|7:30 - 8:30
|Session 1: Language-based Security
|8:30 - 9:00
||Fabio Massacci and Ida Sri Rejeki Siahaan
||Simulating Midlet's Security Claims with Automata Modulo Theory
|9:00 - 9:30
||Kevin Hamlen and Micah Jones
||Aspect-Oriented In-lined Reference Monitors
|9:30 - 10:00
||Nikhil Swamy and Michael Hicks
||Verified Enforcement of Stateful Information Release Policies
|10:00 - 10:30
|Session 2: Software Protection and Verification
|10:30 - 11:00
||Clifford Liem, Yuan Gu, and Harold Johnson
||A Compiler-Based Infrastructure for Software-Protection
|11:00 - 11:30
||Alan Shaffer, Mikhail Auguston, Cynthia Irvine, and Tim Levin
||A Security Domain Model to Assess Software for Exploitable Covert Channels
|11:30 - 12:00
||Christian Hammer, Rüdiger Schaade, and Gregor Snelting
||Static Path Conditions for Java
|12:00 - 1:30
|Session 3: Program Analysis for Security and Policy Enforcement
|1:30 - 1:45
||James Cheney and Morten Dahl
||Resource Bound Analysis for Database Queries
|1:45 - 2:00
||Dejan Baca, Bengt Carlsson, and Lars Lundberg
||Evaluating the Cost Reduction of Static Code Analysis for Software Security
|2:00 - 2:30
||Avik Chaudhuri, Prasad Naldurg, and Sriram Rajamani
||A Type System for Data-Flow Integrity on Windows Vista
|2:30 - 3:00
||Miranda Mowbray and Antonio Lain
||Dominator-Tree Analysis for Distributed Authorization
|3:00 - 3:30
|Session 4: Information-flow Security
|3:30 - 4:00
||Riccardo Focardi and Matteo Centenaro
||Information Flow Security of Multithreaded Distributed Programs
|4:00 - 4:30
||Lantian Zheng and Andrew C. Myers
||Securing Nonintrusive Web Encryption through Information Flow
|4:30 - 5:00
||Pasquale Malacaria and Han Chen
||Lagrange Multipliers and Maximum Information Leakage in Different Observational Models
PLAS aims to provide a forum for exploring
and evaluating ideas on the use of programming language and program
analysis techniques to improve the security of software
systems. Strongly encouraged are proposals of new, speculative ideas;
evaluations of new or known techniques in practical settings; and
discussions of emerging threats and important problems.
The scope of PLAS includes, but is not limited to:
- Language-based techniques for security
- Verification of security properties in software
- Automated introduction and/or verification of security enforcement mechanisms
- Program analysis techniques for discovering security vulnerabilities
- Compiler-based security mechanisms, such as host-based intrusion detection and in-line reference monitors
- Specifying and enforcing security policies for information flow and access control
- Model-driven approaches to security
- Applications, examples, and implementations of these security techniques
We invite papers of two kinds:
Papers submitted for the long format should contain relatively mature content. Short format papers can also contain mature work,
but may present more preliminary work, position statements, or work that is more exploratory in nature.
Long papers will appear in a formal proceedings. Short papers fall into two categories:
formal short papers to appear in the proceedings, and informal short papers that will not;
authors choose the category at the time of submission.
The idea is to allow prospective participants to talk about less mature work that is not yet ready for formal publication.
- Technical papers for long presentations, and
- Exploratory papers for short presentations.
Papers to appear in the proceedings must describe work unpublished in refereed venues,
and not submitted for publication elsewhere (including journals and formal proceedings of other conferences and workshops).
See the SIGPLAN republication policy for more details.
Informal short presentations will have their abstracts included in the final proceedings, and may include previously-published material,
which should be cited in the submission. Informal short presentations are not precluded for future publication at other conference venues
or journals. Authors must indicate that they do not intend their paper to appear in the proceedings by prepending Informal Presentation
to the title of the submitted paper.
Submitted papers must be formatted according the ACM proceedings format using 10pt fonts:
long submissions should not exceed 12 pages in this format; short submissions should not exceed 6 pages.
These page limits include everything (they are the total length of the paper). Papers submitted for the long category may be accepted as
short presentations at the program committee's discretion.
Submissions should be in Adobe Portable Document Format (PDF) (preferably) or
that is interpretable by
Ghostscript and printable on US Letter and A4 sized paper.
Templates for SIGPLAN-approved LaTeX
format can be found at the Author Information for SIGPLAN Conferences
Web page. We recommend using this format, which improves greatly on the ACM-approved LaTeX
Papers can be submitted through the PLAS 2008 submission Web site hosted by EasyChair at
Notice that if you do not already have an EasyChair account, you will be required to create one.
The submission deadline is March 24, 2008. Revised papers are due at 9 AM EDT on May 9, 2008.
The printed proceedings of PLAS 2008 will be made available to the participants at the workshop, and its papers will be published in the
ACM Digital Library. The following two selected papers will also be published in an issue of
ACM SIGPLAN Notices:
- Avik Chaudhuri, Prasad Naldurg, and Sriram Rajamani. A Type System for Data-Flow Integrity on Windows Vista.
- Nikhil Swamy and Michael Hicks. Verified Enforcement of Stateful Information Release Policies.
- Gilles Barthe, INRIA Sophia-Antipolis, France
- Bruno Blanchet, École Normale Supérieure, France
- Andy Chou, Coverity, USA
- Mads Dam, Royal Institute of Technology, Sweden
- Úlfar Erlingsson, Reykjavík University, Iceland
- Heiko Mantel, Technische Universität Darmstadt, Germany
- Isabella Mastroeni, Università di Verona, Italy
- Greg Morrisett, Harvard University, USA
- Andrew Myers, Cornell University, USA
- David Naumann, Stevens Institute of Technology, USA
- Marco Pistoia, IBM T. J. Watson Research Center, USA
- Eijiro Sumii, Tohoku University, Japan
- Dan Wallach, Rice University, USA
ACM Special Interest Group on
Generous support from IBM
Research and Microsoft
Research makes it possible for PLAS 2008 to offer travel grants for
students attending the workshop, in addition to the travel grants
provided by PLDI. Students should fill out the application form (Adobe Acrobat Reader is
needed). The deadline for submitting a Student Travel Grant Application is
Friday, May 30, 2008.
Registration to PLAS 2008 is via the PLDI 2008 registration.
PLAS 2008 will be held in conjunction with PLDI 2008
at the Loews
Ventana Canyon Resort. Please refer to the PLDI 2008 hotel information
Web page for conference hotel rates and other details. The
reservation deadline for conference rates is May 7, 2008.