• Hallett, J., Foley, S. N., Manda, D., Gardiner, J., Jonckers, D., Joosen, W., & Rashid, A. (2022). Threat-Driven Dynamic Security Policies for Cyber-Physical Infrastructures. In Critical Information Infrastructures Security - 17th International Conference, CRITIS 2022, Munich, Germany, September 14-16, 2022, Revised Selected Papers (Vol. 13723, pp. 9–26). Springer. Retrieved from https://simonnfoley.github.io/pubs/critis2022.pdf [link]
  • M.I. Khan, S. N. F., & O’Sullivan, B. (2020). Quantitatively Measuring Privacy in Interactive Query Settings Within RDBMS Framework. Frontiers of Big Data: Cybersecurity and Privacy. Retrieved from https://doi.org/10.3389/fdata.2020.00011 [link]
  • Khan, M. I., Foley, S. N., & O’Sullivan, B. (2020). Towards Privacy-anomaly Detection: Discovering Correlation between Privacy and Security-anomalies. In E. M. Shakshuki & A.-U.-H. Yasar (Eds.), The 17th International Conference on Mobile Systems and Pervasive Computing (MobiSPC 2020) / The 15th International Conference on Future Networks and Communications (FNC-2020) / The 10th International Conference on Sustainable Energy Information Technology, Leuven, Belgium, August 9-12, 2020 (Vol. 175, pp. 331–339). Elsevier. https://doi.org/10.1016/j.procs.2020.07.048 [link]
  • Foley, S. N., & Rooney, V. M. (2019). Social Constructionism in security protocols: A position on human experience, psychology and security. In Proceedings of the 27th International Workshop on Security Protocols, in press. Springer LNCS. Retrieved from https://simonnfoley.github.io/pubs/spw2019.pdf [link]
  • M.I. Kahn, B. O. S., S.N. Foley. (2019). PriDe: A Quantitative Measure of Privacy- Loss in Interactive Querying Settings. In 10th IFIP International Conference on New Technologies, Mobility and Security.
  • Foley, S. N., & Rooney, V. M. (2019). Social Constructionism in security protocols: Transcript of discussion. In Proceedings of the 27th International Workshop on Security Protocols, in press. Springer LNCS. Retrieved from https://simonnfoley.github.io/pubs/spw2019t.pdf [link]
  • Kahn, I. M., Foley, S. N., & O’Sullivan, B. (2019). Computing the Identification Capability of SQL Queries for Privacy Comparison. In Proceedings 5th ACM International Workshop on Security and Privacy Analytics (IWSPA@CODASPY 2019). ACM press.
  • Kahn, I. M., O’Sullivan, B., & Foley, S. N. (2018). Towards Modelling Insiders Behaviour as Rare Behaviour to Detect Malicious RDBMS Access. In In proceedings of Workshop on Big Data Analytic for Cyber Crime Investigation and Prevention @ BigData 2018. IEEE Press.
  • Cledel, T., Foley, S. N., Cuppens, N., Cuppens, F., Dubois, F., Laarouchi, Y., & Comte, G. L. (2018). Towards the evaluation of end-to-end resilience through external consistency. In In proceedings 10th International Symposium on Cyberspace Safety and Security (CSS). Springer LNCS 11161.
  • Neville, U. M., & Foley, S. N. (2018). Reasoning About Firewall Policies Through Refinement and Composition. Journal of Computer Security, 26(2), 207–254. Retrieved from https://simonnfoley.github.io/pubs/jcs2018.pdf [link]
  • Rooney, V. M., & Foley, S. N. (2018). An online consent maturity model: moving from acceptable use towards ethical practice. In New Security Paradigms Workshop (NSPW 2018). ACM press. Retrieved from https://simonnfoley.github.io/pubs/nspw2018.pdf [link]
  • Foley, S. N., & Rooney, V. M. (2018). A Grounded Theory approach to security policy elicitation. Information and Computer Security Journal, 26(4), 454–471. https://doi.org/10.1108/ICS-12-2017-0086 [link]
  • Rooney, V. M., & Foley, S. N. (2018). What you can change and what you can’t: human experience in computer network defenses. In In proceedings Nordic Conference on Secure IT Systems. Springer LNCS 11252. Retrieved from https://simonnfoley.github.io/pubs/nordsec2018.pdf [link]
  • Foley, S. N., Autrel, F., Bourget, E., Cledel, T., Gruenwald, S., Rubio-Hernan, J., … Vanhulst, K. (2018). Science hackathons for cyber-physical system security research: Putting CPS testbed platforms to good use. In In proceedings ACM Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC at ACM CCS). ACM press. Retrieved from https://simonnfoley.github.io/pubs/acmCPSSPC.pdf [link]
  • Bourget, E., Cuppens, F., Cuppens-Boulahia, N., Dubus, S., Foley, S. N., & Laarouchi, Y. (2018). Probabilistic Event Graph to Model Safety and Security for Diagnosis Purposes. In Data and Applications Security and Privacy XXXII - 32nd Annual IFIP WG 11.3 Conference, DBSec 2018, 2018, Proceedings (pp. 38–47).
  • Kahn, M. I., Foley, S. N., & O’Sullivan, B. (2017). On database intrusion detection: Query analytics based model of normative behavior to detect insider attacks. In 7th International Conference on Communication and Network Security.
