Write a Blog >>
ICSE 2022
Sun 8 - Fri 27 May 2022
Mon 9 May 2022 22:10 - 22:15 at ICSE room 4-even hours - Validation and Verification 3 Chair(s): Yu Feng
Tue 10 May 2022 12:20 - 12:25 at ICSE room 3-even hours - Validation and Verification 6 Chair(s): Miguel Goulao
Wed 25 May 2022 11:25 - 11:30 at Ballroom A - Papers 5: Validation and Verification Chair(s): Shiva Nejati

Due to ubiquitous use of software services, protecting the confidentiality of private information stored in compute clouds is becoming an increasingly critical problem. Although access control specification languages and libraries provide mechanisms for protecting confidentiality of information, without verification and validation techniques that can assist developers in writing policies, complex policy specifications are likely to have errors that can lead to unintended and unauthorized access to data, possibly with disastrous consequences. In this paper, we present a quantitative and differential policy analysis framework that not only identifies if one policy is more permissive than another policy, but also quantifies the relative permissiveness of access control policies. We quantify permissiveness of policies using a model counting constraint solver. We present a heuristic that transforms constraints extracted from access control policies and significantly improves the model counting performance. We demonstrate the effectiveness of our approach by applying it to policies written in Amazon’s AWS Identity and Access Management (IAM) policy language and Microsoft’s Azure policy language.

Mon 9 May

Displayed time zone: Eastern Time (US & Canada) change

22:00 - 23:00
Validation and Verification 3SEIP - Software Engineering in Practice / Technical Track at ICSE room 4-even hours
Chair(s): Yu Feng University of California at Santa Barbara
22:00
5m
Talk
Verifying Dynamic Trait Objects in Rust
SEIP - Software Engineering in Practice
Alexa VanHattum Cornell University, Daniel Schwartz-Narbonne Amazon, n.n., Nathan Chong Amazon, Adrian Sampson Cornell University
Pre-print Media Attached
22:05
5m
Talk
Linear-time Temporal Logic guided Greybox Fuzzing
Technical Track
Ruijie Meng National University of Singapore, Singapore, Zhen Dong Fudan University, China, Jialin Li National University of Singapore, Singapore, Ivan Beschastnikh University of British Columbia, Abhik Roychoudhury National University of Singapore
DOI Pre-print Media Attached
22:10
5m
Talk
Quantifying Permissiveness of Access Control Policies
Technical Track
William Eiers University of California at Santa Barbara, USA, Ganesh Sankaran University of California Santa Barbara, Albert Li University of California Santa Barbara, Emily O'Mahony University of California Santa Barbara, Benjamin Prince University of California Santa Barbara, Tevfik Bultan University of California, Santa Barbara
Pre-print Media Attached
22:15
5m
Talk
Analyzing User Perspectives on Mobile App Privacy at Scale
Technical Track
Preksha Nema Google Inc., Pauline Anthonysamy Google Inc., Nina Taft Google Inc., Sai Teja Peddinti Google Inc.
Pre-print Media Attached

