Year: 2013

• Nanevski, A., Banerjee, A. & Garg, D. (2013). Dependent Type Theory for Verification of Information Flow and Access Control Policies. ACM Trans. Program. Lang. Syst., 35(2), 6. [More] [Bibtex]
• Itzhaky, S., Banerjee, A., Immerman, N., Nanevski, A. & Sagiv, M (2013). Effectively-Propositional Reasoning about Reachability in Linked Data Structures. In Sharygina, N. & Veith, H. (editors), CAV, pages 756-772. Springer. [More] [Bibtex]
• Basin, D., Clavel, M., Egea, M., de Dios, M. A. & Dania, C. (2013). ActionGUI semantics, IMDEA Software Institute, Madrid, Spain and ETH Zurich, Switzerland. [More] [Online version] [Bibtex]
• Bertolino, A., Daoudagh, S., Lonetti, F., Marchetti, E., Martinelli, F. & Mori, P. (2013). Testing of PolPA-based usage control systems. Software Quality Journal, 1-31. [More] [Bibtex]
• ter Beek, M. H., Lluch-Lafuente, A. & Petrocchi, M (2013). Combining declarative and procedural views in the specification and analysis of product families. In SPLC Workshops, pages 10-17. [More] [Bibtex]
• Costantino, G., Martinelli, F. & Santi, P. (2013). Investigating the Privacy vs. Forwarding Accuracy Tradeoff in Opportunistic Interest-Casting. Transactions on mobile computing. [More] [Bibtex]
• Krautsevich, L., Lazouski, A., Martinelli, F., Mori, P. & Yautsiukhin, A (2013). Integration of Quantitative Methods for Risk Evaluation within Usage Control Policies. In In Proceedings of the International Conference on Computer Communications and Networks. To Appear. IEEE Publisher. [More] [Bibtex]
• Costa, G., Martinelli, F. & and Artsiom Yautsiukhin, (2013). Multi-dimensional Secure Service Orchestration. In In Proceeding of the 2nd Workshop on Security in Business Process. [More] [Bibtex]
• Costante, E., Paci, F. & Zannone, N (2013). Privacy-Aware Web Service Composition and Ranking.. In Proceedings of the IEEE 20th International Conference on Web Services. [More] [Bibtex]
• Labunets, K., Massacci, F., Paci, F. & Tran, L. M (2013). An Experimental Comparison of Two Risk-Based Security Methods. In Proceedings of the International Symposium on Empirical Software Engineering and Measurement (ESEM). [More] [Bibtex]
• Beckers, K., Fassbender, S., Heisel, M., Paci, F. & Massacci, F (2013). Combining Goal-oriented and Problem-oriented Requirements Engineering Methods. In Proceedings of International Cross Domain Conference and Workshop (CD-ARES),2013. In. [More] [Bibtex]
• Ghabri, H., Maatoug, G. & Rusinowitch, M (2013). Compiling symbolic attacks to protocol implementation tests. In Bouhoula, Adel, Ida, Tetsuo, Kamareddine & Fairouz (editors), Proceedings Fourth International Symposium on Symbolic Computation in Software Science, Gammarth, Tunisia, 15-17 December 2012, pages 39-49. Open Publishing Association. [More] [Bibtex]
• Imine, A. & Rusinowitch, M. (2013). Secure Collaboration for Smartphones. ERCIM News, 2013(93). [More] [Bibtex]
• Blome, A., Ochoa, M., Li, K., Peroli, M. & Torabi Dashti, M (2013). {VERA}: A flexible model-based vulnerability testing tool. In Software Testing, Verification and Validation (ICST), 2013 IEEE Sixth International Conference on, pages 471-478. IEEE Press. [More] [Bibtex]
• Omerovic, A. & Stølen, K. (2013). Characterizing and fulfilling traceability needs in the PREDIQT method for model-based prediction of system quality. International Journal on Advances in Systems and Measurements, 6(1--2), 1-25. [More] [Bibtex]
• Solhaug, B. & Stølen, K (2013). The CORAS Language -- Why it is designed the way it is. In Safety, Reliability, Risk and Life-Cycle Performance of Structures and Infrastructures, proc. of 11th International Conference on Structural Safety & Reliability (ICOSSAR'13). CRC Press. [More] [Bibtex]
• Tran, L. M., Solhaug, B. & Stølen, K. (2013). An Approach to Select Cost-Effective Risk Countermeasures Exemplified in CORAS, SINTEF ICT. [More] [Bibtex]
• Tran, L. M., Solhaug, B. & Stølen, K (2013). An Approach to Select Cost-Effective Risk Countermeasures. In Wang, Lingyu, Shafiq & Basit (editors), Data and Applications Security and Privacy XXVII, pages 266-273. Springer. [More] [Online version] [Bibtex]
• Moyano, F., Fernandez-Gago, C. & Lopez, J (2013). Towards Engineering Trust-aware Future Internet Systems. In 3rd International Workshop on Information Systems Security Engineering (WISSE 2013). Valencia. [More] [Bibtex]
• Guarnieri, M., Neri, M. A., Magri, E. & Mutti, S (2013). On the notion of redundancy in access control policies. In Proceedings of the 18th ACM symposium on Access control models and technologies, pages 161-172. New York, NY, USA : ACM. [More] [Online version] [Bibtex]
• Moyano, F., Baudry, B. & Lopez, J (2013). Towards Trust-Aware and Self-Adaptive Systems. In Fern, C., Ez-Gago & Martinelli, F. (editors), 7th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013), pages 243-250. Malaga : Springer. [More] [Bibtex]
• Nikiforakis, N., Acker, S. V., Meert, W., Desmet, L., Piessens, F. & Joosen, W (2013). Bitsquatting: Exploiting bit-flips for fun, or profit?. In World Wide Web Conference (WWW), pages 989-998. International World Wide Web Conferences Steering Committee. [More] [Online version] [Bibtex]
• Nikiforakis, N., Kapravelos, A., Joosen, W., Kruegel, C., Piessens, F. & Vigna, G (2013). Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In IEEE Symposium on Security and Privacy, pages 541-555. IEEE Computer Society. [More] [Online version] [Bibtex]
• Philippaerts, P., Younan, Y., Muylle, S., Piessens, F., Lachmund, S. & Walter, T. (2013). CPM: Masking code pointers to prevent code injection attacks. ACM Transactions on Information and System Security, 16(1), 1:1-1:27. [More] [Online version] [Bibtex]
• Caballero, J. & Song, D. (2013). Automatic protocol reverse-engineering: Message format extraction and field semantics inference. Computer Networks, 57(2), 451-474. [More] [Bibtex]