| 2008 | A Browser-Based Kerberos Authentication Scheme. Sebastian Gajek, Tibor Jager, Mark Manulis, Jörg Schwenk |
| 2008 | A Distributed Implementation of the Certified Information Access Service. Carlo Blundo, Emiliano De Cristofaro, Aniello Del Sorbo, Clemente Galdi, Giuseppe Persiano |
| 2008 | A Framework for the Analysis of Mix-Based Steganographic File Systems. Claudia Díaz, Carmela Troncoso, Bart Preneel |
| 2008 | A Low-Variance Random-Walk Procedure to Provide Anonymity in Overlay Networks. Juan Pedro Muñoz-Gea, Josemaria Malgosa-Sanahuja, Pilar Manzanares-Lopez, Juan Carlos Sánchez-Aarnoutse, Joan García-Haro |
| 2008 | A New Formal Proof Model for RFID Location Privacy. JungHoon Ha, Sang-Jae Moon, Jianying Zhou, JaeCheol Ha |
| 2008 | Access Control Friendly Query Verification for Outsourced Data Publishing. Hong Chen, Xiaonan Ma, Windsor W. Hsu, Ninghui Li, Qihua Wang |
| 2008 | An Adaptive Policy-Based Approach to SPIT Management. Yannis Soupionis, Stelios Dritsas, Dimitris Gritzalis |
| 2008 | CPU Bugs, CPU Backdoors and Consequences on Security. Loïc Duflot |
| 2008 | CROO: A Universal Infrastructure and Protocol to Detect Identity Fraud. Deholo Nali, Paul C. van Oorschot |
| 2008 | Code-Carrying Authorization. Sergio Maffeis, Martín Abadi, Cédric Fournet, Andrew D. Gordon |
| 2008 | Compositional Refinement of Policies in UML - Exemplified for Access Control. Bjørnar Solhaug, Ketil Stølen |
| 2008 | Computer Security - ESORICS 2008, 13th European Symposium on Research in Computer Security, Málaga, Spain, October 6-8, 2008. Proceedings Sushil Jajodia, Javier López |
| 2008 | Cryptographic Protocol Explication and End-Point Projection. Jay A. McCarthy, Shriram Krishnamurthi |
| 2008 | Disclosure Analysis and Control in Statistical Databases. Yingjiu Li, Haibing Lu |
| 2008 | Dismantling MIFARE Classic. Flavio D. Garcia, Gerhard de Koning Gans, Ruben Muijrers, Peter van Rossum, Roel Verdult, Ronny Wichers Schreur, Bart Jacobs |
| 2008 | Distributed Authorization by Multiparty Trust Negotiation. Charles C. Zhang, Marianne Winslett |
| 2008 | Efficient Handling of Adversary Attacks in Aggregation Applications. Gelareh Taban, Virgil D. Gligor |
| 2008 | Eureka: A Framework for Enabling Static Malware Analysis. Monirul Islam Sharif, Vinod Yegneswaran, Hassen Saïdi, Phillip A. Porras, Wenke Lee |
| 2008 | Exploring User Reactions to New Browser Cues for Extended Validation Certificates. Jennifer Sobey, Robert Biddle, Paul C. van Oorschot, Andrew S. Patrick |
| 2008 | Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks. Michael Backes, Boris Köpf |
| 2008 | Human Readable Paper Verification of Prêt à Voter. David Lundin, Peter Y. A. Ryan |
| 2008 | Identifying Critical Attack Assets in Dependency Attack Graphs. Reginald E. Sawilla, Xinming Ou |
| 2008 | Improved Security Notions and Protocols for Non-transferable Identification. Carlo Blundo, Giuseppe Persiano, Ahmad-Reza Sadeghi, Ivan Visconti |
| 2008 | Modeling Privacy Insurance Contracts and Their Utilization in Risk Management for ICT Firms. Athanasios N. Yannacopoulos, Costas Lambrinoudakis, Stefanos Gritzalis, Stylianos Z. Xanthopoulos, Sokratis K. Katsikas |
| 2008 | Multiprimary Support for the Availability of Cluster-Based Stateful Firewalls Using FT-FW. Pablo Neira Ayuso, Rafael M. Gasca, Laurent Lefèvre |
| 2008 | New Considerations about the Correct Design of Turbo Fingerprinting Codes. Joan Tomàs-Buliart, Marcel Fernandez, Miguel Soriano |
| 2008 | On the Security of Delegation in Access Control Systems. Qihua Wang, Ninghui Li, Hong Chen |
| 2008 | Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory. Chengpo Mu, X. J. Li, Houkuan Huang, Shengfeng Tian |
| 2008 | RFID Privacy Models Revisited. Ching Yu Ng, Willy Susilo, Yi Mu, Reihaneh Safavi-Naini |
| 2008 | Remote Integrity Check with Dishonest Storage Server. Ee-Chien Chang, Jia Xu |
| 2008 | Security Provisioning in Pervasive Environments Using Multi-objective Optimization. Rinku Dewri, Indrakshi Ray, Indrajit Ray, L. Darrell Whitley |
| 2008 | Sharemind: A Framework for Fast Privacy-Preserving Computations. Dan Bogdanov, Sven Laur, Jan Willemson |
| 2008 | State Space Reduction in the Maude-NRL Protocol Analyzer. Santiago Escobar, Catherine Meadows, José Meseguer |
| 2008 | Strongly-Resilient and Non-interactive Hierarchical Key-Agreement in MANETs. Rosario Gennaro, Shai Halevi, Hugo Krawczyk, Tal Rabin, Steffen Reidt, Stephen D. Wolthusen |
| 2008 | Structured Peer-to-Peer Overlay Networks: Ideal Botnets Command and Control Infrastructures?. Carlton R. Davis, Stephen Neville, José M. Fernandez, Jean-Marc Robert, John McHugh |
| 2008 | Symmetric Key Approaches to Securing BGP - A Little Bit Trust Is Enough. Bezawada Bruhadeshwar, Sandeep S. Kulkarni, Alex X. Liu |
| 2008 | TRACE: Zero-Down-Time Database Damage Tracking, Quarantine, and Cleansing with Negligible Run-Time Overhead. Kun Bai, Meng Yu, Peng Liu |
| 2008 | Termination-Insensitive Noninterference Leaks More Than Just a Bit. Aslan Askarov, Sebastian Hunt, Andrei Sabelfeld, David Sands |