Information security : proceedings of the IFIP TC11 Seventh International Conference on Information Security : Creating Confidence in Information Processing, IFIP/Sec '91, Brighton, UK, 15-17 May 1991
Author(s)
Bibliographic Information
Information security : proceedings of the IFIP TC11 Seventh International Conference on Information Security : Creating Confidence in Information Processing, IFIP/Sec '91, Brighton, UK, 15-17 May 1991
North-Holland , Elsevier Science Pub. Co. [distributor], 1991
Available at 13 libraries
  Aomori
  Iwate
  Miyagi
  Akita
  Yamagata
  Fukushima
  Ibaraki
  Tochigi
  Gunma
  Saitama
  Chiba
  Tokyo
  Kanagawa
  Niigata
  Toyama
  Ishikawa
  Fukui
  Yamanashi
  Nagano
  Gifu
  Shizuoka
  Aichi
  Mie
  Shiga
  Kyoto
  Osaka
  Hyogo
  Nara
  Wakayama
  Tottori
  Shimane
  Okayama
  Hiroshima
  Yamaguchi
  Tokushima
  Kagawa
  Ehime
  Kochi
  Fukuoka
  Saga
  Nagasaki
  Kumamoto
  Oita
  Miyazaki
  Kagoshima
  Okinawa
  Korea
  China
  Thailand
  United Kingdom
  Germany
  Switzerland
  France
  Belgium
  Netherlands
  Sweden
  Norway
  United States of America
Note
Includes bibliographical references
Description and Table of Contents
Description
This proceedings examines the critical information security issues facing British Computer Society. Presented are technical, as well as organisational solutions by a distinguished list of international contributors. Particular subjects discussed include Information Technology Security Evaluation Criteria, logical access control mechanisms, security management and awareness, applications and database security, EDI security, PC security and auditing and control aspects. Specific concerns about computer viruses and how to deal with them are reviewed, as well as on a more general basis, how to investigate computer crime. Attention is also given to legislative measures which are increasingly being adopted to provide additional information protection against activities which damage individuals and organizations.
Table of Contents
Keynote. Criteria, Evaluation and the International Environment: Where Have We Been, Where are We Going (S.B. Lipner). The UK Dept. of Trade and Industry's Commercial Computer Centre (D. Brewer et al.). Security Criteria Harmonization: The Information Technology Security Evaluation Criteria (M. Nash et al.). Commercial Security Evaluation (J. Straw and P. Fagan). Security Assessment and Conformance Testing (B.J. Chorley and W.L. Price). A Generalized Testbed for Analysing Block and Stream Ciphers (L. Brown, J. Pieprzyk, R. Safavi-Naini and J. Seberry). Digital Signatures (F. Piper). Laying the Groundwork for a Model Information Security Program (J.A. Schweitzer). Policy Route Certification: Requirements and Techniques (D. Nessett and D. Solo). Audit Control in Databases (S. Wiseman). Knowledge Based Systems: Audit, Security and Validation Issues (W.T. Tener). Auditing Expert Systems (R.R. Moeller). Building Security Applications (J. Checkley). A Role-based Modelling of Access Control with the Help of Frames (D. Jonscher and W. Gerhardt). Finding Better Methods for Identity Verification by Signatures (A. Hunstad). A Proactive Password (M. Bishop). Personal Identification - Biometrics (J.R. Parks). Promoting a Healthy Scepticism with Regard to Information Processing (D.F. Stevens). Running Corporate and National Security Awareness Programmes (W. Murray). Using Ada for Embedded Secure Systems (A. Wood). Reliable Processing of Confidential Information (G. Trouessin, J-C Fabre and Y. Deswarte). Privacy-Enhanced Electronic Mail: From Architecture to Implementation (J. Linn). ISDN-Mixes: Utracable Communication with Very Small Bandwidth Overhead (A. Pfitzmann, B. Pfitzmann and M. Waidner). Creating Confidence through Consensus (S. Kowalski). Errors are the Real Problem (W. List). Security and Credibility and some Fundamental Flaws (J.M. Carroll). Top Management Challenge - From Quantitative Guesses to Prudent Baseline of Security (J. Saari). Policing the PC - a "Neighbourhood Watch" Scheme (R. Clark). Comparing Risk Analysis Methodologies (A.M. Anderson). A Multi-Level Secure TCP/IP (R.L. Sharp and B.K. Yaski). Adapting Applications to Multi-Level Secure Unix Systems (K.A. Siil). An Architectural Approach to the Interface between Applications Programs and Security Sub-Systems (J. Sherwood and V. Gallo). A New Formal Model for Controlling Security in Multi-Domained Computer Environments (S.H. von Solms and W.H. Boshoff). Rationale for GOSIP Security Architecture (T. Knowles). EDI Security - Today and Tomarrow (J. Williamson and J.E. Draper). Information Security Control - Authority and Accountability in Practice (W.R.F. Pepper). Are your Fund Transfer Systems Secure (J.M. Ross). Concepts of an Expert System for Virus Detection (K. Brunnstein, S. Fischer-Hubner and M. Swimmer). Computer Viruses - Directions and Trends (J. Hruska). The Security of a Distributed System and its Relationship to the Environment it Serves (R.W. Jones).
by "Nielsen BookData"