. Seamons Content-triggered trust negotiation . . 428--456
Yair Amir and
Yongdae Kim and
Cristina Nita-Rotaru and
Gene Tsudik On the performance of group key
agreement protocols . . . . . . . . . . 457--488
Matthew K. Wright and
Micah Adler and
Brian Neil Levine and
Clay Shields The predecessor attack: an analysis of a
threat to anonymous communications
systems . . . . . . . . . . . . . . . . 489--522
Dijiang Huang and
Deep Medhi A key-chain-based keying scheme for
many-to-many secure group communication 523--552
Hovav Shacham and
Dan Boneh and
Eric Rescorla Client-side caching for TLS . . . . . . 553--575
Tom Walcott and
Matt Bishop Traducement: a model for record security 576--590
Peng Ning and
Dingbang Xu Hypothesizing and reasoning about
attacks missed by intrusion detection
systems . . . . . . . . . . . . . . . . 591--627
Ravi Sandhu Editorial . . . . . . . . . . . . . . . 1--1
Vijay Atluri Preface . . . . . . . . . . . . . . . . 2--2
Elena Gabriela Barrantes and
David H. Ackley and
Stephanie Forrest and
Darko Stefanovi\'c Randomized instruction set emulation . . 3--40
Donggang Liu and
Peng Ning and
Rongfang Li Establishing pairwise keys in
distributed sensor networks . . . . . . 41--77
Peng Liu and
Wanyu Zang and
Meng Yu Incentive-based modeling and inference
of attacker intent, objectives, and
strategies . . . . . . . . . . . . . . . 78--118
Alberto Ceselli and
Ernesto Damiani and
Sabrina De Capitani Di Vimercati and
Sushil Jajodia and
Stefano Paraboschi and
Pierangela Samarati Modeling and assessing inference
exposure in encrypted databases . . . . 119--152
Zishuang (Eileen) Ye and
Sean Smith and
Denise Anthony Trusted paths for browsers . . . . . . . 153--186
Rafae Bhatti and
Arif Ghafoor and
Elisa Bertino and
James B. D. Joshi X-GTRBAC: an XML-based policy
specification framework and architecture
for enterprise-wide access control . . . 187--227
Wenliang Du and
Jing Deng and
Yunghsiang S. Han and
Pramod K. Varshney and
Jonathan Katz and
Aram Khalili A pairwise key predistribution scheme
for wireless sensor networks . . . . . . 228--258
Lidong Zhou and
Fred B. Schneider and
Robbert Van Renesse APSS: proactive secret sharing in
asynchronous systems . . . . . . . . . . 259--286
Reiner Dojen and
Tom Coffey The concept of layered proving trees and
its application to the automation of
security protocol verification . . . . . 287--311
Daniele Gunetti and
Claudia Picardi Keystroke analysis of free text . . . . 312--347
Elena Ferrari Guest editorial: Special issue on access
control models and technologies . . . . 349--350
Xinwen Zhang and
Francesco Parisi-Presicce and
Ravi Sandhu and
Jaehong Park Formal model and policy specification of
usage control . . . . . . . . . . . . . 351--387
Rafae Bhatti and
Basit Shafiq and
Elisa Bertino and
Arif Ghafoor and
James B. D. Joshi X-gtrbac admin: a decentralized
administration model for enterprise-wide
access control . . . . . . . . . . . . . 388--423
Urs Hengartner and
Peter Steenkiste Access control to people location
information . . . . . . . . . . . . . . 424--456
Giuseppe Ateniese and
Kevin Fu and
Matthew Green and
Susan Hohenberger Improved proxy re-encryption schemes
with applications to secure distributed
storage . . . . . . . . . . . . . . . . 1--30
Francesco M. Malvestuto and
Mauro Mezzini and
Marina Moscarini Auditing sum-queries to make a
statistical database secure . . . . . . 31--60
Darren Mutz and
Fredrik Valeur and
Giovanni Vigna and
Christopher Kruegel Anomalous system call detection . . . . 61--93
Ariel Futoransky and
Emiliano Kargieman and
Carlos Sarraute and
Ariel Waissbein Foundations and applications for secure
triggers . . . . . . . . . . . . . . . . 94--112
Sejong Oh and
Ravi Sandhu and
Xinwen Zhang An effective role administration model
using organization structure . . . . . . 113--137
Giampaolo Bella and
Lawrence C. Paulson Accountability protocols: Formalized and
verified . . . . . . . . . . . . . . . . 138--161
R. Chandramouli and
S. Bapatla and
K. P. Subbalakshmi and
R. N. Uma Battery power-aware encryption . . . . . 162--180
Rosario Gennaro and
Yehuda Lindell A framework for password-based
authenticated key exchange . . . . . . . 181--234
Paul C. Van Oorschot and
Stuart Stubblebine On countering online dictionary attacks
with login histories and
humans-in-the-loop . . . . . . . . . . . 235--258
Patrick McDaniel and
Atul Prakash Methods and limitations of security
policy reconciliation . . . . . . . . . 259--291
Makoto Murata and
Akihiko Tozawa and
Michiharu Kudo and
Satoshi Hada XML access control using static analysis 292--324
Noam Kogan and
Yuval Shavitt and
Avishai Wool A practical revocation scheme for
broadcast encryption using smartcards 325--351
William H. Winsborough and
Ninghui Li Safety in automated trust negotiation 352--390
Ninghui Li and
Mahesh V. Tripunitara Security analysis in role-based access
control . . . . . . . . . . . . . . . . 391--420
Giovanni Mella and
Elena Ferrari and
Elisa Bertino and
Yunhua Koglin Controlled and cooperative updates of
XML documents in Byzantine and
failure-prone distributed systems . . . 421--460
Noam Kogan and
Tamir Tassa Improved efficiency for revocation
schemes via Newton interpolation . . . . 461--486
Gail-Joon Ahn Guest editorial: Special issue on access
control models and technologies . . . . 1:1--1:??
