- Editors:
- Christian F. Hempelmann,
- Victor Raskin,
- General Chair:
- O. Sami Saydjari,
- Program Chairs:
- Simon Foley,
- R. Sekar
Welcome to the Proceedings of the New Security Paradigms Workshop 2003. This was the twelfth year of our very special workshop. The ideas resulting from this year's workshop are presented here for your consideration and enjoyment.If you find the work presented here interesting and provocative and would like to share your own ideas at a future NSPW, please watch for the Call for Papers for our next NSPW on our web site at http://www.nspw.orgNSPW is distinguished by the fact that every selected paper is discussed in a collegial setting at the time of its presentation and often afterwards. The number of papers selected is small enough to allow a comfortable time period for the intensive examination of new concepts. Authors are instructed to prepare for a 20 to 25 minute presentation and then given an hour of actual presentation-cure-discussion time which shows the high degree of interaction with the other workshop participants.NSPW must remain small to provide the high quality interaction between authors and attendees. We try to keep attendance under 30; this year's attendance was 28.One of the most noteworthy features of NSPW is the "psychological contract" by which all workshop participants abide. Because authors are asked to present ideas that might be considered risky in some other venues, all participants are charged with providing feedback in a constructive and gracious manner. And it works! The resulting brainstorming environment has proven to be excellent for furthering the development of these ideas. Authors typically receive a considerable amount of feedback about their presentations and incorporate it into the final version of their paper. The results are reflected in these proceedings, published after the workshop.NSPW is often held in small hotels that provide a picturesque locale, comfortable surroundings, and excellent cuisine. This year's workshop was held at the Centro Stefano Francini in Ascona, Switzerland. The Centro is located on Monte Verià ("Mount Truth") and played host to most of the political, social, and philosophical innovators of the early twentieth century. Today it is managed by the Swiss Federal Technical Institute and provides excellent conference facilities with stunning views of Lago Maggiore and the Swiss Alps. Our conference planner, Carla Notari, was especially helpful in making all arrangements go smoothly.The job of program chair for the New Security Paradigms Workshop (NSPW) is both difficult and rewarding. Selecting the program committee, assigning papers to committee members, and choosing a few among many excellent submissions are all time-consuming tasks. The reward comes with the workshop, when exciting papers stimulate discussions that extend beyond the meeting room into the dinner hour and beyond. We appreciate the hard work of the organizers, who made the workshop so enjoyable for all of us.
Locality: a new paradigm for thinking about normal behavior and outsider threat
Locality as a unifying concept for understanding the normal behavior of benign users of computer systems is suggested as a unifying paradigm that will support the detection of malicious anomalous behaviors. The paper notes that locality appears in many ...
Alliance formation for DDoS defense
Currently, there is no effective defense against large-scale distributed denial-of-service (DDoS) attacks. While numerous DDoS defense systems exist that offer excellent protection from specific attack types and scenarios, they can frequently be ...
Merging paradigms of survivability and security: stochastic faults and designed faults
Faults are examined by both the security and fault tolerance communities. These communities have strikingly different views of the types of faults that exist, the way they are modeled, and how they are addressed. One community can pronounce a system ...
SELF: a transparent security extension for ELF binaries
The ability to analyze and modify binaries is often very useful from a security viewpoint. Security operations one would like to perform on binaries include the ability to extract models of program behavior and insert inline reference monitors. ...
Dynamic label binding at run-time
Information flow control allows enforcement of end-to-end confidentiality policies but has been difficult to put in practice. This paper introduces a pragmatic new approach for tracking information flow while the process is running at the same time ...
Bringing security home: a process for developing secure and usable systems
The aim of this paper is to provide better support for the development of secure systems. We argue that current development practice suffers from two key problems:1. Security requirements tend to be kept separate from other system requirements, and not ...
Security check: a formal yet practical framework for secure software architecture
With security becoming an important concern for both users as well as designers of large-scale software systems, it is necessary to introduce security considerations very early in the system development life-cycle namely in the modeling phase itself. ...
From absence of certain vulnerabilities towards security proofs: pushing the limits of formal verification
The application of formal methods for rigorously validating cryptographic protocols has been getting increasing attention. The de facto standard for modeling such protocols in formal proof systems is the Dolev-Yao model that, e.g., uses abstract ...
Secure object identification: or: solving the Chess Grandmaster Problem
Many applications of cryptographic identification protocols are vulnerable against physical adversaries who perform real time attacks. For instance, when identifying a physical object like an automated teller machine, common identification schemes can ...
Public key distribution through "cryptoIDs"
In this paper, we argue that person-to-person key distribution is best accomplished with a key-centric approach, instead of PKI: users should distribute public key fingerprints in the same way they distribute phone numbers, postal addresses, and the ...
Owner-controlled information
Information about individuals is currently maintained in many thousands of databases, with much of that information, such as name and address, replicated across multiple databases. However, this proliferation of personal information raises issues of ...
Towards a new paradigm for securing wireless sensor networks
The network model assumed in this paper consists of tiny, energy-constrained, commodity sensors massively deployed alongside with one or more sink nodes that provide the interface to the outside world. The sensors in the network are initially anonymous ...
Securing nomads: the case for quarantine, examination, and decontamination
The rapid growth and increasing pervasiveness of wireless networks raises serious security concerns. Client devices will migrate between numerous diverse wireless environments, bringing with them software vulnerabilities and possibly malicious code. ...