Engineering Secure Software and Systems

First International Symposium ESSoS 2009, Leuven, Belgium, February 4-6, 2009. Proceedings

  • Fabio Massacci
  • Samuel T. RedwineJr.
  • Nicola Zannone
Conference proceedings ESSoS 2009

DOI: 10.1007/978-3-642-00199-4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5429)

Table of contents (17 papers)

  1. Front Matter
  2. Policy Verification and Enforcement

    1. Verification of Business Process Entailment Constraints Using SPIN
      Christian Wolter, Philip Miseldine, Christoph Meinel
      Pages 1-15
    2. From Formal Access Control Policies to Runtime Enforcement Aspects
      Slim Kallel, Anis Charfi, Mira Mezini, Mohamed Jmaiel, Karl Klose
      Pages 16-31
    3. Idea: Trusted Emergency Management
      Timothy E. Levin, Cynthia E. Irvine, Terry V. Benzel, Thuy D. Nguyen, Paul C. Clark, Ganesha Bhaskara
      Pages 32-36
  3. Model Refinement and Program Transformation

  4. Secure System Development

    1. Report: Measuring the Attack Surfaces of Enterprise Software
      Pratyusa K. Manadhata, Yuecel Karabulut, Jeannette M. Wing
      Pages 91-100
    2. Report: Extensibility and Implementation Independence of the .NET Cryptographic API
      Pieter Philippaerts, Cédric Boon, Frank Piessens
      Pages 101-110
    3. Protection Poker: Structuring Software Security Risk Assessment and Knowledge Transfer
      Laurie Williams, Michael Gegick, Andrew Meneely
      Pages 122-134
  5. Attack Analysis and Prevention

    1. Toward Non-security Failures as a Predictor of Security Faults and Failures
      Michael Gegick, Pete Rotella, Laurie Williams
      Pages 135-149
    2. A Scalable Approach to Full Attack Graphs Generation
      Feng Chen, Jinshu Su, Yi Zhang
      Pages 150-163
    3. MEDS: The Memory Error Detection System
      Jason D. Hiser, Clark L. Coleman, Michele Co, Jack W. Davidson
      Pages 164-179
  6. Testing and Assurance

  7. Back Matter

About these proceedings

Introduction

This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009.

The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.

Keywords

business processes code complexity conceptual modeling data engineering data semantics dynamic tainting enterprise software information engineering model transformation petri nets process modeling querying requirements management secure syste

Editors and affiliations

  • Fabio Massacci
    • 1
  • Samuel T. RedwineJr.
    • 2
  • Nicola Zannone
    • 3
  1. 1.University of TrentoPovo (Trento)Italy
  2. 2.Department of Computer ScienceJames Madison UniversityHarrisonburgUSA
  3. 3.Department of Computer ScienceUniversity of TorontoCanada

Bibliographic information

  • Copyright Information Springer-Verlag Berlin Heidelberg 2009
  • Publisher Name Springer, Berlin, Heidelberg
  • eBook Packages Computer Science
  • Print ISBN 978-3-642-00198-7
  • Online ISBN 978-3-642-00199-4
  • Series Print ISSN 0302-9743
  • Series Online ISSN 1611-3349