28th IEEE Computer Security Foundations Symposium


Program of CSF 2015 and affiliated workshops as a single pdf file (including local information).


Program


CSF 2015: Affiliated workshops Monday, July 13
09:00 - 18:00 Affiliated workshops: ASA8, CryptoForma, FCS, GraMSec, STAST
CSF 2015: Day 1 Tuesday, July 14
08:45 - 09:00 Welcome
Invited talk I Chair: Cédric Fournet
09:00 - 10:00 Computing on Encrypted Data
Nigel Smart (University of Bristol, UK)
10:00 - 10:30 Coffee break
Session I: Access Control Chair: Deepak Garg
10:30 - 11:00 Analyzing First-order Role Based Access Control
Carlos Cotrini Jimenez, Thilo Weghorn, David Basin and Manuel Clavel
11:00 - 11:30 A Definitional Framework for Functional Encryption
Christian Matt and Ueli Maurer
11:30 - 12:00 Compositional Typed Analysis of ARBAC Policies
Stefano Calzavara, Alvise Rabitti and Michele Bugliesi
12:00 - 12:30 Policy Privacy in Cryptographic Access Control
Anna Lisa Ferrara, Georg Fuchsbauer, Bin Liu, and Bogdan Warinschi
12:30 - 14:00 Lunch
Session II: Privacy Chair: Catuscia Palamidessi
14:00 - 14:30 Location Privacy via Differential Private Perturbation of Cloaking Area
Hoa Ngo and Jong Kim
14:30 - 15:00 Automatic Proofs of Privacy of Secure Multi-Party Computation Protocols Against Active Adversaries
Martin Pettai and Peeter Laud
15:00 - 15:30 A Game-Theoretic Study on Non-Monetary Incentives in Data Analytics Projects with Privacy Implications
Michela Chessa, Jens Grossklags and Patrick Loiseau
15:30 - 16:00 Coffee break
Session III: Information Flow 1 Chair: Michael Carl Tschantz
16:00 - 16:30 A Cut Principle for Information Flow
Joshua D. Guttman and Paul D. Rowe
16:30 - 17:00 The Anatomy and Facets of Dynamic Policies
Niklas Broberg, Bart van Delft and David Sands
17:00 - 17:30 Hybrid Monitors for Concurrent Noninterference
Aslan Askarov, Stephen Chong and Heiko Mantel
19:00 - 21:00 Welcome cocktail
Palazzo Verità-Poeta, Vicolo San Silvestro 4/6, 37122 Verona
CSF 2015: Day 2 Wednesday, July 15
Invited talk II Chair: Olivier Pereira
09:00 - 10:00 Verifiable Internet Voting, or not?
Vanessa Teague (University of Melbourne, AU)
10:00 - 10:30 Coffee break
Session IV: Protocols 1 Chair: Olivier Pereira
10:30 - 11:00 Du-Vote: Remote Electronic Voting with Untrusted Computers
Gurchetan S. Grewal, Mark D. Ryan, Liqun Chen and Michael R. Clarkson
11:00 - 11:30 Decidability of trace equivalence for protocols with nonces
Rémy Chrétien, Véronique Cortier and Stéphanie Delaune
11:30 - 12:00 Set-pi: Set Membership Pi-calculus
Alessandro Bruni, Sebastian Mödersheim, Flemming Nielson, and Hanne Riis Nielson
12:00 - 12:30 A Complete Characterization of Secure Human-Server Communication
David Basin, Saša Radomirovic and Michael Schläpfer
12:30 - 14:00 Lunch
Session V: Access Control and Authentication Chair: Ralf Küsters
14:00 - 14:30 Decomposing, Comparing, and Synthesizing Access Control Expressiveness Simulations
William C. Garrison III and Adam J. Lee
14:30 - 15:00 Reasoning about policy behavior in logic-based trust management systems: Some complexity results and an operational framework
Edelmira Pasarella and Jorge Lobo
15:00 - 15:30 Picking vs. Guessing Secrets: A Game-Theoretic Analysis
MHR Khouzani, Piotr Mardziel, Carlos Cid and Mudhakar Srivatsa
15:30 - 16:00 Coffee break
Session VI: Security Models, Properties, Attacks Chair: Pedro Adão
16:00 - 16:30 Program Actions as Actual Causes: A Building Block for Accountability
Anupam Datta, Deepak Garg, Dilsun Kaynar, Divya Sharma and Arunesh Sinha
16:30 - 17:00 BitWhisper: Covert Signaling Channel between Air-Gapped Computers using Thermal Manipulations
Mordechai Guri, Matan Monitz, Yisrael Mirski and Yuval Elovici
17:00 - 17:30 A Parametric Family of Attack Models for Proxy Re-Encryption
David Nuñez, Isaac Agudo and Javier Lopez
CSF 2015: Day 3 Thursday, July 16
