Synopses & Reviews
In light of the rapidly escalating age of uncertainty in the IT security and privacy world, this book provides the professional IT community and, in particular, security and data protection experts and researchers, with a selection of state-of-the-art material on emerging technologies for IT security and privacy issues. Furthermore, the book analyzes the new security threats and vulnerabilities that appear in modern information societies. Security and Privacy in the Age of Uncertainty covers issues related to security and privacy of information in a wide range of applications including: *Secure Networks and Distributed Systems; *Secure Multicast Communication and Secure Mobile Networks; *Intrusion Prevention and Detection; *Access Control Policies and Models; *Security Protocols; *Security and Control of IT in Society. This volume contains the papers selected for presentation at the 18th International Conference on Information Security (SEC2003) and at the associated workshops. The conference and workshops were sponsored by the International Federation for Information Processing (IFIP) and held in Athens, Greece in May 2003.
Synopsis
Security and Privacy in the Age of Uncertainty covers issues related to security and privacy of information in a wide range of applications including:
*Secure Networks and Distributed Systems;
*Secure Multicast Communication and Secure Mobile Networks;
*Intrusion Prevention and Detection;
*Access Control Policies and Models;
*Security Protocols;
*Security and Control of IT in Society. This volume contains the papers selected for presentation at the 18th International Conference on Information Security (SEC2003) and at the associated workshops. The conference and workshops were sponsored by the International Federation for Information Processing (IFIP) and held in Athens, Greece in May 2003.
Table of Contents
Preface. IFIP/Sec'03 Conference Committees. IFIP/Sec'03 Workshop Program Committees. I: Secure Networks and Distributed Systems. Trust Mediation for Distributed Information Systems; B. Toone, et al. Concerning Enterprise Network Vulnerability to HTTP Tunneling; C. Daicos, S. Knight. Providing Voice Privacy over Public Switched Telephone Networks; M. Sharif, D. Wijesekera. A Multi-Party Non-Repudiation Protocol for Exchange of Different Messages; J.A. Onieva, et al. Establishing Chain of Evidence as a Base for Non-Repudiation Services; Jing-Jang Huang, et al. II: Content Protection. Securing XML-Based Multimedia Content; E. Damiani, et al. Secure Audit Logging with Tamper-Resistant Hardware; Cheun Ngen Chong, et al. PCMHoDC; HeeJae Park, Jong Kim. III: Secure Multicast Communication and Secure Mobile Networks. Using Keystroke Analysis as a Mechanism for Subscriber Authentication on Mobile Handsets; N.L. Clarke, et al. Introducing PKI to Enhance Security in Future Mobile Networks; G. Kambourakis, et al. A Time Driven Methodology for Key Dimensioning in Multicast Communications; R. di Pietro, et al. A Flexible Category-Based Collusion-Resistant Management Scheme for Multicast; C. Duma, et al. IV: Security Management. Context, Content, Process Analysis of IS Security Policy Formation; M. Karyda, et al. Integrating Security into Systems Development; U. Evertsson, et al. Integrating Information Security into Corporate Governance; K.-L. Thomson, R. von Solms. Building an Enterprise IT Security Management System; M.A. Belsis, L. Smalov. Information Security Management System: Processes and Products; M.M. Eloff, J.H.P. Eloff. V: Intrusion Prevention and Detection. Detecting Malicious Use with Unlabelled Data Using Clustering and Outlier Analysis; S. Knight, L. Carosielli. E2xB: A Domain-Specific String Matching Algorithm for Intrusion Detection; K.G. Anagnostakis, et al. Intrusion Masking for Distributed Atomic Operations; Meng Yu, et al. Using Fuzzy System to Manage False Alarms in Intrusion Detection; M. Shajari, A.A. Ghorbani. An Experiment in Software Decoy Design; J.B. Michael, et al. VI: Access Control Policies and Models. A User Friendly Guard with Mobile Post-Release Access Control Policy; D.E. Williams, et al. Security Model for Health Care Computing and Communication Systems; A.A. El Kalam, Y. Deswarte. Constrained Role-based Delegation; Longhua Zhang, Gail-Joon Ahn. VII: Secure Information Systems. CSAP An Adaptable Security Module for the E-Government System Webocrat; F. Dridi, et al. Perceptions of Security Contributing to the Implementation of Secure IS; T. Tryfonas, E. Kiountouzis. New Directions on IS Security Methods; M.T. Siponen. Secure Vickrey Auctions without a Trusted Third Party; B. de Dekker, et al. VIII: Security Protocols. Integrating Logics and Process Calculi for Cryptographic Protocol Analysis; M. Papa, et al. Flexible Delegation Security for Improved Distribution in Ubiquitous Environments; G. Kalogridis, et al. Cooperative Defense Firewall Protocol; M.M.S. El-Soudani, M.A. Eissa. How to Turn a PIN into an Iron Beam; S. Lucks, R. Weis. IX: Workshop on Information Security Management. World Framework for Security Benchmark Changes; L.J. Janczewski, A.M. Colarik. Information Security: Auditing the Behavior of the Employee; C. Vroom, R.von Solms. Priorities in the Deployment of Network Intrusion Detection; M. Dobrucki, T. Virtanen. Bridging the Gap between Risk Analysis and Security Policies; P. Gaunard, E. Dubois. Framework and Architecture for Secure Mobile Business Applications; J. Haller, et al. ISO 17799 and Australian Healthcare Organisations; W.J. Brooks, et al. X: Workshop on Privacy and Anonymity in Network and Distributed Systems. Statistical Disclosure Attacks; G. Danezis. On the Anonymity of Timed Pool Mixes; A. Serjantov, R.E. Newman. Privacy in Content Distribution Networks; R.J. Hulsebosch. XI: Workshop on Small Systems Security. Security, Fault-Tolerance and their Verification for Ambient Systems; J.-H. Hoepman. Hidden Layer Authentication Using Smart Card for Web-based WLANS; G. Pikrammenos, et al. PINPAS: A Tool for Power Analysis of Smartcards; J. den Hartog, et al. Assessing Security in Energy-Efficient Sensor Networks; Yee Wei Law, et al. From Finite State Machines to Provably Correct Java Card Applets; E. Hubbers, et al. Security Characteristics of E-Collaboration Environments; B. Hulsebosch, et al. Roadmap for Securing Handheld devices; P. Vinayakray-Jani. XII: Workshop on Security and Control of IT in Society. Lawful Cyber Decoy Policy; J.B. Michael, T.C. Wingfield. Electronic Signature as a Part of Information Society Infrastructure; J. Paavilainen, et al.