  • Pieczul, O., Foley, S. N., & Zurko, M. E. (2017). Developer-centered security and the symmetry of ignorance. In New Security Paradigms Workshop (NSPW 2017). Retrieved from https://simonnfoley.github.io/pubs/nspw2017.pdf [link]
  • Foley, S. N. (2017). Getting security objectives wrong: a cautionary tale of an Industrial Control System. In International Workshop on Security Protocols. Retrieved from https://simonnfoley.github.io/pubs/spw2017.pdf [link]
  • Rooney, V. M., & Foley, S. N. (2017). What users want: adapting qualitative research methods to security policy requirements elicitation. In Proceedings of the International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017. Retrieved from https://simonnfoley.github.io/pubs/secpre2017.pdf [link]
  • Kahn, M. I., O’Sullivan, B., & Foley, S. N. (2017). A semantic approach to frequency based anomaly detection of insider access in database management systems. In International Conference on Risks and Security of Internet and Systems.
  • Pieczul, O., & Foley, S. N. (2016). The evolution of a security control. In International Workshop on Security Protocols, to appear. Retrieved from https://simonnfoley.github.io/pubs/secprot2016.pdf [link]
  • Neville, U., & Foley, S. N. (2016). Reasoning About Firewall Policies Through Refinement and Composition. In IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec2016). Retrieved from https://simonnfoley.github.io/pubs/dbsec2016-FW.pdf [link]
  • Pieczul, O., & Foley, S. N. (2016). Runtime detection of zero-day vulnerability exploits in contemporary software systems. In IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec2016). Retrieved from https://simonnfoley.github.io/pubs/dbsec2016-struts.pdf [link]
  • Kahn, M. I., & Foley, S. N. (2016). Detecting anomalous behavior in DBMS logs. In International Conference on Risks and Security of Internet and Systems (CRiSIS2016).
  • Foley, S. N., & Neville, U. (2015). A firewall algebra for OpenStack. In Workshop on security and privacy in the cloud (IEEE CNS). Retrieved from https://simonnfoley.github.io/pubs/spc-2015.pdf [link]
  • Pieczul, O., & Foley, S. N. (2015). The Dark Side of the Code. In International Workshop on Security Protocols (Vol. 9379). Springer. https://doi.org/10.1007/978-3-319-26096-9_1 [link]
  • Foley, S. N., & Pieczul, O. (2015). The Dark Side of the Code (Transcript of Discussion). In Security Protocols XXIII (Vol. 9379). Springer. https://doi.org/10.1007/978-3-319-26096-9_2 [link]
  • Pieczul, O., Foley, S. N., & Rooney, V. M. (2014). I’m OK, You’re OK, the System’s OK: Normative Security for Systems. In Proceedings of the 2014 workshop on New Security Paradigms Workshop, Victoria, BC, Canada, September 15-18, 2014 (pp. 95–104). https://doi.org/10.1145/2683467.2683476 [link]
  • Brennan, R., Etzioni, Z., Feeney, K., O’Sullivan, D., Fitzgerald, W. M., & Foley, S. N. (2014). Consumer-Managed Federated Homes. IEEE Communications Magazine, 52(6), 194–201. https://doi.org/10.1109/MCOM.2014.6829964 [link]
  • Pieczul, O., & Foley, S. N. (2014). Collaborating as Normal: Detecting Systemic Anomalies in Your Partner. In Security Protocols XXII - 22nd International Workshop Cambridge, UK, March 19-21, 2014 Revised Selected Papers (pp. 18–27). https://doi.org/10.1007/978-3-319-12400-1_3 [link]
  • Foley, S. N. (2014). Collaborating as Normal: Detecting Systemic Anomalies in Your Partner (Transcript of Discussion). In Security Protocols XXII - 22nd International Workshop Cambridge, UK, March 19-21, 2014 Revised Selected Papers (pp. 28–37). https://doi.org/10.1007/978-3-319-12400-1_4 [link]
  • Foley, S. N. (2014). Noninterference Analysis of Delegation Subterfuge in Distributed Authorization Systems. Journal of Trust Management, 1(11). Retrieved from https://simonnfoley.github.io/pubs/ifiptm2013.pdf [link]
  • Garcı́a-Alfaro Joaquı́n, Lioudakis, G. V., Cuppens-Boulahia, N., Foley, S. N., & Fitzgerald, W. M. (Eds.). (2014). Data Privacy Management and Autonomous Spontaneous Security - 8th International Workshop, DPM 2013, and 6th International Workshop, SETOP 2013, Egham, UK, September 12-13, 2013, Revised Selected Papers (Vol. 8247). Springer. https://doi.org/10.1007/978-3-642-54568-9 [link]
  • Foley, S. N. (2013). Noninterference Analysis of Delegation Subterfuge in Distributed Authorization Systems. In Trust Management VII - 7th IFIP WG 11.11 International Conference, IFIPTM 2013, Malaga, Spain, June 3-7, 2013. Proceedings (pp. 193–207). https://doi.org/10.1007/978-3-642-38323-6_14 [link]
  • Foley, S. N., & Navarro-Arribas, G. (2013). A Bloom Filter Based Model for Decentralized Authorization. Int. J. Intell. Syst., 28(6), 565–582. https://doi.org/10.1002/int.21593 [link]
  • Turkmen, F., Foley, S. N., O’Sullivan, B., Fitzgerald, W. M., Hadzic, T., Basagiannis, S., & Boubekeur, M. (2013). Explanations and Relaxations for Policy Conflicts in Physical Access Control. In 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, Herndon, VA, USA, November 4-6, 2013 (pp. 330–336). https://doi.org/10.1109/ICTAI.2013.57 [link]
  • Fitzgerald, W. M., Neville, U., & Foley, S. N. (2013). MASON: Mobile autonomic security for network access controls. J. Inf. Sec. Appl., 18(1), 14–29. https://doi.org/10.1016/j.jisa.2013.08.001 [link]
  • Pieczul, O., & Foley, S. N. (2013). Discovering emergent norms in security logs. In Communications and Network Security (CNS - SafeConfig), 2013 IEEE Conference on (pp. 438–445). https://doi.org/10.1109/CNS.2013.6682758 [link]