Session VII: Language-Based Security 1 Chair: David Naumann
09:00 - 09:30 A Hybrid Approach for Proving Noninterference of Java Programs
Ralf Küsters, Tomasz Truderung, Bernhard Beckert, Daniel Bruns, Michael Kirsten and Martin Mohr
09:30 - 10:00 Android Permissions Unleashed
Alessandro Armando, Roberto Carbone, Gabriele Costa and Alessio Merlo
10:00 - 10:30 Cryptographic Enforcement of Language-Based Erasure
Aslan Askarov, Scott Moore, Christos Dimoulas and Stephen Chong
10:30 - 11:00 Coffee break
Session VIII: Information Flow 2 Chair: Frank Piessens
11:00 - 11:30 Value-sensitive Hybrid Information Flow Control for a JavaScript-like Language
Daniel Hedin, Luciano Bello and Andrei Sabelfeld
11:30 - 12:00 Information Flow Control for Event Handling and the DOM in Web Browsers
Vineet Rajani, Abhishek Bichhawat, Deepak Garg and Christian Hammer
12:00 - 12:30 An Analysis of Universal Information Flow based on Self-Composition
Christian Müller, Máté Kovács and Helmut Seidl
12:30 - 14:00 Lunch
Session IX: 5-minute Talks Chair: Mike Hicks
14:00 - 15:30 Relative Secrecy: A Quantitative Security Property against Polynomial Attackers
Mounir Assaf
Taint Tracking: When Explicit is Enough
Andrei Sabelfeld
The Applied Pi Calculus... with Proofs
Bruno Blanchet
Computer Aided Verification of E-Voting Protocols
Constantin-Catalin Dragan
Safe Component Provider: Tool Demo
Gabriele Costa
Password Encryption and Storage in the Real World
James Heather
Automated Verification of Privacy Protection for Unbounded Sessions
Lucca Hirschi
Tension between Privacy for Individuals and Security for Society
Mark Ryan
Group ORAM: Security and Privacy for Cloud-Based Data Sharing Services
Matteo Maffei
Measuring Protocol Security
Paul Rowe
SPS: The Final Word on Alice and Bob
Sebastian Mödersheim
High-Assurance Information-Flow-Secyre Programming Languages
Toby Murray
Compositional Information-Flow Security for Timed Interactive Systems
Willard Rafnsson
Leakiness is Decidable for Well-Founded Protocols
Sibylle Fröschle
Knowledge-Based Hybrid Monitoring for Information Flow Control
Nataliia Bielova
Exploring and Enforcing Security Guarantees via Program Dependence Graphs
Stephen Chong
All Your Tiers are Belong to Us: Building Secure Applications with JSLINQ
Musard Balliu
Aida
Catuscia Palamidessi
15:30 - 16:00 Coffee break
Session X: Business Meeting Chair: Joshua Guttman
16:00 - 17:00 Program TBA
19:00 - 23:00 Banquet
Antico Caffè Dante, Piazza dei Signori 2, 37121 Verona
CSF 2015: Day 4 Friday, July 17
Session XI: Protocols 2 Chair: Steve Kremer
09:00 - 09:30 On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining
Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena and Aquinas Hobor
09:30 - 10:00 Symbolic Malleable Zero-knowledge Proofs
Michael Backes, Fabian Bendun, Matteo Maffei, Esfandiar Mohammadi and Kim Pecina
10:00 - 10:30 A Mechanized Proof of Security for Searchable Symmetric Encryption
Adam Petcher and Greg Morrisett
10:30 - 11:00 Coffee break
Session XII: Language-Based Security 2 Chair: Piotr Mardziel
11:00 - 11:30 Probabilistic Program Modeling for High-Precision Anomaly Classification
Kui Xu, Danfeng (Daphne) Yao, Barbara G. Ryder and Ke Tian
11:30 - 12:00 A Logic of Programs with Interface-confined Code
Limin Jia, Shayak Sen, Deepak Garg and Anupam Datta
12:00 - 12:30 Rational Protection Against Timing Attacks
Goran Doychev and Boris Köpf
12:30 - 14:00 Lunch
Session XIII: Information Flow 3 Chair: Joshua Guttman
14:00 - 14:30 Understanding and Enforcing Opacity
Daniel Schoepe and Andrei Sabelfeld
14:30 - 15:00 A Methodology for Information Flow Experiments over Black Boxes
Michael Carl Tschantz, Amit Datta, Anupam Datta and Jeannette M. Wing
15:00 - 15:30 Flow-Limited Authorization
Owen Arden, Jed Liu and Andrew C. Myers
Have a safe trip home. See you in Lisbon in 2016.


