New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society.
Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including:
- Electronic Commerce, XML and Web Security;
- Workflow Security and Role-based Access Control;
- Distributed Objects and Component Security;
- Inference Problem, Data Mining and Intrusion Detection;
- Language and SQL Security;
- Security Architectures and Frameworks;
- Federated and Distributed Systems Security;
- Encryption, Authentication and Security Policies.
This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.
Author(s): B. Thuraisingham, Reind van de Riet, Klaus R. Dittrich, Zahir Tari
Series: IFIP Advances in Information and Communication Technology
Edition: 1st
Publisher: Springer
Year: 2001
Language: English
Pages: 392
Preliminaries......Page 1
CONTENTS......Page 6
Preface......Page 10
List of Contributors......Page 12
1. Protecting Information when Access is Granted for Collaboration......Page 16
2. Author X......Page 30
3. A Fair-Exchange E-Commerce Protocol with Automated Dispute Resolution......Page 42
4. XML Access Control Systems: A Component-Based Approach......Page 54
5. A Configurable Security Architecture Prototype......Page 66
6. Distributed Policies for Data Management – Making Policies Mobile......Page 78
7. Security Architecture of the Multimedia Mediator......Page 92
8. Simulation and Analysis of Cryptographic Protocols......Page 104
9. Authentic Third-Party Data Publication......Page 116
10. Protecting File Systems Against Corruption Using Checksums......Page 128
11. Web Security and Privacy, Panel 1......Page 140
12. Coordinating Policy for Federated Applications......Page 142
13. Integrating Multilevel Security Policies in Multilevel Federated Database Systems......Page 150
14. Wrappers – A Mechanism to Support State-Based Authorization in Web Applications......Page 164
15. An Integrated Framework for Database Privacy Protection......Page 176
16. Discovery of Multi-level Security Policies......Page 188
17. Protecting Deductive Databases from Unauthorized Retrievals......Page 200
18. Confidentiality vs Integrity in Secure Databases......Page 212
19. Extending SQL’s Grant Operation to Limit Privileges......Page 224
20. Language Extensions for Programmable Security......Page 236
21. Protecting Privacy from Continuous High-Resolution Satellite Surveillance......Page 248
22. Database Security Integration Using Role-Based Access Control......Page 260
23. User Role-Based Security Model for a Distributed Environment......Page 274
24. WorkFlow Analyzed for Security and Privacy in using Databases......Page 286
25. Identifying Security Holes in OLAP Applications......Page 298
26. Algorithms and Experience in Increasing the Intelligibility and Hygiene of Access Control in Large Organizations......Page 310
27. Database Security 2000......Page 332
28. Declarative Semantics of Belief Queries in MLS Deductive Databases......Page 338
29. Trust Management in Distributed Databases......Page 344
30. Active Authorization as High-level Control......Page 354
31. Conference Key Agreement Protocol using Oblivious Transfer......Page 362
32. An Integration Model of Role-Based Access Control and Activity Based Access Control Using Task......Page 370
33. Authorization Model in Object-Oriented Systems......Page 376
34. Panel 2......Page 382
35. Conference Summary......Page 388
INDEX......Page 390
