FCS 2021

Workshop on Foundations of Computer Security 2021

June 21, 2021

Affiliated with CSF 2021

Background, aim and scope

Computer security is an established field of both theoretical and practical significance. In recent years, there has been sustained interest in the formal foundations of methods used in computer security. The aim of the FCS 2021 workshop is to provide a forum for the discussion of continued research in this area.

FCS 2021 welcomes papers on all topics related to the formal underpinnings of security and privacy, and their applications. The scope of FCS 2021 includes, but is not limited to, formal specification, analysis, and design of cryptographic protocols and their applications; formal definitions of various aspects of security such as access control mechanisms, mobile code security and network security; modeling of information flow and its application to confidentiality policies, system composition, and covert channel analysis; foundations of privacy; applications of formal techniques to practical security and privacy.

We are interested in new theoretical results, in exploratory presentations that examine open questions and raise fundamental concerns about existing theories, and in the development of security/privacy tools using formal techniques. Demonstrations of tools based on formal techniques are welcome, as long as the demonstrations can be carried out on a standard digital projector (i.e., without any specialized equipment). We solicit the submission of both mature work and work in progress.

Possible topics include, but are not limited to:

Automated reasoning techniques
Composition issues
Formal specification
Foundations of verification
Information flow analysis
Language-based security
Logic-based design
Program transformation
Security models
Static analysis
Statistical methods
Tools
Trust management

for

Access control & resource usage control
Authentication
Availability and denial of service
Blockchain & consensus protocols
Covert channels
Confidentiality
Integrity
Intrusion detection
Machine Learning
Malicious code
Mobile code
Mutual distrust
Privacy
Security policies
Security protocols

Program

All times EDT.
  • 9am - 9:10am: Opening remarks
  • 9:10am - 10:10am: [KEYNOTE #1] Andrew Myers, Cornell University
    Information Flow, from Crypto to Blockchain (click for details)
    Abstract

    The core attraction of information flow control is its inherent compositionality: transitivity of information flow means a system combining subsystems with secure information flow is itself secure. But compositionality enables going beyond just verifying the security of software. It allows information flow to be the secure interconnect between a variety of differernt security mechanisms ranging from cryptography to blockchain. I describe Viaduct, a new language for implementing applications that require cryptography. The programmers doesn't specify cryptographic mechanisms; instead, the Viaduct compiler automatically chooses them based on information flow policies in high-level code. Blockchain is another powerful security mechanism; here, information flow policies can guide the construction of secure smart contracts. However, the appealing story of secure composition faces a serious threat: reentrancy, which has led to tens of millions of dollars of losses by various smart contracts. Fortunately, information flow allows us to understand the nature of reentrancy more clearly, and with new information flow mechanisms, the threat of reentrancy can be tamed.

    Bio

    Andrew Myers is a Professor in the Department of Computer Science at Cornell University in Ithaca, NY. His research interests include computer security, programming languages, and distributed and persistent programming systems. His work on computer security has focused on practical, sound, expressive languages and systems for enforcing information security. Myers is the current Editor-in-Chief for ACM Transactions on Programming Languages and Systems (TOPLAS) and an ACM Fellow. He has received awards for papers appearing in POPL'99, SOSP'01, SOSP'07, CIDR'13, PLDI'13, PLDI'15, and Oakland'21.

