For 20 years, the IFIP WG 11. 3 Working Conference on Data and Appli- tions Security (DBSEC) has been a major forum for presenting originalresearch results, practical experiences, and innovative ideas in data and applications - curity. Looking back, it is di?cult not to appreciatethe full extent of the change that has occurred in our ?eld. Once considered afterthoughts in systems and application design, data protection, privacy and trust have become the key problems of our day. This central role of security in the information society has however brought increased responsibilities to the research community. - day practitioners and researchers alike need to ?nd new ways to cope with the increasing scale and complexity of the security problems that must be solved on the global information infrastructure. Like the previous conference, the 20th DBSEC has proved to be up to this challenge. DBSEC 2006 received 56 submissions, out of which the program committee selected22 high-qualitypaperscoveringanumber of diverseresearchtopicssuch as access control, privacy, and identity management. We are glad to see that the ?nal program contains a well-balanced mix of theoretical results and practical prototype systems, many of them converging and building o? each other. Also, the DBSEC program includes a number of papers on new, emerging aspects of security research. Putting together a top-level conference like DBSEC is always a team e?ort.
Author(s): Nicola Zannone, Sushil Jajodia, Duminda Wijesekera (auth.), Ernesto Damiani, Peng Liu (eds.)
Series: Lecture Notes in Computer Science 4127
Edition: 1
Publisher: Springer-Verlag Berlin Heidelberg
Year: 2006
Language: English
Pages: 319
Tags: Data Encryption; Computer Communication Networks; Operating Systems; Management of Computing and Information Systems; Algorithm Analysis and Problem Complexity; Special Purpose and Application-Based Systems
Front Matter....Pages -
Creating Objects in the Flexible Authorization Framework....Pages 1-14
Detection and Resolution of Anomalies in Firewall Policy Rules....Pages 15-29
On Finding an Inference-Proof Complete Database for Controlled Query Evaluation....Pages 30-43
Consolidating the Access Control of Composite Applications and Workflows....Pages 44-59
Authenticating Multi-dimensional Query Results in Data Publishing....Pages 60-73
Xml Streams Watermarking....Pages 74-88
Aggregation Queries in the Database-As-a-Service Model....Pages 89-103
Policy Classes and Query Rewriting Algorithm for XML Security Views....Pages 104-118
Interactive Analysis of Attack Graphs Using Relational Queries....Pages 119-132
Notarized Federated Identity Management for Web Services....Pages 133-147
Resolving Information Flow Conflicts in RBAC Systems....Pages 148-162
Policy Transformations for Preventing Leakage of Sensitive Information in Email Systems....Pages 163-178
Term Rewriting for Access Control....Pages 179-193
Discretionary and Mandatory Controls for Role-Based Administration....Pages 194-208
A Distributed Coalition Service Registry for Ad-Hoc Dynamic Coalitions: A Service-Oriented Approach....Pages 209-223
Enhancing User Privacy Through Data Handling Policies....Pages 224-236
Efficient Enforcement of Security Policies Based on Tracking of Mobile Users....Pages 237-251
A Framework for Flexible Access Control in Digital Library Systems....Pages 252-266
Authrule: A Generic Rule-Based Authorization Module....Pages 267-281
Aspect-Oriented Risk Driven Development of Secure Applications....Pages 282-296
From Business Process Choreography to Authorization Policies....Pages 297-309
Information Theoretical Analysis of Two-Party Secret Computation....Pages 310-317
Back Matter....Pages -