The First International Workshop on Run Time Enforcement for Mobile and
Distributed Systems (REM2007)
In conjunction with the 12th European Symposium On Research In Computer Security
(ESORICS 2007), Dresden, Germany
Supported by the S3MS project.
http://www.cs.kuleuven.be/conference/ESORICS-REM2007/
Date: September 26-27, 2007
Run time monitoring and enforcement of policies is, and has been for a long
time, one of the most important security technologies. Successful applications
include operating system and middleware access control, firewalls, and stack
inspection based sandboxing. With the increased interest in security at the
level of applications, for instance to counter the threats of untrustworthy
(malicious or buggy) code, run time monitoring and enforcement has seen an
increased interest from the research community. Several models of run time
monitors have been developed, such as security automata and edit automata, and
the classes of policies that can be enforced with such monitors have been
investigated. Suitable policy languages for expressing application-level
policies are an active area of research, and a variety of mechanisms for
implementing run time monitoring and enforcement, such as the inlining of
monitors, system call interception, or aspect oriented programming have been
studied. Moreover, with the advent of support for third party applications on
mobile devices such as mobile phones and Personal Digital Assistants (PDA's),
the importance of strong and efficient techniques for run time monitoring and
enforcement grows even further.
The goal of this workshop is to bring together researchers and practitioners
working on various aspects of run time monitoring and enforcement of security
policies, to exchange ideas and disseminate new results. Original papers are
solicited, both from industry and academia on new results or experiences with
run time monitoring and enforcement.
Invited speakers
The workshop will include invited talks by:
- Jay Ligatti: Jay works on software security and programming languages, including: language-based
security and reliability, software monitoring, policy analysis, and aspect-oriented and policy-specification languages.
He has several influential results in areas that are of interest to this workshop.
Jay codesigned Polymer, a well-known domain-specific aspect language for writing security policies. He worked on the Gleipnir project that designed a
countermeasure against code injection attacks on C/C++, and he has done work on
the foundations of aspect-oriented programming languages.
- Eric Vétillard: Eric is the Chief Technical Officer at Trusted Labs, a Trusted Logic company that
specializes in security services. He joined in 2000 as a senior technical architect and was appointed CTO in 2004. He began his career in the smart cards industry in 1997, in Gemplus’ Advanced Research team, where he was involved in the early developments of Java Card™ technology.
He will speak about Mobile payment security policies: What operators and banks really want ...
Topics and how to submit
Areas of interest include, but are not limited to:
- Access control in mobile and distributed systems
- Mechanisms for run time monitoring and enforcement
- Theoretical foundations for run time monitoring and enforcement
- Policy languages, policy composition and policy management
- Safety analysis and enforcement
- Security for mobile code
- Case studies and experiences with run time monitoring and enforcement
- Program instrumentation for run time monitoring and enforcement, including
inlined monitors, and aspect oriented programming
Workshop papers must be limited to 12 pages. Authors are encouraged to follow
the Elsevier ENTCS LaTeX style when preparing their
submission.
The organizers plan a post-proceedings of this workshop. Negotiations with
Elsevier ENTCS are underway.\
Submissions must be entered using the easychair conference system at the
following URL:
SUBMISSION SITE: http://www.easychair.org/REM2007/
NOTE: submission and notification deadlines have changed!
- Submission of workshop papers
- June 29, 2007
- Notification of workshop papers
- August 15, 2007 (in time for early registration for ESORICS)
- Final version
- September 15, 2007
- Workshop dates
- September 26-27, 2007
PC Chairs:
- Fabio Massacci, Universitŕ di Trento, Italy
- Frank Piessens, Katholieke Universiteit Leuven, Belgium
Programme Committee:
- Alexander Pretschner, ETH Zurich, Switzerland
- Brian LaMacchia, Microsoft, USA
- Carlos Molina, Newcastle University, United Kingdom
- Dieter Gollmann, Hamburg University of Technology,
Germany
- Eric Vétillard, Trusted Labs, France
- Erik Poll, Radboud Universiteit Nijmegen, The Netherlands
- Gilles Barthe, INRIA Sophia-Antipolis, France
- Greg Morrisett, Harvard University, USA
- Grigore Rosu, University of Illinois at Urbana-Champaign,
USA
- Konstantin Beznosov, University of British Columbia, Canada
- Mads Dam, Royal Institute of Technology (KTH), Sweden
- Philip W.L. Fong, University of Regina, Regina, Saskatchewan, Canada
- R. Sekar, Stony Brook University, USA
- Silke Holtmanns, Nokia Research, Finland
- Thomas Walter, DoCoMo Communications Laboratories Europe GmbH,
Germany
- Úlfar Erlingsson, Microsoft Research, USA
Publicity Chair:
- Katsiaryna Naliuka, Universitŕ di Trento, Italy