Computer Security - ESORICS 2008

13th European Symposium on Research in Computer Security, Málaga, Spain, October 6-8, 2008. Proceedings

Sushil Jajodia (Herausgeber)

Buch | Softcover
XIV, 602 Seiten
2008 | 2008
Springer Berlin (Verlag)
978-3-540-88312-8 (ISBN)

Lese- und Medienproben

Computer Security - ESORICS 2008 -
96,29 inkl. MwSt
These proceedings contain the papers selected for presentation at the 13th European Symposium on Research in Computer Security--ESORICS 2008--held October 6-8, 2008 in Torremolinos (Malaga), Spain, and hosted by the University of Malaga, C- puter Science Department. ESORICS has become the European research event in computer security. The symposium started in 1990 and has been organized on alternate years in different European countries. From 2002 it has taken place yearly. It attracts an international audience from both the academic and industrial communities. In response to the call for papers, 168 papers were submitted to the symposium. These papers were evaluated on the basis of their significance, novelty, and technical quality. Each paper was reviewed by at least three members of the Program Comm- tee. The Program Committee meeting was held electronically, holding intensive d- cussion over a period of two weeks. Finally, 37 papers were selected for presentation at the symposium, giving an acceptance rate of 22%.

Session 1: Intrusion Detection and Network Vulnerability Analysis.- Multiprimary Support for the Availability of Cluster-Based Stateful Firewalls Using FT-FW.- Identifying Critical Attack Assets in Dependency Attack Graphs.- Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory.- Session 2: Network Security.- Strongly-Resilient and Non-interactive Hierarchical Key-Agreement in MANETs.- Efficient Handling of Adversary Attacks in Aggregation Applications.- Symmetric Key Approaches to Securing BGP - A Little Bit Trust Is Enough.- Session 3: Smart Cards and Identity Management.- Dismantling MIFARE Classic.- A Browser-Based Kerberos Authentication Scheme.- CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud.- Session 4: Data and Applications Security.- Disclosure Analysis and Control in Statistical Databases.- TRACE: Zero-Down-Time Database Damage Tracking, Quarantine, and Cleansing with Negligible Run-Time Overhead.- Access Control Friendly Query Verification for Outsourced Data Publishing.- Session 5: Privacy Enhancing Technologies.- Sharemind: A Framework for Fast Privacy-Preserving Computations.- Modeling Privacy Insurance Contracts and Their Utilization in Risk Management for ICT Firms.- Remote Integrity Check with Dishonest Storage Server.- Session 6: Anonymity and RFID Privacy.- A Low-Variance Random-Walk Procedure to Provide Anonymity in Overlay Networks.- RFID Privacy Models Revisited.- A New Formal Proof Model for RFID Location Privacy.- Session 7: Access Control and Trust Negotiation.- Distributed Authorization by Multiparty Trust Negotiation.- Compositional Refinement of Policies in UML - Exemplified for Access Control.- On the Security of Delegation in Access Control Systems.- Session 8: Information Flow and Non-transferability.- Termination-Insensitive Noninterference Leaks More Than Just a Bit.- Security Provisioning in Pervasive Environments Using Multi-objective Optimization.- Improved Security Notions and Protocols for Non-transferable Identification.- Session 9: Secure Electronic Voting and Web Applications Security.- Human Readable Paper Verification of Prêt à Voter.- A Distributed Implementation of the Certified Information Access Service.- Exploring User Reactions to New Browser Cues for Extended Validation Certificates.- A Framework for the Analysis of Mix-Based Steganographic File Systems.- Session 10: VoIP Security, Malware, and DRM.- An Adaptive Policy-Based Approach to SPIT Management.- Structured Peer-to-Peer Overlay Networks: Ideal Botnets Command and Control Infrastructures?.- Eureka: A Framework for Enabling Static Malware Analysis.- New Considerations about the Correct Design of Turbo Fingerprinting Codes.- Session 11: Formal Models and Cryptographic Protocols.- Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks.- Cryptographic Protocol Explication and End-Point Projection.- State Space Reduction in the Maude-NRL Protocol Analyzer.- Session 12: Language-Based and Hardware Security.- Code-Carrying Authorization.- CPU Bugs, CPU Backdoors and Consequences on Security.

Erscheint lt. Verlag 29.9.2008
Reihe/Serie Lecture Notes in Computer Science
Security and Cryptology
Zusatzinfo XIV, 602 p.
Verlagsort Berlin
Sprache englisch
Maße 155 x 235 mm
Gewicht 937 g
Themenwelt Informatik Theorie / Studium Kryptologie
Schlagworte Access Control • anonymity • authorization • backdoors • Cluster • critical attack • Firewall • Hardcover, Softcover / Informatik, EDV/Informatik • HC/Informatik, EDV/Informatik • Identity • identity fraud • Identity Management • integrity check • Kerberos • Manet • overlay networks • Peer-to-Peer • privacy • protocol analyzer • risk assassment • Risk Management • security • statistical database • Steganography • Trust
ISBN-10 3-540-88312-6 / 3540883126
ISBN-13 978-3-540-88312-8 / 9783540883128
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich