1 / 12

SoBeNeT User Group meeting

SoBeNeT User Group meeting. Part II Wouter Joosen October 8 2004. Available Documents (public only). Activity 1.1.1: Vulnerability studies Activity 1.2.2: Programming model Activity 1.3.2: Complex Composition Work in progress… deadline 15.11.2004 More on http://sobenet.cs.kuleuven.ac.be.

helmut
Download Presentation

SoBeNeT User Group meeting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SoBeNeT User Group meeting Part II Wouter Joosen October 8 2004

  2. Available Documents (public only) • Activity 1.1.1: Vulnerability studies • Activity 1.2.2: Programming model • Activity 1.3.2: Complex Composition Work in progress… deadline 15.11.2004 More on http://sobenet.cs.kuleuven.ac.be

  3. Vulnerability study Code Injection in C and C++: A Survey of Vulnerabilities and Countermeasures • Technical report: Y. Younan, W. Joosen and F. Piessens. Code Injection in C and C++: A Survey of Vulnerabilities and Countermeasures, Report CW386, Department of Computer Science, K.U.Leuven, July 2004 Security in Microsoft .Net • CMS 2004 paper: Desmet, B. Jacobs, F. Piessens, and W. Joosen, A generic architecture for web applications to support threat analysis of infrastructural components. Proceedings of the Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK. • CMS 2004 paper: L. Desmet, B. Jacobs, F. Piessens, and W. Joosen, Threat Modelling for web services based web applications. Proceedings of the Eighth IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2004), September 2004, UK

  4. Programming models • Verification of Multithreaded Object-Oriented Programs with Invariants • SAVCBS 2004 paper: B. Jacobs, K. Rustan M. Leino, and W. Schulte. Verification of Multithreaded Object-Oriented Programs with Invariants. Proceedings of the Third Workshop on Specification and Verification of Component-Based Systems (SAVCBS), Newport Beach, California, October 31--November 1, 2004.

  5. Compex Composition - I • Engineering Application-level Security through Aspect-Oriented Software Development • PhD Dissertation Bart De Win: Engineering Application-level Security through Aspect-Oriented Software Development • Improving software reliability in data-centered software systems by enforcing composition time constraints • WADS 2004 paper: L. Desmet, F. Piessens, W. Joosen and P. Verbaeten. Improving software reliability in data-centered software systems by enforcing composition time constraints. Proceedings of the ICSE 2004 Workshop on Architecting Dependable Systems (WADS 2004).

  6. Complex Composition - II • Towards Preserving Correctness in Self-Managed Software Systems • WOSS'04 paper: L. Desmet, N. Janssens, S. Michiels, F. Piessens, W. Joosen and P. Verbaeten. Towards Preserving Correctness in Self-Managed Software Systems. Proceedings of the ACM SIGSOFT Workshop on Self-Managing Systems (WOSS'04, New Port Beach, CA, USA, 2004. • View Connectors for the integratin of Domain Specific Access Control • AOSDSec 2004 paper: T. Verhanneman, F. Piessens, B. De Win, and W. Joosen. View Connectors for the integratin of Domain Specific Access Control. Proceedings of the AOSDSec Workshop, March 2004, Lancaster, UK. • Developing Secure Applications through Aspect-Oriented Programming • AOSD book chapter: B. De Win, W. Joosen, and F. Piessens. Developing Secure Applications through Aspect-Oriented Programming.

  7. Focus for Year 02 Headlines • Interrelations between point solutions in track I (Languages and composition) • Maturing the application case studies – track I • Intensifying the software engineering track – track II • Cross-fertilization between the above and tracks III en IV respectively

  8. Calendar of Events - October • …New programming language technologies for improving software securityProf. Frank Piessens, K.U.Leuven, Distrinet

  9. Calendar of Events - November • Workshop on development processes and security -- November 19, 2004 – 14-17h30 • Location to be confirmed

  10. Calendar of Events - December SecuritySession@javapolis (www.javapolis.com) December 16 • Lectures by Frank Piessens, Konstantin Beznosov. • BOF Topic: secure agility/agile security: Konstantin Beznosov, Dirk Dussart, Wouter Joosen.

  11. Suggestions welcome • Seminar/tutorial on vulnerabilities and secure coding for in C/C++ • Workshop on security in e-Health applications

  12. Discussion

More Related