The 7th CREST Open Workshop

Information Flow and Security



Wednesday, 26th May 2010



CREST Centre, King's College London



Programming language based security is a growing area of research which unites theoretical questions with practical problems. Some examples of issues include threats from malicious code, the discovery of potential exploits, information flow security and understanding security protocols. Information flow analysis, closely related to dependency analysis, uses static analysis via type systems and static program analysis to guarantee the absence of unwanted flows and, increasingly, to measure the amount of flows. In this workshop the emphasis will be on recent work in measuring flows.

There is increasing industrial interest in language based security and flow security in particular. This workshop will feature an invited speaker from MessageLabs Ltd. who will talk about information flow security issues in SaaS. The workshop will be informal with plenty of opportunities for discussion.



Information Flow and Security Challenges in SaaS: An Industrial Perspective

Paul Fletcher, Symantec Hosted Services, UK


Programme and Downloadable Resources:

Talks will be 25 minutes allowing 15 minutes for discussion and questions.

12:15  Arrival and Sandwich Lunch

13:00   Welcome to CREST Open Workshop           

             David Clark, CREST Centre, SSE Group, Department of Computer Science, UCL

13:15   Information Flow and Security Challenges in SaaS: An Industrial


             Paul Fletcher, Symantec Hosted Services, UK

14:00   Security Issues in Tracking the Provenance of Data Across

             Distributed Processes (Slides: 1, Videos:1, 2)

             Simon Miles, King's College London, UK

14:30   Discussion

15:00   Refreshments

15:20   Automatic Abstraction for Congruences: A Story of Beauty and the Beast (Slides: 1)

             Andy King, University of Kent, UK

16:00   Discussion

16:15   AQUA: An Automated Tool for Quantifying Leakage in C Programs

             (Slides: 1)

             Jonathan Heusser, Queen Mary, University of London, UK                             

16:45   A Semiring?based Trace Semantics for Processes with Applications to Information Leakage Analysis (Slides: 1)

             David Clark, CREST Centre, SSE Group, Department of Computer Science, UCL

17:15   Discussion and wrap up

17:45   Close



Registered Attendees: (Registration is closed.)

  1. Nadia Alshahwan CREST Centre , UK
  2. Khalid Alzarouni CREST Centre , UK
  3. Kelly Androutsopoulos CREST Centre , UK
  4. David Clark CREST Centre , UK
  5. Paolo Falcarin University of East London , UK
  6. Paul Fletcher MessageLabs Ltd. , UK
  7. Nicolas Gold CREST Centre , UK
  8. Youssef Hassoun CREST Centre , UK
  9. Jonathan Heusser Queen Mary, University of London , UK
  10. Syed Islam CREST Centre , UK
  11. Yue Jia CREST Centre , UK
  12. Derek M. Jones Knowledge Software Ltd , UK
  13. Andy King Portcullis Computer Security Ltd, UK
  14. Jens Krinke CREST Centre , UK
  15. Pasquale Malacaria Queen Mary, University of London , UK
  16. Simon Miles King's College London , UK
  17. Matthew Moroz King's College London , UK
  18. Chunyan Mu CREST Centre , UK
  19. Jungsup (James) Oh CREST Centre , UK
  20. Jian Ren CREST Centre , UK
  21. Daniel Rodríguez University of Alcalá , Spain
  22. Laurence Tratt Middlesex University , UK
  23. Akadej Udomchaiporn CREST Centre , UK
  24. David White University of York , UK
This page was last modified on 16 Aug 2017.