PORTO-
FREI
Blick ins Buch

Engineering Secure Software and Systems

Second International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010, Proceedings

von Andresen, Anette / Austin, Andrew / Basin, David / Berger, Bernhard / Bertolissi, Clara / Beyerlein, Christian   (Autor)

It is our pleasure to welcome you to the proceedings of the Second International Symposium on Engineering Secure Software and Systems. This unique event aimed at bringing together researchersfrom softwareen- neering and security engineering, which might help to unite and further develop the two communities in this and future editions. The parallel technical spons- ships from the ACM SIGSAC (the ACM interest group in security) and ACM SIGSOF (the ACM interest group in software engineering) is a clear sign of the importance of this inter-disciplinary research area and its potential. The di?culty of building secure software systems is no longer focused on mastering security technology such as cryptography or access control models. Other important factors include the complexity of modern networked software systems, the unpredictability of practical development life cycles, the intertw- ing of and trade-o? between functionality, security and other qualities, the d- culty of dealing with human factors, and so forth. Over the last years, an entire research domain has been building up around these problems. The conference program included two major keynotes from Any Gordon (Microsoft Research Cambridge) on the practical veri?cation of security pro- cols implementation and Angela Sasse (University College London) on security usability and an interesting blend of research, industry and idea papers.

Buch (Kartoniert)

EUR 74,89

Alle Preisangaben inkl. MwSt.

Am Lager, sofort lieferbar
(Nur noch wenige Exemplare auf Lager)

Versandkostenfrei*

Versandtermin: 16. Februar 2019, wenn Sie jetzt bestellen.
(nur innerhalb Deutschlands, nicht Geschenksendungen)

Dieser Artikel kann nicht bestellt werden.
 

Produktbeschreibung

It is our pleasure to welcome you to the proceedings of the Second International Symposium on Engineering Secure Software and Systems. This unique event aimed at bringing together researchersfrom softwareen- neering and security engineering, which might help to unite and further develop the two communities in this and future editions. The parallel technical spons- ships from the ACM SIGSAC (the ACM interest group in security) and ACM SIGSOF (the ACM interest group in software engineering) is a clear sign of the importance of this inter-disciplinary research area and its potential. The di?culty of building secure software systems is no longer focused on mastering security technology such as cryptography or access control models. Other important factors include the complexity of modern networked software systems, the unpredictability of practical development life cycles, the intertw- ing of and trade-o? between functionality, security and other qualities, the d- culty of dealing with human factors, and so forth. Over the last years, an entire research domain has been building up around these problems. The conference program included two major keynotes from Any Gordon (Microsoft Research Cambridge) on the practical veri?cation of security pro- cols implementation and Angela Sasse (University College London) on security usability and an interesting blend of research, industry and idea papers. 

Inhaltsverzeichnis

Session 1. Attack Analysis and Prevention I.- BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks.- CsFire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests.- Idea: Opcode-Sequence-Based Malware Detection.- Session 2. Attack Analysis and Prevention II.- Experiences with PDG-Based IFC.- Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications.- Idea: Towards Architecture-Centric Security Analysis of Software.- Session 3. Policy Verification and Enforcement I.- Formally-Based Black-Box Monitoring of Security Protocols.- Secure Code Generation for Web Applications.- Idea: Reusability of Threat Models - Two Approaches with an Experimental Evaluation.- Session 4. Policy Verification and Enforcement II.- Model-Driven Security Policy Deployment: Property Oriented Approach.- Category-Based Authorisation Models: Operational Semantics and Expressive Power.- Idea: Efficient Evaluation of Access Control Constraints.- Session 5. Secure System and Software Development I.- Formal Verification of Application-Specific Security Properties in a Model-Driven Approach.- Idea: Enforcing Consumer-Specified Security Properties for Modular Software.- Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks.- Session 6. Secure System and Software Development II.- Automatic Generation of Smart, Security-Aware GUI Models.- Report: Modular Safeguards to Create Holistic Security Requirement Specifications for System of Systems.- Idea: A Feasibility Study in Model Based Prediction of Impact of Changes on System Quality. 

Produktdetails

Medium: Buch
Seiten: 256
Format: Kartoniert
Sprache: Englisch
Erschienen: Januar 2010
Auflage: 2010
Maße: 243 x 156 mm
Gewicht: 387 g
ISBN-10: 3642117465
ISBN-13: 9783642117466
Verlagsbestell-Nr.: 12989713

Bestell-Nr.: 6366915 
Bestell-Nr. Verlag: 12989713

LIBRI: 4381491
LIBRI-EK*: 53.89 € (23.00%)
LIBRI-VK: 74,89 €
STOCK Libri: 2
* EK = ohne MwSt.

UVP: 2 
Warengruppe: 16360 

KNO: 24781735
KNO-EK*: 34.50 € (25.00%)
KNO-VK: 74,89 €

KNO-SAMMLUNG: Lecture Notes in Computer Science Vol.5965
KNOABBVERMERK: 2010. x, 241 S. 72 SW-Abb.,. 235 mm
KNOMITARBEITER: Herausgegeben von Massacci, Fabio; Wallach, Dan; Zannone, Nicola
Einband: Kartoniert
Auflage: 2010
Sprache: Englisch
Beilage(n): Book

Alle Preise inkl. MwSt., innerhalb Deutschlands liefern wir immer versandkostenfrei. Informationen zum Versand ins Ausland.

Kostenloser Versand*

innerhalb eines Werktages

OHNE RISIKO

30 Tage Rückgaberecht

Käuferschutz

mit Geld-Zurück-Garantie