This volume contains the papers presented at the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC) held in L- don, UK, July 13–16, 2008. This year’s working conference continued its tra- tion of being a forum for disseminating original research results and practical experiences in data and applications security. This year we had an excellent program that consists of 9 research paper s- sions with 22 high-quality research papers, which were selected from a total of 56 submissions after a rigorous reviewing process by the Program Committee members and external reviewers. These sessions included such topics as access control, privacy, auditing, systems security and data security in advanced app- cation domains. In addition, the programincluded a keynote address, an invited talk and a panel session. The success of this conference was a result of the e?orts of many people. I would like to extend my appreciation to the Program Committee members and external reviewers for their hard work. I would like to thank the General Chair, SteveBarker,fortakingcareoftheorganizationaspectsoftheconferenceandfor arranging the keynote address and the panel session. I would also like to thank Claudio Ardagna for serving as the Publicity Chair and for promptly updating the conference Web page, and Don Lokuadassuriyage for serving as the Local Arrangements Chair. Special thanks go to Alfred Hofmann, Editorial Director at Springer, for agreeing to include these conference proceedings in the Lecture Notes in Computer Science series.
Author(s): Steve Barker (auth.), Vijay Atluri (eds.)
Series: Lecture Notes in Computer Science 5094 : Information Systems and Applications, incl. Internet/Web, and HCI
Edition: 1
Publisher: Springer-Verlag Berlin Heidelberg
Year: 2008
Language: English
Pages: 352
Tags: Data Encryption; Computer Communication Networks; Systems and Data Security; Management of Computing and Information Systems; Algorithm Analysis and Problem Complexity; Special Purpose and Application-Based Systems
Front Matter....Pages -
Dynamic Meta-level Access Control in SQL....Pages 1-16
On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model....Pages 17-32
A Unified Audit Expression Model for Auditing SQL Queries....Pages 33-47
A New Approach to Secure Logging....Pages 48-63
Security, Functionality and Scale?....Pages 64-64
P4A: A New Privacy Model for XML....Pages 65-80
Privacy-Aware Collaborative Access Control in Web-Based Social Networks....Pages 81-96
A Privacy-Preserving Ticketing System....Pages 97-112
The Analysis of Windows Vista Disk Encryption Algorithm....Pages 113-126
Shared and Searchable Encrypted Data for Untrusted Servers....Pages 127-143
Secure Construction of Contingency Tables from Distributed Data....Pages 144-157
Web Services Security: Techniques and Challenges (Extended Abstract)....Pages 158-158
Empirical Analysis of Certificate Revocation Lists....Pages 159-174
Using New Tools for Certificate Repositories Generation in MANETs....Pages 175-189
Exclusive Strategy for Generalization Algorithms in Micro-data Disclosure....Pages 190-204
Protecting the Publishing Identity in Multiple Tuples....Pages 205-218
Panel Session: What Are the Key Challenges in Distributed Security?....Pages 219-221
On the Applicability of Trusted Computing in Distributed Authorization Using Web Services....Pages 222-237
Sharing but Protecting Content Against Internal Leakage for Organisations....Pages 238-253
Regulating Exceptions in Healthcare Using Policy Spaces....Pages 254-267
Towards Automation of Testing High-Level Security Properties....Pages 268-282
An Attack Graph-Based Probabilistic Security Metric....Pages 283-296
An Opinion Model for Evaluating Malicious Activities in Pervasive Computing Systems....Pages 297-312
DIWeDa - Detecting Intrusions in Web Databases....Pages 313-329
Securing Workflows with XACML, RDF and BPEL....Pages 330-345
Back Matter....Pages -