Maria Luisa Damiani and
Elisa Bertino and
Barbara Catania and
Paolo Perlasca GEO-RBAC: a spatially aware RBAC . . . . 2:1--2:??
Mizuho Iwaihara and
Ryotaro Hayashi and
Somchai Chatvichienchai and
Chutiporn Anutariya and
Vilas Wuwongse Relevancy-based access control and its
evaluation on versioned XML documents 3:1--3:??
Jingmin Zhou and
Mark Heckman and
Brennen Reynolds and
Adam Carlson and
Matt Bishop Modeling network intrusion detection
alerts for correlation . . . . . . . . . 4:1--4:??
Ninghui Li and
Mahesh V. Tripunitara and
Ziad Bizri On mutually exclusive roles and
separation-of-duty . . . . . . . . . . . 5:1--5:??
Kun Peng and
Colin Boyd and
Ed Dawson Batch zero-knowledge proof and
verification and its applications . . . 6:1--6:??
Tanvir Ahmed and
Anand R. Tripathi Specification and verification of
security requirements in a programming
model for decentralized CSCW systems . . 7:1--7:??
Karthikeyan Bhargavan and
Ricardo Corin and
Cédric Fournet and
Andrew D. Gordon Secure sessions for Web services . . . . 8:1--8:??
Martín Abadi and
Bruno Blanchet and
Cédric Fournet Just fast keying in the pi calculus . . 9:1--9:??
Emmanuel Bresson and
Olivier Chevassut and
David Pointcheval Provably secure authenticated group
Diffie--Hellman key exchange . . . . . . 10:1--10:??
P. C. van Oorschot and
Tao Wan and
Evangelos Kranakis On interdomain routing security and
pretty secure BGP (psBGP) . . . . . . . 11:1--11:??
A. Squicciarini and
E. Bertino and
Elena Ferrari and
F. Paci and
B. Thuraisingham PP-trust-X: a system for privacy
preserving trust negotiations . . . . . 12:1--12:??
Deepayan Chakrabarti and
Yang Wang and
Chenxi Wang and
Jurij Leskovec and
Christos Faloutsos Epidemic thresholds in real networks . . 1:1--1:??
James B. D. Joshi and
Elisa Bertino and
Arif Ghafoor and
Yue Zhang Formal foundations for hybrid
hierarchies in GTRBAC . . . . . . . . . 2:1--2:??
Blaise Gassend and
Marten Van Dijk and
Dwaine Clarke and
Emina Torlak and
Srinivas Devadas and
Pim Tuyls Controlled physical random functions and
applications . . . . . . . . . . . . . . 3:1--3:??
Luc Bouganim and
François Dang Ngoc and
Philippe Pucheral Dynamic access-control policies on XML
encrypted data . . . . . . . . . . . . . 4:1--4:??
P. C. van Oorschot and
Julie Thorpe On predictive models and user-drawn
graphical passwords . . . . . . . . . . 5:1--5:??
Baruch Awerbuch and
Reza Curtmola and
David Holmer and
Cristina Nita-Rotaru and
Herbert Rubens ODSBR: an on-demand secure Byzantine
resilient routing protocol for wireless
ad hoc networks . . . . . . . . . . . . 6:1--6:??
Indrakshi Ray Editorial . . . . . . . . . . . . . . . 1:1--1:??
Adam J. Lee and
Marianne Winslett and
Jim Basney and
Von Welch The Traust Authorization Service . . . . 2:1--2:??
Xinwen Zhang and
Masayuki Nakae and
Michael J. Covington and
Ravi Sandhu Toward a Usage-Based Security Framework
for Collaborative Computing Systems . . 3:1--3:??
Pietro Mazzoleni and
Bruno Crispo and
Swaminathan Sivasubramanian and
Elisa Bertino XACML Policy Integration Algorithms . . 4:1--4:??
Jooyoung Lee and
Douglas R. Stinson On the Construction of Practical Key
Predistribution Schemes for Distributed
Sensor Networks Using Combinatorial
Designs . . . . . . . . . . . . . . . . 1:1--1:??
Chad D. Mano and
Andrew Blaich and
Qi Liao and
Yingxin Jiang and
David A. Cieslak and
David C. Salyers and
Aaron Striegel RIPPS: Rogue Identifying Packet Payload
Slicer Detecting Unauthorized Wireless
Hosts Through Network Traffic
Conditioning . . . . . . . . . . . . . . 2:1--2:??
Matthew K. Wright and
Micah Adler and
Brian Neil Levine and
Clay Shields Passive-Logging Attacks Against
Anonymous Communications Systems . . . . 3:1--3:??
Jung Hee Cheon and
Nicholas Hopper and
Yongdae Kim and
Ivan Osipkov Provably Secure Timed-Release Public Key
Encryption . . . . . . . . . . . . . . . 4:1--4:??
