Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA, April 14-15, 2002:

• Privacy-enhancing technologies for the Internet, II: Five years later, I. Goldberg
  
• Detecting Web Bugs With Bugnosis: Privacy Advocacy Through Education, A. Alsaid and D. Martin
  
• Private authentication, M. Abadi
  
• Towards an Information Theoretic Metric for Anonymity, A. Serjantov and G. Danezis
  
• Towards Measuring Anonymity, C. Diaz, S. Seys, J. Claessens and B. Preneel
  
• The Platform for Enterprise Privacy Practices -- Privacy-enabled Management of Customer Data, G. Karjoth, M. Schunter and M. Waidner
  
• Privacy Enhancing Profile Disclosure, P. Dornbach and Z. Nemeth
  
• Privacy Enhancing Service Architectures, T. Alamaki, M. Bjorksten, P. Dornbach, C. Gripenberg, N. Gyorbiro, G. Marton, Z. Nemeth, T. Skytta and M. Tarkiainen
  
• Dummy Traffic Against Long Term Intersection Attacks, O. Berthold and H. Langos
  
• Protecting Privacy during On-line Trust Negotiation, K. Seamons, M. Winslett, T. Yu, L. Yu and R. Jarvis
  
• Prototyping an Armored Data Vault: Rights Management on Big Brother's Computer A. Iliev and S. Smith
  
• Preventing Interval-based Inference by Random Data Perturbation, Y. Li, L. Wang and S. Jajodia
  
• Fingerprinting Websites Using Traffic Analysis, A. Hintz
  
• A Passive Attack on the Privacy of Web Users Using Standard Log Information, T. Demuth
  
• Covert Messaging Through TCP Timestamps, J. Giffin, R. Greenstadt, P. Litwack and R. Tibbetts
  
• Almost Optimal Private Information Retrieval, D. Asonov and J.-C. Freytag
  
• Unobservable Surfing on the World Wide Web: Is Private Information Retrieval an alternative to the MIX based Approach?, D. Kesdogan, M. Borning and M. Schmeink
  

9th International SPIN Workshop on Model Checking of Software (SPIN 2002), April 11-13, 2002, Grenoble, France: [Security-related paper only]

• Using SPIN to verify security properties of cryptographic protocols, P. Maggi and R. Sisto

Foundations of Software Science and Computation Structures (FOSSACS'02) Grenoble, France, April 6-14, 2002: [Security-related papers only]

• Conflict Detection and Resolution in Access Control Policy Specifications, M. Koch, L. Mancini and F. Parisi-Presicce
  
• On Compositional Reasoning in the Spi-Calculus, M. Boreale and D. Gorla

9th annual IEEE Conference and Workshop on Engineering of Computer-Based Systems, Lund, Sweden, April 8-11, 2002: [Security-related papers only]

• An Intelligent Agent Security Intrusion System, J. Pikolulas, W. Buchanan, M. Mannion and K. Triantafyllopoulos
  
• Exploiting Process Patterns in Security Enginering, W. Lam and K. R. S. Murthy

12th International Workshop on Research Issues on Data Engineering (RIDE-2EC'2002) In conjunction with ICDE'02, San Jose, USA, February 24-25, 2002 [Security-related papers only]

• Privacy Preserving Association Rule Mining, Y. Saygin, V. Verykios and A. Elmagarmid
  
• Building consumer self-anonymity scalable payment protocol for Internet purchase, H. Wang, J. Cao, Y. Kambayashi

Third ACM Conference on Electronic Commerce, October 14-17, 2001, Tampa, FL, USA [Security-related papers only]

• E-privacy in 2nd generation E-Commerce: privacy preferences versus actual behavior, S. Spiekermann, J. Grossklags and B. Berendt
  
• Concepts for Personal Location Privacy Policies, E. Snekkenes
  
• Escrow Services and Incentives in Peer-to-Peer Networks, B. Pinkas, B. Horne and T. Sander

The 2001 IEEE International Conference on Data Mining, November 29-December 2, 2001 San Jose, CA, USA [Security-related papers only]

