Sciweavers

ESORICS
2009
Springer
14 years 4 months ago
Client-Side Detection of XSS Worms by Monitoring Payload Propagation
Cross-site scripting (XSS) vulnerabilities make it possible for worms to spread quickly to a broad range of users on popular Web sites. To date, the detection of XSS worms has been...
Fangqi Sun, Liang Xu, Zhendong Su
ESORICS
2009
Springer
14 years 4 months ago
Dynamic Enforcement of Abstract Separation of Duty Constraints
Separation of Duty Constraints David Basin1 , Samuel J. Burri1,2 , and G?unter Karjoth2 1 ETH Zurich, Department of Computer Science, Switzerland 2 IBM Research, Zurich Research La...
David A. Basin, Günter Karjoth, Samuel J. Bur...
ESORICS
2009
Springer
14 years 4 months ago
Set Covering Problems in Role-Based Access Control
Abstract. Interest in role-based access control has generated considerable research activity in recent years. A number of interesting problems related to the well known set cover p...
Liang Chen, Jason Crampton
ESORICS
2009
Springer
14 years 4 months ago
ID-Based Secure Distance Bounding and Localization
In this paper, we propose a novel ID-based secure distance bounding protocol. Unlike traditional secure distance measurement protocols, our protocol is based on standard insecure d...
Nils Ole Tippenhauer, Srdjan Capkun
ESORICS
2009
Springer
14 years 4 months ago
Type-Based Analysis of PIN Processing APIs
We examine some known attacks on the PIN verification framework, based on weaknesses of the security API for the tamperresistant Hardware Security Modules used in the network. We s...
Matteo Centenaro, Riccardo Focardi, Flaminia L. Lu...
ESORICS
2009
Springer
14 years 4 months ago
Keep a Few: Outsourcing Data While Maintaining Confidentiality
We put forward a novel paradigm for preserving privacy in data outsourcing which departs from encryption. The basic idea behind our proposal is to involve the owner in storing a li...
Valentina Ciriani, Sabrina De Capitani di Vimercat...
ESORICS
2009
Springer
14 years 4 months ago
Automatically Generating Models for Botnet Detection
A botnet is a network of compromised hosts that is under the control of a single, malicious entity, often called the botmaster. We present a system that aims to detect bots, indepe...
Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan G...
ESORICS
2009
Springer
14 years 4 months ago
Towards a Theory of Accountability and Audit
Accountability mechanisms, which rely on after-the-fact verification, are an attractive means to enforce authorization policies. In this paper, we describe an operational model of ...
Radha Jagadeesan, Alan Jeffrey, Corin Pitcher, Jam...
ESORICS
2009
Springer
14 years 4 months ago
Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing
Cloud Computing has been envisioned as the next-generation architecture of IT Enterprise. It moves the application software and databases to the centralized large data centers, whe...
Qian Wang, Cong Wang, Jin Li, Kui Ren, Wenjing Lou
ESORICS
2009
Springer
14 years 4 months ago
Learning More about the Underground Economy: A Case-Study of Keyloggers and Dropzones
Thorsten Holz, Markus Engelberth, Felix C. Freilin...