03869nam 2200613Ia 450 991048408580332120200520144314.03-642-00199-810.1007/978-3-642-00199-4(CKB)1000000000718115(SSID)ssj0000317484(PQKBManifestationID)11211761(PQKBTitleCode)TC0000317484(PQKBWorkID)10293465(PQKB)10496337(DE-He213)978-3-642-00199-4(MiAaPQ)EBC3064090(PPN)134126262(EXLCZ)99100000000071811520090522d2009 uy 0engurnn|008mamaatxtccrEngineering secure software and systems First international symposium, ESSoS 2009, Leuven, Belgium, February 2009, proceedings /Fabio Massacci, Samuel T. Redwine, Nicola Zannone (eds.)1st ed. 2009.Berlin Springerc20091 online resource (X, 201 p.) Lecture notes in computer science,0302-9743 ;5429Bibliographic Level Mode of Issuance: Monograph3-642-00198-X Includes bibliographical references and index.Policy Verification and Enforcement -- Verification of Business Process Entailment Constraints Using SPIN -- From Formal Access Control Policies to Runtime Enforcement Aspects -- Idea: Trusted Emergency Management -- Model Refinement and Program Transformation -- Idea: Action Refinement for Security Properties Enforcement -- Pattern-Based Confidentiality-Preserving Refinement -- Architectural Refinement and Notions of Intransitive Noninterference -- Systematically Eradicating Data Injection Attacks Using Security-Oriented Program Transformations -- Secure System Development -- Report: Measuring the Attack Surfaces of Enterprise Software -- Report: Extensibility and Implementation Independence of the .NET Cryptographic API -- Report: CC-Based Design of Secure Application Systems -- Protection Poker: Structuring Software Security Risk Assessment and Knowledge Transfer -- Attack Analysis and Prevention -- Toward Non-security Failures as a Predictor of Security Faults and Failures -- A Scalable Approach to Full Attack Graphs Generation -- MEDS: The Memory Error Detection System -- Testing and Assurance -- Idea: Automatic Security Testing for Web Applications -- Report: Functional Security Testing Closing the Software – Security Testing Gap: A Case from a Telecom Provider -- Idea: Measuring the Effect of Code Complexity on Static Analysis Results.This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009. The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.Lecture notes in computer science ;5429.Computer securitySoftware engineeringSensor networksCongressesComputer security.Software engineering.Sensor networks005.8Massacci Fabio1757823Redwine Samuel T1758793Zannone Nicola1757825ESSoS (Symposium)MiAaPQMiAaPQMiAaPQBOOK9910484085803321Engineering secure software and systems4197046UNINA