Theory of Security and Applications

1. Front Matter

   PDF

2. Union and Intersection Types for Secure Protocol Implementations

   • Michael Backes, Cătălin Hriţcu, Matteo Maffei

   Pages 1-28

3. Secure Composition of Protocols

   • Véronique Cortier

   Pages 29-32

4. Constructive Cryptography – A New Paradigm for Security Definitions and Proofs

   • Ueli Maurer

   Pages 33-56

5. G2C: Cryptographic Protocols from Goal-Driven Specifications

   • Michael Backes, Matteo Maffei, Kim Pecina, Raphael M. Reischuk

   Pages 57-77

6. Modeling Long-Term Signature Validation for Resolution of Dispute

   • Moez Ben MBarka, Francine Krief, Olivier Ly

   Pages 78-97

7. Formal Analysis of Privacy for Anonymous Location Based Services

   • Morten Dahl, Stéphanie Delaune, Graham Steel

   Pages 98-112

8. Formal Analysis of the EMV Protocol Suite

   • Joeri de Ruiter, Erik Poll

   Pages 113-129

9. Security Goals and Protocol Transformations

   • Joshua D. Guttman

   Pages 130-147

10. Model-Checking Secure Information Flow for Multi-threaded Programs

    • Marieke Huisman, Henri-Charles Blondeel

    Pages 148-165

11. Multiple Congruence Relations, First-Order Theories on Terms, and the Frames of the Applied Pi-Calculus

    • Florent Jacquemard, Étienne Lozes, Ralf Treinen, Jules Villard

    Pages 166-185

12. Automated Code Injection Prevention for Web Applications

    • Zhengqin Luo, Tamara Rezk, Manuel Serrano

    Pages 186-204

13. Soundness of Removing Cancellation Identities in Protocol Analysis under Exclusive-OR

    • Sreekanth Malladi

    Pages 205-224

14. Back Matter

    PDF

This book constitutes the thoroughly refereed post-conference proceedings of the Joint Workshop on Theory of Security and Applications (formely known as ARSPA-WITS), TOSCA 2011, held in Saarbrücken, Germany, in March/April 2011, in association with ETAPS 2011. The 9 revised full papers presented together with 3 invited talks were carefully reviewed and selected from 24 submissions. The papers feature topics including various methods in computer security, including the formal specification, analysis and design of security protocols and their applications, the formal definition of various aspects of security such as access control mechanisms, mobile code security and denial-of-service attacks, and the modeling of information flow and its application.

• constraint solving
• cryptographic protocols
• model checking
• public key infrastructure
• secure information flow
• algorithm analysis and problem complexity

• Richard Petersen Pladsm, DTU Informatics, kgs. Lynby, Denmark

  Sebastian Mödersheim

• INRIA, Palaiseau Cedex, France

  Catuscia Palamidessi

Policies and ethics