5th ESORICS in 1998

Miscellaneous

Go back to main home page, last updated July 1999.
Import the file containing the references of all articles of these proceedings (in REFER format).

Proceedings : Computer Security - ESORICS 98 5th European Symposium on Research in Computer Security Louvain-la-Neuve, Belgium, September 1998 Jean-Jacques Quisquater, Yves Deswarte, Catherine Meadows, Dieter Gollmann (Eds.) Lecture Notes in Computer Science, No 1485 Springer-Verlag 375 pages, ISBN 3-540-65004-0

Programme Chair's Preface

Since 1990, ESORICS has established its reputation as the main event in research on computer security in Europe. Every two years, ESORICS gathers researchers and practitioners of computer security and gives researchers the opportunity to present the most recent advances in security theory as well as the risks related to simplistic implementations of security mechanims.

Despite the possible concurrence with other international events, ESORICS 98 received 57 submissions, coming from 19 countries and 4 continents. All these papers were reviewed by at least three program committee members or other experts at their institutions. Most of the submitted papers were considered as very good, and the program committee quickly agreed on 23 papers that could be organised in consistent sessions. Unfortunately, some high quality papers had to be rejected either because they did not correspond to ESORICS scope or because they did not fit with other papers to constitute a homogeneous session.

As in previous ESORICS, some ESORICS 98 sessions are dedicated to fundamental issues such as the design and specification of security policies, access control modelling and protocol analysis. But these sessions mix both theoretical papers and very practical concerns. Since mobility is a topic of increasing importance, its two main aspects will be discussed in two sessions: one on mobile systems and anonymity, the other on Java and mobile code. A session and a panel are devoted to watermarking, an important technique for the protection of intellectual rights. Finally, two sessions are dedicated to practical issues, one on intrusion detection and prevention, the other dealing with specific threats. In this session, two papers on cryptography have been included for the first time in ESORICS. While previously, we had considered that cryptography papers should be submitted to conferences dedicated to cryptography, these two papers have been accepted because security people can learn from them the risks that can be raised by naive implementation of good cryptographic algorithms.

In summary, we hope that this mix between practical and theoretical issues will satisfy the practitioner's curiosity and encourage researchers to pursue their work for the progress of a secure information society.

Yves Deswarte (Programme Chair), Catherine Meadows (Programme Vice-Chair)

Contents of the Proceedings

• Analysing Protocols
  • Kerberos Version IV: Inductive Analysis of the Secrecy Goals
    Giampaolo Bella, Lawrence C. Paulson (abstract)
  • A Sound Logic for Analysing Electronic Commerce Protocols
    Volker Kessler, Heike Neumann (abstract)
  • A Subjective Metric of Authentication
    Audun Jøsang (abstract)
• Dealing with Specific Threats
  • On the Security of Digital Tachographs
    Ross Anderson (abstract)
  • On the Security of Some Variants of the RSA Signature Scheme
    Markus Michels, Markus Stadler, Hung-Min Sun (abstract)
  • Side Channel Cryptanalysis of Product Ciphers
    John Kelsey, Bruce Schneier, David Wagner, Chris Hall (abstract)
• Design and Specification of Security Policies
  • A Flexible Method for Information System Security Policy Specification
    Rodolphe Ortalo (abstract)
  • A Kernelized Architecture for Multilevel Secure Application Policies
    Simon N. Foley (abstract)
  • Dealing with Multi-policy Security in Large Open Distributed Systems
    Christophe Bidan, Valérie Issarny (abstract)
• Intrusion Detection and Prevention
  • A Tool for Pro-active Defense Against the Buffer Overrun Attack
    D. Bruschi, E. Rosti, R. Banfi (abstract)
  • Fixed vs. Variable-Length Patterns for Detecting Suspicious Process Behavior
    Hervé Debar, Marc Dacier, Mehdi Nassehi, Andreas Wespi (abstract)
• Java and Mobile Code
  • EUROMED-JAVA: Trusted Third Party Services for Securing Medical Java Applets
    Angelos Varvitsiotis, Despina Polemi, Andy Marsh (abstract)
  • Towards Formalizing the Java Security Architecture of JDK 1.2
    Lora L. Kassab, Steven J. Greenwald (abstract)
  • Byte Code Verification for Java Smart Cards Based on Model Checking
    Joachim Posegga, Harald Vogt (abstract)
• Mobile Systems and Anonymity
  • Authentication and Payment in Future Mobile Systems
    Günter Horn, Bart Preneel (abstract)
  • Distributed Temporary Pseudonyms: A New Approach for Protecting Location Information in Mobile Communication Networks
    Dogan Kesdogan, Peter Reichl, Klaus Junghärtchen (abstract)
  • A Mix-Mediated Anonymity Service and Its Payment
    Elke Franz, Anja Jerichow (abstract)
• Modelling Access Control
  • An Authorization Model and Its Formal Semantics
    Elisa Bertino, Francesco Buccafurri, Elena Ferrari, Pasquale Rullo (abstract)
  • Authorization in CORBA Security
    Günter Karjoth (abstract)
  • Rules for Designing Multilevel Object-Oriented Databases
    Frédéric Cuppens, Alban Gabillon (abstract)
• Watermarking
  • DHWM: A Scheme for Managing Watermarking Keys in the Aquarelle Multimedia Distributed System
    Daniel Augot, Jean-François Delaigle, Caroline Fontaine (abstract)
  • MPEG PTY-Marks: Cheap Detection of Embedded Copyright Data in DVD-Video
    J. P. M. G. Linnartz, J. C. Talstra (abstract)
  • The "Ticket" Concept for Copy Control Based on Embedded Signalling
    J. P. M. G. Linnartz (abstract)