• Using Artificial Anomalies to Detect Unknown and Known Network Intrusions, W. Fan, M. Miller, S. Stolfo, W. Lee and P. Chan

9th International Conference on Network Protocols, November 11-14, 2001, CA, USA [Security-related papers only]

• Using Dynamic Buffer Limiting to Protect Against Belligerent Flows in High-speed Networks, F. Ertemalp, D. Cheriton and A. Bechtolsheim
  
• Fast Firewall Implementations for Software and Hardware based Routers, L. Qiu, G. Varghese and S. Suri
  
• Providing Robust and Ubiquitous Security Support for MANET, J. Kong, P. Zerfos, H. Luo, S. Lu and L. Zhang
  
• Scalable Secure Group Communication over IP Multicast, S. Banerjee and B. Bhattacharjee

Second International Workshop on Electronic Commerce (WELCOM'01), November 16-17, 2001, Heidelberg, Germany [Security-related papers only]

• Mobile Payments - State of the Art and Open Problems, K. Wrona, M. Schuba and G. Zavagli
  
• Enabling Privacy Protection in E-Commerce Applications, D. Kuegler
  
• Using Smart Cards for Fair Exchange, H. Vogt, H. Pagnia and F. Gaertner
  
• Rational Exchange - A Formal Model Based on Game Theory, L. Buttyan and J. Hubaux

First International IFIP TC-11 WG 11.4 Working Conference on Network Security, November 26-27, 2001, Leuven, Belgium [Security-related papers only]

• A Role-Based Specification of the SET Payment Transaction Protocol, H. Sakurada and Y. Tsudada
  
• Information Security: Mutual Authentication in E-Commerce, S. Von Solms and M. Kisimov
  
• Software-Based Receipt-Freeness in On-Line Elections, E. Magkos, V. Chrissikopoulos and N. Alexandris
  
• ID-Based Structured Mutisignature Schemes, C.-Y. Lin, T.-C. Wu and J.-J. Hwang
  
• Probabilistic Relations for the Solitaire Keystream Generator, M. Pudovkina
  
• Hazard Analysis for Security Protocol Requirements, N. Foster and J. Jacob
  
• Securing RMI Communication, V. Naessens, B. Vanhaute and B. De Decker
  
• Secure Java Development With UML, J. Jurjens
  
• Security Through Aspect-Oriented Programming, B. De Win, B. Vanhaute and B. De Decker
  
• Extending a Campus Network with Remote Bubbles using IPsec, A. Bonnet and M. Lobelle
  
• Combining World Wide Web and Wireless Security, J. Claessens, B. Preneel and J. Vandewalle
  
• On Mobile Agent Based Transactions in Moderately Hostile Environments, N. Borselius, C. Mitchell and A. Wilson
  
• SPARTA, A Mobile Agent Based Intrusion Detection System, C. Krugel, T. Toth and E. Kirda

Post-CAV Workshop on Logical Aspects of Cryptographic Protocol Verification, July 23, 2001, Paris, France:   [Thanks to Rafael Accorsi for this entry]

• Towards an awareness-based semantics for the analysis of security protocols,   R. Accorsi, D. Basin, and L. Viganò
  
• Abstract interpretation for proving secrecy properties in security protocols,   K. Adi and M. Debbabi
  
• Models for an adversary-centric protocol logic,   P. Selinger
  
• Attacking fair-exchange protocols: parallel models vs trace models,   L. Carlucci Aiello and F. Massacci
  
• Information based reasoning about security protocols,   R. Ramanujan and S. P. Suresh.

