NSPW 2012, September 18-21, 2012, Bertinoro, Italy

Main Page

Table of Contents

Author Index

Sponsor & Supporters

Table of Contents

General Chairs' Welcome
Richard Ford (Florida Institute of Technology)

Mary Ellen Zurko (Cisco Systems)

Program Committee Chairs' Letter
Cormac Herley (Florida Institute of Technology)

Tara Whalen (Cisco Systems)

NSPW 2012 Organization

NSPW 2012 Sponsor & Supporters

NSPW'12 Technical Presentations

A Move in the Security Measurement Stalemate: Elo-Style Ratings to Quantify Vulnerability (Page 1)
Wolter Pieters (Delft University of Technology)

Sanne H. G. van der Ven (University of Amsterdam)

Christian W. Probst (Technical University of Denmark)

Turtles All the Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems (Page 15)
Sean Peisert (University of California, Davis & Berkeley Labs)

Ed Talbot (University of California, Davis)

Matt Bishop (University of California, Davis)

Point-and-Shoot Security Design: Can We Build Better Tools for Developers? (Page 27)
Sven Türpe (Fraunhofer Institute for Secure Information Technology)

Argumentation Logic to Assist in Security Administration (Page 43)
Jeff Rowe (University of California, Davis)

Karl Levitt (University of California, Davis)

Simon Parsons (Brooklyn College, CUNY)

Elizabeth Sklar (Brooklyn College, CUNY)

Andrew Applebaum (University of California, Davis)

Sharmin Jalal (University of California, Davis)

Beyond the Blacklist: Modeling Malware Spread and the Effect of Interventions (Page 53)
Benjamin Edwards (University of New Mexico)

Tyler Moore (Southern Methodist University)

George Stelle (University of New Mexico & Santa Fe Institute)

Steven Hofmeyr (Lawrence Berkeley National Laboratory)

Stephanie Forrest (University of New Mexico)

Someone to Watch Over Me (Page 67)
Heather Richter Lipford (University of North Carolina at Charlotte)

Mary Ellen Zurko (Cisco Systems)

Pools, Clubs and Security: Designing for a Party Not a Person (Page 77)
Zheng Dong (Indiana University)

Vaibhav Garg (Indiana University)

L. Jean Camp (Indiana University)

Apu Kapadia (Indiana University)

Privacy Is a Process, not a PET: A Theory for Effective Privacy Practice (Page 87)
Anthony Morton (University College London)

M. Angela Sasse (University College London)

All Your Base are Belong to US (Page 105)
Richard Ford (Florida Institute of Technology)

Liam M. Mayron (Florida Institute of Technology)

The Need for Application-Aware Access Control Evaluation (Page 115)
William C. Garrison, III (University of Pittsburgh)

Adam J. Lee (University of Pittsburgh)

Timothy L. Hinrichs (University of Illinois at Chicago)

Video-Passwords: Advertising While Authenticating (Page 127)
Julie Thorpe (University of Ontario Institute of Technology)

Amirali Salehi-Abari (University of Toronto)

Robert Burden (University of Ontario Institute of Technology)

Holographic Vulnerability Studies: Vulnerabilities as Fractures in Interpretation as Information Flows Across Abstraction Boundaries (Page 141)
Jedidiah R. Crandall (University of New Mexico)

Daniela Oliveira (Bowdoin College)