  • Fitzgerald, W. M., & Foley, S. N. (2013). Avoiding Inconsistencies in the Security Content Automation Protocol. In 6th IEEE Symposium on Security Analytics and Automation. Retrieved from https://simonnfoley.github.io/pubs/safeconfig2013.pdf [link]
  • Mercadal, E., Navarro-Arribas, G., Foley, S. N., & Borrell, J. (2012). Towards efficient access control in a mobile agent based wireless sensor network. In F. Martinelli, J.-}L. Lanet, W. M. Fitzgerald, & S. N. Foley (Eds.), 7th International Conference on Risks and Security of Internet and Systems, CRiSIS 2012, Cork, Ireland, October 10-12, 2012 (pp. 1–4). {IEEE} Computer Society. https://doi.org/10.1109/CRISIS.2012.6378940 [link]
  • Martinelli, F., Lanet, J.-L., Fitzgerald, W. M., & Foley, S. N. (Eds.). (2012). 7th International Conference on Risks and Security of Internet and Systems, CRiSIS 2012, Cork, Ireland, October 10-12, 2012. IEEE Computer Society. Retrieved from https://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6362373 [link]
  • Zhou, H., & Foley, S. N. (2012). Fast automatic security protocol generation. Journal of Computer Security, 20(2-3), 119–167. https://doi.org/10.3233/JCS-2011-0432 [link]
  • Fitzgerald, W. M., Turkmen, F., Foley, S. N., & O’Sullivan, B. (2012). Anomaly analysis for Physical Access Control security configuration. In F. Martinelli, J.-}L. Lanet, W. M. Fitzgerald, & S. N. Foley (Eds.), 7th International Conference on Risks and Security of Internet and Systems, CRiSIS 2012, Cork, Ireland, October 10-12, 2012 (pp. 1–8). {IEEE} Computer Society. https://doi.org/10.1109/CRISIS.2012.6378953 [link]
  • Foley, S. N., & Fitzgerald, W. M. (2012). Decentralized Semantic Threat Graphs. In Data and Applications Security and Privacy XXVI - 26th Annual IFIP WG 11.3 Conference, DBSec 2012, Paris, France, July 11-13,2012. Proceedings (pp. 177–192). https://doi.org/10.1007/978-3-642-31540-4_14 [link]
  • Fitzgerald, W. M., Neville, U., & Foley, S. N. (2012). Automated Smartphone Security Configuration. In Data Privacy Management and Autonomous Spontaneous Security, 7th International Workshop, DPM 2012, and 5th International Workshop, SETOP 2012, Pisa, Italy, September 13-14, 2012. Revised Selected Papers (pp. 227–242). https://doi.org/10.1007/978-3-642-35890-6_17 [link]
  • Martinelli, F., Lanet, J.-L., Fitzgerald, W. M., & Foley, S. N. (Eds.). (2012). 7th International Conference on Risks and Security of Internet and Systems, CRiSIS 2012, Cork, Ireland, October 10-12, 2012. IEEE Computer Society. Retrieved from https://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6362373 [link]
  • Cuppens, F., Foley, S. N., Groza, B., & Minea, M. (Eds.). (2011). CRiSIS 2011, Proceedings of the Sixth International Conference on Risks and Security of Internet and Systems, Timişoara, Romania, September 26-28, 2011. IEEE Computer Society. Retrieved from https://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6051620 [link]
  • Fitzgerald, W. M., & Foley, S. N. (2011). Aligning Semantic Web applications with network access controls. Computer Standards & Interfaces, 33(1), 24–34. https://doi.org/10.1016/j.csi.2009.10.002 [link]
  • Martı́nez-Garcı́a Carles, Navarro-Arribas, G., Foley, S. N., Torra, V., & Borrell, J. (2011). Flexible secure inter-domain interoperability through attribute conversion. Inf. Sci., 181(16), 3491–3507. https://doi.org/10.1016/j.ins.2011.04.023 [link]
  • Foley, S. N., & Fitzgerald, W. M. (2011). Management of security policy configuration using a Semantic Threat Graph approach. Journal of Computer Security, 19(3), 567–605. https://doi.org/10.3233/JCS-2011-0421 [link]
  • Feeney, K., Foley, S. N., & Brennan, R. (2011). A Trust Model for Capability Delegation in Federated Policy Systems. In F. Cuppens, S. N. Foley, B. Groza, & M. Minea (Eds.), CRiSIS 2011, Proceedings of the Sixth International Conference on Risks and Security of Internet and Systems, Timişoara, Romania, September 26-28, 2011 (pp. 47–54). {IEEE} Computer Society. https://doi.org/10.1109/CRiSIS.2011.6061828 [link]
  • Foley, S. N., & Abdi, S. (2011). Avoiding Delegation Subterfuge Using Linked Local Permission Names. In Formal Aspects of Security and Trust - 8th International Workshop, FAST 2011, Leuven, Belgium, September 12-14, 2011. Revised Selected Papers (pp. 100–114). https://doi.org/10.1007/978-3-642-29420-4_7 [link]
  • Brennan, R., Etzioni, Z., Keeney, J., Feeney, K., O’Sullivan, D., Fitzgerald, W. M., & Foley, S. N. (2011). Federated autonomic management of HAN services. In Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, IM 2011, Dublin, Ireland, 23-27 May 2011 (pp. 646–649). https://doi.org/10.1109/INM.2011.5990646 [link]
  • Foley, S. N., & Adams, W. M. (2011). Trust management of XMPP federation. In Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, IM 2011, Dublin, Ireland, 23-27 May 2011 (pp. 1192–1195). https://doi.org/10.1109/INM.2011.5990581 [link]
  • Fitzgerald, W. M., & Foley, S. N. (2011). Reasoning about the Security Configuration of SAN Switch Fabrics. In 4th Symposium on Configuration Analytics and Automation, SafeConfig 2011, Arlington, VA, USA, October 31 - November 1, 2011. https://doi.org/10.1109/SafeConfig.2011.6111673 [link]
