Engineering Secure Software and Systems: Third International Symposium, ESSoS 2011, Madrid, Spain, February 9-10, 2011. Proceedings

Front Matter....Pages -
Model-Based Refinement of Security Policies in Collaborative Virtual Organisations....Pages 1-14
Automatic Conformance Checking of Role-Based Access Control Policies via Alloy....Pages 15-28
Security Validation of Business Processes via Model-Checking....Pages 29-42
On-Device Control Flow Verification for Java Programs....Pages 43-57
Efficient Symbolic Execution for Analysing Cryptographic Protocol Implementations....Pages 58-72
Predictability of Enforcement....Pages 73-86
SessionShield: Lightweight Protection against Session Hijacking....Pages 87-100
Security Sensitive Data Flow Coverage Criterion for Automatic Security Testing of Web Applications....Pages 101-113
Middleware Support for Complex and Distributed Security Services in Multi-tier Web Applications....Pages 114-127
Lightweight Modeling and Analysis of Security Concepts....Pages 128-141
A Tool-Supported Method for the Design and Implementation of Secure Distributed Applications....Pages 142-155
An Architecture-Centric Approach to Detecting Security Patterns in Software....Pages 156-166
The Security Twin Peaks....Pages 167-180
Evolution of Security Requirements Tests for Service–Centric Systems....Pages 181-194
After-Life Vulnerabilities: A Study on Firefox Evolution, Its Vulnerabilities, and Fixes....Pages 195-208
Authorization Enforcement Usability Case Study....Pages 209-220
Scalable Authorization Middleware for Service Oriented Architectures....Pages 221-233
Adaptable Authentication Model: Exploring Security with Weaker Attacker Models....Pages 234-247
Idea: Interactive Support for Secure Software Development....Pages 248-255
Idea: A Reference Platform for Systematic Information Security Management Tool Support....Pages 256-263
Idea: Simulation Based Security Requirement Verification for Transaction Level Models....Pages 264-271
Back Matter....Pages -