Computer Security - ESORICS 2004

Incorporating Dynamic Constraints in the Flexible Authorization Framework.- Access-Condition-Table-Driven Access Control for XML Databases.- An Algebra for Composing Enterprise Privacy Policies.- Deriving, Attacking and Defending the GDOI Protocol.- Better Privacy for Trusted Computing Platforms.- A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol.- A Formalization of Anonymity and Onion Routing.- Breaking Cauchy Model-Based JPEG Steganography with First Order Statistics.- Comparison Between Two Practical Mix Designs.- Signature Bouquets: Immutability for Aggregated/Condensed Signatures.- Towards a Theory of Data Entanglement.- Portable and Flexible Document Access Control Mechanisms.- Possibilistic Information Flow Control in the Presence of Encrypted Communication.- Information Flow Control Revisited: Noninfluence = Noninterference + Nonleakage.- Security Property Based Administrative Controls.- A Vector Model of Trust for Developing Trustworthy Systems.- Parameterized Authentication.- Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks.- Hindering Eavesdropping via IPv6 Opportunistic Encryption.- On the Role of Key Schedules in Attacks on Iterated Ciphers.- A Public-Key Encryption Scheme with Pseudo-random Ciphertexts.- A Host Intrusion Prevention System for Windows Operating Systems.- Re-establishing Trust in Compromised Systems: Recovering from Rootkits That Trojan the System Call Table.- ARCHERR: Runtime Environment Driven Program Safety.- Sets, Bags, and Rock and Roll.- Redundancy and Diversity in Security.- Discovering Novel Attack Strategies from INFOSEC Alerts.