  • Foley, S. N., Fitzgerald, W. M., & Adams, W. M. (2011). Federated Autonomic Network Access Control. In 4th Symposium on Configuration Analytics and Automation, SafeConfig 2011, Arlington, VA, USA, October 31 - November 1, 2011. https://doi.org/10.1109/SafeConfig.2011.6111668 [link]
  • Cuppens, F., Foley, S. N., Groza, B., & Minea, M. (Eds.). (2011). CRiSIS 2011, Proceedings of the Sixth International Conference on Risks and Security of Internet and Systems, Timişoara, Romania, September 26-28, 2011. IEEE Computer Society. Retrieved from https://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6051620 [link]
  • Fitzgerald, W. M., & Foley, S. N. (2011). Reasoning about the Security Configuration of SAN Switch Fabrics. In 4th Symposium on Configuration Analytics and Automation, (SafeConfig), Arlington, VA, USA. Retrieved from https://simonnfoley.github.io/pubs/safeconf2011.pdf [link]
  • Foley, S. N., & Moss, H. (2010). A risk-metric framework for enterprise risk management. IBM Journal of Research and Development, 54(3), 3. https://doi.org/10.1147/JRD.2010.2043403 [link]
  • Bistarelli, S., Foley, S. N., O’Sullivan, B., & Santini, F. (2010). Semiring-based frameworks for trust propagation in small-world networks and coalition formation criteria. Security and Communication Networks, 3(6), 595–610. https://doi.org/10.1002/sec.252 [link]
  • Feeney, K., Brennan, R., & Foley, S. N. (2010). A trust model for capability delegation in federated policy systems. In Proceedings of the 6th International Conference on Network and Service Management, CNSM 2010, Niagara Falls, Canada, October 25-29, 2010 (pp. 226–229). https://doi.org/10.1109/CNSM.2010.5691300 [link]
  • Fitzgerald, W. M., & Foley, S. N. (2010). Management of heterogeneous security access control configuration using an ontology engineering approach. In 3rd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig 2010, Chicago, IL, USA, October 4, 2010 (pp. 27–36). https://doi.org/10.1145/1866898.1866903 [link]
  • Foley, S. N., Adams, W. M., & O’Sullivan, B. (2010). Aggregating Trust Using Triangular Norms in the KeyNote Trust Management System. In Security and Trust Management - 6th International Workshop, STM 2010, Athens, Greece, September 23-24, 2010, Revised Selected Papers (pp. 100–115). https://doi.org/10.1007/978-3-642-22444-7_7 [link]
  • Semiring-based Frameworks for Trust Propagation in Small-World Networks and Coalition Formation Criteria. (2010). Journal of Security and Communication Networks. Retrieved from https://simonnfoley.github.io/pubs/multitrust.pdf [link]
  • Brennan, R., Feeney, K., Keeney, J., O’Sullivan, D., II, J. J. F., Foley, S. N., & van der Meer, S. (2010). Multidomain IT architectures for next-generation communications service providers [Next-Generation Telco IT Architectures]. IEEE Communications Magazine, 48(8), 110–117. https://doi.org/10.1109/MCOM.2010.5534595 [link]
  • Foley, S. N., & Fitzgerald, W. M. (2009). An Approach to Security Policy Configuration Using Semantic Threat Graphs. In Data and Applications Security XXIII, 23rd Annual IFIP WG 11.3 Working Conference, Montreal, Canada, July 12-15, 2009. Proceedings (pp. 33–48). https://doi.org/10.1007/978-3-642-03007-9_3 [link]
  • Foley, S. N., & Rooney, V. M. (2009). Qualitative Analysis for Trust Management. In Security Protocols XVII, 17th International Workshop, Cambridge, UK, April 1-3, 2009. Revised Selected Papers (pp. 298–307). https://doi.org/10.1007/978-3-642-36213-2_33 [link]
  • Jennings, B., Brennan, R., Donnelly, W., Foley, S. N., Lewis, D., O’Sullivan, D., … van der Meer, S. (2009). Challenges for Federated, Autonomic Network Management in the Future Internet. In IFIP/IEEE International Workshop on Management of the Future Internet. Retrieved from https://dx.doi.org/10.1109/INMW.2009.5195942 [link]
  • Foley, S. N. (2009). Qualitative Analysis for Trust Management. In Security Protocols XVII, 17th International Workshop, Cambridge, UK, April 1-3, 2009. Revised Selected Papers (pp. 308–320). https://doi.org/10.1007/978-3-642-36213-2_34 [link]
  • Foley, S. N. (2009). Security Risk Management using Internal Controls. In ACM Workshop on Information Security Governance. Retrieved from https://simonnfoley.github.io/pubs/wisg2009.pdf [link]
  • Aziz, B., Foley, S. N., Herbert, J., & Swart, G. (2009). Configuring storage-area networks using mandatory security. Journal of Computer Security, 17(2), 191–210. https://doi.org/10.3233/JCS-2009-0337 [link]
  • Foley, S. N., & Fitzgerald, W. M. (2008). Semantic Web and firewall alignment. In Proceedings of the 24th International Conference on Data Engineering Workshops, ICDE 2008, April 7-12, 2008, Cancún, México (pp. 447–453). https://doi.org/10.1109/ICDEW.2008.4498359 [link]
  • Bistarelli, S., Foley, S. N., O’Sullivan, B., & Santini, F. (2008). From Marriages to Coalitions: A Soft CSP Approach. In Recent Advances in Constraints, 13th Annual ERCIM International Workshop on Constraint Solving and Constraint Logic Programming, CSCLP 2008, Rome, Italy, June 18-20, 2008, Revised Selected Papers (pp. 1–15). https://doi.org/10.1007/978-3-642-03251-6_1 [link]
  • Fitzgerald, W. M., Foley, S. N., & Foghlú Mı́cheál Ó. (2008). Network Access Control Interoperation using Semantic Web Techniques. In Security in Information Systems, Proceedings of the 6th International Workshop on Security in Information Systems, WOSIS 2008, In conjunction with ICEIS 2008, Barcelona, Spain, June 2008 (pp. 26–37).