• Using Client Puzzles to Protect TLS,   D. Dean and A. Stubblefield
  
• Inferring Internet Denial-of-Service Activity,   D. Moore, G. Voelker and S. Savage
  
• MULTOPS: A Data-Structure for Bandwidth Attack Detection,   T. Gil and M. Poletto
  
• Data Remanence in Semiconductor Devices,   P. Gutmann
  
• StackGhost: Hardware Facilitated Stack Protection,   M. Frantzen and M. Shuey
  
• Improving DES Coprocessor Throughput for Short Operations,   M. Lindemann and S. Smith
  
• Architecting the Lumeta Firewall Analyzer,   A. Wool
  
• Transient Addressing for Related Processes: Improved Firewalling by Using IPV6 and Multiple Addresses per Host,   P. Gleitz and S. Bellovin
  
• Network Intrusion Detection: Evasion, Traffic Normalization, and  End-to-End Protocol Semantics M. Handley,  V. Paxson and C. Kreibich
  
• Reading Between the Lines: Lessons from the SDMI Challenge,   S. Craver, M. Wu, B. Liu, A. Stubblefield, B. Swartzlander, D. Wallach,  D. Dean and E. Felten
  
• Security Analysis of the Palm Operating System and its Weaknesses Against  Malicious Code Threats,   Kingpin and Mudge
  
• Secure Data Deletion for Linux File Systems,   S. Bauer and N. Priyantha
  
• RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities,   C. Cowan, S. Beattie, C. Wright, and G. Kroah-Hartman
  
• Statically Detecting Likely Buffer Overflow Vulnerabilities,   D. Larochelle and D. Evans
  
• FormatGuard: Automatic Protection From printf Format String Vulnerabilities,   C. Cowan, M. Barringer, S. Beattie, G. Kroah-Hartman, M. Frantzen, and Jamie Lokier
  
• Detecting Format String Vulnerabilities with Type Qualifiers,   U. Shankar, K. Talwar, J. Foster, and D. Wagner
  
• Capability File Names: Separating Authorisation From User Management in an Internet File System,   J. Regan and C. Jensen
  
• Kerberized Credential Translation: A Solution to Web Access Control,   O. Kornievskaia, P. Honeyman, B. Doster, and K. Coffman
  
• The Dos and Don'ts of Client Authentication on the Web,   K. Fu, E. Sit, K. Smith, and N. Feamster
• SC-CFS: Smartcard Secured Cryptographic File System,   N. Itoi
  
• Secure Distribution of Events in Content-Based Publish Subscribe Systems,   L. Opyrchal and A. Prakash
  
• A Method for Fast Revocation of Public Key Certificates and Security Capabilities,   D. Boneh, X. Ding, G. Tsudik, and C. Wong
  
• PDM: A New Strong Password-Based Protocol,   C. Kaufman and R. Perlman
  
• Defending Against Statistical Steganalysis,   N. Provos
  
• Timing Analysis of Keystrokes and Timing Attacks on SSH,    D. Song, D. Wagner and X. Tian

• A Game-Based Verification of Non-Repudiation and Fair Exchange Protocols,  S. Kremer and J.-F. Raskin
  
• Probabilistic Information Flow in a Process Algebra,  A. Aldini
  
• Reasoning About Security in Mobile Ambients,   M. Bugliesi, G. Castagna, and S. Crafa
  

• Selective Private Function Evaluation with Application to Private Statistics,   R. Canetti, Y. Ishai, R. Kumar, M. Reiter, R. Rubinfeld, and R. Wright
  
• An Optimally Robust Hybrid Mix Network,   M. Jakobsson and A. Juels
  
• Practical Multi-Candidate Election System,   O. Baudron, P.-A. Fouque, D. Pointcheval, G. Poupard, and J. Stern

• Hash-Based IP Traceback,   A. Snoeren, C. Partridge, L. Sanchez, C. Jones, F. Tchakountio, S. Kent, and W. Strayer
  
• On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets,   Kihong Park and Heejo Lee
  
• Reliable Group Rekeying: A Performance Analysis,   R. Yang, X. Zhang, X. Li, and S. Lam

FASE2001 - Fundamental Approaches to Software Engineering, Genova, Italy,  April 2-6, 2001

• Towards Development of Secure Systems using UML,   J. Jurjens

FoSSaCS 2001 - 4th International Conference on Foundations of Software Science and Computation Structures, Genova, Italy, April 2-6, 2001

