CSFW 9 Program Monday, June 10 8:50-9:00 Welcome Michael Merritt (AT&T Research) 9:00-10:30 Session 1: Protocols Chair: Paul Syverson (NRL) A Class of Flexible and Efficient Key Management Protocols Colin Boyd (Queensland University) A High-Throughput Secure Reliable Multicast Protocol Dalia Malki and Michael Reiter (AT&T Research) An immunological approach to change detection: Theoretical results Patrik D'haeseleer (University of New Mexico) 10:30-11:00 Coffeebreak 11:00-12:00 Session 2: Protocol Specification Chair: Dieter Gollmann (University of London) Intensional Specification of Security Protocols A.W. Roscoe (Oxford University) Narrowing Terminates for Encryption Jonathan Millen and Hai-Ping Ko (The MITRE Corporation) 12:00-14:00 Lunch 14:00-15:00 Session 3: Protocol Analysis Tools Chair: Jonathan Millen (MITRE) Language Generation and Verification in the NRL Protocol Analyzer Catherine A. Meadows (NRL) A HOL Extension of GNY for Automatically Analyzing Cryptographic Protocols Steve Brackin (Arca Systems, Inc.) 15:00-15:30 Coffeebreak 15:30-18:00 Panel 1: E-Commerce Challenge Moderator: Stefek Zaba (HP Laboratories) 18:00-21:00 Dinner 21:00-23:00 Informal discussion: Newton Institute Moderator: Jonathan Millen (MITRE) Tuesday, June 11 9:00-10:30 Session 4: Composition Chair: John McLean (NRL) A Logic of Composition for Information Flow Predicates Ramesh V. Peri and William Wulf (University of Virginia) How and Why Feedback Composition Fails Aris Zakinthinos (University of Toronto) and E.S. Lee (University of Cambridge) Action Systems for Security Specification Jane Sinclair (Open University) 10:30-11:00 Coffeebreak 11:00-12:00 Session 5: Security Policies Chair: Bill Young (Computational Logic) Comparing Two Information Flow Security Properties Riccardo Focardi (Universita di Bologna) Specifying a Security Policy: A Case Study Frederic Cuppens and Claire Saurel (ONERA-CERT) 12:00-14:00 Lunch 14:00-15:00 Session 6: Access Control Chair: Simon Foley (University College) A Formal Model for Role Based Access Control with Constraints Luigi Giuri and Pietro Iglio (Fondazione Ugo Bordoni) The Non-Primitiveness of the Simple-Security Property and its Non-Applicability to Relational and Logic-Based Databases Adrian Spalka (University of Bonn) 15:00-15:30 Coffeebreak 15:30-18:00 Panel 2: A Genealogy of Non-interference Moderator: Peter Ryan (DRA Malvern) Wednesday, June 12 8:30-10:00 Session 7: Attacks Chair: Michael Reiter (AT&T Research) Some New Attacks upon Security Protocols Gavin Lowe (Oxford University) Simmons' Protocol is Not Free of Subliminal Channels Yvo Desmedt (University of Wisconsin-Milwaukee) Towards a Model of Storage Jamming John McDermott and David Goldschlag (NRL) 10:00-10:30 Coffeebreak 10:30-12:00 Panel 3: What is an attack on a cryptographic protocol? Moderator: Paul Syverson (NRL)