Formal Aspects in Security and Trust

The present volume contains the proceedings of the 6th International workshop on Formal Aspects of Security and Trust (fast 2009), held in Eindhoven, The Netherlands, 5 6 November 2009, as part of Formal Methods Week 2009. fast is sponsored by IFIP WG 1.7 on Foundations of Security Analysis and Design. The previous ?ve fast workshop editions have fostered cooperation among researchers in the areas of security and trust, and we aimed to continue this tradition. As computing and networkinfrastructures become increasingly per- sive, and as they carry increasing economic activity, society needs well-matched security and trust mechanisms. These interactions increasingly span several - terprises and involve loosely structured communities of individuals. Participants in these activities must control interactions with their partners based on trust policies and business logic. Trust-based decisions e?ectively determine the se- ritygoalsforsharedinformationandfor accessto sensitiveorvaluableresources. fast sought original papers focusing of formal aspects of: security and trust policy models; security protocol design and analysis; formal models of trust and reputation; logics for security and trust; distributed trust management s- tems; trust-based reasoning; digital assets protection; data protection; privacy and id issues; information ?ow analysis; language-based security; security and trust aspects in ubiquitous computing; validation/analysis tools; Web service security/trust/privacy; grid security; security risk assessment; and case studies. The fast proceedings contain in addition to an abstract of the invited talk by Anindya Banerjee revisionsoffull papersacceptedforpresentationat fast.

Up-to-date results

Invited Lecture.- Semantics and Enforcement of Expressive Information Flow Policies.- Session 1. Trust.- An Algebra for Trust Dilution and Trust Fusion.- HMM-Based Trust Model.- Deriving Trust from Experience.- Reflections on Trust: Trust Assurance by Dynamic Discovery of Static Properties.- Session 2. Workflow and Orchestration.- Model Checking of Security-Sensitive Business Processes.- Session 3. Secure Flow.- Analysing the Information Flow Properties of Object-Capability Patterns.- Applied Quantitative Information Flow and Statistical Databases.- Specification and Verification of Side Channel Declassification.- Secure Information Flow for Distributed Systems.- Session 4. Mobility and Deniability.- Probable Innocence in the Presence of Independent Knowledge.- A Calculus of Trustworthy Ad Hoc Networks.- Session 5. Protocols 1.- Comparison of Cryptographic Verification Tools Dealing with Algebraic Properties.- Game-Based Verification of Multi-Party Contract Signing Protocols.- Attack, Solution and Verification for Shared Authorisation Data in TCG TPM.- Session 6. Protocols 2.- Trusted Multiplexing of Cryptographic Protocols.- Specifying and Modelling Secure Channels in Strand Spaces.- Session 7. Protocols 3.- Integrating Automated and Interactive Protocol Verification.- A User Interface for a Game-Based Protocol Verification Tool.