These proceedings contain the papers selected for presentation at the 23rd Inter- tional Information Security Conference (SEC 2008), co-located with IFIP World Computer Congress (WCC 2008), September 8–10, 2008 in Milan, Italy. In - sponse to the call for papers, 143 papers were submitted to the conference. All - pers were evaluated on the basis of their signi?cance, novelty,and technical quality, and reviewed by at least three members of the program committee. Reviewing was blind meaning that the authors were not told which committee members reviewed which papers. The program committee meeting was held electronically, holding - tensive discussion over a period of three weeks. Of the papers submitted, 42 full papers and 11 short papers were selected for presentation at the conference. A conference like this just does not happen; it depends on the volunteer efforts of a host of individuals. There is a long list of people who volunteered their time and energy to put together the conference and who deserve acknowledgment. We thank all members of the program committee and the external reviewers for their hard work in the paper evaluation. Due to the large number of submissions, p- gram committee members were required to complete their reviews in a short time frame. We are especially thankful to them for the commitment they showed with their active participation in the electronic discussion.
Les mer
These proceedings contain the papers selected for presentation at the 23rd Inter- tional Information Security Conference (SEC 2008), co-located with IFIP World Computer Congress (WCC 2008), September 8–10, 2008 in Milan, Italy. Of the papers submitted, 42 full papers and 11 short papers were selected for presentation at the conference.
Les mer
Hiding in Groups: On the Expressiveness of Privacy Distributions.- Practical Privacy-Preserving Benchmarking.- Enhancing Privacy in Remote Data Classification.- Minimizing SSO Effort in Verifying SSL Anti-phishing Indicators.- Robbing Banks with Their Own Software—an Exploit Against Norwegian Online Banks.- Collaborative architecture for malware detection and analysis.- Realizing Stateful Public Key Encryption in Wireless Sensor Network.- Establishing secure links in low-rate wireless personal area networks.- An Asynchronous Node Replication Attack in Wireless Sensor Networks.- A B Formal Framework for Security Developments in the Domain of Smart Card Applications.- An Implementation of a Privacy Enforcement Scheme based on the Java Security Framework using XACML Policies.- Negotiation of Prohibition: An Approach Based on Policy Rewriting.- An Integrity Lock Architecture for Supporting Distributed Authorizations in Database Federations.- Role Signatures for Access Control in Open Distributed Systems.- Policies and Security Aspects For Distributed Scientific Laboratories.- A Fuzzy Model for the Composition of Intrusion Detectors.- Investigating the problem of IDS false alarms: An experimental study using Snort.- User Session Modeling for Effective Application Intrusion Detection.- A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems.- Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs.- Behavioral Intrusion Detection Indicators.- Leveraging Lattices to Improve Role Mining.- A Parallelization Framework for Exact Knowledge Hiding in Transactional Databases.- Efficient Coalition Detection in Traitor Tracing.- SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned.-Detecting More SIP Attacks on VoIP Services by Combining Rule Matching and State Transition Models.- A Decentralized Bayesian Attack Detection Algorithm for Network Security.- An Operation-Based Metric for CPA Resistance.- YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems.- Adversary Modeling and Simulation in Cyber Warfare.- Interactive Selection of ISO 27001 Controls under Multiple Objectives.- Feasibility of Automated Information Security Compliance Auditing.- Software Licence Protection and Management for Organisations.- A Vulnerability Prioritization System Using A Fuzzy Risk Analysis Approach.- ASTRA : A Security Analysis Method Based on Asset Tracking.- A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack.- Portable User-Centric Identity Management.- Ubiquitous Privacy-Preserving Identity Managment.- Facilitating Privacy Related Decisions in Different Privacy Contexts on the Internet by Evaluating Trust in Recipients of Private Data.- Using Virtualization to Create and Deploy Computer Security Lab Exercises.- DigForNet: Digital Forensic in Networking.- A Live Digital Forensic system for Windows networks.- HoneyID : Unveiling Hidden Spywares by Generating Bogus Events.- A Security Protocol for Self-Organizing Data Storage.- Protecting Financial Institutions from Brute-Force Attacks.- Agency Theory: Can it be Used to Strengthen IT Governance?.- A new Accounting Mechanism for Modern and Future AAA Services.- A user survey on the sense of security, Anshin.- Multi-Layer Encryption for Multi-Level Access Control in Wireless Sensor Networks.- A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection.- Managing the lifecycle of XACML delegation policies in federated environments.- Assessing the Likelihood of Privacy Policy Compliance.- Classification features for detecting Server-side and Client-side Web attacks.
Les mer
International Federation for Information Processing The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication. The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction. Proceedings and post-proceedings of refereed international conferences in computer science and interdisciplinary fields are featured. These results often precede journal publication and represent the most current research. The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing. For more information about the 300 other books in the IFIP series, please visit www.springer.com. For more information about IFIP, please visit www.ifip.org.
Les mer
Peer-reviewed and carefully selected Much information in this series is published in advance of journal publication The contributors in this volume are world-renowned experts in their field

Produktdetaljer

ISBN
9781441935205
Publisert
2010-11-19
Utgiver
Vendor
Springer-Verlag New York Inc.
Høyde
235 mm
Bredde
155 mm
Aldersnivå
Research, P, 06
Språk
Product language
Engelsk
Format
Product format
Heftet