Invited Papers -- Self-managed Cells for Ubiquitous Systems -- Critical Information Assurance Challenges for Modern Large-Scale Infrastructures -- Rule-Based Topological Vulnerability Analysis -- Models and Analysis of Active Worm Defense -- Prevention of Information Attacks by Run-Time Detection of Self-replication in Computer Codes -- Mathematical Models, Architectures and Protocols for Computer Network Security -- Calibrating Entropy Functions Applied to Computer Networks -- A Passive External Web Surveillance Technique for Private Networks -- A Secure Way to Combine IPsec, NAT & DHCP -- A Generic Model for Analyzing Security Protocols -- Networks, Markov Lie Monoids, and Generalized Entropy -- Trust by Workflow in Autonomic Communication -- An Ontology-Based Approach to Information Systems Security Management -- Authentication, Authorization and Access Control -- Safety Problems in Access Control with Temporal Constraints -- A Modal Logic for Role-Based Access Control -- Unique User-Generated Digital Pseudonyms -- Information Flow Analysis, Covert Channels and Trust Management -- A Probabilistic Property-Specific Approach to Information Flow -- Generalized Abstract Non-interference: Abstract Secure Information-Flow Analysis for Automata -- Detection of Illegal Information Flow -- Towards More Controllable and Practical Delegation -- Security Policy and Operating System Security -- Policy-Driven Routing Management Using CIM -- Secure Hybrid Operating System “Linux over Fenix” -- A Formal Description of SECIMOS Operating System -- Threat Modeling, Vulnerability Assessment and Network Forensics -- A Theoretical Model for the Average Impact of Attacks on Billing Infrastructures -- Analyzing Vulnerabilities and Measuring Security Level at Design and Exploitation Stages of Computer Network Life Cycle -- A Temporal Logic-Based Model for Forensic Investigation in Networked System Security -- Vulnerabilities Detection in the Configurations of MS Windows Operating System -- Intrusion Detection -- Hybrid Intrusion Detection Model Based on Ordered Sequences -- Asynchronous Alert Correlation in Multi-agent Intrusion Detection Systems -- Behavior-Based Model of Detection and Prevention of Intrusions in Computer Networks -- A Formal Immune Network and Its Implementation for On-line Intrusion Detection -- Short Papers -- Foundation for a Time Interval Access Control Model -- Developing an Insider Threat Model Using Functional Decomposition -- An XML-Seamless Policy Based Management Framework -- Statistical Covert Channels Through PROXY Server -- Encoding Private Key in Fingerprint -- A New Scheme for the Location Information Protection in Mobile Communication Environments -- Region Protection/Restoration Scheme in Survivable Networks -- Massive Data Mining for Polymorphic Code Detection -- Key Escrow with Tree-Based Access Structure -- Security Checker Architecture for Policy-Based Security Management -- An Efficient Access Control Model Utilized the Attribute Certificate Structuring -- Secure Protected Password Change Scheme.