Software Security -- Theories and Systems

For more than the last three decades, the security of software systems has been an important area of computer science, yet it is a rather recent general recognition that technologies for software security are highly needed.

This book assesses the state of the art in software and systems security by presenting a carefully arranged selection of revised invited and reviewed papers. It covers basic aspects and recently developed topics such as security of pervasive computing, peer-to-peer systems and autonomous distributed agents, secure software circulation, compilers for fail-safe C language, construction of secure mail systems, type systems and multiset rewriting systems for security protocols, and privacy issues as well.

Inhalt
Security for Pervasive Computing.- Towards Security and Privacy for Pervasive Computing.- Security for Whom? The Shifting Security Assumptions of Pervasive Computing.- Active Authentication for Pervasive Computing Environments.- Security for P2P Systems and Autonomous Distributed Agents.- A Survey of Peer-to-Peer Security Issues.- Autonomous Nodes and Distributed Mechanisms.- Privacy Issues.- Privacy in Sensor Webs and Distributed Information Systems.- Negotiated Privacy.- Secure Software Circulation and Secure C Language.- SoftwarePot: An Encapsulated Transferable File System for Secure Software Circulation.- Fail-Safe ANSI-C Compiler: An Approach to Making C Programs Secure Progress Report.- Securing Programs by Rewriting and Sandboxing.- Types and Effects for Non-interfering Program Monitors.- Flexible and Efficient Sandboxing Based on Fine-Grained Protection Domains.- Enforcing Java Run-Time Properties Using Bytecode Rewriting.- Secure Mail System Construction.- AnZenMail: A Secureand Certified E-mail System.- Formalization and Verification of a Mail Server in Coq.- Some Security Systems.- Design and Implementation of Security System Based on Immune System.- Design and Implementation of Access Control System for Smart Office Environment.- Proof-Carrying Code and Type Systems for Security Protocols.- Typing One-to-One and One-to-Many Correspondences in Security Protocols.- Proof-Carrying Code with Untrusted Proof Rules.- Authentication Protocols.- Verification of Authentication Protocols Based on the Binding Relation.- Hiding Names: Private Authentication in the Applied Pi Calculus.- Environmental Requirements for Authentication Protocols.- Multiset Rewriting for Protocol Analysis.- A Comparison between Strand Spaces and Multiset Rewriting for Security Protocol Analysis.- Data Access Specification and the Most Powerful Symbolic Attacker in MSR.- Verification Methods and Tools.- A Logical Verification Method for Security Protocols Based on Linear Logic and BAN Logic.- Formal Analysis of the iKP Electronic Payment Protocols.- CafeOBJ as a Tool for Behavioral System Verification.