29th IEEE Computer Security Foundations Symposium

CSF 2016: Affiliated workshops Monday, June 27
09:00 - 18:00 Affiliated workshops: FCS and GraMSec
CSF 2016: Day 1 Tuesday, June 28
08:50 - 09:00 Welcome
Invited talk I Chair: Boris Köpf
09:00 - 10:00 Modular Verification for Computer Security
Andrew Appel (Princeton University)
10:00 - 10:30 Coffee break
Session I: Software Security Chair: Deepak Garg
10:30 - 11:00 On Modular and Fully-Abstract Compilation
Marco Patrignani, Dominique Devriese, Frank Piessens
11:00 - 11:30 Secure Software Licensing: Models, Constructions, and Proofs
Sergiu Costea, Bogdan Warinschi
11:30 - 12:00 Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation
Yannis Juglaret, Catalin Hritcu, Arthur Azevedo de Amorim, Boris Eng, Benjamin C. Pierce
12:00 - 14:00 Lunch
Session II: Quantitative Security Chair: Piotr Mardziel
14:00 - 14:30 Relative Perfect Secrecy: Universally Optimal Strategies and Channel Design
MHR Khouzani, Pasquale Malacaria
14:30 - 15:00 Axioms for Information Leakage
Mário S. Alvim, Konstantinos Chatzikokolakis, Annabelle McIver, Carroll Morgan, Catuscia Palamidessi, Geoffrey Smith
15:00 - 15:30 Correlated Secrets in Quantitative Information Flow
Nicolas Bordenabe, Geoffrey Smith
15:30 - 16:00 Quantitative Verification and Synthesis of Attack-Defence Scenarios
Zaruhi Aslanyan, Flemming Nielson, David Parker
16:00 - 16:30 Coffee break
Session III: Access control I Chair: Catalin Hritcu
16:30 - 17:00 In the Nick of Time: Proactive Prevention of Obligation Violations
David Basin, Søren Debois, Thomas Hildebrandt
17:00 - 17:30 A Calculus for Flow-Limited Authorization
Owen Arden, Andrew C. Myers
17:30 - 18:00 On access control, capabilities, their equivalence and confused deputy attacks
Vineet Rajani, Deepak Garg, Tamara Rezk
19:30 - 21:00 Welcome cocktail
Bar Entretanto - Hotel do Chiado
R. Nova do Almada 114, Baixa-Chiado
CSF 2016: Day 2 Wednesday, June 29
Invited talk II Chair: Michael Hicks
09:00 - 10:00 Data-driven Software Security: Models and Methods
Ulfar Erlingsson (Google)
10:00 - 10:30 Coffee break
Session IV: Protocols & Distributed Systems I Chair: Steve Kremer
10:30 - 11:00 On Post-Compromise Security
Katriel Cohn-Gordon, Cas Cremers, Luke Garratt
11:00 - 11:30 Micro-Policies for Web Session Security
Stefano Calzavara, Riccardo Focardi, Niklas Grimm, Matteo Maffei
11:30 - 12:00 Localizing Firewall Security Policies
Pedro Adão, Riccardo Focardi, Flaminia L. Luccio, Joshua D. Guttman
12:00 - 14:00 Lunch
Session V: Information Flow I Chair: Toby Murray
14:00 - 14:30 Calculational Design of Information Flow Monitors
Mounir Assaf, David A. Naumann
14:30 - 15:00 Hybrid Monitoring of Attacker Knowledge
Frédéric Besson, Nataliia Bielova, Thomas Jensen
15:00 - 15:30 Runtime Verification of k-Safety Hyperproperties in HyperLTL
Shreya Agrawal, Borzoo Bonakdarpour
15:30 - 16:00 Non-Interference with What-Declassification in Component-Based Systems
Simon Greiner, Daniel Grahl
16:00 - 16:30 Coffee break
Session VI: Computer-aided Cryptography Chair: Manuel Barbosa
16:30 - 17:00 A Certified Compiler for Verifiable Computing
Cédric Fournet, Chantal Keller, Vincent Laporte
17:00 - 17:30 Analysis of Key Wrapping APIs: Generic Policies, Computational Security
Guillaume Scerri, Ryan Stanley-Oakes
17:30 - 18:00 A Verified Extensible Library of Elliptic Curves