Hweehwa Pang and
Kian-Lee Tan Verifying Completeness of Relational
Query Answers from Online Servers . . . 5:1--5:??
Felix Brandt and
Tuomas Sandholm On the Existence of Unconditionally
Privacy-Preserving Auction Protocols . . 6:1--6:??
Gene Tsudik Editorial . . . . . . . . . . . . . . . 11:1--11:??
Qing Zhang and
Ting Yu and
Peng Ning A Framework for Identifying Compromised
Nodes in Wireless Sensor Networks . . . 12:1--12:??
Roberto Di Pietro and
Luigi V. Mancini and
Alessandro Mei and
Alessandro Panconesi and
Jaikumar Radhakrishnan Redoubtable Sensor Networks . . . . . . 13:1--13:??
Katharine Chang and
Kang G. Shin Distributed Authentication of Program
Integrity Verification in Wireless
Sensor Networks . . . . . . . . . . . . 14:1--14:??
Liang Xie and
Sencun Zhu Message Dropping Attacks in Overlay
Networks: Attack Detection and Attacker
Identification . . . . . . . . . . . . . 15:1--15:??
Patrick Traynor and
Michael Chien and
Scott Weaver and
Boniface Hicks and
Patrick McDaniel Noninvasive Methods for Host
Certification . . . . . . . . . . . . . 16:1--16:??
Gildas Avoine and
Pascal Junod and
Philippe Oechslin Characterization and Improvement of
Time-Memory Trade-Off Based on Perfect
Tables . . . . . . . . . . . . . . . . . 17:1--17:??
Yi Yang and
Xinran Wang and
Sencun Zhu and
Guohong Cao SDAP: a Secure Hop-by-Hop Data
Aggregation Protocol for Sensor Networks 18:1--18:??
Svetlana Radosavac and
George Moustakides and
John S. Baras and
Iordanis Koutsopoulos An Analytic Framework for Modeling and
Detecting Access Layer Misbehavior in
Wireless Networks . . . . . . . . . . . 19:1--19:??
Young U. Ryu and
Hyeun-Suk Rhee Evaluation of Intrusion Detection
Systems Under a Resource Constraint . . 20:1--20:??
Joseph Y. Halpern and
Vicky Weissman Using First-Order Logic to Reason about
Policies . . . . . . . . . . . . . . . . 21:1--21:??
Donggang Liu and
Peng Ning and
An Liu and
Cliff Wang and
Wenliang Kevin Du Attack-Resistant Location Estimation in
Wireless Sensor Networks . . . . . . . . 22:1--22:??
Saurabh Ganeriwal and
Christina Pöpper and
Srdjan \vCapkun and
Mani B. Srivastava Secure Time Synchronization in Sensor
Networks . . . . . . . . . . . . . . . . 23:1--23:??
Steve Barker and
Marek J. Sergot and
Duminda Wijesekera Status-Based Access Control . . . . . . 1:1--1:??
Shouhuai Xu and
Srdjan \vCapkun Distributed and Secure Bootstrapping of
Mobile Ad Hoc Networks: Framework and
Constructions . . . . . . . . . . . . . 2:1--2:??
Alexandra Boldyreva and
Craig Gentry and
Adam O'Neill and
Dae Hyun Yum New Multiparty Signature Schemes for
Network Routing Applications . . . . . . 3:1--3:??
Wei Wang and
Thomas E. Daniels A Graph Based Approach Toward Network
Forensics Analysis . . . . . . . . . . . 4:1--4:??
Joseph Y. Halpern and
Kevin R. O'Neill Secrecy in Multiagent Systems . . . . . 5:1--5:??
Danfeng Yao and
Keith B. Frikken and
Mikhail J. Atallah and
Roberto Tamassia Private Information: To Reveal or not to
Reveal . . . . . . . . . . . . . . . . . 6:1--6:??
Rebecca N. Wright and
Sabrina De Capitanidi Vimercati Guest Editorial: Special Issue on
Computer and Communications Security . . 7:1--7:??
Adam J. Lee and
Marianne Winslett Enforcing Safety and Consistency
Constraints in Policy-Based
Authorization Systems . . . . . . . . . 8:1--8:??
Philippe Golle and
Frank McSherry and
Ilya Mironov Data Collection with Self-Enforcing
Privacy . . . . . . . . . . . . . . . . 9:1--9:??
Cristian Cadar and
Vijay Ganesh and
Peter M. Pawlowski and
David L. Dill and
Dawson R. Engler EXE: Automatically Generating Inputs of
Death . . . . . . . . . . . . . . . . . 10:1--10:??
Xiaofeng Wang and
Zhuowei Li and
Jong Youl Choi and
Jun Xu and
Michael K. Reiter and
Chongkyung Kil Fast and Black-box Exploit Detection and
Signature Generation for Commodity
Software . . . . . . . . . . . . . . . . 11:1--11:??
Spiros Antonatos and
Periklis Akritidis and
Vinh The Lam and
Kostas G. Anagnostakis Puppetnets: Misusing Web Browsers as a
Distributed Attack Infrastructure . . . 12:1--12:??
Mengjun Xie and
Heng Yin and
Haining Wang Thwarting E-mail Spam Laundering . . . . 13:1--13:??
