29th IEEE Computer Security Foundations Symposium
| CSF 2016: Affiliated workshops | Monday, June 27 |
| 09:00 - 18:00 |
Affiliated workshops: FCS and GraMSec |
| CSF 2016: Day 1 | Tuesday, June 28 |
| 08:50 - 09:00 | Welcome |
| Invited talk I | Chair: Boris Köpf |
| 09:00 - 10:00 |
Modular Verification for Computer Security Andrew Appel (Princeton University) |
| 10:00 - 10:30 | Coffee break |
| Session I: Software Security | Chair: Deepak Garg |
| 10:30 - 11:00 |
On Modular and Fully-Abstract Compilation Marco Patrignani, Dominique Devriese, Frank Piessens |
| 11:00 - 11:30 |
Secure Software Licensing: Models, Constructions, and Proofs Sergiu Costea, Bogdan Warinschi |
| 11:30 - 12:00 |
Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation Yannis Juglaret, Catalin Hritcu, Arthur Azevedo de Amorim, Boris Eng, Benjamin C. Pierce |
| 12:00 - 14:00 | Lunch |
| Session II: Quantitative Security | Chair: Piotr Mardziel |
| 14:00 - 14:30 |
Relative Perfect Secrecy: Universally Optimal Strategies and Channel Design MHR Khouzani, Pasquale Malacaria |
| 14:30 - 15:00 |
Axioms for Information Leakage Mário S. Alvim, Konstantinos Chatzikokolakis, Annabelle McIver, Carroll Morgan, Catuscia Palamidessi, Geoffrey Smith |
| 15:00 - 15:30 |
Correlated Secrets in Quantitative Information Flow Nicolas Bordenabe, Geoffrey Smith |
| 15:30 - 16:00 |
Quantitative Verification and Synthesis of Attack-Defence Scenarios Zaruhi Aslanyan, Flemming Nielson, David Parker |
| 16:00 - 16:30 | Coffee break |
| Session III: Access control I | Chair: Catalin Hritcu |
| 16:30 - 17:00 |
In the Nick of Time: Proactive Prevention of Obligation Violations David Basin, Søren Debois, Thomas Hildebrandt |
| 17:00 - 17:30 |
A Calculus for Flow-Limited Authorization Owen Arden, Andrew C. Myers |
| 17:30 - 18:00 |
On access control, capabilities, their equivalence and confused deputy attacks Vineet Rajani, Deepak Garg, Tamara Rezk |
| 19:30 - 21:00 |
Welcome cocktail Bar Entretanto - Hotel do Chiado R. Nova do Almada 114, Baixa-Chiado |
| CSF 2016: Day 2 | Wednesday, June 29 |
| Invited talk II | Chair: Michael Hicks |
| 09:00 - 10:00 |
Data-driven Software Security: Models and Methods Ulfar Erlingsson (Google) |
| 10:00 - 10:30 | Coffee break |
| Session IV: Protocols & Distributed Systems I | Chair: Steve Kremer |
| 10:30 - 11:00 |
On Post-Compromise Security Katriel Cohn-Gordon, Cas Cremers, Luke Garratt |
| 11:00 - 11:30 |
Micro-Policies for Web Session Security Stefano Calzavara, Riccardo Focardi, Niklas Grimm, Matteo Maffei |
| 11:30 - 12:00 |
Localizing Firewall Security Policies Pedro Adão, Riccardo Focardi, Flaminia L. Luccio, Joshua D. Guttman |
| 12:00 - 14:00 | Lunch |
| Session V: Information Flow I | Chair: Toby Murray |
| 14:00 - 14:30 |
Calculational Design of Information Flow Monitors Mounir Assaf, David A. Naumann |
| 14:30 - 15:00 |
Hybrid Monitoring of Attacker Knowledge Frédéric Besson, Nataliia Bielova, Thomas Jensen |
| 15:00 - 15:30 |
Runtime Verification of k-Safety Hyperproperties in HyperLTL Shreya Agrawal, Borzoo Bonakdarpour |
| 15:30 - 16:00 |
Non-Interference with What-Declassification in Component-Based Systems Simon Greiner, Daniel Grahl |
| 16:00 - 16:30 | Coffee break |
| Session VI: Computer-aided Cryptography | Chair: Manuel Barbosa |
| 16:30 - 17:00 |
A Certified Compiler for Verifiable Computing Cédric Fournet, Chantal Keller, Vincent Laporte |
| 17:00 - 17:30 |
Analysis of Key Wrapping APIs: Generic Policies, Computational Security Guillaume Scerri, Ryan Stanley-Oakes |
| 17:30 - 18:00 |
