The 7th International Workshop on Formal Aspects of Security & Trust (FAST2010)
CNR, Pisa, Italia
16-17 September 2010

FAST2010 is co-located with
The 8th IEEE International Conference on Software Engineering and Formal Methods (SEFM2010)
CNR, Pisa, Italy,
13-18 September, 2010



The seventh International Workshop on Formal Aspects of Security and Trust (FAST2010) aims at continuing the successful efforts of the previous FAST workshops, fostering cooperation among researchers in the areas of security and trust.

Computing and network infrastructures have become pervasive, and now they carry a great deal of economic activity. Thus, society needs well matching security and trust mechanisms. Interactions increasingly span several enterprises and involve loosely structured communities of individuals. Participants in these activities must control interactions with their partners based on trust policies and business logic. Trust-based decisions effectively determine the security goals for shared information and for access to sensitive or valuable resources.

FAST focuses on the formal models of security and trust that are needed to state goals and policies for these interactions. We also seek new and innovative techniques for establishing consequences of these formal models. Implementation approaches for such techniques are also welcome.



Title/Abstract Submission: 13 June 2010 (EXTENDED) 15 June 2010
Paper submission: 20 June 2010 (STRICT!)
Author Notification: 19 July 2010

Pre-proceedings version: 1 September 2010
Workshop: 16-17 September 2010
Post-proceedings version: 1 November 2010



·Gilles Barthe, IMDEA Software, Spain
·Massimo Bartoletti, University of Cagliari, Italy
·Lujo Bauer, CMU, USA
·Cas Cremers, ETH Zurich
·Frederic Cuppens, Telecom Bretagne, France
·Pierpaolo Degano, University of Pisa, Italy (co-chair)
·Sandro Etalle, TU Eindhoven and Univ. of Twente (co-chair)
·Joshua Guttman, Worcester Polytechnic Inst., USA (co-chair)
·Chris Hankin, Imperial College (London), UK
·Bart Jacobs, Radboud Univ. Nijmegen, The Netherlands
·Christian Jensen, DTU, Denmark
·Fabio Martinelli, CNR, Italy
·Sjouke Mauw, University of Luxemburg, Luxembourg
·Catherine Meadows, Naval Research Lab, USA
·Ron van der Meyden, University of New South Wales, Australia
·Mogens Nielsen, Aarhus, Denmark
·Dusko Pavlovic, Kestrel Institute, USA and Oxford, UK
·Riccardo Pucella, Northeastern, USA
·Peter Ryan, University of Luxemburg, Luxembourg
·Steve Schneider, Surrey, UK
·Jean-Marc Seigneur, University of Geneva, Switzerland
·Luca Vigano', Universita` di Verona, Italy



·Pierpaolo Degano, Universita` di Pisa, Italy
·Sandro Etalle, TU Eindhoven and Univ. of Twente
·Joshua Guttman, Worcester Polytechnic Inst., USA



· Ilaria Matteucci, CNR, Italy



Send an e-mail to FAST2010'at'

Latest updates about FAST 2010 will be regularly posted to (a mailing list for the scientific community interested in computer security).



Suggested submission topics include, but are not limited to:

·Formal models for security, trust and reputation
·Security protocol design and analysis
·Logics for security and trust
·Trust-based reasoning
·Distributed trust management systems  
·Digital asset protection  
·Data protection  
·Privacy and ID management issues  
·Information flow analysis  
·Language-based security  
·Security and trust aspects in ubiquitous computing  
·Validation/Analysis tools  
·Web/Grid services security/trust/privacy  
·Security and risk assessment  
·Resource and access control  
·Case studies  



We seek papers presenting original contributions. Two types of submissions are possible:

1) short papers, up to 5 pages in LNCS format. 

2) full papers, up to 15 pages in LNCS format.

Submissions should clearly state their category (1 or 2). Author's full name, address, and e-mail must appear on the first page.
Short papers as well as full papers will be included in the informal proceedings distributed at the workshop. After the workshop, authors of short papers which are judged mature enough for publication will be invited to submit full papers. These will be reviewed according to the usual refereeing procedures, and accepted papers will be published in the post-proceedings in LNCS.
Simultaneous submission of full papers to a journal or conference/workshop with formal proceedings justifies rejection. Short papers at FAST are not formally published, so this restriction does not apply to them. However, related publications and overlapping submissions must be cited explicitly in short papers.

Follow this link to submit your paper through Easychair system



As done for the previous issues of FAST, the post-proceedings of the workshop is published with LNCS . A special journal issue is also planned.




September 16th 2010 (ROOM 27)

08:30 - 08:50 registration

08:50 - 09:00 opening

09:00 - 10:00 Invited Talk by Dusko Pavlovic The Unreasonable Ineffectiveness of Security Engineering: An overview.

10:00 - 10:30 coffee break

10:45 - 12:15 Protocol Analysis Models

Max Kanovich, Tajana Ban Kirigin, Vivek Nigam and Andre Scedrov Bounded memory Dolev-Yao adversaries in collaborative systems

Bruno Conchinha, David Basin and Carlos Caleiro Efficient Decision Procedures for Message Deducibility and Static Equivalence

Gavin Lowe and Allaa Kamil Understanding Abstractions of Secure Channels

12:30 - 13:45 lunch break

14:30 - 15:30 Foundations

Mana Taghdiri, Gregor Snelting and Carsten Sinz Information Flow Analysis via Path Condition Refinement

Barbara Kordy, Sjouke Mauw, Sasa Radomirovic and Patrick Schweitzer Foundations of Attack-Defense Trees

15:45 - 16:15 coffee break

16:30 - 17:30 Hardware Security Modules

Sibylle Froeschle and Nils Sommer Reasoning with Past to Prove PKCS#11 Keys Secure

Stephanie Delaune, Steve Kremer, Mark Ryan and Graham Steel A Formal Analysis of Authentication in the TPM

September 17th 2010 (ROOM 27)

09:10 - 10:40 Privacy and Trust

Meilof Veeningen, Nicola Zannone and Benne de Weger Modeling identity-related properties and their privacy strength

Tim Muller Semantics for Trust

David Burke, John Launchbury, Joe Hurd and Aaron Tomb Trust relationship modeling for software assurance

10:40 - 11:20 coffee break

11:20 - 12:50 Security Policies

Clément Hurlin and Hélène Kirchner Semi-Automatic Synthesis of Security Policies by Invariant-Guided Abduction

Raphael Khoury and Nadia Tawbi Corrective Enforcement of Security Policies

Jason Crampton Cryptographic Enforcement of Role-Based Access Control

12:50 - 14:20 lunch break

14:20 - 15:20 Protocol Analysis Applications

Francesco Ballardin and Massimo Merro A Calculus for the Analysis of Wireless Network Security Protocols

Naipeng Dong, Hugo Jonker and Jun Pang Analysis of a Receipt-Free Auction Protocol in the Applied Pi Calculus

15:20 - 16:00 coffee break and farewell

John Launchbury has kindly made available at this link: the presentation of the paper "Trust relationship modeling for software assurance", by David Burke, John Launchbury, Joe Hurd and Aaron Tomb (which could not be given at the workshop).



Follow the instructions at this link.


Workshop Venue

The conference will be held in the Auditorium of the CNR Research Area.
Address: Via Moruzzi, 1, 56124 Pisa, Tuscany, Italy.

For more information follow this link.


Accomodation Venue

For more information follow this link.