Computer Security - ESORICS 94 -

. .

Résumé :
This volume constitutes the proceedings of the Third European Symposium on Research in Computer Security, held in Brighton, UK in November 1994. The 26 papers presented in the book in revised versions were carefully selected from a total of 79 submissions; they cover many current aspects of computer security research and advanced applications. The papers are grouped in sections on high security assurance software, key management, authentication, digital payment, distributed systems, access control, databases, and measures.

Sommaire:
Valuation of trust in open networks.- Security versus performance requirements in data communication systems.- Non-interference through determinism.- Compile-time detection of information flow in sequential programs.- Security through type analysis.- Designing secure key exchange protocols.- Robust and secure password and key change method.- Beacon based authentication.- Authentication via multi-service tickets in the Kuperee server.- Oblivious signatures.- A calculus for secure channel establishment in open networks.- On strengthening authentication protocols to foil cryptanalysis.- An efficient electronic payment system protecting privacy.- The ESPRIT project CAFE -High security digital payment systems.- Liability and computer security: Nine principles.- Implementing secure dependencies over a network by designing a distributed security subsystem.- A secure medium access control protocol: Security versus performances.- Distributed file system over a multilevel secure architecture problems and solutions.- On the expressive power of the unary transformation model.- Privilege graph: An extension to the typed access matrix model.- A consideration of the modes of operation for secure systems.- Mark-and-sweep garbage collection in multilevel secure object-oriented database systems.- Decomposition of multilevel objects in an object-oriented database.- Supporting object-based high-assurance write-up in multilevel databases for the replicated architecture.- Aggregation in relational databases: Controlled disclosure of sensitive information.- Information flow controls vs inference controls: An integrated approach.