This book presents the proceedings of the Third International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2006), held in Kraków, Poland, September 5-7, 2006. The conference continues from previous events held in Zaragoza (2004) and Copenhagen (2005), and maintains the aim of bringing together academic researchers and industry developers to discuss the state of the art in technology for establishing trust, privacy and security in digital business. We thank the attendees for coming to Kraków to participate and debate the new emerging advances in this area. The conference programme included two keynote presentations, one panel session and eight technical papers sessions. The keynote speeches were delivered by Jeremy Ward from Symantec EMEA on the topic of “Building the Information Assurance Community of Purpose”, and by Günter Karjoth from IBM Research - Zurich, with a talk entitled “Privacy Practices and Economics –– From Privacy Policies to Privacy SLAs. ” The subject of the panel discussion was “Is Security Without Trust Feasible?” chaired by Leszek T. Lilien from Western Michigan University, USA. The reviewed paper sessions covered a broad range of topics, from access control models to security and risk management, and from privacy and identity management to security protocols. The conference attracted 70 submissions, each of which was assigned to four referees for review. The Programme Committee ultimately accepted 24 papers for inclusion, which were revised based upon comments from their reviews.
Author(s): Marco Casassa Mont (auth.), Simone Fischer-Hübner, Stevel Furnell, Costas Lambrinoudakis (eds.)
Series: Lecture Notes in Computer Science 4083
Edition: 1
Publisher: Springer-Verlag Berlin Heidelberg
Year: 2006
Language: English
Pages: 250
Tags: Computers and Society; Management of Computing and Information Systems; Data Encryption; Computer Communication Networks; Operating Systems; Business Information Systems
Front Matter....Pages -
Towards Scalable Management of Privacy Obligations in Enterprises....Pages 1-10
A New User-Centric Identity Management Infrastructure for Federated Systems....Pages 11-20
Information Security Risk Assessment Model for Risk Management....Pages 21-30
On the Limits of Cyber-Insurance....Pages 31-40
Towards a Risk Management Perspective on AAIs....Pages 41-50
Towards a UML 2.0 Extension for the Modeling of Security Requirements in Business Processes....Pages 51-61
A Framework for Exploiting Security Expertise in Application Development....Pages 62-70
On Diffusion and Confusion – Why Electronic Signatures Have Failed....Pages 71-80
Extending P3P to Facilitate Proxies Which Pose as a Potential Threat to Privacy....Pages 81-90
A Systematic Approach to Privacy Enforcement and Policy Compliance Checking in Enterprises....Pages 91-102
A Generic Privacy Enhancing Technology for Pervasive Computing Environments....Pages 103-113
Bringing the User Back into Control: A New Paradigm for Usability in Highly Dynamic Systems....Pages 114-122
Extending SQL to Allow the Active Usage of Purposes....Pages 123-131
FGAC-QD: Fine-Grained Access Control Model Based on Query Decomposition Strategy....Pages 132-141
A Framework for Modeling Restricted Delegation in Service Oriented Architecture....Pages 142-151
Reputation-Based Trust Systems for P2P Applications: Design Issues and Comparison Framework....Pages 152-161
Towards Trust in Digital Rights Management Systems....Pages 162-171
Cluster-Based Analysis and Recommendation of Sellers in Online Auctions....Pages 172-181
Trust Model Architecture: Defining Prejudice by Learning....Pages 182-191
How to Protect a Signature from Being Shown to a Third Party....Pages 192-202
Security Analysis and Improvement for Key Issuing Schemes in ID-Based Cryptography....Pages 203-212
A Secure E-Tender Submission Protocol....Pages 213-222
A Sophisticated Solution for Revealing Attacks on Wireless LAN....Pages 223-232
Information Leakage in Ubiquitous Voice-over-IP Communications....Pages 233-242
Back Matter....Pages -