Principles of Security and Trust

This book constitutes the refereed proceedings of the 4th International Conference on Principles of Security and Trust, POST 2015, held as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015, in London, UK, in April 2015. The 17 regular papers presented in this volume were carefully reviewed and selected from 57 submissions. In addition, one invited talk is included. The papers have been organized in topical sections on information flow and security types, risk assessment and security policies, protocols, hardware and physical security and privacy and voting.

Quantitative Approaches to the Protection of Private Information: State of the Art and Some Open Challenges. - IFC Inside: Retrofitting Languages with Dynamic Information Flow Control. - Very Static Enforcement of Dynamic Policies. - The Foundational Cryptography Framework. - On the Flow of Data, Information, and Time. - Pareto Efficient Solutions of Attack-Defence Trees. - Analysis of XACML Policies with SMT. - Automatically Checking Commitment Protocols in ProVerif without False Attacks. - Generalizing Multi-party Contract Signing. - Leakiness is Decidable for Well-Founded Protocols. - Abstractions for Security Protocol Verification. - Automated Backward Analysis of PKCS#11 v2. 20. - A Safe Update Mechanism for Smart Cards. - Discrete vs. Dense Times in the Analysis of Cyber-Physical Security Protocols. - Timing Attacks in Security Protocols: Symbolic Framework and Proof Techniques. - Type-Based Verification of Electronic Voting Protocols. - Composing Security Protocols: From Confidentiality to Privacy. - PriCL: Creating a Precedent, a Framework for Reasoning about Privacy Case Law.