  • Foley, S. N., Bella, G., & Bistarelli, S. (2008). Security Protocol Deployment Risk. In Security Protocols XVI - 16th International Workshop, Cambridge, UK, April 16-18, 2008. Revised Selected Papers (pp. 12–20). https://doi.org/10.1007/978-3-642-22137-8_3 [link]
  • Fitzgerald, W. M., Foley, S. N., & O’Foghlu, M. (2007). Confident Firewall Policy Configuration Management using Description Logic. In Twelfth Nordic Workshop on Secure IT Systems. Retrieved from https://simonnfoley.github.io/pubs/nordsec07short.pdf [link]
  • Zhou, H., & Foley, S. N. (2006). A Framework for Establishing Decentralized Secure Coalitions. In 19th IEEE Computer Security Foundations Workshop, (CSFW-19 2006), 5-7 July 2006, Venice, Italy (pp. 270–282). https://doi.org/10.1109/CSFW.2006.5 [link]
  • Foley, S. N., Fitzgerald, W. M., Bistarelli, S., O’Sullivan, B., & Foghlú Mı́cheál Ó. (2006). Principles of Secure Network Configuration: Towards a Formal Basis for Self-configuration. In Autonomic Principles of IP Operations and Management, 6th IEEE International Workshop on IP Operations and Management, IPOM 2006, Dublin, Ireland, October 23-25, 2006, Proceedings (pp. 168–180). https://doi.org/10.1007/11908852_15 [link]
  • Foley, S. N., Bistarelli, S., O’Sullivan, B., Herbert, J., & Swart, G. (2006). Multilevel Security and Quality of Protection. In Quality of Protection - Security Measurements and Metrics (pp. 93–105). https://doi.org/10.1007/978-0-387-36584-8_8 [link]
  • Bella, G., Bistarelli, S., & Foley, S. N. (2006). Soft Constraints for Security. Electr. Notes Theor. Comput. Sci., 142, 11–29. https://doi.org/10.1016/j.entcs.2005.07.011 [link]
  • Quillinan, T. B., & Foley, S. N. (2006). Synchronisation in Trust Management Using Push Authorisation. Electr. Notes Theor. Comput. Sci., 157(3), 143–158. https://doi.org/10.1016/j.entcs.2005.09.035 [link]
  • Foley, S. N., Mulcahy, B. P., Quillinan, T. B., O’Connor, M., & Morrison, J. P. (2006). Supporting heterogeneous middleware security policies in WebCom. J. High Speed Networks, 15(3), 301–313. Retrieved from https://simonnfoley.github.io/pubs/jhsn06-hetero.pdf [link]
  • Morrison, J. P., Coghlan, B. A., Shearer, A., Foley, S. N., Power, D. A., & Perrott, R. (2006). WEBCOM-G: A Candidate Middleware for Grid-Ireland. IJHPCA, 20(3), 409–422. https://doi.org/10.1177/1094342006067475 [link]
  • Aziz, B., Foley, S. N., Herbert, J., & Swart, G. (2006). Reconfiguring Role Based Access Control policies using risk semantics. J. High Speed Networks, 15(3), 261–273. Retrieved from https://simonnfoley.github.io/pubs/jhsn06-risk.pdf [link]
  • Clayton, B. C., Quillinan, T. B., & Foley, S. N. (2005). Automating security configuration for the Grid. Scientific Programming, 13(2), 113–125. Retrieved from https://iospress.metapress.com/content/dcdqp3p7lgjmw7kv/ [link]
  • Foley, S. N., Singer, A., Locasto, M. E., Sidiroglou, S., Keromytis, A. D., McDermott, J. P., … Boulatov, A. (2005). Highlights from the 2005 New Security Paradigms Workshop. In 21st Annual Computer Security Applications Conference (ACSAC 2005), 5-9 December 2005, Tucson, AZ, USA (pp. 393–396). https://doi.org/10.1109/CSAC.2005.29 [link]
  • Swart, G., Aziz, B., Foley, S. N., & Herbert, J. (2005). Trading Off Security in a Service Oriented Architecture. In Data and Applications Security XIX, 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Storrs, CT, USA, August 7-10, 2005, Proceedings (pp. 295–309). https://doi.org/10.1007/11535706_22 [link]
  • Zhou, H., & Foley, S. N. (2005). A Logic for Analysing Subterfuge in Delegation Chains. In Formal Aspects in Security and Trust, Third International Workshop, FAST 2005, Newcastle upon Tyne, UK, July 18-19, 2005, Revised Selected Papers (pp. 127–141). https://doi.org/10.1007/11679219_10 [link]
  • Navarro, G., & Foley, S. N. (2005). Approximating Saml Using Similarity Based Imprecision. In Intelligence in Communication Systems - IFIP International Conference on Intelligence in Communication Systems, INTELLCOMM 2005 Montreal, Canada, October 17-19, 2005 (pp. 191–200). https://doi.org/10.1007/0-387-32015-6_18 [link]
  • Mulcahy, B. P., Foley, S. N., & Morrison, J. P. (2005). Cross Cutting Condensed Graphs. In Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, PDPTA 2005, Las Vegas, Nevada, USA, June 27-30, 2005, Volume 3 (pp. 965–973).
