This book constitutes the proceedings of the 14th European Symposium on Research in Computer Security, ESORICS 2009, held in Saint-Malo, France, in September 2009.
The 42 papers included in the book were carefully reviewed and selected from 220 papers. The topics covered are network security, information flow, language based security, access control, privacy, distributed systems security, security primitives, web security, cryptography, protocols, and systems security and forensics.
Author(s): Thorsten Holz, Markus Engelberth, Felix Freiling (auth.), Michael Backes, Peng Ning (eds.)
Series: Lecture Notes in Computer Science 5789 : Security and Cryptology
Edition: 1
Publisher: Springer-Verlag Berlin Heidelberg
Year: 2009
Language: English
Pages: 706
Tags: Data Encryption; Coding and Information Theory; Data Structures, Cryptology and Information Theory; Systems and Data Security; Discrete Mathematics in Computer Science; e-Commerce/e-business
Front Matter....Pages -
Learning More about the Underground Economy: A Case-Study of Keyloggers and Dropzones....Pages 1-18
User-Centric Handling of Identity Agent Compromise....Pages 19-36
The Coremelt Attack....Pages 37-52
Type-Based Analysis of PIN Processing APIs....Pages 53-68
Declassification with Explicit Reference Points....Pages 69-85
Tracking Information Flow in Dynamic Tree Structures....Pages 86-103
Lightweight Opportunistic Tunneling (LOT)....Pages 104-119
Hide and Seek in Time — Robust Covert Timing Channels....Pages 120-135
Authentic Time-Stamps for Archival Storage....Pages 136-151
Towards a Theory of Accountability and Audit....Pages 152-167
Reliable Evidence: Auditability by Typing....Pages 168-183
PCAL: Language Support for Proof-Carrying Authorization Systems....Pages 184-199
ReFormat: Automatic Reverse Engineering of Encrypted Messages....Pages 200-215
Protocol Normalization Using Attribute Grammars....Pages 216-231
Automatically Generating Models for Botnet Detection....Pages 232-249
Dynamic Enforcement of Abstract Separation of Duty Constraints....Pages 250-267
Usable Access Control in Collaborative Environments: Authorization Based on People-Tagging....Pages 268-284
Requirements and Protocols for Inference-Proof Interactions in Information Systems....Pages 285-302
A Privacy Preservation Model for Facebook-Style Social Network Systems....Pages 303-320
New Privacy Results on Synchronized RFID Authentication Protocols against Tag Tracing....Pages 321-336
Isolating JavaScript with Filters, Rewriting, and Wrappers....Pages 505-522
An Effective Method for Combating Malicious Scripts Clickbots....Pages 523-538
Client-Side Detection of XSS Worms by Monitoring Payload Propagation....Pages 539-554
Secure Pseudonymous Channels....Pages 337-354
Cumulative Attestation Kernels for Embedded Systems....Pages 655-670
Formal Indistinguishability Extended to the Random Oracle Model....Pages 555-570
Computationally Sound Analysis of a Probabilistic Contract Signing Protocol....Pages 571-586
Attribute-Sets: A Practically Motivated Enhancement to Attribute-Based Encryption....Pages 587-604
Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing....Pages 355-370
Content Delivery Networks: Protection or Threat?....Pages 371-389
Model-Checking DoS Amplification for VoIP Session Initiation....Pages 390-405
A Generic Security API for Symmetric Key Management on Cryptographic Devices....Pages 605-620
ID-Based Secure Distance Bounding and Localization....Pages 621-636
Secure Ownership and Ownership Transfer in RFID Systems....Pages 637-654
The Wisdom of Crowds: Attacks and Optimal Constructions....Pages 406-423
Secure Evaluation of Private Linear Branching Programs with Medical Applications....Pages 424-439
Keep a Few: Outsourcing Data While Maintaining Confidentiality....Pages 440-455
Data Structures with Unpredictable Timing....Pages 456-471
WORM-SEAL: Trustworthy Data Retention and Verification for Regulatory Compliance....Pages 472-488
Corruption-Localizing Hashing....Pages 489-504
Super-Efficient Aggregating History-Independent Persistent Authenticated Dictionaries....Pages 671-688
Set Covering Problems in Role-Based Access Control....Pages 689-704
Back Matter....Pages -
