13. ESORICS 2008: Málaga, Spain

Sushil Jajodia, Javier López (Eds.): Computer Security - ESORICS 2008, 13th European Symposium on Research in Computer Security, Málaga, Spain, October 6-8, 2008. Proceedings. Lecture Notes in Computer Science 5283 Springer 2008, ISBN 978-3-540-88312-8

Intrusion Detection and Network Vulnerability Analysis

Pablo Neira Ayuso, Rafael M. Gasca, Laurent Lefèvre:
Multiprimary Support for the Availability of Cluster-Based Stateful Firewalls Using FT-FW. 1-17
Reginald E. Sawilla, Xinming Ou:
Identifying Critical Attack Assets in Dependency Attack Graphs. 18-34
C. P. Mu, X. J. Li, H. K. Huang, S. F. Tian:
Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory. 35-48

Network Security

Rosario Gennaro, Shai Halevi, Hugo Krawczyk, Tal Rabin, Steffen Reidt, Stephen D. Wolthusen:
Strongly-Resilient and Non-interactive Hierarchical Key-Agreement in MANETs. 49-65
Gelareh Taban, Virgil D. Gligor:
Efficient Handling of Adversary Attacks in Aggregation Applications. 66-81
Bezawada Bruhadeshwar, Sandeep S. Kulkarni, Alex X. Liu:
Symmetric Key Approaches to Securing BGP - A Little Bit Trust Is Enough. 82-96

Smart Cards and Identity Management

Flavio D. Garcia, Gerhard de Koning Gans, Ruben Muijrers, Peter van Rossum, Roel Verdult, Ronny Wichers Schreur, Bart Jacobs:
Dismantling MIFARE Classic. 97-114
Sebastian Gajek, Tibor Jager, Mark Manulis, Jörg Schwenk:
A Browser-Based Kerberos Authentication Scheme. 115-129
D. Nali, Paul C. van Oorschot:
CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud. 130-145

Data and Applications Security

Yingjiu Li, Haibing Lu:
Disclosure Analysis and Control in Statistical Databases. 146-160
Kun Bai, Meng Yu, Peng Liu:
TRACE: Zero-Down-Time Database Damage Tracking, Quarantine, and Cleansing with Negligible Run-Time Overhead. 161-176
Hong Chen, Xiaonan Ma, Windsor W. Hsu, Ninghui Li, Qihua Wang:
Access Control Friendly Query Verification for Outsourced Data Publishing. 177-191

Privacy Enhancing Technologies

Dan Bogdanov, Sven Laur, Jan Willemson:
Sharemind: A Framework for Fast Privacy-Preserving Computations. 192-206
Athanassios N. Yannacopoulos, Costas Lambrinoudakis, Stefanos Gritzalis, Stylianos Z. Xanthopoulos, Sokratis K. Katsikas:
Modeling Privacy Insurance Contracts and Their Utilization in Risk Management for ICT Firms. 207-222
Ee-Chien Chang, Jia Xu:
Remote Integrity Check with Dishonest Storage Server. 223-237

Anonymity and RFID Privacy

Juan Pedro Muñoz-Gea, Josemaria Malgosa-Sanahuja, Pilar Manzanares-Lopez, Juan Carlos Sanchez-Aarnoutse, Joan García-Haro:
A Low-Variance Random-Walk Procedure to Provide Anonymity in Overlay Networks. 238-250
Ching Yu Ng, Willy Susilo, Yi Mu, Reihaneh Safavi-Naini:
RFID Privacy Models Revisited. 251-266
JungHoon Ha, Sang-Jae Moon, Jianying Zhou, JaeCheol Ha:
A New Formal Proof Model for RFID Location Privacy. 267-281

Access Control and Trust Negotiation

Charles C. Zhang, Marianne Winslett:
Distributed Authorization by Multiparty Trust Negotiation. 282-299
Bjørnar Solhaug, Ketil Stølen:
Compositional Refinement of Policies in UML - Exemplified for Access Control. 300-316
Qihua Wang, Ninghui Li, Hong Chen:
On the Security of Delegation in Access Control Systems. 317-332

Information Flow and Non-transferability

Aslan Askarov, Sebastian Hunt, Andrei Sabelfeld, David Sands:
Termination-Insensitive Noninterference Leaks More Than Just a Bit. 333-348
Rinku Dewri, Indrakshi Ray, Indrajit Ray, Darrell Whitley:
Security Provisioning in Pervasive Environments Using Multi-objective Optimization. 349-363
Carlo Blundo, Giuseppe Persiano, Ahmad-Reza Sadeghi, Ivan Visconti:
Improved Security Notions and Protocols for Non-transferable Identification. 364-378

Secure Electronic Voting and Web Applications Security

David Lundin, Peter Y. A. Ryan:
Human Readable Paper Verification of Prêt à Voter. 379-395
Carlo Blundo, Emiliano De Cristofaro, Aniello Del Sorbo, Clemente Galdi, Giuseppe Persiano:
A Distributed Implementation of the Certified Information Access Service. 396-410
Jennifer Sobey, Robert Biddle, Paul C. van Oorschot, Andrew S. Patrick:
Exploring User Reactions to New Browser Cues for Extended Validation Certificates. 411-427
Claudia Díaz, Carmela Troncoso, Bart Preneel:
A Framework for the Analysis of Mix-Based Steganographic File Systems. 428-445

VoIP Security, Malware, and DRM

Yannis Soupionis, Stelios Dritsas, Dimitris Gritzalis:
An Adaptive Policy-Based Approach to SPIT Management. 446-460
Carlton R. Davis, Stephen Neville, José M. Fernandez, Jean-Marc Robert, John McHugh:
Structured Peer-to-Peer Overlay Networks: Ideal Botnets Command and Control Infrastructures?. 461-480
Monirul I. Sharif, Vinod Yegneswaran, Hassen Saïdi, Phillip A. Porras, Wenke Lee:
Eureka: A Framework for Enabling Static Malware Analysis. 481-500
Joan Tomàs-Buliart, Marcel Fernandez, Miguel Soriano:
New Considerations about the Correct Design of Turbo Fingerprinting Codes. 501-516

Formal Models and Cryptographic Protocols

Michael Backes, Boris Köpf:
Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks. 517-532
Jay A. McCarthy, Shriram Krishnamurthi:
Cryptographic Protocol Explication and End-Point Projection. 533-547
Santiago Escobar, Catherine Meadows, José Meseguer:
State Space Reduction in the Maude-NRL Protocol Analyzer. 548-562

Language-Based and Hardware Security

Sergio Maffeis, Martín Abadi, Cédric Fournet, Andrew D. Gordon:
Code-Carrying Authorization. 563-579
Loïc Duflot:
CPU Bugs, CPU Backdoors and Consequences on Security. 580-599