Engineering secure software and systems : second International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010 ; proceedings

Engineering secure software and systems second International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010 ; proceedings

This book constitutes the refereed proceedings of the Second International Symposium on Engineering Secure Software and Systems, ESSoS 2010, held in Pisa, Italy, in February 2010. The 9 revised full papers presented together with 8 ideas papers were carefully reviewed and selected from 58 submission...

Descripción completa

Detalles Bibliográficos
Autor principal: ESSoS (Symposium) (corporate author)
Autores Corporativos: ESSoS (Symposium) Corporate Author (corporate author), ESSoS 2010 (-)
Otros Autores: Massacci, Fabio (-), Wallach, Dan Seth, 1971-, Zannone, Nicola
Formato: Libro electrónico
Idioma:Inglés
Publicado: Berlin : Springer c2010.
Edición:1st ed. 2010.
Colección:Lecture notes in computer science ; 5965.
Materias:
Computer security > Congresses.
Sensor networks > Congresses.
Software engineering > Congresses.
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009713000406719
Tabla de Contenidos:
  • Session 1. Attack Analysis and Prevention I
  • BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks
  • CsFire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests
  • Idea: Opcode-Sequence-Based Malware Detection
  • Session 2. Attack Analysis and Prevention II
  • Experiences with PDG-Based IFC
  • Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications
  • Idea: Towards Architecture-Centric Security Analysis of Software
  • Session 3. Policy Verification and Enforcement I
  • Formally-Based Black-Box Monitoring of Security Protocols
  • Secure Code Generation for Web Applications
  • Idea: Reusability of Threat Models – Two Approaches with an Experimental Evaluation
  • Session 4. Policy Verification and Enforcement II
  • Model-Driven Security Policy Deployment: Property Oriented Approach
  • Category-Based Authorisation Models: Operational Semantics and Expressive Power
  • Idea: Efficient Evaluation of Access Control Constraints
  • Session 5. Secure System and Software Development I
  • Formal Verification of Application-Specific Security Properties in a Model-Driven Approach
  • Idea: Enforcing Consumer-Specified Security Properties for Modular Software
  • Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks
  • Session 6. Secure System and Software Development II
  • Automatic Generation of Smart, Security-Aware GUI Models
  • Report: Modular Safeguards to Create Holistic Security Requirement Specifications for System of Systems
  • Idea: A Feasibility Study in Model Based Prediction of Impact of Changes on System Quality.

Ejemplares similares