Invited talks



Accepted Papers

  • Flow-Limited Authorization
    Owen Arden, Jed Liu, Andrew C. Myers
  • Android Permissions Unleashed
    Alessandro Armando, Roberto Carbone, Gabriele Costa, Alessio Merlo
  • Hybrid Monitors for Concurrent Noninterference
    Aslan Askarov, Stephen Chong, Heiko Mantel
  • Cryptographic Enforcement of Language-Based Erasure
    Aslan Askarov, Scott Moore, Christos Dimoulas, Stephen Chong
  • Symbolic Malleable Zero-knowledge Proofs
    Michael Backes, Fabian Bendun, Matteo Maffei, Esfandiar Mohammadi, Kim Pecina
  • A Complete Characterization of Secure Human-Server Communication
    David Basin, Saša Radomirovic, Michael Schlaepfer
  • The Anatomy and Facets of Dynamic Policies
    Niklas Broberg, Bart van Delft, David Sands
  • Set-pi: Set Membership Pi-calculus
    Alessandro Bruni, Sebastian Alexander Moedersheim, Flemming Nielson, Hanne Riis Nielson
  • Compositional Typed Analysis of ARBAC Policies
    Stefano Calzavara, Alvise Rabitti, Michele Bugliesi
  • A Game-Theoretic Study on Non-Monetary Incentives in Data Analytics Projects with Privacy Implications
    Michela Chessa, Jens Grossklags, Patrick Loiseau
  • Decidability of trace equivalence for protocols with nonces
    Remy Chretien, Veronique Cortier, Stephanie Delaune
  • Analyzing First-order Role Based Access Control
    Carlos Cotrini Jimenez, Thilo Weghorn, David Basin, Manuel Clavel
  • Program Actions as Actual Causes: A Building Block for Accountability
    Anupam Datta, Deepak Garg, Dilsun Kaynar, Divya Sharma, Arunesh Sinha
  • Rational Protection Against Timing Attacks
    Goran Doychev and Boris Koepf
  • A Definitional Framework for Functional Encryption
    Christian Matt and Ueli Maurer
  • Du-Vote: Remote Electronic Voting with Untrusted Computers
    Gurchetan S. Grewal, Mark D. Ryan, Liqun Chen, Michael R. Clarkson
  • BitWhisper: Covert Signaling Channel between Air-Gapped Computers using Thermal Manipulations
    Mordechai Guri, Matan Monitz, Yisrael Mirski, Yuval Elovici
  • A Cut Principle for Information Flow
    Joshua D. Guttman and Paul D. Rowe
  • Value-sensitive Hybrid Information Flow Control for a JavaScript-like Language
    Daniel Hedin, Luciano Bello, Andrei Sabelfeld
  • A Logic of Programs with Interface-confined Code
    Limin Jia, Shayak Sen, Deepak Garg, Anupam Datta
  • Picking v.s. Guessing Secrets: A Game-Theoretic Analysis
    MHR Khouzani, Piotr Mardziel, Carlos Cid, Mudhakar Srivatsa
  • A Hybrid Approach for Proving Noninterference of Java Programs
    Ralf Küsters, Tomasz Truderung, Bernhard Beckert, Daniel Bruns, Michael Kirsten, Martin Mohr
  • Policy Privacy in Cryptographic Access Control
    Anna Lisa Ferrara, Georg Fachsbauer, Bin Liu, and Bogdan Warinschi
  • On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining
    Loi Luu, Ratul Saha, Inian Parameshwaran, Prateek Saxena, Aquinas Hobor
  • Decomposing, Comparing, and Synthesizing Access Control Expressiveness Simulations
    William C. Garrison III and Adam J. Lee
  • An Analysis of Universal Information Flow based on Self-Composition
    Christian Mueller, Mate Kovacs, Helmut Seidl
  • Location Privacy via Differential Private Perturbation of Cloaking Area
    Hoa Ngo, Jong Kim
  • A Parametric Family of Attack Models for Proxy Re-Encryption
    David Nunez, Isaac Agudo, Javier Lopez
  • Reasoning about policy behavior in logic-based trust management systems: Some complexity results and an operational framework
    Edelmira Pasarella and Jorge Lobo
  • A Mechanized Proof of Security for Searchable Symmetric Encryption
    Adam Petcher and Greg Morrisett
  • Automatic Proofs of Privacy of Secure Multi-Party Computation Protocols Against Active Adversaries
    Martin Pettai, Peeter Laud
  • Fine-Grained Information Flow Control for Event Handling and the DOM
    Vineet Rajani, Abhishek Bichhawat, Deepak Garg, Christian Hammer
  • Understanding and Enforcing Opacity
    Daniel Schoepe and Andrei Sabelfeld
  • A Methodology for Information Flow Experiments over Black Boxes
    Michael Carl Tschantz, Amit Datta, Anupam Datta, Jeannette M. Wing
  • Probabilistic Program Modeling for High-Precision Anomaly Classification
    Kui Xu, Danfeng (Daphne) Yao, Barbara G. Ryder, Ke Tian