Preliminary program

Sunday (23/09/07)

17:00 - 20:00 Registration

18:00 Sightseeing tour

Monday (24/09/07)

08:00 - 09:00 Registration

09:00 - 09:15 Welcome

09:15 - 10:30 Session I (Invited lecture)
- Trustworthy Services and the Biological Analogy
  - Michael K. Reiter

10:30-11:00 Coffee break

11:00-12:30 Session II (Security architecture and secure components I)
- Security of Multithreaded Programs by Compilation
  - Gilles Barthe, Tamara Rezk, Alejandro Russo and Andrei Sabelfeld
- Efficient Proving for Practical Distributed Access-Control Systems
  - Lujo Bauer, Scott Garriss and Michael K. Reiter
- Maintaining High Performance Communication Under Least Privilege Using Dynamic Perimeter Control
  - Paul Z. Kolano

12:30-14:00 Lunch

14:00-15:30 Session III (Access control I)
- Pragmatic XML Access Control using Off-the-shelf RDBMS
  - Bo Luo, Dongwon Lee and Peng Liu
- Conditional Privacy-Aware Role Based Access Control
  - Qun Ni, Dan Lin, Elisa Bertino and Jorge Lobo
- Satisfiability and Resiliency in Workflow Systems
  - Qihua Wang and Ninghui Li

15:30-16:00 Coffee break

16:00-17:30 Session IV (Applied cryptography I)
- Completeness of the Authentication Tests
  - Joshua Guttman, Shaddin Doghmi and F. Javier Thayer
- SilentKnock: Practical Provably Undetectable Authentication
  - Eugene Y. Vasserman, Nicholas Hopper, John Laxson and James Tyra
- Generalized Key Delegation for Hierarchical Identity-Based Encryption
  - Michel Abdalla, Eike Kiltz and Gregory Neven

Tuesday (25/09/07)

9:00-10:30 Session V (Security management and secure electronic activities)
- Change-Impact Analysis of Firewall Policies
  - Alex Liu
- Fragmentation and Encryption to Enforce Privacy in Data Storage
  - Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi and Pierangela Samarati
- Information Confinement, Privacy, and Security in RFID Systems
  - Roberto Di Pietro and Refik Molva

10:30-11:00 Coffee break

11:00-12:30 Session VI (Formal methods in security I)
- A Logic for State-Modifying Authorization Policies
  - Moritz Y. Becker and Sebastian Nanz
- Inductive Proofs of Computational Secrecy
  - Arnab Roy, Anupam Datta, Ante Derek and John Mitchell
- What, Indeed, Is Intransitive Noninterference
  - Ron van der Meyden

12:30-14:00 Lunch

14:00-15:30 Session VII (Information control and access control)
- Traceability and Integrity of Execution in Distributed Workflow Management Systems
  - Frederic Montagut and Refik Molva
- Dynamic Information Flow Control Architecture for Web Applications
  - Sachiko Yoshihama, Takeo Yoshizawa, Yuji Watanabe, Michiharu Kudoh and Kazuko Oyanagi
- Cloak: A Ten-fold Way for Reliable Covert Communications
  - Xiapu Luo, Edmond W. W. Chan and Rocky K. C. Chang

14:00-15:30 Session VIII (Applied cryptography II)
- Efficient Password-based Authenticated Key Exchange without Public Information
  - Jun Shao, Zhenfu Cao, Licheng Wang and Rongxing Lu
- Improved Anonymous Timed-Release Encryption
  - Konstantinos Chalkias, Dimitrios Hristu-Varsakelis and George Stephanides
- Encryption Techniques for Secure Database Outsourcing
  - Sergei Evdokimov and Oliver Günther

15:30-16:00 Coffee break

16:00-17:30 Session IX (Access control II)
- Click Passwords under Investigation
  - Krzysztof Golofit
- Graphical Password Authentication Using Cued Click Points
  - Sonia Chiasson, P.C. van Oorschot and Robert Biddle
- Obligations and their Interaction with Programs
  - Daniel J. Dougherty, Kathi Fisler and Shriram Krishnamurthi

16:00-17:30 Session X (Applied cryptography III)
- On the Privacy of Concealed Data Aggregation
  - Aldar C-F. Chan and Claude Castelluccia
- Synthesizing Secure Protocols
  - Veronique Cortier, Bogdan Warinschi and Eugen Zalinescu
- A Cryptographic Model for Branching Time Security Properties – the Case of Contract Signing Protocols
  - Vèronique Cortier, Ralf Küsters and Bogdan Warinschi

19:00 Social event: Conference Dinner at 'Kanonenhof' (see touristic information for details)

Wednesday (26/09/07)

9:00-10:30 Session XI (Security architecture and secure components II)
- Security Evaluation of Scenarios Based on the TCG's TPM Specification
  - Sigrid Gürgens, Carsten Rudolph, Dirk Scheuermann, Marion Atts and Rainer Plaga
- Analyzing Side Channel Leakage of Masked Implementations with Stochastic Methods
  - Kerstin Lemke-Rust and Christof Paar
- Insider Attacks Enabling Data Broadcasting on Crypto-Enforced Unicast Links
  - Andrè Adelsbach and Ulrich Greveler

10:30-11:00 Coffee break

11:00-12:30 Session XII (Security management)
- Towards Modeling Trust Based Decisions: A Game Theoretic Approach
  - Vidyaraman Sankaranarayanan, Madhusudhanan Chandrasekaran and Shambhu Upadhyaya
- Extending the Common Services of eduGAIN with a Credential Conversion Service
  - Gabriel López, Óscar Cánovas, Diego R. López and Antonio F. Gómez-Skarmeta
- Incorporating Temporal Capabilities in Existing Key Management Schemes
  - Mikhail Atallah, Marina Blanton and Keith Frikken

12:30-14:00 Lunch

14:00-15:30 Session XIII (Secure electronic activities)
- A Policy Language for Distributed Usage Control
  - Manuel Hilty, Alexander Pretschner, David Basin, Christian Schaefer and Thomas Walter
- Countering Statistical Disclosure with Receiver-bound Cover Traffic
  - Nayantara Mallesh and Matthew Wright
- A Trace-revoke-trace System for Anonymous Attack in AACS
  - Hongxia Jin and Jeffery Lotspiech

15:30-16:00 Coffee break

16:00-17:30 Session XIV (Formal methods in security II)
- Modular Access Control via Strategic Rewriting
  - Daniel J. Dougherty, Claude Kirchner, Hélène Kirchner and Anderson Santana de Oliveira
- On the Automated Correction of Security Protocols Susceptible to a Replay Attack
  - Juan C. López P, Raúl Monroy and Dieter Hutter
- Adaptive Soundness of Static Equivalence
  - Steve Kremer and Laurent Mazare

17:30 - 17:40 Farewell

Thursday (27/09/07)

09:00 - 17:30 Workshops