The 6th ACM Workshop on
Formal Methods in Security Engineering

Monday, October 27th, 2008
Hilton Alexandria Mark Center, Virginia, US

held in conjunction with the
15th ACM Conference on Computer and Communications Security (ACM CCS 2008)

Program * Registration * Scope * Committee * Submission * Important dates
Call for Papers (pdf) * Call for Papers (txt)

Program

9:20am - 9:30am Welcome

Vitaly Shmatikov (The University of Texas at Austin, USA).

9:30am - 10:30am Session 1 (chair: Avik Chaudhuri)

Invited Talk: A Cryptographic Compiler for Information-Flow Security.
Cedric Fournet (Microsoft Research, UK, and MSR-INRIA, France).

11:00am - 12:30pm Session 2 (chair: Ralf Küsters)

Formal Analysis of SAML 2.0 Web Browser Single Sign-On:
Breaking the SAML-based Single Sign-On for Google Apps.
Alessandro Armando (Università di Genova, Italy), Roberto Carbone (Università di Genova, Italy), Luca Compagna (SAP Research, France), Jorge Cuellar (Siemens AG, Germany) and Llanos Tobarra Abad (Universidad de Castilla-La Mancha, Spain).
Minimal Backups of Cryptographic Protocol Runs.
Jay McCarthy and Shriram Krishnamurthi (Brown University, USA).
Local Abstract Verification and Refinement of Security Protocols.
Ti Zhou, Li MengJun (National University of Defense Technology, China) and Zhou Jun Li (Beihang University, China).

2:00pm - 3:30pm Session 3 (chair: Karthikeyan Bhargavan)

Invited Talk: Formalizing Operator Task Analysis.
Carl Gunter (University of Illinois at Urbana-Champaign, USA).
Towards Provable Secure Neighbor Discovery in Wireless Networks.
Marcin Poturalski, Panos Papadimitratos and Jean-Pierre Hubaux (EPFL, Switzerland).

4:00pm - 5:00pm Session 4 (chair: Vitaly Shmatikov)

A Formal Security Policy Model for the Xenon Separation Hypervisor.
John McDermott (Naval Research Laboratory, USA) and Leo Freitas (University of York, UK).
Stale-Safe Security Properties for Group-Based Secure Information Sharing.
Ram Krishnan (George Mason University, USA), Jianwei Niu, Ravi Sandhu and William Winsborough (University of Texas at San Antonio, USA).

Scope

We aim to bring together researchers and practitioners from both the security and the software engineering communities, from academia and industry, who are working on applying formal methods to the design and validation of large-scale systems.

We seek original research papers addressing foundational issues in formal methods in security engineering. Topics include, but are not limited to:

security requirements and risk analysis;
access control models, information flow models, and trust models;
specification and analysis of security properties;
stepwise development by refinement and composition;
computationally sound abstraction;
program logics and type systems for security;
techniques for verification and static analysis;
tool support for the development and analysis of security-critical systems;
design and analysis of security protocols;
security aspects of operating systems and middleware;
case studies.

As in previous years, FMSE 2008 is co-located with the ACM Conference on Computer and Communications Security (CCS).

All submissions will be peer-reviewed. Authors of accepted papers must guarantee that their paper will be presented at the workshop. Final proceedings will be published by the ACM (previous proceedings).

Program Chair

Vitaly Shmatikov, The University of Texas at Austin, US

Program Committee

Michael Backes, Saarland University, Germany
Adam Barth, Stanford University, US
Karthikeyan Bhargavan, Microsoft Research, UK
Avik Chaudhuri, UC Santa Cruz, US
Stephanie Delaune, ENS de Cachan, France
Aaron Johnson, Yale University, US
Steve Kremer, ENS de Cachan, France
Ralf Küsters, University of Trier, Germany
Peeter Laud, University of Tartu, Estonia
Heiko Mantel, TU Darmstadt, Germany
David Naumann, Stevens Institute of Technology, US
Dominique Unruh, Saarland University, Germany
Bogdan Warinschi, University of Bristol, UK
Steve Zdancewic, University of Pennsylvania, US

FMSE Steering Committee

Michael Backes, Saarland University, Germany
David Basin, ETH Zürich, Switzerland
Michael Waidner, IBM Zürich Research Lab, Switzerland

Submission Guidelines

Submissions must be received by Friday, May 16, 2008 to be considered.

Click here to submit a paper via EasyChair

Submissions must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. The article must list all authors and their affiliations. It should begin with a title, a short abstract, and a list of keywords, and its introduction should summarize the contributions of the paper at a level appropriate for a non-specialist reader.

The submitted paper should be at most 12 pages excluding the bibliography and clearly marked appendices, and at most 15 pages in total, using at least 11-point font, reasonable margins, and page numbers on each page. Committee members are not required to read appendices; the paper should be intelligible without them.

The document must be in Acrobat PDF format, and must be legible after printing on standard grayscale printers, both those that use A4 and those that use 8-1/2x11" paper. Submissions not meeting these guidelines risk rejection without consideration of their merits.

Camera-ready versions of accepted papers will be limited to 10 pages in total using the ACM conference style.

Important Dates

Submission deadline:	Friday, May 16, 2008
Author notification:	Wednesday, July 9, 2008
Camera-ready deadline:	Sunday, August 17, 2008 (firm)
FMSE Workshop:	Monday, October 27, 2008
CCS main conference:	Monday, October 27 - Friday, October 31, 2008

Last modified: Mon Oct 28 2008

The 6th ACM Workshop on Formal Methods in Security Engineering