  • Foley, S. N., & Zhou, H. (2005). Authorisation Subterfuge by Delegation in Decentralised Networks. In Security Protocols, 13th International Workshop, Cambridge, UK, April 20-22, 2005, Revised Selected Papers (pp. 97–102). https://doi.org/10.1007/978-3-540-77156-2_12 [link]
  • Foley, S. N. (Ed.). (2005). Proceedings of the New Security Paradigms Workshop 2005, Lake Arrowhead, California, USA, September 20-23, 2005. ACM.
  • Foley, S. N. (2005). Believing the Integrity of a System: (Invited Talk). Electr. Notes Theor. Comput. Sci., 125(1), 3–12. https://doi.org/10.1016/j.entcs.2004.09.037 [link]
  • Bistarelli, S., Foley, S. N., & O’Sullivan, B. (2005). A soft constraint-based approach to the cascade vulnerability problem. Journal of Computer Security, 13(5), 699–720. Retrieved from https://simonnfoley.github.io/pubs/jcs2005.pdf [link]
  • Bistarelli, S., Foley, S. N., & O’Sullivan, B. (2004). Detecting and Eliminating the Cascade Vulnerability Problem from Multilevel Security Networks Using Soft Constraints. In Proceedings of the Nineteenth National Conference on Artificial Intelligence, Sixteenth Conference on Innovative Applications of Artificial Intelligence, July 25-29, 2004, San Jose, California, USA (pp. 808–813). Retrieved from https://simonnfoley.github.io/pubs/iaai2004.pdf [link]
  • Aziz, B., Foley, S. N., Herbert, J., & Swart, G. (2004). Configuring Storage Area Networks for Mandatory Security. In Research Directions in Data and Applications Security XVIII, IFIP TC11/WG 11.3 Eighteenth Annual Conference on Data and Applications Security, July 25-28, 2004, Sitges, Catalonia, Spain (pp. 357–370). https://doi.org/10.1007/1-4020-8128-6_24 [link]
  • Bistarelli, S., Foley, S. N., & O’Sullivan, B. (2004). Reasoning about Secure Interoperation Using Soft Constraints. In Formal Aspects in Security and Trust: Second IFIP TC1 WG1.7 Workshop on Formal Aspects in Security and Trust (FAST), an event of the 18th IFIP World Computer Congress, August 22-27, 2004, Toulouse, France (pp. 173–186). https://doi.org/10.1007/0-387-24098-5_13 [link]
  • Foley, S. N., Quillinan, T. B., O’Connor, M., Mulcahy, B. P., & Morrison, J. P. (2004). A Framework for Heterogeneous Middleware Security. In 18th International Parallel and Distributed Processing Symposium (IPDPS 2004), CD-ROM / Abstracts Proceedings, 26-30 April 2004, Santa Fe, New Mexico, USA. https://doi.org/10.1109/IPDPS.2004.1303059 [link]
  • Quillinan, T. B., Clayton, B. C., & Foley, S. N. (2004). GridAdmin: Decentralising Grid Administration Using Trust Management. In 3rd International Symposium on Parallel and Distributed Computing (ISPDC 2004), 3rd International Workshop on Algorithms, Models and Tools for Parallel Computing on Heterogenous Networks (HeteroPar 2004), 5-7 July 2004, Cork, Ireland (pp. 184–192). https://doi.org/10.1109/ISPDC.2004.28 [link]
  • Zhou, H., & Foley, S. N. (2004). A collaborative approach to autonomic security protocols. In Proceedings of the New Security Paradigms Workshop 2004, September 20-23, 2004, Nova Scotia, Canada (pp. 13–21). https://doi.org/10.1145/1065907.1066029 [link]
  • Bistarelli, S., Foley, S. N., & O’Sullivan, B. (2004). Modeling and detecting the cascade vulnerability problem using soft constraints. In Proceedings of the 2004 ACM Symposium on Applied Computing (SAC), Nicosia, Cyprus, March 14-17, 2004 (pp. 383–390). https://doi.org/10.1145/967900.967984 [link]
  • Quillinan, T. B., & Foley, S. N. (2004). Security in WebCom: addressing naming issues for a web services architecture. In Proceedings of the 1st ACM Workshop On Secure Web Services, SWS 2004, Fairfax, VA, USA, October 29, 2004 (pp. 97–105). https://doi.org/10.1145/1111348.1111359 [link]
  • Foley, S. N., Mulcahy, B., & Quillinan, T. B. (2004). Dynamic Adinistrative Coalitions with WebCom_DAC. In Proceedings of Web 2004: Third Workshop on e-Business. Retrieved from https://simonnfoley.github.io/pubs/web2004.ps [link]
  • Marceau, C., & Foley, S. N. (2004). Themes and Highlights of the New Security Paradigms Workshop 2004. In 20th Annual Computer Security Applications Conference (ACSAC 2004), 6-10 December 2004, Tucson, AZ, USA (pp. 382–383). https://doi.org/10.1109/CSAC.2004.42 [link]
  • Foley, S. N., & Zhou, H. (2003). Towards a Framework for Autonomic Security Protocols. In Security Protocols, 11th International Workshop, Cambridge, UK, April 2-4, 2003, Revised Selected Papers (pp. 49–54). https://doi.org/10.1007/11542322_8 [link]
  • Bistarelli, S., Foley, S. N., & O’sullivan, B. (2003). A Constraint Based Framework for Modelling the Cascade Vulnerability Problem. In Workshop on COnstraint and LOgic Programming in Security. Workshop held alongside ICLP-2003.