Tue 10 May

Displayed time zone: Eastern Time (US & Canada) change

12:00 - 13:00
12:00
5m
Talk
Verification of Consistency between Process Models, Object Life Cycles, and Context-dependent Semantic Specifications
Journal-First Papers
Ralph Hoch Institute of Computer Technology, TU Wien, Christoph Luckeneder Vienna University of Technology, Roman Popp TU Wien, Vienna, Austria, Hermann Kaindl Institute of Computer Technology, TU Wien
Link to publication DOI Pre-print Media Attached
12:05
5m
Talk
Evaluating Commit Message Generation: To BLEU Or Not To BLEU?
NIER - New Ideas and Emerging Results
Samanta Dey Chennai Mathematical Institute, Venkatesh Vinayakarao Chennai Mathematical Institute, Monika Gupta IBM Research India, Sampath Dechu IBM Research
Link to publication DOI Pre-print Media Attached
12:10
5m
Talk
Verifying Dynamic Trait Objects in Rust
SEIP - Software Engineering in Practice
Alexa VanHattum Cornell University, Daniel Schwartz-Narbonne Amazon, n.n., Nathan Chong Amazon, Adrian Sampson Cornell University
Pre-print Media Attached
12:15
5m
Talk
Verification of ORM-based Controllers by Summary Inference
Technical Track
Geetam Chawla Indian Insitute of Science, Bangalore, Navneet Aman Indian Institute of Science, Bangalore, Raghavan Komondoor IISc Bengaluru, Ashish Shashikant Bokil Indian Institute of Science, Bangalore, Nilesh Ramesh Kharat Indian Institute of Science, Bangalore
Pre-print Media Attached
12:20
5m
Talk
Quantifying Permissiveness of Access Control Policies
Technical Track
William Eiers University of California at Santa Barbara, USA, Ganesh Sankaran University of California Santa Barbara, Albert Li University of California Santa Barbara, Emily O'Mahony University of California Santa Barbara, Benjamin Prince University of California Santa Barbara, Tevfik Bultan University of California, Santa Barbara
Pre-print Media Attached

Wed 25 May

Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:30
Papers 5: Validation and VerificationSEIP - Software Engineering in Practice / Technical Track / Journal-First Papers at Ballroom A
Chair(s): Shiva Nejati University of Ottawa
11:00
5m
Talk
Linear-time Temporal Logic guided Greybox Fuzzing
Technical Track
Ruijie Meng National University of Singapore, Singapore, Zhen Dong Fudan University, China, Jialin Li National University of Singapore, Singapore, Ivan Beschastnikh University of British Columbia, Abhik Roychoudhury National University of Singapore
DOI Pre-print Media Attached
11:05
5m
Talk
Verification of Consistency between Process Models, Object Life Cycles, and Context-dependent Semantic Specifications
Journal-First Papers
Ralph Hoch Institute of Computer Technology, TU Wien, Christoph Luckeneder Vienna University of Technology, Roman Popp TU Wien, Vienna, Austria, Hermann Kaindl Institute of Computer Technology, TU Wien
Link to publication DOI Pre-print Media Attached
11:10
5m
Talk
GraphFuzz: Library API Fuzzing with Lifetime-aware Dataflow Graphs
Technical Track
Harrison Green ForAllSecure, Thanassis Avgerinos ForAllSecure
DOI Pre-print Media Attached
11:15
5m
Talk
ExAIS: Executable AI Semantics
Technical Track
Richard Schumi Singapore Management University, Jun Sun Singapore Management University
Pre-print Media Attached
11:20
5m
Talk
Verifying Dynamic Trait Objects in Rust
SEIP - Software Engineering in Practice
Alexa VanHattum Cornell University, Daniel Schwartz-Narbonne Amazon, n.n., Nathan Chong Amazon, Adrian Sampson Cornell University
Pre-print Media Attached
11:25
5m
Talk
Quantifying Permissiveness of Access Control Policies
Technical Track
William Eiers University of California at Santa Barbara, USA, Ganesh Sankaran University of California Santa Barbara, Albert Li University of California Santa Barbara, Emily O'Mahony University of California Santa Barbara, Benjamin Prince University of California Santa Barbara, Tevfik Bultan University of California, Santa Barbara
Pre-print Media Attached
11:30
5m
Talk
Fuzzing Class Specifications
Technical Track
Facundo Molina University of Rio Cuarto and CONICET, Argentina, Marcelo d'Amorim Federal University of Pernambuco, Nazareno Aguirre University of Rio Cuarto and CONICET, Argentina
Pre-print Media Attached

Information for Participants
Mon 9 May 2022 22:00 - 23:00 at ICSE room 4-even hours - Validation and Verification 3 Chair(s): Yu Feng
Info for room ICSE room 4-even hours:

Click here to go to the room on Midspace

Tue 10 May 2022 12:00 - 13:00 at ICSE room 3-even hours - Validation and Verification 6 Chair(s): Miguel Goulao
Info for room ICSE room 3-even hours:

Click here to go to the room on Midspace