Zhenkai Liang and
Weiqing Sun and
V. N. Venkatakrishnan and
R. Sekar Alcatraz: An Isolated Environment for
Experimenting with Untrusted Software 14:1--14:37
Danfeng Yao and
Roberto Tamassia Compact and Anonymous Role-Based
Authorization Chain . . . . . . . . . . 15:1--15:??
John Bethencourt and
Dawn Song and
Brent Waters New Techniques for Private Stream
Searching . . . . . . . . . . . . . . . 16:1--16:??
Scott A. Crosby and
Dan S. Wallach and
Rudolf H. Riedi Opportunities and Limits of Remote
Timing Attacks . . . . . . . . . . . . . 17:1--17:??
Mikhail J. Atallah and
Marina Blanton and
Nelly Fazio and
Keith B. Frikken Dynamic and Efficient Key Management for
Access Hierarchies . . . . . . . . . . . 18:1--18:??
Jay Ligatti and
Lujo Bauer and
David Walker Run-Time Enforcement of Nonsafety
Policies . . . . . . . . . . . . . . . . 19:1--19:??
Ninghui Li and
Qihua Wang and
Mahesh Tripunitara Resiliency Policies in Access Control 20:1--20:??
Mike Burmester and
Tri Van Le and
Breno De Medeiros and
Gene Tsudik Universally Composable RFID
Identification and Authentication
Protocols . . . . . . . . . . . . . . . 21:1--21:??
Serdar Cabuk and
Carla E. Brodley and
Clay Shields IP Covert Channel Detection . . . . . . 22:1--22:29
Catherine Meadows Introduction to ACM TISSEC special issue
on CCS 2005 . . . . . . . . . . . . . . 1:1--1:??
Jiangtao Li and
Ninghui Li and
William H. Winsborough Automated trust negotiation using
cryptographic credentials . . . . . . . 2:1--2:??
Li Zhuang and
Feng Zhou and
J. D. Tygar Keyboard acoustic emanations revisited 3:1--3:??
Martín Abadi and
Mihai Budiu and
Úlfar Erlingsson and
Jay Ligatti Control-flow integrity principles,
implementations, and applications . . . 4:1--4:??
Sandro Etalle and
William H. Winsborough Maintaining control while delegating
trust: Integrity constraints in trust
management . . . . . . . . . . . . . . . 5:1--5:??
Barbara Carminati and
Elena Ferrari and
Andrea Perego Enforcing access control in Web-based
social networks . . . . . . . . . . . . 6:1--6:??
Ari Juels and
Stephen A. Weis Defining strong privacy for RFID . . . . 7:1--7:??
Ye Zhu and
Riccardo Bettati Compromising anonymous communication
systems using blind source separation 8:1--8:??
Yingpeng Sang and
Hong Shen Efficient and secure protocols for
privacy-preserving set operations . . . 9:1--9:??
Leo Dorrendorf and
Zvi Gutterman and
Benny Pinkas Cryptanalysis of the random number
generator of the Windows operating
system . . . . . . . . . . . . . . . . . 10:1--10:32
Sabrina de Capitani di Vimercati and
Paul Syverson Guest editorial: Special issue on
computer and communications security . . 11:1--11:??
Xuxian Jiang and
Xinyuan Wang and
Dongyan Xu Stealthy malware detection and
monitoring through VMM-based
``out-of-the-box'' semantic view
reconstruction . . . . . . . . . . . . . 12:1--12:??
Nicholas Hopper and
Eugene Y. Vasserman and
Eric Chan-TIN How much anonymity does network latency
leak? . . . . . . . . . . . . . . . . . 13:1--13:??
Prithvi Bisht and
P. Madhusudan and
V. N. Venkatakrishnan CANDID: Dynamic candidate evaluations
for automatic prevention of SQL
injection attacks . . . . . . . . . . . 14:1--14:??
Miroslav Ponec and
Paul Giura and
Joel Wein and
Hervé Brönnimann New payload attribution methods for
network forensic investigations . . . . 15:1--15:??
Tal Moran and
Moni Naor Split-ballot voting: Everlasting privacy
with distributed trust . . . . . . . . . 16:1--16:??
Anna Lysyanskaya and
Roberto Tamassia and
Nikos Triandopoulos Authenticated error-correcting codes
with applications to multicast
authentication . . . . . . . . . . . . . 17:1--17:??
Xiaofeng Wang and
Philippe Golle and
Markus Jakobsson and
Alex Tsow Deterring voluntary trace disclosure in
re-encryption mix-networks . . . . . . . 18:1--18:??
Joachim Biskup and
Javier Lopez Editorial: ESORICS 2007 . . . . . . . . 19:1--19:??
Moritz Y. Becker and
Sebastian Nanz A logic for state-modifying
authorization policies . . . . . . . . . 20:1--20:??
Gilles Barthe and
Tamara Rezk and
Alejandro Russo and
Andrei Sabelfeld Security of multithreaded programs by
compilation . . . . . . . . . . . . . . 21:1--21:??
Valentina Ciriani and
Sabrina De Capitani Di Vimercati and
Sara Foresti and
Sushil Jajodia and
Stefano Paraboschi and
Pierangela Samarati Combining fragmentation and encryption
to protect privacy in data storage . . . 22:1--22:??
Bhavani Thuraisingham Editorial: SACMAT 2007 . . . . . . . . . 23:1--23:??
Qun Ni and
Elisa Bertino and
Jorge Lobo and
Carolyn Brodie and
Clare-Marie Karat and
John Karat and
Alberto Trombeta Privacy-aware role-based access control 24:1--24:??