  • Foley, S. N. (2003). A nonfunctional approach to system integrity. IEEE Journal on Selected Areas in Communications, 21(1), 36–43. https://doi.org/10.1109/JSAC.2002.806124 [link]
  • Zhou, H., & Foley, S. N. (2003). Fast automatic synthesis of security protocols using backward search. In Proceedings of the 2003 ACM workshop on Formal methods in security engineering, FMSE 2003, Washington, DC, USA, October 30, 2003 (pp. 1–10). https://doi.org/10.1145/1035429.1035430 [link]
  • Foley, S. N. (2003). Using Trust Management to Support Transferable Hash-Based Micropayments. In Financial Cryptography, 7th International Conference, FC 2003, Guadeloupe, French West Indies, January 27-30, 2003, Revised Papers (pp. 1–14). https://doi.org/10.1007/978-3-540-45126-6_1 [link]
  • Bistarelli, S., & Foley, S. N. (2003). Analysis of Integrity Policies using Soft Constraints. In 4th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), 4-6 June 2003, Lake Como, Italy (pp. 77–80). https://doi.org/10.1109/POLICY.2003.1206959 [link]
  • Bistarelli, S., & Foley, S. N. (2003). A Constraint Framework for the Qualitative Analysis of Dependability Goals: Integrity. In Computer Safety, Reliability, and Security, 22nd International Conference, SAFECOMP 2003, Edinburgh, UK, September 23-26, 2003, Proceedings (pp. 130–143). https://doi.org/10.1007/978-3-540-39878-3_11 [link]
  • Foley, S. N. (2003). Towards a Framework for Autonomic Security Protocols (Discussion). In Security Protocols, 11th International Workshop, Cambridge, UK, April 2-4, 2003, Revised Selected Papers (pp. 55–62). https://doi.org/10.1007/11542322_9 [link]
  • Foley, S. N., Quillinan, T. B., & Morrison, J. P. (2002). Secure Component Distribution Using WebCom. In Security in the Information Society: Visions and Perspectives, IFIP TC11 17\(^\mboxth\)International Conference on Information Security (SEC2002), May 7-9, 2002, Cairo, Egypt (pp. 387–398). Retrieved from https://simonnfoley.github.io/pubs/ifipsec02.ps [link]
  • Foley, S. N. (2002). Supporting Imprecise Delegation in KeyNote. In Security Protocols, 10th International Workshop, Cambridge, UK, April 17-19, 2002, Revised Papers (pp. 179–188). https://doi.org/10.1007/978-3-540-39871-4_15 [link]
  • Serban, C., Marceau, C., & Foley, S. N. (Eds.). (2002). Proceedings of the 2002 Workshop on New Security Paradigms, Virginia Beach, VA, USA, September 23-26, 2002. ACM.
  • Wolf, C., Fitzpatrick, P., Foley, S. N., & Popovici, E. (2002). HFE in Java: Implementing Hidden Field Equations for Public Key Cryptography. In proceedings of the Irish Signals and Systems Conference. Retrieved from https://simonnfoley.github.io/pubs/issc02.ps [link]
  • Foley, S. N., & Quillinan, T. B. (2002). Using Trust Management to Support MicroPayments. In In proceedings of the Annual Conference on Information Technology and Telecommunications. Retrieved from https://simonnfoley.github.io/pubs/hash.ps [link]
  • Foley, S. N., & Morrison, J. P. (2001). Computational paradigms and protection. In Proceedings of the New Security Paradigms Workshop 2001, Cloudcroft, New Mexico, USA, September 10-13, 2001 (pp. 3–11). https://doi.org/10.1145/508171.508173 [link]
  • Foley, S. N. (2001). Trust Management and Whether to Delegate. In Security Protocols, 9th International Workshop, Cambridge, UK, April 25-27, 2001, Revised Papers (pp. 151–157). https://doi.org/10.1007/3-540-45807-7_23 [link]
  • Foley, S. N. (2001). Trust Management and Whether to Delegate (Transcript of Discussion). In Security Protocols, 9th International Workshop, Cambridge, UK, April 25-27, 2001, Revised Papers (pp. 158–165). https://doi.org/10.1007/3-540-45807-7_24 [link]
  • Foley, S. N., & others. (2001). Exploiting KeyNote in WebCom: Architecture Neutral Glue for Trust Management. In Proceedings of The Fifth Nordic Workshop on Secure IT Systems. Retrieved from https://simonnfoley.github.io/pubs/nordic00.ps [link]
  • Foley, S. N. (2001). Supporting Imprecise Delegation in KeyNote using Similarity Measures. Proceedings of The Sixth Nordic Workshop on Secure IT Systems.
