Computer Security - ESORICS 2003 8th European Symposium on Research in Computer Security, Gjovik, Norway, October 13-15, 2003, Proceedings

ESORICS, the European Symposium On Research In Computer Security, is the leading research-oriented conference on the theory and practice of computer - curity in Europe. The aim of ESORICS is to further the progress of research in computer security by establishing a European forum for bringing together - searchersinthisarea,bypromotingtheexchangeofideaswithsystemdevelopers and by encouraging links with researchers in related areas. ESORICS is coordinated by an independent steering committee. In the past it took place every two years at various locations throughout Europe. Starting this year, it will take place annually. ESORICS 2003 was organized by Gjøvik University College, and took place in Gjøvik, Norway, October 13–15, 2003. The program committee received 114 submissions, originating from 26 co- tries on all continents. Half the papers originated in Europe (57). The most dominant countries were: UK (16), USA (14), Germany (6), South Korea (6), Sweden (6), Italy (5), France (4) andPoland (4). Each submission was reviewed by at least three program committee members or other experts. The program committee chair and co-chair were not allowed to submit papers. The ?nal sel- tion of papers was made at a program committee meeting followed by a week of e-mail discussions. Out of the 114 papers received, only 19 got accepted (17%). In comparison, ESORICS 2000and 2002received 75and 83papersand accepted 19% and 16%, respectively. The program re?ected the full range of security research, including access control, cryptographic protocols, privacy enhancing technologies, security m- els, authentication, and intrusion detection.

Signature and Access Control Policies for XML Documents.- Authorization and Access Control in Adaptive Workflows.- Flexible Regulation of Distributed Coalitions.- Initiator-Resilient Universally Composable Key Exchange.- Multi-round Secure Light-Weight Broadcast Exclusion Protocol with Pre-processing.- Precisely Answering Multi-dimensional Range Queries without Privacy Breaches.- Passive Attack Analysis for Connection-Based Anonymity Systems.- Rapid Mixing and Security of Chaum’s Visual Electronic Voting.- Towards Accountable Management of Privacy and Identity Information.- A Toolkit for Managing Enterprise Privacy Policies.- Authenticating Mandatory Access Controls and Preserving Privacy for a High-Assurance Smart Card.- Hardware Encapsulation of Security Services.- A Formal Security Model of the Infineon SLE 88 Smart Card Memory Management.- Bridging Model-Based and Language-Based Security.- An On-the-Fly Model-Checker for Security Protocol Analysis.- Symmetric Authentication withina Simulatable Cryptographic Library.- An Improved Reference Flow Control Model for Policy-Based Intrusion Detection.- Visualisation for Intrusion Detection.- On the Detection of Anomalous System Call Arguments.