Adam J. Lee and
Kazuhiro Minami and
Marianne Winslett On the consistency of distributed proofs
with hidden subtrees . . . . . . . . . . 25:1--25:??
Boniface Hicks and
Sandra Rueda and
Luke St. Clair and
Trent Jaeger and
Patrick McDaniel A logical specification and analysis for
SELinux MLS policy . . . . . . . . . . . 26:1--26:??
Jaideep Vaidya and
Vijayalakshmi Atluri and
Qi Guo The role mining problem: a formal
perspective . . . . . . . . . . . . . . 27:1--27:??
Barbara Carminati and
Elena Ferrari and
Jianneng Cao and
Kian Lee Tan A framework to enforce access control
over data streams . . . . . . . . . . . 28:1--28:??
Aniket Kate and
Greg M. Zaverucha and
Ian Goldberg Pairing-Based Onion Routing with
Improved Forward Secrecy . . . . . . . . 29:1--29:??
Adam G. Pennington and
John Linwood Griffin and
John S. Bucy and
John D. Strunk and
Gregory R. Ganger Storage-Based Intrusion Detection . . . 30:1--30:??
Rakesh Bobba and
Omid Fatemieh and
Fariba Khan and
Arindam Khan and
Carl A. Gunter and
Himanshu Khurana and
Manoj Prabhakaran Attribute-Based Messaging: Access
Control and Confidentiality . . . . . . 31:1--31:??
Feifei Li and
Marios Hadjieleftheriou and
George Kollios and
Leonid Reyzin Authenticated Index Structures for
Aggregation Queries . . . . . . . . . . 32:1--32:??
Palash Sarkar A Simple and Generic Construction of
Authenticated Encryption with Associated
Data . . . . . . . . . . . . . . . . . . 33:1--33:??
David Schultz and
Barbara Liskov and
Moses Liskov MPSS: Mobile Proactive Secret Sharing 34:1--34:??
Charles V. Wright and
Lucas Ballard and
Scott E. Coull and
Fabian Monrose and
Gerald M. Masson Uncovering Spoken Phrases in Encrypted
Voice over IP Conversations . . . . . . 35:1--35:??
Ian Molloy and
Hong Chen and
Tiancheng Li and
Qihua Wang and
Ninghui Li and
Elisa Bertino and
Seraphin Calo and
Jorge Lobo Mining Roles with Multiple Objectives 36:1--36:??
Beno\^\it Libert and
Jean-Jacques Quisquater and
Moti Yung Key Evolution Systems in Untrusted
Update Environments . . . . . . . . . . 37:1--37:??
David Zage and
Cristina Nita-Rotaru Robust Decentralized Virtual Coordinate
Systems in Adversarial Environments . . 38:1--38:??
Patrick P. Tsang and
Man Ho Au and
Apu Kapadia and
Sean W. Smith BLAC: Revoking Repeatedly Misbehaving
Anonymous Users without Relying on TTPs 39:1--39:??
Qihua Wang and
Ninghui Li Satisfiability and Resiliency in
Workflow Authorization Systems . . . . . 40:1--40:??
Aybek Mukhamedov and
Mark D. Ryan Identity Escrow Protocol and Anonymity
Analysis in the Applied Pi-Calculus . . 41:1--41:??
Ninghui Li Introduction to special section
SACMAT'08 . . . . . . . . . . . . . . . 1:1--1:??
Lujo Bauer and
Scott Garriss and
Michael K. Reiter Detecting and resolving policy
misconfigurations in access-control
systems . . . . . . . . . . . . . . . . 2:1--2:??
Qiang Wei and
Jason Crampton and
Konstantin Beznosov and
Matei Ripeanu Authorization recycling in hierarchical
RBAC systems . . . . . . . . . . . . . . 3:1--3:??
Jens-Matthias Bohli and
Andreas Pashalidis Relations among privacy notions . . . . 4:1--4:??
Gabriele Oligeri and
Stefano Chessa and
Roberto Di Pietro and
Gaetano Giunta Robust and efficient authentication of
video stream broadcasting . . . . . . . 5:1--5:??
Brian Demsky Cross-application data provenance and
policy enforcement . . . . . . . . . . . 6:1--6:??
Jing Dong and
Reza Curtmola and
Cristina Nita-Rotaru Practical defenses against pollution
attacks in wireless network coding . . . 7:1--7:??
Fred B. Schneider and
Kevin Walsh and
Emin Gün Sirer Nexus Authorization Logic (NAL): Design
rationale and applications . . . . . . . 8:1--8:??
Glenn Bruns and
Michael Huth Access control via Belnap logic:
Intuitive, expressive, and analyzable
policy composition . . . . . . . . . . . 9:1--9:??
Scott E. Coull and
Matthew Green and
Susan Hohenberger Access controls for oblivious and
anonymous systems . . . . . . . . . . . 10:1--10:??
Mike Burmester and
Jorge Munilla Lightweight RFID authentication with
forward and backward security . . . . . 11:1--11:??
Giuseppe Ateniese and
Randal Burns and
Reza Curtmola and
Joseph Herring and
Osama Khan and
Lea Kissner and
Zachary Peterson and
Dawn Song Remote data checking using provable data
possession . . . . . . . . . . . . . . . 12:1--12:??
Yao Liu and
Peng Ning and
Michael K. Reiter False data injection attacks against
state estimation in electric power grids 13:1--13:??
