MARC View

000			04219nam a22005655i 4500
001			978-3-642-11747-3
003			DE-He213
005			20140220084532.0
007			cr nn 008mamaa
008			100301s2010 gw \| s \|\|\|\| 0\|eng d
020			_a9783642117473 _9978-3-642-11747-3
024	7		_a10.1007/978-3-642-11747-3 _2doi
050		4	_aTK5105.5-5105.9
072		7	_aUKN _2bicssc
072		7	_aCOM075000 _2bisacsh
082	0	4	_a004.6 _223
100	1		_aMassacci, Fabio. _eeditor.
245	1	0	_aEngineering Secure Software and Systems _h[electronic resource] : _bSecond International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010. Proceedings / _cedited by Fabio Massacci, Dan Wallach, Nicola Zannone.
264		1	_aBerlin, Heidelberg : _bSpringer Berlin Heidelberg, _c2010.
300			_aX, 241 p. _bonline resource.
336			_atext _btxt _2rdacontent
337			_acomputer _bc _2rdamedia
338			_aonline resource _bcr _2rdacarrier
347			_atext file _bPDF _2rda
490	1		_aLecture Notes in Computer Science, _x0302-9743 ; _v5965
505	0		_aSession 1. Attack Analysis and Prevention I -- BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks -- CsFire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests -- Idea: Opcode-Sequence-Based Malware Detection -- Session 2. Attack Analysis and Prevention II -- Experiences with PDG-Based IFC -- Idea: Java vs. PHP: Security Implications of Language Choice for Web Applications -- Idea: Towards Architecture-Centric Security Analysis of Software -- Session 3. Policy Verification and Enforcement I -- Formally-Based Black-Box Monitoring of Security Protocols -- Secure Code Generation for Web Applications -- Idea: Reusability of Threat Models – Two Approaches with an Experimental Evaluation -- Session 4. Policy Verification and Enforcement II -- Model-Driven Security Policy Deployment: Property Oriented Approach -- Category-Based Authorisation Models: Operational Semantics and Expressive Power -- Idea: Efficient Evaluation of Access Control Constraints -- Session 5. Secure System and Software Development I -- Formal Verification of Application-Specific Security Properties in a Model-Driven Approach -- Idea: Enforcing Consumer-Specified Security Properties for Modular Software -- Idea: Using System Level Testing for Revealing SQL Injection-Related Error Message Information Leaks -- Session 6. Secure System and Software Development II -- Automatic Generation of Smart, Security-Aware GUI Models -- Report: Modular Safeguards to Create Holistic Security Requirement Specifications for System of Systems -- Idea: A Feasibility Study in Model Based Prediction of Impact of Changes on System Quality.
520			_aThis book constitutes the refereed proceedings of the Second International Symposium on Engineering Secure Software and Systems, ESSoS 2010, held in Pisa, Italy, in February 2010. The 9 revised full papers presented together with 8 ideas papers were carefully reviewed and selected from 58 submissions. The papers are organized in topical sections on attack analysis and prevention, policy verification and enforcement, and secure system and software development.
650		0	_aComputer science.
650		0	_aComputer Communication Networks.
650		0	_aSoftware engineering.
650		0	_aData structures (Computer science).
650		0	_aData encryption (Computer science).
650	1	4	_aComputer Science.
650	2	4	_aComputer Communication Networks.
650	2	4	_aData Encryption.
650	2	4	_aSoftware Engineering/Programming and Operating Systems.
650	2	4	_aData Structures, Cryptology and Information Theory.
650	2	4	_aMath Applications in Computer Science.
650	2	4	_aModels and Principles.
700	1		_aWallach, Dan. _eeditor.
700	1		_aZannone, Nicola. _eeditor.
710	2		_aSpringerLink (Online service)
773	0		_tSpringer eBooks
776	0	8	_iPrinted edition: _z9783642117466
830		0	_aLecture Notes in Computer Science, _x0302-9743 ; _v5965
856	4	0	_uhttp://dx.doi.org/10.1007/978-3-642-11747-3
912			_aZDB-2-SCS
912			_aZDB-2-LNC
999			_c111928 _d111928