RFID and Privacy.- A New Framework for RFID Privacy.- Readers Behaving Badly.- Privacy-Preserving, Taxable Bank Accounts.- Formal Analysis of Privacy for Vehicular Mix-Zones.- Software Security.- IntPatch: Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at Compile-Time.- A Theory of Runtime Enforcement, with Results.- Enforcing Secure Object Initialization in Java.- Flexible Scheduler-Independent Security.- Cryptographic Protocols.- Secure Multiparty Linear Programming Using Fixed-Point Arithmetic.- A Certifying Compiler for Zero-Knowledge Proofs of Knowledge Based on ?-Protocols.- Short Generic Transformation to Strongly Unforgeable Signature in the Standard Model.- DR@FT: Efficient Remote Attestation Framework for Dynamic Systems.- Traffic Analysis.- Website Fingerprinting and Identification Using Ordered Feature Sequences.- Web Browser History Detection as a Real-World Privacy Threat.- On the Secrecy of Spread-Spectrum Flow Watermarks.- Traffic Analysis against Low-Latency Anonymity Networks Using Available Bandwidth Estimation.- End-User Security.- A Hierarchical Adaptive Probabilistic Approach for Zero Hour Phish Detection.- Kamouflage: Loss-Resistant Password Management.- Formal Analysis.- Sequential Protocol Composition in Maude-NPA.- Verifying Security Property of Peer-to-Peer Systems Using CSP.- Modeling and Analyzing Security in the Presence of Compromising Adversaries.- On Bounding Problems of Quantitative Information Flow.- E-voting and Broadcast.- On E-Vote Integrity in the Case of Malicious Voter Computers.- Election Verifiability in Electronic Voting Protocols.- Pretty Good Democracy for More Expressive Voting Schemes.- Efficient Multi-dimensional Key Management in Broadcast Services.- Authentication, Access Control, Authorization and Attestation.- Caught in the Maze of Security Standards.- User-Role Reachability Analysis of Evolving Administrative Role Based Access Control.- An Authorization Framework Resilient to Policy Evaluation Failures.- Optimistic Fair Exchange with Multiple Arbiters.- Anonymity and Unlinkability.- Speaker Recognition in Encrypted Voice Streams.- Evaluating Adversarial Partitions.- Providing Mobile Users’ Anonymity in Hybrid Networks.- Complexity of Anonymity for Security Protocols.- Network Security and Economics.- k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks.- Are Security Experts Useful? Bayesian Nash Equilibria for Network Security Games with Limited Information.- RatFish: A File Sharing Protocol Provably Secure against Rational Users.- A Service Dependency Model for Cost-Sensitive Intrusion Response.- Secure Update, DOS and Intrustion Detection.- Secure Code Update for Embedded Devices via Proofs of Secure Erasure.- D(e|i)aling with VoIP: Robust Prevention of DIAL Attacks.- Low-Cost Client Puzzles Based on Modular Exponentiation.- Expressive, Efficient and Obfuscation Resilient Behavior Based IDS.