Preliminary Program - ENSEEIHT [PDF]

The Fourth International Conference on Risks and Security of Internet and Systems

CRiSIS 2009 Toulouse, France October 19 - 22, 2009 http://www.crisis2009.org

Preliminary Program

08h:30 09h:00 09h:30 10h:00 10h:30 11h:00 11h:30 12h:00 12h:30 13h:00 13h:30 14h:00 14h:30 15h:00 15h:30 16h:00 16h:30 17h:00 17h:30 18h:00 18h:30 19h:00 19h:30 20h:00 20h:30 21h:00 21h:30

Monday 19 October 2009 Registration

Tuesday 20 October 2009 Registration Welcome Address

Wednesday 21 October 2009

Keynote

Session 4

Break

Break

Break

Tutorial 1

Session 1

Session 5

Tutorial 1

Thursday 22 October 2009 Session 6 Break Session 7 Closing session

Lunch

Lunch

Tutorial 2

Session 2

Break

Break

Tutorial 2

Session 3

Lunch

Guided Visit of Toulouse

Registration Reception

Banquet

Lunch

The Fourth International Conference on Risks and Security of Internet and Systems

CRiSIS 2009 Toulouse, France October 19 - 22, 2009 http://www.crisis2009.org

Monday 19 October 2009 8h30-18h

Tutorial and Conference Registration Tutorial 1 : Security Testing of Services and Protocols

9h-10h30

Ana Rosa Cavalli, Télécom & Management SudParis, France

10h30-11h

Break Tutorial 1 : Security Testing of Services and Protocols

11h-12h30

12h30-14h

Ana Rosa Cavalli, Télécom & Management SudParis, France Lunch Tutorial 2 : Watermarking Medical Images – Applications and Methods

14h-15h30

Gouenou Coatrieux, Télécom Bretagne, France

15h30-16h

Break Tutorial 2 : Watermarking Medical Images – Applications and Methods

16h-17h30

Gouenou Coatrieux, Télécom Bretagne, France

8h30-18h

Conference Registration

The Fourth International Conference on Risks and Security of Internet and Systems

CRiSIS 2009 Toulouse, France October 19 - 22, 2009 http://www.crisis2009.org

Tuesday 20 October 2009 8h30-12h

Conference Registration

9h-9h30

Welcome Address Keynote : Vingt-cinq Ans Après, with Apologies to Alexandre Dumas

9h30-10h30

Gilles Brassard, Université de Montréal, Canada 10h30-11h

Break Session 1 : Access Controls and Security Mechanisms A Logical Framework for Reasoning about Policies with Trust Negotiations and Workflows in a Distributed Environment Philippe Balbiani, Yannick Chevalier, Marwa El Houri (CNRS — IRIT, France)

11h-12h30

A Secured Delegation of Remote Services on IPv6 Home Networks Stere Preda, Laurent Toutain, Nora Cuppens-Boulahia, Frédéric Cuppens (Telecom Bretagne, France), Joaquin Garcia-Alfaro (Carleton University, Canada) CryptoNET: Secure Federation Protocol and Authorization Policies for SMI Abdul Ghafoor Abbasi, Sead Muftic, Gernot Schmölzer (The Royal Institute of Technology, Sweden)

12h30-14h

Lunch

The Fourth International Conference on Risks and Security of Internet and Systems

CRiSIS 2009 Toulouse, France October 19 - 22, 2009 http://www.crisis2009.org

Tuesday 20 October 2009 Session 2 : Formal Methods, Verification and Certification Runtime Verification of Declassification for Imperative Programs: Formal Foundations Thomas Demongeot (DGA/DET/CELAR, France), Julien Mallet, Yves Le Traon (Telecom Bretagne, France) 14h-15h30

Formal Analysis of Attacks for e-Voting System Komminist Weldemariam (University of Trento, Italy), Adolfo Villafiorita (Fondazione Bruno Kessler, Italy) Data Disclosure Risk Evaluation Slim Trabelsi, Vincent Salzgeber, Michèle Bezzi, Gilles Montagnon (SAP Labs, France)

