Security and Trust Management

This book constitutes the proceedings of the 21st International Workshop on Security and Trust Management, STM 2025, held in conjunction with the 30th European Symposium on Computer Security Research (ESORICS 2025), in Toulouse, France, during September 2526, 2025.

The 13 full papers presented in this book were carefully reviewed and selected from 26 submissions.

They were organized in topical sections as follows: Identity Management, Authentication, Access Control & Formal Modeling; AI & Machine Learning for Security; Cybersecurity Strategies, Regulations, Privacy; Cryptography & Threat Analysis.

Klappentext

.- Identity Management, Authentication, Access Control & Formal Modeling. .- Toward Secure and Trustworthy Identity Management Systems: A Knowledge-base Driven Approach. .- Always Authenticated, Never Exposed: Continuous Authentication via Zero-Knowledge Proofs. .- Pragmatic guidelines for formal modeling of security ceremonies. .- Access Control Administration for Smart Homes. .- AI & Machine Learning for Security. .- Parameter-Efficient Fine-Tuning of LLMs for Intrusion Detection and Firewall Rule Generation: A Comparative Study. .- ABusing social media & sentiment analysis for stock market prediction. .- DrATC+: A Divide et Impera Extension to Trust-Based Dynamic Routing. .- Cybersecurity Strategies, Regulations, Privacy. .- How to Train Your Guardian: Evaluating Cyber Security Exercises Using Situation Awareness. .- Towards an architecture for managing security under the EU Cyber Resilience Act. .- Google Tag Manager and its Privacy Issues. .- Cryptography & Threat Analysis. .- Measuring Modern Phishing Tactics: A Quantitative Study of Body Obfuscation Prevalence, Co-occurrence, and Filter Impact. .- Nicknames for Group Signatures. .- The Impact of Filtering in Differential Cryptanalysis: A Case Study on FEAL-8.

Inhalt

.- Identity Management, Authentication, Access Control & Formal
Modeling.

.- Toward Secure and Trustworthy Identity Management Systems: A
Knowledge-base Driven Approach.

.- Always Authenticated, Never Exposed: Continuous Authentication via
Zero-Knowledge Proofs.

.- Pragmatic guidelines for formal modeling of security ceremonies.

.- Access Control Administration for Smart Homes.

.- AI & Machine Learning for Security.

.- Parameter-Efficient Fine-Tuning of LLMs for Intrusion Detection and
Firewall Rule Generation: A Comparative Study.

.- ABusing social media & sentiment analysis for stock market prediction.

.- DrATC+: A Divide et Impera Extension to Trust-Based Dynamic Routing.

.- Cybersecurity Strategies, Regulations, Privacy.

.- How to Train Your Guardian: Evaluating Cyber Security Exercises
Using Situation Awareness.

.- Towards an architecture for managing security under the EU Cyber
Resilience Act.

.- Google Tag Manager and its Privacy Issues.

.- Cryptography & Threat Analysis.

.- Measuring Modern Phishing Tactics: A Quantitative Study of Body
Obfuscation Prevalence, Co-occurrence, and Filter Impact.

.- Nicknames for Group Signatures.

.- The Impact of Filtering in Differential Cryptanalysis: A Case Study on
FEAL-8.