Software security : theories and systems : Second Mext-NSF-JSPS International Symposium, ISSS 2003, Tokyo, Japan, November 4-6, 2003 : revised papers

Following the success of the International Symposium on Software Security 2002 (ISSS 2002), held in Keio University, Tokyo, November, 2002, ISSS 2003 was held in the Tokyo Institute of Technology, Tokyo, on November 4-6, 2003. This volume is the collection of the papers that were presented at ISSS 2003. The proceedings of ISSS 2002 was published as LNCS 2609. Although the security and reliability of software systems for networked c- puter systems are major concerns of current society, the technology for software securitystillneedstobedevelopedinmanydirections.SimilartoISSS2002,ISSS 2003 aimed to provide a forum for research discussions and exchanges among world-leading scientists in the ?elds of both theoretical and systems aspects of security in software construction. The program of ISSS 2003 was a combination of invited talks and selected research contributions. It included the most recent visions and researches of the 9invitedspeakers,aswellas11contributionsofresearchesfundedbytheMEXT grant-in-aid for scienti?c research on the priority area "Implementation Scheme for Secure Computing" (AnZenKaken). We collected the original contributions after their presentation at the symposium and began a review procedure that resulted in the selection of the papers in this volume. They appear here in ?nal form. ISSS 2003 required a lot of work that was heavily dependent on members of the program committee, and sta?s and graduate students who participated in AnZenKaken. We sincerely thank them for their e?orts and time.

1: Analysis of Protocols and Cryptography.- Verifying Confidentiality and Authentication in Kerberos 5.- A Cost Estimation Calculus for Analyzing the Resistance to Denial-of-Service Attack.- Formal Analysis of the NetBill Electronic Commerce Protocol.- Inferences on Honesty in Compositional Logic for Protocol Analysis.- A Formal System for Analysis of Cryptographic Encryption and Their Security Properties.- 2: Verification of Security Properties.- Formal Specification and Verification of Resource Bound Security Using PVS.- Java Program Verification at Nijmegen: Developments and Perspective.- Decision Procedures for Several Properties of Reactive System Specifications.- A Model for Delimited Information Release.- 3: Safe Implementation of Programming Languages.- The Interface Definition Language for Fail-Safe C.- Lightweight Wrappers for Interfacing with Binary Code in CCured.- 4: Secure Execution Environments.- Detecting Unknown Computer Viruses - A New Approach -.- Security Policy Descriptions Through the Use of Control Structure of a Target Program.- Securing RPC with a Reference Monitor for System Calls.- UML Scrapbook and Realization of Snapshot Programming Environment.- 5: Secure Systems and Security Management.- Managing Information Technology Security Risk.- SEAS: A Secure E-Voting Applet System.- The Design of a Secure Distributed Devices System Based on Immunity.