15h30-16h

Break Session 3 : Attacks, Defenses and IDS (1)

16h-17h

SIDAN : a Tool Dedicated to Software Instrumentation for Detecting Attacks on NonControl-Data Jonathan-Christofer Demay, Éric Totel, Frédéric Tronel (SupÉlec-Rennes, France) Defending OLSR Routing Protocol Against MPR Attacks Rachid Beghdad (LAMOS, Faculté des Sciences Exactes, Bejaia, Algeria)

18h

Reception

The Fourth International Conference on Risks and Security of Internet and Systems

CRiSIS 2009 Toulouse, France October 19 - 22, 2009 http://www.crisis2009.org

Wednesday 21 October 2009 Session 4 : Attacks, Defenses and IDS (2)

9h30-10h30

Permutation-based Steganographic Channels Scott Knight, Kevin Forest (Royal Military College of Canada, Kingston, Canada) Re-inforced Stealth Breakpoints Amit Vasudevan (CyLab, Carnegie Mellon University, USA)

10h30-11h

Break Session 5 : Risk Analysis

11h-12h30

Risk analysis of SCADA systems interconnecting Power Grids and Telco Networks via heterogeneous models and tools Andrea Bobbio1, Ester Ciancamerla2, Saverio Di Blasi2, Alessandro Iacomini4, Federico Mari3, Igor Melatti3, Michele Minichino2, Alessandro Scarlatti4, Enrico Tronci3, Roberta Terruggia1, Emilio Zendri4 (1Università del Piemonte Orientale, Alessamdria, Italy 2 ENEA C.R. Casaccia, Rome, Italy - 3Università di Roma “La Sapienza”, Rome, Italy 4 ACEA, Rome, Italy) A Reference Model for Risk-Aware Business Process Management Stefan Jakoubi, Simon Tjoa (Secure Business, Austria) A Formal Methodology for Detection of Vulnerabilities in an Enterprise Information System Anirban Sengupta, Chandan Mazumdar, Aditya Bagchi (Jadavpur University, India)

12h30-14h

Lunch

Afternoon

Guided Visit of Toulouse

20h

Banquet

The Fourth International Conference on Risks and Security of Internet and Systems

CRiSIS 2009 Toulouse, France October 19 - 22, 2009 http://www.crisis2009.org

Thursday 22 October 2009 Session 6 : Security Applications and Dependability

9h-10h

Experiments and Data Analysis of Electronic Voting System Komminist Weldemariam, Adolfo Villafiorita, Andrea Mattioli (University of Trento, Italy) Greylisting – Long Term Analysis of Anti-SPAM Effect Tomas Sochor (University of Ostrava, Czech Republic)

10h-10h30

Break Session 7a : Security Evaluation (Short papers) Untrustworthiness: A Trust-Based Security Metric Afonso Araujo Neto, Marco Vieira (CISUC, University of Coimbra, Portugal)

10h30-11h30

A Quantitative Approach to Assess Information Security Related Risks Anton Romanov, Eiji Okamoto (University of Tsukuba, Japan) Modeling Dependencies in Security Risk Management Tansu Alpcan (Deutsche Telekom Laboratories, Germany), Nick Bambos (Stanford University, USA) Session 7b : Security Analysis (Short papers)

11h30-12h10

A Formal Design of Secure Information Systems by Using a Formal Secure Data Flow Diagram (FSDFD) Nadia Soudani, Bel G Raggad, Belhassen Zouari (LIP2 laboratory, FST, University El Manar, Tunisia - Seidenberg School of CS & IS, NY, USA - ANSI, Tunisia) Honeypot Router for Routing Protocol Protection Abdallah Ghourabi, Tarek Abbes, Adel Bouhoula (Higher School of Telecommunications, SupCom, Tunisia)

12h10-12h30 12h30-14h

Closing Session Lunch