17th IEEE Computer Security Foundations Workshop

28 - 30 June, 2004

Asilomar Conference Center

Technical Program

SUNDAY June 27, 2004

6:00 - 7:00

Dinner

MONDAY June 28, 2004

8:45 - 9:00

WELCOME
George Dinolt (Naval Postgraduate School), General Chair
Riccardo Focardi (University of Venice), Program Chair

9:00 - 10:30

Protocols I
Session Chair: Jon Millen

A Theory of Dictionary Attacks and its Complexity
Stephanie Delaune, Florent Jacquemard (Laboratoire Spécification et Vérification)
Slides: PDF, PS

Generic Insecurity of Cliques-Type Authenticated Group Key Agreement Protocols
Olivier Pereira, Jean-Jacques Quisquater (UCL Crypto Group)
Slides: PDF

Abstraction and Refinement in Protocol Derivation
Anupam Datta, Ante Derek, John Mitchell (Stanford University),
Dusko Pavlovic (Kestrel Institute)
Slides: PPT

10:30 - 11:00

Break

11:00 - 12:00

Access Control
Session Chair: Andre Scedrov

A Distributed Calculus for Role-Based Access Control
Chiara Braghin (Universita' Ca' Foscari di Venezia), Daniele Gorla (Universita' di Firenze), Vladimiro Sassone (University of Sussex)
Slides: PDF

From Stack Inspection to Access Control: A Security Analysis for Libraries
Frederic Besson (Microsoft Research), Tomasz Blanc (INRIA), Cedric Fournet, Andrew Gordon (Microsoft Research)
Slides: PPT

12:00 - 2:00

Lunch

2:00 - 3:00

Intrusion Detection
Session Chair: Catherine Meadows

Selecting Appropriate Counter-Measures in an Intrusion Detection Framework
Frédéric Cuppens, Thierry Sans, Sylvain Gombault (ENST Bretagne)
Slides: PDF, PPT

Using Active Learning in Intrusion Detection
Magnus Almgren, Erland Jonsson (Chalmers University)
Slides: PDF

3:00 - 3:30

Break

3:30 – 4:30

Information Flow
Session Chair: Andrew Myers

Secure Information Flow by Self-Composition
Gilles Barthe (INRIA Sophia-Antipolis), Pedro R. D'Argenio (Université de Provence), Tamara Rezk (INRIA Sophia-Antipolis)
Slides: PDF

Lenient Array Operations for Practical Secure Information Flow
Zhenyue Deng, Geoffrey Smith (Florida International University)
Slides: PPT

4:30 – 5:30

Business meeting

6:00 - 7:00

Dinner

TUESDAY June 29, 2004

9:00 - 10:30

Security Policies
Session Chair: Andy Gordon

Owned Policies for Information Security
Hubie Chen, Stephen Chong (Cornell University)
Slides: PPT

Cassandra: Flexible Trust Management, Applied to Electronic Health Records
Moritz Y. Becker, Peter Sewell (Computer Laboratory, University of Cambridge)
Slides: PDF

The Consistency of Task-Based Authorization Constraints in Workflow Systems
Kaijun Tan (University of Pennsylvania), Jason Crampton (Royal Holloway, University of London), Carl Gunter (University of Pennsylvania)
Slides: PDF

10:30 - 11:00

Break

11:00 - 12:00

Declassification & Information Flow
Session Chair: Heiko Mantel

Enforcing Robust Declassification
Andrew Myers (Cornell University), Andrei Sabelfeld (Chalmers University of Technology), Steve Zdancewic (University of Pennsylvania)
Slides: PDF

Modelling Downgrading in Information Flow Security
Annalisa Bossi, Carla Piazza, Sabina Rossi (Universita' Ca' Foscari di Venezia, Italy)
Slides: PDF

12:00 - 2:00

Lunch

2:00 - 3:00

Formal Methods & Cryptography
Session Chair: John Mitchell

Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library
Michael Backes, Birgit Pfitzmann (IBM Zurich Research Laboratory)
Slides: PPT

On Universally Composable Notions of Security for Signature, Certification and Authentication
Ran Canetti (IBM Research)
Slides: PPT

3:00 - 3:30

Break

3:30 - 5:00

Panel: Formal Methods & Cryptography
Panel Chair: Cathy Meadows (Naval Research Laboratory)
Panelists: Ran Canetti, Michael Backes, and Andre Scedrov
Slides (Backes): PPT
Slides (Scedrov): PPT

6:00 - 7:00

Dinner

WEDNESDAY June 30, 2004

9:00 – 10:00

Authorization
Session Chair: Geoff Smith

By Reason and Authority: A System for Authorization of Proof-Carrying Code
Nathan Whitehead, Martín Abadi (University of California, Santa Cruz), George Necula (University of California, Berkeley)
Slides: PDF

A Formal Foundation for XrML Licenses
Joseph Halpern, Vicky Weissman (Cornell University)
Slides: PPT

10:00 – 10:30

Break

10:30 - 11:30

Protocols II
Session Chair: Michael Backes

Formal analysis of multi-party contract signing
Rohit Chadha (University of Sussex), Steve Kremer (Université Libre de Bruxelles), Andre Scedrov (University of Pennsylvania)
Slides: PDF

Symbolic Model Checking the Knowledge of the Dining Cryptographers
Kaile Su (Zhongshan University, China), Ron van der Meyden (University of New South Wales, Sydney)

11:30 – 11:45

Closing remarks. Presentation of awards
PC Statistics (Focardi) PDF

12:00

Lunch