O-PSI: Delegated Private Set Intersection on Outsourced Datasets -- Flexible and Robust Privacy-Preserving Implicit Authentication -- Towards Relations Between the Hitting-Set Attack and the Statistical Disclosure Attack -- POSN: A Personal Online Social Network -- Verifying Observational Determinism -- Cache Timing Attacks Revisited: Efficient and Repeatable Browser History, OS and Network Sniffing -- Enforcing Usage Constraints on Credentials for Web Applications -- A Survey of Alerting Websites: Risks and Solutions -- A Generalization of ISO/IEC 24761 to Enhance Remote Authentication with Trusted Product at Claimant -- Enhancing Passwords Security Using Deceptive Covert Communication -- Information Sharing and User Privacy in the Third-party Identity Management Landscape -- An Iterative Algorithm for Reputation Aggregation in Multi-dimensional and Multinomial Rating Systems -- A Comparison of PHY-Based Fingerprinting Methods Used to Enhance Network Access Control -- Model-Driven Integration and Analysis of Access-Control Policies in Multi-layer Information Systems -- Authenticated File Broadcast Protocol -- Automated Classification of C&C Connections Through Malware URL Clustering -- B.Hive: A Zero Configuration Forms Honeypot for Productive Web Applications -- Security Management and Human Aspects of Security Investigation of Employee Security Behaviour: A Grounded Theory Approach -- Practice-Based Discourse Analysis of InfoSec Policies -- Understanding Collaborative Challenges in IT Security Preparedness Exercises -- Social Groupings and Information Security Obedience Within Organizations -- Attack Trees with Sequential Conjunction -- Enhancing the Security of Image CAPTCHAs Through Noise Addition -- SHRIFT System-Wide HybRid Information Flow Tracking -- ISboxing: An Instruction Substitution Based Data Sandboxing for x86 Untrusted Libraries -- Exploit Generation for Information Flow Leaks in Object-Oriented Programs -- Memoized Semantics-Based Binary Diffing with Application to Malware Lineage Inference -- Mitigating Code-Reuse Attacks on CISC Architectures in a Hardware Approach -- Integrity for Approximate Joins on Untrusted Computational Servers -- Fast Revocation of Attribute-Based Credentials for Both Users and Verifiers -- Chaotic Chebyshev Polynomials Based Remote User Authentication Scheme in Client-Server Environment -- A Secure Exam Protocol Without Trusted Parties -- ApkCombiner: Combining Multiple Android Apps to Support Inter-App Analysis -- Assessment of the Susceptibility to Data Manipulation of Android Games with In-app Purchases -- An Empirical Study on Android for Saving Non-shared Data on Public Storage -- The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation -- On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps -- A Cloud-Based eHealth Architecture for Privacy Preserving Data Integration -- Cyber-physical Systems and Critical Infrastructures Security Application of a Game Theoretic Approach in Smart Sensor Data Trustworthiness Problems -- Securing BACnet's Pitfalls -- On the Secure Distribution of Vendor-Specific Keys in Deployment Scenarios.