  • Foley, S. N., & Dumigan, R. (2001). Are handheld viruses a significant threat? Commun. ACM, 44(1), 105–107. https://doi.org/10.1145/357489.357516 [link]
  • Foley, S. N. (2000). Conduit cascades and secure synchronization. In Proceedings of the 2000 Workshop on New Security Paradigms, Ballycotton, Co. Cork, Ireland, September 18-21, 2000 (pp. 141–150). https://doi.org/10.1145/366173.366205 [link]
  • Foley, S. N. (1998). External Consistency and the Verification of Security Protocols (Position Paper). In Security Protocols, 6th International Workshop, Cambridge, UK, April 15-17, 1998, Proceedings (pp. 24–27). https://doi.org/10.1007/3-540-49135-X_3 [link]
  • Foley, S. N. (1998). External Consistency and the Verification of Security Protocols (Transcript of Discussion). In Security Protocols, 6th International Workshop, Cambridge, UK, April 15-17, 1998, Proceedings (pp. 28–35). https://doi.org/10.1007/3-540-49135-X_4 [link]
  • Foley, S. N. (1998). Evaluating System Integrity. In Proceedings of the 1998 Workshop on New Security Paradigms, Charlottsville, VA, USA, September 22-25, 1998 (pp. 40–47). https://doi.org/10.1145/310889.310909 [link]
  • Foley, S. N. (1998). A Kernelized Architecture for Multilevel Secure Application Policies. In Computer Security - ESORICS 98, 5th European Symposium on Research in Computer Security, Louvain-la-Neuve, Belgium, September 16-18, 1998, Proceedings (pp. 33–49). https://doi.org/10.1007/BFb0055854 [link]
  • Foley, S. N. (1997). The Specification and Implementation of Commercial Security Requirements Including Dynamic Segregation of Duties. In CCS ’97, Proceedings of the 4th ACM Conference on Computer and Communications Security, Zurich, Switzerland, April 1-4, 1997. (pp. 125–134). https://doi.org/10.1145/266420.266447 [link]
  • Foley, S. N. (1997). Building Chinese walls in standard unix\(^\mboxTM\). Computers & Security, 16(6), 551–563. https://doi.org/10.1016/S0167-4048(97)00010-2 [link]
  • Foley, S. N. (1997). Supporting Secure Canonical Upgrade Policies in Multilevel Secure Object Stores. In 13th Annual Computer Security Applications Conference (ACSAC 1997), 8-12 December 1997, San Diego, CA, USA (pp. 69–80). https://doi.org/10.1109/CSAC.1997.646176 [link]
  • Foley, S. N., Gong, L., & Qian, X. (1996). A Security Model of Dynamic Labeling Providing a Tiered Approach to Verification. In 1996 IEEE Symposium on Security and Privacy, May 6-8, 1996, Oakland, CA, USA (pp. 142–153). https://doi.org/10.1109/SECPRI.1996.502677 [link]
  • Foley, S. N., & Jacob, J. (1995). Specifying security for CSCW systems. In The Eighth IEEE Computer Security Foundations Workshop (CSFW ’95), March 13-15, 1995, Kenmare, County Kerry, Ireland (p. 136). https://doi.org/10.1109/CSFW.1995.518559 [link]
  • Foley, S. N., & Jacob, J. (1995). Specifying Security for Computer Supported Collaborative Working. Journal of Computer Security, 3(4), 233–254. https://doi.org/10.3233/JCS-1994/1995-3402 [link]
  • Foley, S. N. (1994). Reasoning about Confidentiality Requirements. In Seventh IEEE Computer Security Foundations Workshop - CSFW’94, Franconia, New Hampshire, USA, June 14-16, 1994, Proceedings (pp. 150–160). https://doi.org/10.1109/CSFW.1994.315939 [link]
  • Foley, S. N. (1992). Aggregation and Separation as Noninterference Properties. Journal of Computer Security, 1(2), 159–188. https://doi.org/10.3233/JCS-1992-1203 [link]
  • Foley, S. N. (1991). Separation of Duty using High Water Marks. In 4th IEEE Computer Security Foundations Workshop - CSFW’91, Franconia, New Hampshire, USA, June 18-20, 1991, Proceedings (pp. 79–88). https://doi.org/10.1109/CSFW.1991.151572 [link]
  • Foley, S. N. (1991). A Taxonomy for Information Flow Policies and Models. In IEEE Symposium on Security and Privacy (pp. 98–109). https://doi.org/10.1109/RISP.1991.130778 [link]
  • Foley, S. N. (1990). Unifying Information Flow Policies (No. Technical Report 900020). Malvern, Worcs., UK: Royal Signals and Radar Establishment.
  • Foley, S. N. (1990). Lattices for Security Policies (No. Technical Report 900005). Malvern, Worcs., UK: Royal Signals and Radar Establishment. Retrieved from https://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA225638&Location=U2&doc=GetTRDoc.pdf [link]
  • Foley, S. N. (1990). Secure Information Flow Using Security Groups. In Third IEEE Computer Security Foundations Workshop - CSFW’90, Franconia, New Hampshire, USA, June 12-14, 1990, Proceedings (pp. 62–72). https://doi.org/10.1109/CSFW.1990.128186 [link]
  • Foley, S. N. (1989). A Model for Secure Information Flow. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, Oakland, California, USA, May 1-3, 1989 (pp. 248–258). https://doi.org/10.1109/SECPRI.1989.36299 [link]
  • Foley, S. N. (1987). A Universal Theory of Information Flow. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, California, USA, April 27-29, 1987 (pp. 116–122). https://doi.org/10.1109/SP.1987.10012 [link]