The 7th CREST Open Workshop
Information Flow and Security
Date:
Wednesday, 26th May 2010
Venue:
CREST Centre, King's College London
Overview:
Programming language based security is a growing area of research which unites theoretical questions with practical problems. Some examples of issues include threats from malicious code, the discovery of potential exploits, information flow security and understanding security protocols. Information flow analysis, closely related to dependency analysis, uses static analysis via type systems and static program analysis to guarantee the absence of unwanted flows and, increasingly, to measure the amount of flows. In this workshop the emphasis will be on recent work in measuring flows.
There is increasing industrial interest in language based security and flow security in particular. This workshop will feature an invited speaker from MessageLabs Ltd. who will talk about information flow security issues in SaaS. The workshop will be informal with plenty of opportunities for discussion.
Keynote:
Information Flow and Security Challenges in SaaS: An Industrial Perspective
Paul Fletcher, Symantec Hosted Services, UK
Programme and Downloadable Resources:
Talks will be 25 minutes allowing 15 minutes for discussion and questions.
12:15 Arrival and Sandwich Lunch
13:00 Welcome to CREST Open Workshop
David Clark, CREST Centre, SSE Group, Department of Computer Science, UCL
13:15 Information Flow and Security Challenges in SaaS: An Industrial
Perspective
Paul Fletcher, Symantec Hosted Services, UK
14:00 Security Issues in Tracking the Provenance of Data Across
Distributed Processes (Slides: 1, Videos:1, 2)
Simon Miles, King's College London, UK
14:30 Discussion
15:00 Refreshments
15:20 Automatic Abstraction for Congruences: A Story of Beauty and the Beast (Slides: 1)
Andy King, University of Kent, UK
16:00 Discussion
16:15 AQUA: An Automated Tool for Quantifying Leakage in C Programs
(Slides: 1)
Jonathan Heusser, Queen Mary, University of London, UK
16:45 A Semiring?based Trace Semantics for Processes with Applications to Information Leakage Analysis (Slides: 1)
David Clark, CREST Centre, SSE Group, Department of Computer Science, UCL
17:15 Discussion and wrap up
17:45 Close
Registered Attendees: (Registration is closed.)
- Nadia Alshahwan CREST Centre , UK
- Khalid Alzarouni CREST Centre , UK
- Kelly Androutsopoulos CREST Centre , UK
- David Clark CREST Centre , UK
- Paolo Falcarin University of East London , UK
- Paul Fletcher MessageLabs Ltd. , UK
- Nicolas Gold CREST Centre , UK
- Youssef Hassoun CREST Centre , UK
- Jonathan Heusser Queen Mary, University of London , UK
- Syed Islam CREST Centre , UK
- Yue Jia CREST Centre , UK
- Derek M. Jones Knowledge Software Ltd , UK
- Andy King Portcullis Computer Security Ltd, UK
- Jens Krinke CREST Centre , UK
- Pasquale Malacaria Queen Mary, University of London , UK
- Simon Miles King's College London , UK
- Matthew Moroz King's College London , UK
- Chunyan Mu CREST Centre , UK
- Jungsup (James) Oh CREST Centre , UK
- Jian Ren CREST Centre , UK
- Daniel RodrĂguez University of Alcalá , Spain
- Laurence Tratt Middlesex University , UK
- Akadej Udomchaiporn CREST Centre , UK
- David White University of York , UK