• Secrecy Types for Asymmetric Communication,   M. Abadi and B. Blanchet

AGENTS 2001 - 5th International Conference on Autonomous Agents, Montreal, Canada, May 28-June 1, 2001

• Mobile Agent Security with the IPEditor Development Tool and the Mobile UNITY Language,   Y. Tahara, A. Ohsuga and S. Honiden

ICECCS 2001 - 7th IEEE International Conference on Engineering of Complex Computer Systems, Skovde, Sweden, June 11-13, 2001

• Object-Oriented Analysis and Design Approach for Safe Object Sharing,   K. Izuru

LICS 2001 - 16th IEEE Symposium on Logic in Computer Science, Boston, Massachusetts, USA, June 16-19, 2001

• A Bound on Attacks on Payment Protocols,   S. Stoller

DSN 2001 - International Conference on Dependable Systems and Networks, Gotenburg, Sweden, July 1-4, 2001

• Enhancing Survivability of Security Services Using Redundancy,  M. Hiltunen, R. Schlichting and C. Ugarte
  
• Distributing Trust on the Internet, C. Cachin
  
• Protection of Software-Based Survivability Mechanisms,  C. Wang, J. Davidson, J. Knight and J. Hill
  
• Intrustion-Tolerant Group Management in Enclaves,  B. Dutertre, H. Saidi and V. Stavridou

ACM MOBICOM 2001 - 7th Annual International Conference on Mobile Computing and Networking, July 16-21, Rome, Italy

• Intercepting Mobile Communications: The Insecurity of 802.11,  N. Borisov, I. Goldberg and D. Wagner
  
• SPINS: Security Suite for Sensor Networks,  V. Wen, A. Perrig and R. Szewczyk

2001 USENIX Annual Technical Conference, June 25-30, 2001, Boston, Massachusetts, USA:

• An Architecture for Secure Generation and Verification of Electronic Coupons,  R. Garg, P. Mittal, V. Agarwal and N. Modani

• Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML,  D. Davis

• Unifying File System Protection,  C. Stein, J. Howard and M. Seltzer

• LOMAC: MAC You Can Live With,  T. Fraser

• TrustedBSD: Adding Trusted Operating System Features to FreeBSD,  R. Watson

• Integrating Flexible Support for Security Policies into the Linux Operating System,  P. Loscocco and S. Smalley

• Sandboxing Applications,  V. Prevelakis and D. Spinellis

• Building a Secure Web Browser,  . Ioannidis and S. Bellovin

• The Design and Implementation of a Transparent Cryptographic File System for UNIX,  G. Cattaneo, L. Catuogno, A. Del Sorbo and P. Persiano

• MEF, Malicious Email Filter: A UNIX Mail Filter That Detects Malicious Windows Executables,  M. Schultz, E. Eskin, E. Zadok, M. Bhattacharyya and S. Stolfo

• Cost Effective Security for Small Businesses,  S. Brown

• Heimdal and Windows 2000 Kerberos: How to Get Them to Play Together,  A. Westerlund and J. Danielsson

20th International Conference on Distributed Computing Systems, April 10-13, 2000, Taipei, Taiwan

• Secure Group Communication in Asynchronous Networks with Failures:
  Integration and Experiments,   J. Stanton, Y. Amir, D. Hasse, G. Ateniese, Y. Kim, C. Nita-Rotaru, T.  Schlossnagle, J. Schultz, and  G. Tsudik

• ISCP: Design and Implementation of An Inter-Domain Security Management Agent Coordination Protocol,   Z. Fu, H. Huang, T.-L. Wu, S. Wu, F. Gong, C. Xu, and I. Baldine
  
• Network Security Management with Intelligent Agents,  K. Boudaoud, H. Labiod, R. Boutaba, and Z. Guessoum
  
• Study on the Prevention of SYN Flooding by Using Traffic Policing,  Y.-W. Chen
  
• Security Considerations for Workflow Systems,   S. Li, D. Jia, G. Zhuang, and A. Kittel
  