  • 10:10am - 11:10am: [KEYNOTE #2] Grigore Rosu
  • 11:15am - 11:45pm: [Session #1] Privacy
    • Session chair: Marco Patrignani
    • Solo: Enforcing Differential Privacy Without Fancy Types. Chike Abuah, David Darais and Joe Near
    • Understanding Privacy Regulations through Narrative Generation. Chinmaya Dabral and Chris Martens
  • 12:00pm - 1:00pm: Lunch break
  • 1:00pm - 1:45pm: [Session #2] Hardware/Software Security
    • Session chair: Ioannis Demertzis
    • SoK: Practical Foundations for Spectre Defenses. Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe and Deian Stefan
    • Total Eclipse of the Enclave: Detecting Eclipse Attacks From Inside TEEs. Haofan Zheng, Tuan Tran and Owen Arden
    • Isolation Without Taxation: Near Zero Cost Transitions for SFI Matthew Kolosick, Shravan Narayan, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala and Deian Stefan
  • 1:45pm - 2:00pm: break
  • 2:00pm - 3:00pm: [Session #3] Language-based Security
    • Session chair: Tegan Brennan
    • Symphony: A Concise Language Model for MPC. David Darais, David Heath, Ryan Estes, William Harris, Ian Sweet and Michael Hicks
    • Verified Computation via Compilation to Abstract Machines. Ryan Estes, David Darais and Joseph Near
    • Expressive Authorization Policies using Computation Principals. Anitha Gollamudi and Stephen Chong
    • Security Preserving Program Transformations with ITrees. Lucas Silver, Andrew Hirsch, Ethan Cecchetti, Paul He and Steve Zdancewic
  • 3:15pm - 4:00pm: [Session #4] Information Flow Control
    • Session chair: Fraser Brown
    • A Causal Account of Program Security. Matvey Soloviev and Joseph Halpern
    • Secure Information Flow for Concurrent Programs with Expressive Synchronization. Rolph Recto, Maximilian Algehed and Andrew Myers
    • Security Properties for Stack Safety. Sean Anderson, Leonidas Lampropoulos, Roberto Blanco, Benjamin Pierce and Andrew Tolmach
  • Closing remarks

Important dates

Submissions for full papers: May 10th 2021 (AOE)
Deadline for short papers (1 page abstract): May 17th 2021 (AOE)
Notification of acceptance: May 31st 2021
Workshop June 21nd, 2021

Submission

FCS 2021 welcomes two kinds of submissions:

  • full papers (at most 12 pages, excluding references and well-marked appendices)
  • short papers (at most 1 page, excluding references and well-marked appendices)

FCS'21 will employ a light form of double-blind reviewing. Submitted papers must (a) omit any reference to the authors' names or the names of their institutions, and (b) reference the authors' own related work in the third person (e.g., not "We build on our previous work ..." but rather "We build on the work of ..."). Nothing should be done in the name of anonymity that weakens the submission or makes the job of reviewing the paper more difficult (e.g., important background references should not be omitted or anonymized). The author information will be revealed to the reviewers after reviews are submitted. Please see the CSF conference site for answers to frequently asked questions (FAQ) that address many common concerns. When in doubt, contact the program chairs.

All submissions will be peer-reviewed by the program committee listed below. Authors of accepted papers must guarantee that their papers will be presented at the workshop. Extended abstracts will receive as rigorous a review as full papers. Extended abstracts may receive shorter talk slots at the workshop than full papers, depending on the number of accepted submissions.

Papers may be formatted using a two-column proceedings style accepted by IEEE, ACM, or USENIX conferences. The first page should include the paper's title, an abstract, and a list of keywords. Committee members are not required to read appendices, so papers must be intelligible without them. Papers not adhering to the page limits may be rejected without consideration of their merits.

Papers must be submitted online in the PDF format through EasyChair, at the following address: https://easychair.org/conferences/?conf=fcs21. Please do not submit papers in any other format (e.g., Word).

Informal proceedings

The workshop has no published proceedings. Presenting a paper at the workshop should not preclude submission to or publication in other venues (before, after or concurrently with FCS 2021). Papers presented at the workshop will be made available to workshop participants, but this does not constitute an official proceedings.

Program committee

  • Owen Arden (co-chair)
  • Joseph Near (co-chair)
  • Ioannis Demertzis
  • Eleanor Birrell
  • Marco Patrignani
  • Tegan Brennan
  • Sarah Scheffler
  • Conrad Watt
  • Fraser Brown
  • Chike Abuah
  • Xi He

Contact

The PC chairs can be contacted at the following addresses:
  • Owen Arden (UC Santa Cruz): owen [at] soe [dot] ucsc [dot] edu
  • Joe Near (UVM): jnear [at] uvm [dot] edu
  • Elaine Shi (CMU): runting [at] gmail [dot] com

Registration

Registration is done through the main CSF website. Students: To apply for free student registration, see here.

Previous editions