Computer Security - ESORICS 2005

1. Front Matter

   PDF

2. Computerized Voting Machines: A View from the Trenches

   • Barbara Simons

   Pages 1-2

3. XML Access Control with Policy Matching Tree

   • Naizhen Qi, Michiharu Kudo

   Pages 3-23

4. Semantic Access Control Model: A Formal Specification

   • Mariemma I. Yagüe, María-del-Mar Gallardo, Antonio Maña

   Pages 24-43

5. A Generic XACML Based Declarative Authorization Scheme for Java

   • Rajeev Gupta, Manish Bhide

   Pages 44-63

6. Specification and Validation of Authorisation Constraints Using UML and OCL

   • Karsten Sohr, Gail-Joon Ahn, Martin Gogolla, Lars Migge

   Pages 64-79

7. Unified Index for Mobile Object Data and Authorizations

   • Vijayalakshmi Atluri, Qi Guo

   Pages 80-97

8. On Obligations

   • Manuel Hilty, David Basin, Alexander Pretschner

   Pages 98-117

9. A Practical Voter-Verifiable Election Scheme

   • David Chaum, Peter Y. A. Ryan, Steve Schneider

   Pages 118-139

10. Machine-Checked Security Proofs of Cryptographic Signature Schemes

    • Sabrina Tarento

    Pages 140-158

11. Sanitizable Signatures

    • Giuseppe Ateniese, Daniel H. Chou, Breno de Medeiros, Gene Tsudik

    Pages 159-177

12. Limits of the Cryptographic Realization of Dolev-Yao-Style XOR

    • Michael Backes, Birgit Pfitzmann

    Pages 178-196

13. Security-Typed Languages for Implementation of Cryptographic Protocols: A Case Study

    • Aslan Askarov, Andrei Sabelfeld

    Pages 197-221

14. Augmented Oblivious Polynomial Evaluation Protocol and Its Applications

    • Huafei Zhu, Feng Bao

    Pages 222-230

15. Using Attack Trees to Identify Malicious Attacks from Authorized Insiders

    • Indrajit Ray, Nayot Poolsapassit

    Pages 231-246

16. An Efficient and Unified Approach to Correlating, Hypothesizing, and Predicting Intrusion Alerts

    • Lingyu Wang, Anyi Liu, Sushil Jajodia

    Pages 247-266

17. Towards a Theory of Intrusion Detection

    • Giovanni Di Crescenzo, Abhrajit Ghosh, Rajesh Talpade

    Pages 267-286

18. On Scalability and Modularisation in the Modelling of Network Security Systems

    • João Porto de Albuquerque, Heiko Krumm, Paulo Lício de Geus

    Pages 287-304

19. Sybil-Resistant DHT Routing

    • George Danezis, Chris Lesniewski-Laas, M. Frans Kaashoek, Ross Anderson

    Pages 305-318

20. Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks

    • Felix C. Freiling, Thorsten Holz, Georg Wicherski

    Pages 319-335

Foreword from the Program Chairs These proceedings contain the papers selected for presentation at the 10th - ropean Symposium on Research in Computer Security (ESORICS), held S- tember 12–14, 2005 in Milan, Italy. In response to the call for papers 159 papers were submitted to the conf- ence. These paperswere evaluated on the basis of their signi?cance, novelty,and technical quality. Each paper was reviewed by at least three members of the program committee. The program committee meeting was held electronically, holding intensive discussion over a period of two weeks. Of the papers subm- ted, 27 were selected for presentation at the conference, giving an acceptance rate of about 16%. The conference program also includes an invited talk by Barbara Simons. There is a long list of people who volunteered their time and energy to put together the symposiom and who deserve acknowledgment. Thanks to all the members of the program committee, and the external reviewers, for all their hard workin evaluating and discussing papers. We are also very grateful to all those people whose work ensured a smooth organizational process: Pierangela Samarati, who served as General Chair, Claudio Ardagna, who served as P- licity Chair, Dieter Gollmann who served as Publication Chair and collated this volume, and Emilia Rosti and Olga Scotti for helping with local arrangements. Last, but certainly not least, our thanks go to all the authors who submitted papers and all the attendees. We hope you ?nd the program stimulating.

• access control
• authorization schemes
• communication
• computer security
• data security
• digital signatures
• electronic voting
• internet security
• intrusion detection
• network security
• secure communications
• security
• security proofs
• security protocols
• systems security

• Dipartimento di Tenologie dell’Informazione, Universita’ degli Studi di Milano, Crema (CR), Italy

  Sabrina de Capitani Vimercati

• Naval Research Laboratory, USA

  Paul Syverson

• Institute for Security in Distributed Applications, Hamburg University of Technology, Hamburg, Germany

  Dieter Gollmann

Policies and ethics