Data and Applications Security XX 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sophia Antipolis, France, July 31-August 2, 2006. Proceedings
Title:
Data and Applications Security XX 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sophia Antipolis, France, July 31-August 2, 2006. Proceedings
Author:
Damiani, Ernesto. editor.
ISBN:
9783540367994
Physical Description:
X, 319 p. Also available online. online resource.
Series:
Lecture Notes in Computer Science, 4127
Contents:
Creating Objects in the Flexible Authorization Framework -- Detection and Resolution of Anomalies in Firewall Policy Rules -- On Finding an Inference-Proof Complete Database for Controlled Query Evaluation -- Consolidating the Access Control of Composite Applications and Workflows -- Authenticating Multi-dimensional Query Results in Data Publishing -- Xml Streams Watermarking -- Aggregation Queries in the Database-As-a-Service Model -- Policy Classes and Query Rewriting Algorithm for XML Security Views -- Interactive Analysis of Attack Graphs Using Relational Queries -- Notarized Federated Identity Management for Web Services -- Resolving Information Flow Conflicts in RBAC Systems -- Policy Transformations for Preventing Leakage of Sensitive Information in Email Systems -- Term Rewriting for Access Control -- Discretionary and Mandatory Controls for Role-Based Administration -- A Distributed Coalition Service Registry for Ad-Hoc Dynamic Coalitions: A Service-Oriented Approach -- Enhancing User Privacy Through Data Handling Policies -- Efficient Enforcement of Security Policies Based on Tracking of Mobile Users -- A Framework for Flexible Access Control in Digital Library Systems -- Authrule: A Generic Rule-Based Authorization Module -- Aspect-Oriented Risk Driven Development of Secure Applications -- From Business Process Choreography to Authorization Policies -- Information Theoretical Analysis of Two-Party Secret Computation.
Abstract:
For 20 years, the IFIP WG 11. 3 Working Conference on Data and Appli- tions Security (DBSEC) has been a major forum for presenting originalresearch results, practical experiences, and innovative ideas in data and applications - curity. Looking back, it is di?cult not to appreciatethe full extent of the change that has occurred in our ?eld. Once considered afterthoughts in systems and application design, data protection, privacy and trust have become the key problems of our day. This central role of security in the information society has however brought increased responsibilities to the research community. - day practitioners and researchers alike need to ?nd new ways to cope with the increasing scale and complexity of the security problems that must be solved on the global information infrastructure. Like the previous conference, the 20th DBSEC has proved to be up to this challenge. DBSEC 2006 received 56 submissions, out of which the program committee selected22 high-qualitypaperscoveringanumber of diverseresearchtopicssuch as access control, privacy, and identity management. We are glad to see that the ?nal program contains a well-balanced mix of theoretical results and practical prototype systems, many of them converging and building o? each other. Also, the DBSEC program includes a number of papers on new, emerging aspects of security research. Putting together a top-level conference like DBSEC is always a team e?ort.
Subject Term:
Added Corporate Author:
Electronic Access:
http://dx.doi.org/10.1007/11805588