Jason Crampton Practical and efficient cryptographic
enforcement of interval-based access
control policies . . . . . . . . . . . . 14:1--14:??
Tielei Wang and
Tao Wei and
Guofei Gu and
Wei Zou Checksum-Aware Fuzzing Combined with
Dynamic Taint Analysis and Symbolic
Execution . . . . . . . . . . . . . . . 15:1--15:??
David Basin and
Srdjan Capkun and
Patrick Schaller and
Benedikt Schmidt Formal Reasoning about Physical
Properties of Security Protocols . . . . 16:1--16:??
Scott A. Crosby and
Dan S. Wallach Authenticated Dictionaries: Real-World
Costs and Trade-Offs . . . . . . . . . . 17:1--17:??
Andrew W. Appel Security Seals on Voting Machines: a
Case Study . . . . . . . . . . . . . . . 18:1--18:??
Z. Cliffe Schreuders and
Tanya McGill and
Christian Payne Empowering End Users to Confine Their
Own Applications: The Results of a
Usability Study Comparing SELinux,
AppArmor, and FBAC-LSM . . . . . . . . . 19:1--19:??
Peter Williams and
Radu Sion and
Miroslava Sotakova Practical Oblivious Outsourced Storage 20:1--20:??
Guang Xiang and
Jason Hong and
Carolyn P. Rose and
Lorrie Cranor CANTINA+: a Feature-Rich Machine
Learning Framework for Detecting
Phishing Web Sites . . . . . . . . . . . 21:1--21:??
James Joshi and
Barbara Carminati Guest Editorial: SACMAT 2009 and 2010 22:1--22:??
Ram Krishnan and
Jianwei Niu and
Ravi Sandhu and
William H. Winsborough Group-Centric Secure Information-Sharing
Models for Isolated Groups . . . . . . . 23:1--23:??
Ziqing Mao and
Ninghui Li and
Hong Chen and
Xuxian Jiang Combining Discretionary Policy with
Mandatory Information Flow in Operating
Systems . . . . . . . . . . . . . . . . 24:1--24:??
Gregory Leighton and
Denilson Barbosa Access Control Policy Translation,
Verification, and Minimization within
Heterogeneous Data Federations . . . . . 25:1--25:??
T.-H. Hubert Chan and
Elaine Shi and
Dawn Song Private and Continual Release of
Statistics . . . . . . . . . . . . . . . 26:1--26:??
Eric Chan-Tin and
Victor Heorhiadi and
Nicholas Hopper and
Yongdae Kim The Frog-Boiling Attack: Limitations of
Secure Network Coordinate Systems . . . 27:1--27:??
M. C. Gorantla and
Colin Boyd and
Juan Manuel González Nieto and
Mark Manulis Modeling key compromise impersonation
attacks on group key exchange protocols 28:1--28:??
M. Ho Au and
P. P. Tsang and
A. Kapadia PEREA: Practical TTP-free revocation of
repeatedly misbehaving anonymous users 29:1--29:??
Yingjiu Li and
Robert H. Deng and
Junzuo Lai and
Changshe Ma On two RFID privacy notions and their
relations . . . . . . . . . . . . . . . 30:1--30:??
Martin Burkhart and
Xenofontas Dimitropoulos Privacy-preserving distributed network
troubleshooting---bridging the gap
between theory and practice . . . . . . 31:1--31:??
Darrell Bethea and
Robert A. Cochran and
Michael K. Reiter Server-side verification of client
behavior in online games . . . . . . . . 32:1--32:??
Paul Syverson and
Somesh Jha Guest Editorial: Special Issue on
Computer and Communications Security . . 1:1--1:??
Ryan Roemer and
Erik Buchanan and
Hovav Shacham and
Stefan Savage Return-Oriented Programming: Systems,
Languages, and Applications . . . . . . 2:1--2:??
Karthikeyan Bhargavan and
Cédric Fournet and
Ricardo Corin and
Eugen Zalinescu Verified Cryptographic Implementations
for TLS . . . . . . . . . . . . . . . . 3:1--3:??
Jan Camenisch and
Thomas Groß Efficient Attributes for Anonymous
Credentials . . . . . . . . . . . . . . 4:1--4:??
Prateek Mittal and
Nikita Borisov Information Leaks in Structured
Peer-to-Peer Anonymous Communication
Systems . . . . . . . . . . . . . . . . 5:1--5:??
Yossi Gilad and
Amir Herzberg LOT: a Defense Against IP Spoofing and
Flooding Attacks . . . . . . . . . . . . 6:1--6:??
Boris Danev and
Srdjan Capkun and
Ramya Jayaram Masti and
Thomas S. Benjamin Towards Practical Identification of HF
RFID Devices . . . . . . . . . . . . . . 7:1--7:??
Martín Abadi and
Gordon D. Plotkin On Protection by Layout Randomization 8:1--8:??
Attila A. Yavuz and
Peng Ning and
Michael K. Reiter BAF and FI-BAF: Efficient and Publicly
Verifiable Cryptographic Schemes for
Secure Logging in Resource-Constrained
Systems . . . . . . . . . . . . . . . . 9:1--9:??
Raphaël Khoury and
Nadia Tawbi Corrective Enforcement: a New Paradigm
of Security Policy Enforcement by
Monitors . . . . . . . . . . . . . . . . 10:1--10:??
