Ebook: Engineering Secure Software and Systems: First International Symposium ESSoS 2009, Leuven, Belgium, February 4-6, 2009. Proceedings
- Tags: Systems and Data Security, Software Engineering, Operating Systems, Algorithm Analysis and Problem Complexity, Management of Computing and Information Systems, Data Encryption
- Series: Lecture Notes in Computer Science 5429
- Year: 2009
- Publisher: Springer-Verlag Berlin Heidelberg
- Edition: 1
- Language: English
- pdf
This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009.
The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.
This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009.
The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.
This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009.
The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.
Content:
Front Matter....Pages -
Verification of Business Process Entailment Constraints Using SPIN....Pages 1-15
From Formal Access Control Policies to Runtime Enforcement Aspects....Pages 16-31
Idea: Trusted Emergency Management....Pages 32-36
Idea: Action Refinement for Security Properties Enforcement....Pages 37-42
Pattern-Based Confidentiality-Preserving Refinement....Pages 43-59
Architectural Refinement and Notions of Intransitive Noninterference ....Pages 60-74
Systematically Eradicating Data Injection Attacks Using Security-Oriented Program Transformations....Pages 75-90
Report: Measuring the Attack Surfaces of Enterprise Software....Pages 91-100
Report: Extensibility and Implementation Independence of the .NET Cryptographic API....Pages 101-110
Report: CC-Based Design of Secure Application Systems....Pages 111-121
Protection Poker: Structuring Software Security Risk Assessment and Knowledge Transfer....Pages 122-134
Toward Non-security Failures as a Predictor of Security Faults and Failures....Pages 135-149
A Scalable Approach to Full Attack Graphs Generation....Pages 150-163
MEDS: The Memory Error Detection System....Pages 164-179
Idea: Automatic Security Testing for Web Applications....Pages 180-184
Report: Functional Security Testing Closing the Software – Security Testing Gap: A Case from a Telecom Provider....Pages 185-194
Idea: Measuring the Effect of Code Complexity on Static Analysis Results....Pages 195-199
Back Matter....Pages -
This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009.
The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.
Content:
Front Matter....Pages -
Verification of Business Process Entailment Constraints Using SPIN....Pages 1-15
From Formal Access Control Policies to Runtime Enforcement Aspects....Pages 16-31
Idea: Trusted Emergency Management....Pages 32-36
Idea: Action Refinement for Security Properties Enforcement....Pages 37-42
Pattern-Based Confidentiality-Preserving Refinement....Pages 43-59
Architectural Refinement and Notions of Intransitive Noninterference ....Pages 60-74
Systematically Eradicating Data Injection Attacks Using Security-Oriented Program Transformations....Pages 75-90
Report: Measuring the Attack Surfaces of Enterprise Software....Pages 91-100
Report: Extensibility and Implementation Independence of the .NET Cryptographic API....Pages 101-110
Report: CC-Based Design of Secure Application Systems....Pages 111-121
Protection Poker: Structuring Software Security Risk Assessment and Knowledge Transfer....Pages 122-134
Toward Non-security Failures as a Predictor of Security Faults and Failures....Pages 135-149
A Scalable Approach to Full Attack Graphs Generation....Pages 150-163
MEDS: The Memory Error Detection System....Pages 164-179
Idea: Automatic Security Testing for Web Applications....Pages 180-184
Report: Functional Security Testing Closing the Software – Security Testing Gap: A Case from a Telecom Provider....Pages 185-194
Idea: Measuring the Effect of Code Complexity on Static Analysis Results....Pages 195-199
Back Matter....Pages -
....