Security and Trust Management

1. Front Matter

   PDF

2. Policy Enforcement and Monitoring

   1. Cost-Aware Runtime Enforcement of Security Policies

      • Peter Drábik, Fabio Martinelli, Charles Morisset

      Pages 1-16

   2. Enforcing More with Less: Formalizing Target-Aware Run-Time Monitors

      • Yannis Mallios, Lujo Bauer, Dilsun Kaynar, Jay Ligatti

      Pages 17-32

   3. Lazy Security Controllers

      • Giulio Caravagna, Gabriele Costa, Giovanni Pardini

      Pages 33-48

3. Access Control

   1. Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-mechanizable Activities

      • Michele Barletta, Silvio Ranise, Luca Viganò

      Pages 49-64

   2. Labeled Goal-Directed Search in Access Control Logic

      • Valerio Genovese, Deepak Garg, Daniele Rispoli

      Pages 65-80

   3. A Use-Based Approach for Enhancing UCON

      • Christos Grompanopoulos, Antonios Gouglidis, Ioannis Mavridis

      Pages 81-96

   4. Analysis of Communicating Authorization Policies

      • Simone Frau, Mohammad Torabi Dashti

      Pages 97-112

4. Trust, Reputation, and Privacy

   1. Building Trust and Reputation In: A Development Framework for Trust Models Implementation

      • Francisco Moyano, Carmen Fernandez-Gago, Javier Lopez

      Pages 113-128

   2. Matrix Powers Algorithms for Trust Evaluation in Public-Key Infrastructures

      • Jean-Guillaume Dumas, Hicham Hossayni

      Pages 129-144

   3. Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy

      • Meilof Veeningen, Benne de Weger, Nicola Zannone

      Pages 145-160

5. Distributed Systems and Physical Security

   1. Switchwall: Automated Topology Fingerprinting and Behavior Deviation Identification

      • Nelson Nazzicari, Javier Almillategui, Angelos Stavrou, Sushil Jajodia

      Pages 161-176

   2. DOT-COM: Decentralized Online Trading and COMmerce

      • Moti Geva, Amir Herzberg

      Pages 177-192

   3. Formalizing Physical Security Procedures

      • Catherine Meadows, Dusko Pavlovic

      Pages 193-208

6. Authentication

   1. A PUF-Based Authentication Protocol to Address Ticket-Switching of RFID-Tagged Items

      • Sjouke Mauw, Selwyn Piramuthu

      Pages 209-224

   2. Authenticating Email Search Results

      • Olga Ohrimenko, Hobart Reynolds, Roberto Tamassia

      Pages 225-240

   3. Software Authentication to Enhance Trust in Body Sensor Networks

      • Joep de Groot, Vinh Bui, Jean-Paul Linnartz, Johan Lukkien, Richard Verhoeven

      Pages 241-256

   4. YubiSecure? Formal Security Analysis Results for the Yubikey and YubiHSM

      • Robert Künnemann, Graham Steel

      Pages 257-272

7. Security Policies

   1. Boosting Model Checking to Analyse Large ARBAC Policies

      • Silvio Ranise, Anh Truong, Alessandro Armando

      Pages 273-288

   2. Constrained Role Mining

      • Carlo Blundo, Stelvio Cimato

      Pages 289-304

This book constitutes the thoroughly refereed post-conference proceedings of the 8th International Workshop on Security and Trust Management, STM 2012, held in Pisa, Italy, in September 2012 - in conjunction with the 17th European Symposium Research in Computer Security (ESORICS 2012). The 20 revised full papers were carefully reviewed and selected from 57 submissions. The papers are organized into topical sections on policy enforcement and monitoring; access control; trust, reputation, and privacy; distributed systems and physical security; authentication and security policies.

• ARBAC policies
• RFID security
• distributed access control
• runtime monitors
• trust and reputation

• Department of Informatics, University of Oslo, Blindern, Norway

  Audun Jøsang

• Dipartimento di Informatica, Università degli Studi di Milano, Crema, Italy

  Pierangela Samarati

• National Research Center(CNR), Institute of Informatics and Telematics(IIT), Pisa, Italy

  Marinella Petrocchi

Policies and ethics