Norman Danner and
Sam Defabbia-Kane and
Danny Krizanc and
Marc Liberatore Effectiveness and detection of
denial-of-service attacks in Tor . . . . 11:1--11:??
Michael Brennan and
Sadia Afroz and
Rachel Greenstadt Adversarial stylometry: Circumventing
authorship recognition to preserve
privacy and anonymity . . . . . . . . . 12:1--12:??
David Basin and
Samuel J. Burri and
Günter Karjoth Dynamic enforcement of abstract
separation of duty constraints . . . . . 13:1--13:??
Joan Feigenbaum and
Aaron Johnson and
Paul Syverson Probabilistic analysis of onion routing
in a black-box model . . . . . . . . . . 14:1--14:??
Mario Frank and
Joachim M. Buhman and
David Basin Role Mining with Probabilistic Models 15:1--15:??
Yossi Gilad and
Amir Herzberg Fragmentation Considered Vulnerable . . 16:1--16:??
Muhammad Qasim Ali and
Ehab Al-Shaer and
Hassan Khan and
Syed Ali Khayam Automated Anomaly Detector Adaptation
using Adaptive Threshold Tuning . . . . 17:1--17:??
Karthick Jayaraman and
Mahesh Tripunitara and
Vijay Ganesh and
Martin Rinard and
Steve Chapin Mohawk: Abstraction-Refinement and
Bound-Estimation for Verifying Access
Control Policies . . . . . . . . . . . . 18:1--18:??
Pieter Philippaerts and
Yves Younan and
Stijn Muylle and
Frank Piessens and
Sven Lachmund and
Thomas Walter CPM: Masking Code Pointers to Prevent
Code Injection Attacks . . . . . . . . . 1:1--1:??
William E. Cobb and
Rusty O. Baldwin and
Eric D. Laspe Leakage Mapping: a Systematic
Methodology for Assessing the
Side-Channel Information Leakage of
Cryptographic Implementations . . . . . 2:1--2:??
David Basin and
Vincent Jugé and
Felix Klaedtke and
Eugen Zalinescu Enforceable Security Policies Revisited 3:1--3:??
Jason Crampton and
Gregory Gutin and
Anders Yeo On the Parameterized Complexity and
Kernelization of the Workflow
Satisfiability Problem . . . . . . . . . 4:1--4:??
Thomas Leonard and
Martin Hall-May and
Mike Surridge Modelling Access Propagation in Dynamic
Systems . . . . . . . . . . . . . . . . 5:1--5:??
Yueqiang Cheng and
Xuhua Ding and
Robert H. Deng DriverGuard: Virtualization-Based
Fine-Grained Protection on I/O Flows . . 6:1--6:??
Yangchun Fu and
Zhiqiang Lin Bridging the Semantic Gap in Virtual
Machine Introspection via Online Kernel
Data Redirection . . . . . . . . . . . . 7:1--7:??
Abdul Serwadda and
Vir V. Phoha Examining a Large Keystroke Biometrics
Dataset for Statistical-Attack Openings 8:1--8:??
Mengtao Sun and
Gang Tan and
Joseph Siefers and
Bin Zeng and
Greg Morrisett Bringing Java's wild native world under
control . . . . . . . . . . . . . . . . 9:1--9:??
Benedikt Driessen and
Ralf Hund and
Carsten Willems and
Christof Paar and
Thorsten Holz An experimental security analysis of two
satphone standards . . . . . . . . . . . 10:1--10:??
Marina Blanton and
Yihua Zhang and
Keith B. Frikken Secure and verifiable outsourcing of
large-scale biometric computations . . . 11:1--11:??
Peter Williams and
Radu Sion Access privacy and correctness on
untrusted storage . . . . . . . . . . . 12:1--12:??
Yossi Gilad and
Amir Herzberg Off-Path TCP Injection Attacks . . . . . 13:1--13:??
Leyla Bilge and
Sevil Sen and
Davide Balzarotti and
Engin Kirda and
Christopher Kruegel EXPOSURE: a Passive DNS Analysis Service
to Detect and Report Malicious Domains 14:1--14:??
Liqun Chen and
Hoon Wei Lim and
Guomin Yang Cross-Domain Password-Based
Authenticated Key Exchange Revisited . . 15:1--15:??
Teh-Chung Chen and
Torin Stepan and
Scott Dick and
James Miller An Anti-Phishing System Employing
Diffused Information . . . . . . . . . . 16:1--16:??
Konstantine Arkoudas and
Ritu Chadha and
Jason Chiang Sophisticated Access Control via SMT and
Logical Frameworks . . . . . . . . . . . 17:1--17:??
Luca Allodi and
Fabio Massacci Comparing Vulnerability Severity and
Exploits Using Case-Control Studies . . 1:1--1:??
Srdjan Marinovic and
Naranker Dulay and
Morris Sloman Rumpole: an Introspective Break-Glass
Access Control Language . . . . . . . . 2:1--2:??
Mohammad Jafari and
Reihaneh Safavi-Naini and
Philip W. L. Fong and
Ken Barker A Framework for Expressing and Enforcing
Purpose-Based Privacy Policies . . . . . 3:1--3:??
Ewa Syta and
Henry Corrigan-Gibbs and
Shu-Chun Weng and
David Wolinsky and
Bryan Ford and
Aaron Johnson Security Analysis of Accountable
Anonymity in Dissent . . . . . . . . . . 4:1--4:??