• Authentication Protocols for the Broadband ISDN Billing System,  C. Lo and Y. Yeh
  
• A Proposal for and Evaluation of Secure Key Management in Service Operation Systems,   K. Muto, H. Arimichi, and H. Kikuchi
  
• Security Policy Management for Networked Information Systems,  D. Trcek

• "Risks of the Passport Single Signon Protocol", D. Kormann and A. Rubin
  
• "Design and Implementation of an Access Control Processor for XML Documents", E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati
  
• "Supporting Reconfigurable Security Policies for Mobile Programs", B. Hashii, S. Malabarba, R. Pandey, and M. Bishop

• "Message authentication through non interference", by R. Focardi, R. Gorrieri, and F. Martinelli
  
• "New logic for electronic commerce protocols", by K. Adi, M. Debbabi, and M. Mejri

• "Modular Fair Exchange Protocols for Electronic Commerce", H. Vogt, H. Pagnia and F. C. Gärtner
  
• "Trustworthy Access Control with Untrustworthy Web Servers", T. Wilkinson, D. Hearn and S. Wiseman
  
• "A Language for Modeling Secure Business Transactions", A. Röhm, G. Herrmann and G. Pernul
  
• "Safe Areas of Computation for Secure Computing with Insecure Applications", A. Santos and R. Kemmerer
  
• "Architecture and Concepts of the ARGuE Guard", J. Epstein
  
• "Using Abuse Case Models for Security Requirements Analysis", J. McDermott and C. Fox
  
• "Parallel Packet Screen for High Speed Networks", C. Benecke
  
• "An Asynchronous Distributed Access Control Architecture for IP over ATM Networks", O. Paul, M. Laurent, and S. Gombault
  
• "Secure Communications in ATM Networks", M. Laurent, A. Bouabdallah, C. Delahaye, H. Leitold, R. Posch, E. Areizaga, and J.M. Mateos
  
• "Using Checkable Types in Automatic Protocol Analysis", S.H. Brackin
  
• "SCR: A Practical Approach to Building a High Assurance COMSEC System", J. Kirby, M. Archer and C. Heitmeyer
  
• "Application-Level Isolation Using Data Inconsistency Detection", A. Fayad, S. Jajodia and C. McCollum
  
• "A Prototype Secure Workflow Server", D. Long, J. Baker and F. Fung
  
• "Napoleon: A Recipe for Workflow", C. Payne, D. Thomsen, J. Bogle and R. O'Brien
  
• "Tools to Support Secure Enterprise Computing", M. Kang, B. Eppinger and J. Froscher
  
• "An Effective Defense Against First Party Attacks in Public-Key Algorithms", S. Matyas and A. Roginsky
  
• "Towards a Practical, Secure, and Very Large Scale Online Election", J. Karro and J. Wang
  
• "Design of LAN-Lock, A System for Securing Wireless Networks", R. Newman, M. Hoyt, T. Swanson, P. Broccard, M.Sanders and J. Winner
  
• "Toward a Taxonomy and Costing Method for Security Services", C. Irvine and T. Levin
  
• "TrustedBox: A Kernel-Level Integrity Checker", P. Iglio
  
• "Adding Availability to Log Services of Untrusted Machines", A. Arona, D. Bruschi and E. Rosti
  
• "Policy-Based Management: Bridging the Gap", S. Hinrichs
  
• "Security Policy Coordination for Heterogeneous Information Systems", J. Hale, P. Galiasso, M. Papa and S. Shenoi
  
• "The ARBAC99 Model for Administration of Roles", R. Sandhu and Q. Munawer
  
• "A Distributed Certificate Management System (DCMS) Supporting Group-Based Access Controls", R. Oppliger, A. Greulich and P. Trachsel
  
• "Fast Checking of Individual Certificate Revocation on Small Systems", S. Russell
  