Jean-Karim Zinzindohoué, Evmorfia-Iro Bartzia, Karthikeyan Bhargavan
CSF 2016: Day 3 Thursday, June 30
Invited talk III Chair: Boris Köpf
09:00 - 10:00 Can Charlie distinguish Alice and Bob? Automated verification of equivalence properties
Steve Kremer (Inria Nancy)
10:00 - 10:30 Coffee break
Session VII: Protocols & Distributed systems II Chair: Matteo Maffei
10:30 - 11:00 Automated reasoning for equivalences in the applied pi calculus with barriers
Bruno Blanchet, Ben Smyth
11:00 - 11:30 Modeling Human Errors in Security Protocols
David Basin, Sasa Radomirovic, Lara Schmid
11:30 - 12:00 sElect: A Lightweight Verifiable Remote Voting System
Ralf Küsters, Johannes Müller, Enrico Scapin, Tomasz Truderung
12:00 - 14:00 Lunch
Session VIII: Privacy & Economics Chair: Bogdan Warinschi
14:00 - 14:30 A Methodology for Formalizing Model-Inversion Attacks
Xi Wu, Matt Fredrikson, Somesh Jha, Jeffrey F. Naughton
14:30 - 15:00 CASH: A Cost Asymmetric Secure Hash Algorithm for Optimal Password Protection
Jeremiah Blocki, Anupam Datta
15:00 - 15:30 Coffee break
Session IX: 5-minute Talks Chair: David Naumann
15:30 - 17:00 POST 2017
Matteo Maffei
Flexible Labeled Data Manipulation for Information Flow Control Libraries
Ale Russo
PLAS 2016
Toby Murray
The friend of my friend may be my enemy
Catuscia Palamidessi
EuroS&P 2017
Catalin Hritcu
Towards the Quantification of Strategy Leakage
Piotr Mardziel
Build It, Break It, Fix It: Contesting Secure Development.
Mike Hicks
The complexity of verifying process eqivalences in the applied pi calculus.
Itsaka Rakotonirina
WIP: Unification for verifying DH protocols
Katriel Cohn-Gordon
How the internal communication of the applied-pi calculus is messing with equivalence properties.
Vincent Cheval
Everest: Verified drop-in replacements for the HTTPS ecosystem
Cedric Fournet
Session Types for Monitoring and Blame Assignment
Hannah Gommerstadt
Rigorous analysis of software countermeasures against cache/timing attacks.
Boris Koepf
Measuring Protocol Strength with Security Goals
Joshua Guttman
Learning and Developing Joana
Pedro Adão
Session X: Business Meeting Chair: Joshua Guttman
17:00 - 18:00 Program TBA
19:45 - 23:00 Banquet
Restaurante Bica do Sapato
Av. Infante D. Henrique, Armazém B, Cais da Pedra a Sta Apolónia
CSF 2016: Day 4 Friday, July 1
Session XI: Information Flow II Chair: Aslan Askarov
09:00 - 09:30 Multi-run side-channel analysis using Symbolic Execution and Max-SMT
Corina Pasareanu, Quoc-Sang Phan, Pasquale Malacaria
09:30 - 10:00 Fault-Resilient Non-interference
Filippo Del Tedesco, David Sands, Alejandro Russo
10:00 - 10:30 Compositional Verification and Refinement of Concurrent Value-Dependent Noninterference
Toby Murray, Robert Sison, Edward Pierzchalski, Christine Rizkallah
10:30 - 11:00 Coffee break
Session XII: Access control II Chair: Pedro Adão
11:00 - 11:30 Resilient Delegation Revocation with Precedence for Predecessors is NP-Complete
Marcos Cramer, Pieter Van Hertum, Ruben Lapauw, Ingmar Dasseville, Marc Denecker
11:30 - 12:00 Access Control Synthesis for Physical Spaces
Petar Tsankov, Mohammad Torabi Dashti, David Basin
12:00 - 12:30 Static Detection of Collusion Attacks in ARBAC-based Workflow Systems
Stefano Calzavara, Alvise Rabitti, Enrico Steffinlongo, Michele Bugliesi
Have a safe trip home.