Peter Chapin and
Christian Skalka SpartanRPC: Remote Procedure Call
Authorization in Wireless Sensor
Networks . . . . . . . . . . . . . . . . 5:1--5:??
Johannes Götzfried and
Tilo Müller Mutual Authentication and Trust
Bootstrapping towards Secure Disk
Encryption . . . . . . . . . . . . . . . 6:1--6:??
David Basin and
Cas Cremers Know Your Enemy: Compromising
Adversaries in Protocol Analysis . . . . 7:1--7:??
Peng Li and
Debin Gao and
Michael K. Reiter StopWatch: a Cloud Architecture for
Timing Channel Mitigation . . . . . . . 8:1--8:??
Roberto Di Pietro and
Gabriele Oligeri Silence is Golden: Exploiting Jamming
and Radio Silence to Communicate . . . . 9:1--9:??
Andy Rupp and
Foteini Baldimtsi and
Gesine Hinterwälder and
Christof Paar Cryptographic Theory Meets Practice:
Efficient and Privacy-Preserving
Payments for Public Transport . . . . . 10:1--10:??
Edoardo Serra and
Sushil Jajodia and
Andrea Pugliese and
Antonino Rullo and
V. S. Subrahmanian Pareto-Optimal Adversarial Defense of
Enterprise Systems . . . . . . . . . . . 11:1--11:??
Steven H. H. Ding and
Benjamin C. M. Fung and
Mourad Debbabi A Visualizable Evidence-Driven Approach
for Authorship Attribution . . . . . . . 12:1--12:??
Hyojeong Lee and
Jeff Seibert and
Dylan Fistrovic and
Charles Killian and
Cristina Nita-Rotaru Gatling: Automatic Performance Attack
Discovery in Large-Scale Distributed
Systems . . . . . . . . . . . . . . . . 13:1--13:??
Ziming Zhao and
Gail-Joon Ahn and
Hongxin Hu Picture Gesture Authentication:
Empirical Analysis, Automated Attacks,
and Scheme Evaluation . . . . . . . . . 14:1--14:??
C. Chris Erway and
Alptekin Küpçü and
Charalampos Papamanthou and
Roberto Tamassia Dynamic Provable Data Possession . . . . 15:1--15:??
Yossef Oren and
Angelos D. Keromytis Attacking the Internet Using Broadcast
Digital Television . . . . . . . . . . . 16:1--16:??
Xavier De Carné De Carnavalet and
Mohammad Mannan A Large-Scale Evaluation of High-Impact
Password Strength Meters . . . . . . . . 1:1--1:??
Ghassan O. Karame and
Elli Androulaki and
Marc Roeschlin and
Arthur Gervais and
Srdjan Capkun Misbehavior in Bitcoin: a Study of
Double-Spending and Accountability . . . 2:1--2:??
Chris Culnane and
Peter Y. A. Ryan and
Steve Schneider and
Vanessa Teague vVote: a Verifiable Voting System . . . 3:1--3:??
Goran Doychev and
Boris Köpf and
Laurent Mauborgne and
Jan Reineke CacheAudit: a Tool for the Static
Analysis of Cache Side Channels . . . . 4:1--4:??
Rui Tan and
Varun Badrinath Krishna and
David K. Y. Yau and
Zbigniew Kalbarczyk Integrity Attacks on Real-Time Pricing
in Electric Power Grids . . . . . . . . 5:1--5:??
Perry Alexander and
Lee Pike and
Peter Loscocco and
George Coker Model Checking Distributed Mandatory
Access Control Policies . . . . . . . . 6:1--6:??
Muhammad Qasim Ali and
Ehab Al-Shaer Randomization-Based Intrusion Detection
System for Advanced Metering
Infrastructure* . . . . . . . . . . . . 7:1--7:??
Stephen Chong and
Ron Van Der Meyden Using Architecture to Reason about
Information Security . . . . . . . . . . 8:1--8:??
Asaf Shabtai and
Maya Bercovitch and
Lior Rokach and
Ya'akov (Kobi) Gal and
Yuval Elovici and
Erez Shmueli Behavioral Study of Users When
Interacting with Active Honeytokens . . 9:1--9:??
Fabrice Benhamouda and
Marc Joye and
Beno\^\iT Libert A New Framework for Privacy-Preserving
Aggregation of Time-Series Data . . . . 10:1--10:??
Nan Zheng and
Aaron Paloski and
Haining Wang An Efficient User Verification System
Using Angle-Based Mouse Movement
Biometrics . . . . . . . . . . . . . . . 11:1--11:??
Shouling Ji and
Weiqing Li and
Mudhakar Srivatsa and
Jing Selena He and
Raheem Beyah General Graph Data De-Anonymization:
From Mobility Traces to Social Networks 12:1--12:??
Richard Shay and
Saranga Komanduri and
Adam L. Durity and
Phillip (Seyoung) Huh and
Michelle L. Mazurek and
Sean M. Segreti and
Blase Ur and
Lujo Bauer and
Nicolas Christin and
Lorrie Faith Cranor Designing Password Policies for Strength
and Usability . . . . . . . . . . . . . 13:1--13:??
Abdul Serwadda and
Vir V. Phoha and
Zibo Wang and
Rajesh Kumar and
Diksha Shukla Toward Robotic Robbery on the Touch
Screen . . . . . . . . . . . . . . . . . 14:1--14:??