2002 IEEE Symposium on Security and Privacy

May 12-15, 2002
The Claremont Resort
Oakland, California, USA

sponsored by
IEEE Computer Society Technical Committee on Security and Privacy
in cooperation with
The International Association for Cryptologic Research (IACR)

Sunday, 12 May 2002

4:00 - 7:00 Registration and Reception

Monday, 13 May 2002

8:45 - 9:00 Opening Remarks
9:00 - 10:30 Session: Attacks

Optical Time-Domain Eavesdropping Risks of CRT Displays
Markus G. Kuhn (University of Cambridge)

Statistical Identification of Encrypted Web Browsing Traffic
Qixiang Sun (Stanford University), Daniel R. Simon (Microsoft Research), Yi-Min Wang (Microsoft Research), Wilf Russell (Microsoft Research), Venkat Padmanabhan (Microsoft Research), Lili Qiu (Microsoft Research)

Partitioning Attacks: Or How to Rapidly Clone Some GSM Cards
Josyula R. Rao (IBM Watson Research Center), Pankaj Rohatgi (IBM Watson Research Center), Stephane Tinguely (EPFL, Lausanne),  Helmut Scherzer (IBM Germany)

10:30 - 11:00 Break
11:00 - 12:00 Session: Privacy and Anonymity

Collaborative Filtering with Privacy
John Canny (UC Berkeley)

P5: A Protocol for Scalable Anonymous Communication
Rob Sherwood (University of Maryland), Bobby Bhattacharjee (University of Maryland), Aravind Srinivasan (University of Maryland)

12:00 - 1:30  Lunch
1:30 - 2:30  Invited Talk:
Exploits of Large-Scale Web Services and Counter-measures
Udi Manber (Yahoo!)
2:30 - 3:00  Break
3:00 - 4:00 Session: Composition and Conciliation

Methods and Limitations of Security Policy Reconciliation
Patrick McDaniel (AT&T Labs - Research), Atul Prakash (University of Michigan)

On the Composition of Secure Systems
Heiko Mantel (German Research Center for Artificial Intelligence, DFKI)

4:00 - 6:00 5-minute Recent Research Presentations
6:15 - 7:15 Reception
7:00 - ??? Poster Sessions

Tuesday, 14 May 2002

9:00 - 10:30 Session: Authorization and Delegation

Binder, a Logic-based Security Language
John DeTreville (Microsoft Research)

Design of a Role-based Trust-management Framework
Ninghui Li (Stanford University), John C. Mitchell (Stanford University), William H. Winsborough (NAI Labs, Network Associates, Inc.)

Constrained Delegation
Olav Bandmann (SICS), Mads Dam (KTH/IMIT/LECS), Babak Sadighi Firozabadi (SICS)

10:30 - 11:00 Break
11:00-12:00  Session: Static Analysis

Detecting Lots of Security Holes Using System-Specific Static Analysis
Ken Ashcraft (Stanford University), Dawson Engler (Stanford University)

Improving Computer Security Using Extended Static Checking
Brian V Chess (University of California at Santa Cruz)

12:00 - 1:30 Lunch
1:30 - 2:30 Invited Talk:
Questions About National Identity Systems
Bob Blakley  (IBM Software Group/Tivoli)
2:30 - 3:00  Break
3:00 - 5:00  Session: Intrusion Detection I

Noninterference and Intrusion Detection
Calvin Ko (NAI Labs, Network Associates), Timothy Redmond (NAI Labs, Network Associates)

"Why 6?"   Defining the Operational Limits of stide
Kymie M.C. Tan (Carnegie Mellon University), Roy A. Maxion (Carnegie Mellon University)

Alert Correlation in a Cooperative Intrusion Detection Framework
Frederic Cuppens (ONERA Centre de Toulouse), Alexandre Miege (ONERA Centre de Toulouse)

Intrusion-Tolerant Enclaves
Bruno Dutertre (SRI International), Valentin Crettaz (SRI International)

5:15 - 5:45 Security and Privacy Technical Committee Meeting

Wednesday, 15 May 2002

9:00 - 10:30  Session: Network Protocols

Efficient Multicast Packet Authentication Using Signature Amortization
Jung Min Park (Purdue University), Edwin K.P. Chong (Colorado State University), Howard Jay Siegel (Colorado State University)

Self-Healing Key Distribution with Revocation
Dirk Balfanz (Xerox PARC), Drew Dean (SRI), Matt Franklin (University of California at Davis), Sara Miner (University of California at San Diego), Jessica Staddon (Xerox PARC).

Expander Graphs for Digital Stream Authentication and Robust Overlay Networks
Dawn X. Song (University of California at Berkeley), David Zuckerman (University of Texas at Austin), J. D. Tygar (University of California at Berkeley)

10:30 - 11:00 Break
11:00 - 12:00 Session: Intrusion Detection II

Automated Generation and Analysis of Attack Graphs
Oleg Sheyner (Carnegie Mellon University), Somesh Jha (University of Wisconsin), Jeannette Wing (Carnegie Mellon University), Richard Lippmann (MIT Lincoln Labs), Joshua Haines (MIT Lincoln Labs)

Stateful Intrusion Detection for High-Speed Networks
Christopher Kruegel (University of California at Santa Barbara), Fredrik Valeur (University of California at Santa Barbara), Giovanni Vigna (University of California at Santa Barbara), Richard A. Kemmerer (University of California at Santa Barbara)