6th ESORICS in 2000

Miscellaneous Go back to main home page, last updated October 2000. Import the file containing the references of all articles of these proceedings (in REFER format). Proceedings : Computer Security - ESORICS 2000 6th European Symposium on Research in Computer Security Toulouse, France, October 2000 Frédéric Cuppens, Yves Deswarte, Dieter Gollmann, Michael Waidner (Eds.) Lecture Notes in Computer Science, No 1895 Springer-Verlag 325 pages, ISBN 3-540-41031-7

Preface

Ten years ago, the first European Symposium on Research in Computer Security was created in Toulouse. It had been initiated by the French AFCET Technical Committee on Information System Security, and mostly by its President, Gilles Martin, who deceased a few months before. Toulouse was a natural choice for its venue, since two of the most important French research teams in Security were and still are in Toulouse: ONERA and LAAS-CNRS. At this first symposium, one third of the presented papers were from French authors, while half of the papers came from other European countries.
The second time ESORICS was held, also in Toulouse in November 1992, the number of accepted papers that came from France had decreased by half, equalling the number of US papers, while about two thirds of the papers came from other European countries. It was then recognised that ESORICS was really a European Symposium, and an international steering committee was established to promote the venue of ESORICS in other European countries. This led to the organisation of ESORICS 94 in Brighton, UK; ESORICS 96 in Rome, Italy; and ESORICS 98 in Louvain, Belgium. During these ten years, ESORICS has established its reputation as the main event in research on computer security in Europe.
With this series of biannual events, ESORICS gathers researchers and practitioners of computer security and gives them the opportunity to present the most recent advances in security theory or more practical concerns such as social engineering or the risks related to simplistic implementations of strong security mechanisms.
For its tenth anniversary, ESORICS is coming back to Toulouse, and its success will be reinforced by the conjunction with RAID 2000, the Symposium on Recent Advances in Intrusion Detection. Born as a workshop joined to ESORICS 98, RAID is now an annual event and the most important international symposium in its area. Let us hope that for the next ten years, ESORICS will again visit other European countries and give rise to other successful security spin-offs.

Yves Deswarte

Since the First European Symposium on Research in Computer Security in 1990, ESORICS has become an established international conference on the theory and practice of computer security and the main research-oriented security conference in Europe.
ESORICS 2000 received 75 submissions, all of which were reviewed by at least three programme committee members ar other experts. At a two-day meeting of the programme committee all submissions were discussed, and 19 papers were selected for presentation at the conference.
Two trends in computer security became prominent since ESORICS 1998 and thus received special room in the programme: Cybercrime and the lack of dependability of the Internet, and the renaissance of formal methods in security analysis. The former is not reflected by research papers yet, but in order to facilitate discussion we included a panel discussion on "Cybercrime and Cybercops". The latter trend convinced us to allocate two sessions to this topic, namely, on protocol verification and security property analysis.
We gratefully acknowledge all authors who submitted papers for their efforts in maintaining the standards of this conference. It is also our pleasure to thank the members of the programme committee and the additional reviewers for their work and support.

Frédéric Cuppens, Michael Waidner

Contents of the Proceedings

• Access Control
  • A Formal Model for Role-Based Access Control Using Graph Transformations
    Manuel Koch, Luigi V. Mancini, Francesco Parisi-Presicce (abstract)
  • Safety Analysis of the Dynamic-Typed Access Matrix Model
    Masakazu Soshi (abstract)
  • A Typed Access Control Model for CORBA
    Gerald Brose (abstract)
• Electronic Commerce Protocols
  • Metering Schemes for General Access Structures
    Barbara Masucci, Douglas R. Stinson (abstract)
  • Secure Anonymous Signature-Based Transactions
    Els Van Herreweghen (abstract)
• Internet Security
  • Finding a Connection Chain for Tracing Intruders
    Kunikazu Yoda, Hiroaki Etoh (abstract)
  • A Full Bandwidth ATM Firewall
    Olivier Paul, Maryline Laurent, Sylvain Gombault (abstract)
• Mobile Agents
  • A Security Framework for a Mobile Agent System
    Ciaran Bryce (abstract)
  • A Distributed Access Control Model for Java
    Refik Molva, Yves Roudier (abstract)
  • Using Reflection as a Mechanism for Enforcing Security Policies in Mobile Code
    Ian Welch, Robert J. Stroud (abstract)
• Personal Devices and Smartcards
  • Checking Secure Interactions of Smart Card Applets
    P. Bieber, J. Cazin, P. Girard, J.-L. Lanet, V. Wiels, G. Zanon (abstract)
  • Verification of a Formal Security Model for Multiapplicative Smart Cards
    Gerhard Schellhorn, Wolfgang Reif, Axel Schairer, Paul Karger, Vernon Austel, David Toll (abstract)
  • How Much Negociation and Detail Can Users Handle? Experiences with Security Negociation and the Granularity of Access Control in Communications
    Kai Rannenberg (abstract)
• Protocol Verification
  • Automating Data Independence
    P. J. Broadfoot, G. Lowe, A. W. Roscoe (abstract)
  • Formal Verification of Cardholder Registration in SET
    Giampaolo Bella, Fabio Massacci, Lawrence C. Paulson, Piero Tramontano (abstract)
  • A Formal Semantics for SPKI
    Jon Howell, David Kotz (abstract)
• Security Property Analysis
  • Unwinding Possibilistic Security Properties
    Heiko Mantel (abstract)
  • Analysing Time Dependent Security Properties in CSP Using PVS
    Neil Evans, Steve Schneider (abstract)
  • Authentication and Confidentiality via IPsec
    Joshua D. Guttman, Amy L. Herzog, F. Javier Thayer (abstract)