• "A Model of Certificate Revocation", D.A. Cooper
  
• "Generic Support for PKIX Certificate Management in CDSA", S. Erfani and S. Chandersekaran
  
• "Efficient Certificate Status Handling Within PKIs: An Application to Public Administration Services", M. Prandini
  
• "User Authentication and Authorization in the Java(tm) Platform", C. Lai, L. Gong, L. Koved, A. Nadalin and R. Schemers
  
• "Transactions in Java Card", M. Oestreicher
  
• "A Middleware Approach to Asynchronous and Backward Compatible Detection and Prevention of ARP Cache Poisoning", M.V. Tripunitara and P. Dutta
  
• "A Resource Access Decision Service for CORBA-Based Distributed Systems", K. Beznosov, Y. Deng, B. Blakley, C. Burt and J.Barkley
  
• "Non-repudiation Evidence Generation for CORBA using XML", M. Wichert, D. Ingham and S. Caughey
  
• "Security Relevancy Analysis on the Registry of Windows NT 4.0", W. Du, P. Garg and A.P. Mathur
  
• "Security Architecture Development and Results for a Distributed Modeling and Simulation System", R.B. Neely
  
• "SecurSight: An Architecture for Secure Information Access", J.G. Brainard
  
• "SAM: Security Adaptation Manager", H. Hinton, C. Cowan, L. Delcambre and S. Bowers
  
• "An Application of Machine Learning to Network Intrusion Detection", C. Sinclair, L. Pierce and S. Matzner
  
• "A Process State-Transition Analysis and Its Application to Intrusion Detection", N. Nuansri, S. Singh and T.S. Dillon
  

• "Security Issues in Mobile Agent Technology", A. Corradi, R. Montanari and C. Stefanelli
  
• "Ephemeral Java Source Code", S. Eisenbach and C. Sadler
  
• "Secure Internet Based Virtual Trading Communities", N. Weiler and B. Plattner
  
• "Protecting Competitive Negotiation of Mobile Agents", H. Vogler, A. Spriestersbach and M-L. Moschgath
  
• "Incremental Security in Open, Untrusted Networks", A. Hutchison and M. Welz
  
• "Supporting Real World Security Models in Java", I. Welch and R. Stroud
  

POPL 2000, 27th ACM Symposium on Principles of Programming Languages, Boston, Massachusetts, USA

• "Resource Bound Certification", K. Crary and S. Weirich
  
• "A Semantic Model for Types and Machine Instruction for Proof-Carrying Code", A. Appel and A. Felty
  
• "A Type System for Expressive Security Policies", D. Walker
  
• "Verifying Secrets and Relative Secrecy", D. Volpano and G. Smith
  
• "Authentication primitives and their compilation", M. Abadi, C. Fournet and G. Gonthier
  
• "Generalized Certificate Revocation", C. Gunter and T. Jim
  

IEEE INFOCOM 2000, March 26-31, Tel Aviv, Israel

• "Transport and Application Protocol Scrubbing", R. Malan, D. Watson, F. Jahanian and P. Howell
  
• "MarketNet: Market-Based Protection of Network Systems and Services - An Application to SNMP Protection", A. Dailianas, Y. Yemini, D. Florissi, and H. Huang
  
• "Certified Electronic Mail Protocol Resistant to a Minority of Malicious Third Parties", M. Puigserver, J. Gomila, and L. Rotger
  
• "Windowed Certificate Revocation", P. McDaniel and S. Jamin
  

TACAS'2000, Sixth International Conference on Tools and Algorithms for the Construction and Analysis of Systems, March 27-April 1, 2000, Berlin, Germany

• "Partial order reductions for security protocol verification", E. Clarke, S. Jha, and W. Marrero
  
• "Model checking security protocols using a logic of belief", M. Benerecetti and F. Giunchiglia
  

7th IEEE International Conference and Workshop on the Engineering of Computer Based Systems, April 3-7, 2000, Scotland, United Kingdom

• "Software Agents and Computer Network Security", J. Pikoulas, M. Mannion and W. Buchanan

Archived list of conference papers