Engineering Secure Software and Systems Second International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010, Proceedings /

This book constitutes the refereed proceedings of the Second International Symposium on Engineering Secure Software and Systems, ESSoS 2010, held in Pisa, Italy, in February 2010. The 9 revised full papers presented together with 8 ideas papers were carefully reviewed and selected from 58 submission...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor Corporativo: SpringerLink (Online service)
Otros Autores: MASSACCI, Fabio (Editor ), Wallach, Dan (Editor ), Zannone, Nicola (Editor )
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Berlin, Heidelberg : Springer Berlin Heidelberg : Imprint: Springer, 2010.
Edición:1st ed. 2010.
Colección:Security and Cryptology ; 5965
Temas:
Computer networks .
Software engineering.
Cryptography.
Data encryption (Computer science).
Data structures (Computer science).
Information theory.
Computer science-Mathematics.
Computer science.
Computer Communication Networks.
Software Engineering.
Cryptology.
Data Structures and Information Theory.
Mathematical Applications in Computer Science.
Models of Computation.
Acceso en línea:Texto Completo
Tabla de Contenidos:
  • Session 1. Attack Analysis and Prevention I
  • BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks
  • CsFire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests
  • Idea: Opcode-Sequence-Based Malware Detection
  • Session 2. Attack Analysis and Prevention II
  • Experiences with PDG-Based IFC
  • Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications
  • Idea: Towards Architecture-Centric Security Analysis of Software
  • Session 3. Policy Verification and Enforcement I
  • Formally-Based Black-Box Monitoring of Security Protocols
  • Secure Code Generation for Web Applications
  • Idea: Reusability of Threat Models - Two Approaches with an Experimental Evaluation
  • Session 4. Policy Verification and Enforcement II
  • Model-Driven Security Policy Deployment: Property Oriented Approach
  • Category-Based Authorisation Models: Operational Semantics and Expressive Power
  • Idea: Efficient Evaluation of Access Control Constraints
  • Session 5. Secure System and Software Development I
  • Formal Verification of Application-Specific Security Properties in a Model-Driven Approach
  • Idea: Enforcing Consumer-Specified Security Properties for Modular Software
  • Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks
  • Session 6. Secure System and Software Development II
  • Automatic Generation of Smart, Security-Aware GUI Models
  • Report: Modular Safeguards to Create Holistic Security Requirement Specifications for System of Systems
  • Idea: A Feasibility Study in Model Based Prediction of Impact of Changes on System Quality.

Ejemplares similares