A Verified Extensible Library of Elliptic Curves Jean-Karim Zinzindohoué, Evmorfia-Iro Bartzia, Karthikeyan Bhargavan |
| CSF 2016: Day 3 | Thursday, June 30 |
| Invited talk III | Chair: Boris Köpf |
| 09:00 - 10:00 |
Can Charlie distinguish Alice and Bob? Automated verification of equivalence properties Steve Kremer (Inria Nancy) |
| 10:00 - 10:30 | Coffee break |
| Session VII: Protocols & Distributed systems II | Chair: Matteo Maffei |
| 10:30 - 11:00 |
Automated reasoning for equivalences in the applied pi calculus with barriers Bruno Blanchet, Ben Smyth |
| 11:00 - 11:30 |
Modeling Human Errors in Security Protocols David Basin, Sasa Radomirovic, Lara Schmid |
| 11:30 - 12:00 |
sElect: A Lightweight Verifiable Remote Voting System Ralf Küsters, Johannes Müller, Enrico Scapin, Tomasz Truderung |
| 12:00 - 14:00 | Lunch |
| Session VIII: Privacy & Economics | Chair: Bogdan Warinschi |
| 14:00 - 14:30 |
A Methodology for Formalizing Model-Inversion Attacks Xi Wu, Matt Fredrikson, Somesh Jha, Jeffrey F. Naughton |
| 14:30 - 15:00 |
CASH: A Cost Asymmetric Secure Hash Algorithm for Optimal Password Protection Jeremiah Blocki, Anupam Datta |
| 15:00 - 15:30 | Coffee break |
| Session IX: 5-minute Talks | Chair: David Naumann |
| 15:30 - 17:00 | POST 2017 Matteo Maffei |
| Flexible Labeled Data Manipulation for Information Flow Control Libraries Ale Russo | |
| PLAS 2016 Toby Murray | |
| The friend of my friend may be my enemy Catuscia Palamidessi | |
| EuroS&P 2017 Catalin Hritcu | |
| Towards the Quantification of Strategy Leakage Piotr Mardziel | |
| Build It, Break It, Fix It: Contesting Secure Development. Mike Hicks | |
| The complexity of verifying process eqivalences in the applied pi calculus. Itsaka Rakotonirina | |
| WIP: Unification for verifying DH protocols Katriel Cohn-Gordon | |
| How the internal communication of the applied-pi calculus is messing with equivalence properties. Vincent Cheval | |
| Everest: Verified drop-in replacements for the HTTPS ecosystem Cedric Fournet | |
| Session Types for Monitoring and Blame Assignment Hannah Gommerstadt | |
| Rigorous analysis of software countermeasures against cache/timing attacks. Boris Koepf | |
| Measuring Protocol Strength with Security Goals Joshua Guttman | |
| Learning and Developing Joana Pedro Adão | |
| Session X: Business Meeting | Chair: Joshua Guttman |
| 17:00 - 18:00 | Program TBA |
| 19:45 - 23:00 |
Banquet Restaurante Bica do Sapato Av. Infante D. Henrique, Armazém B, Cais da Pedra a Sta Apolónia |
| CSF 2016: Day 4 | Friday, July 1 |
| Session XI: Information Flow II | Chair: Aslan Askarov |
| 09:00 - 09:30 |
Multi-run side-channel analysis using Symbolic Execution and Max-SMT Corina Pasareanu, Quoc-Sang Phan, Pasquale Malacaria |
| 09:30 - 10:00 |
Fault-Resilient Non-interference Filippo Del Tedesco, David Sands, Alejandro Russo |
| 10:00 - 10:30 |
Compositional Verification and Refinement of Concurrent Value-Dependent Noninterference Toby Murray, Robert Sison, Edward Pierzchalski, Christine Rizkallah |
| 10:30 - 11:00 | Coffee break |
| Session XII: Access control II | Chair: Pedro Adão |
| 11:00 - 11:30 |
Resilient Delegation Revocation with Precedence for Predecessors is NP-Complete Marcos Cramer, Pieter Van Hertum, Ruben Lapauw, Ingmar Dasseville, Marc Denecker |
| 11:30 - 12:00 |
Access Control Synthesis for Physical Spaces Petar Tsankov, Mohammad Torabi Dashti, David Basin |
| 12:00 - 12:30 |
Static Detection of Collusion Attacks in ARBAC-based Workflow Systems Stefano Calzavara, Alvise Rabitti, Enrico Steffinlongo, Michele Bugliesi |
| Have a safe trip home. |