Computer security : proceedings of the IFIP TC11 Ninth International Conference on Information Security, IFIP/Sec '93, Toronto, Canada, 12-14 May, 1993

This publication explores not only the evolution of computer security but future developments anticipated in the field. Many aspects of this increasingly significant area are considered, including the relationship between international standards and organizational security in both small and large systems. The importance of constantly improving and updating training and education is also discussed. Contributions are sourced from a broad base of world-renowned specialists and the book will therefore be of prime interest to researchers, developers and managers in the academic and industrial spheres alike.

Kristian Beckman Award Address: A View of Information Security Tomorrow. (H.J. Highland). Opening Keynote Address: The Evolution of IT Security Convergence. (P.R. Gallagher, Jr.). Teaching security basics: the importance of when and how (V. Fak, A. Hunstad). The MSc in information security at Royal Holloway (D. Gollmann). Information security in the small systems context: a framework for understanding (G.G. Gable, H.J. Highland). Developing awareness, training and education: a cost effective tool for maintaining system integrity (C.D. Schou, W.V. Maconachy, J. Frost). Teaching computer security (M. Bishop). The filter model of information security: a conceptual model for education and training (A.R. Smith). Shamir's scheme says it all (E. Dawson, D. Donovan). LUC: A new public key system (P.J. Smith, M.J.J. Lennon). The encapsulated security services interface (ESSI) (P. Lin). Context-dependent access control in distributed systems (H. Strack, K.-Y. Lam). Internal control by objectives: the functional control matrix (K.H. Krueger). International standards and organizational security needs: bridging the gap (C.J. Bosch, J.H.P. Eloff, J.M. Carroll). The risk data repository: a novel approach to security risk modelling (A.M. Anderson, D. Longley, A.B. Tickle). Turning multiple evaluated products into trusted systems with assurance (D. Gambel, J. Fowler). Historical labels in open distribued IT systems: an ITSEC/ECMA specification (S. Kowalski). A model for organising information security documentation (L.M. du Toit, S.H. von Solms). Planning for the EDI of tomorrow using electronic document authorization (S. Russell). The EDP auditor: disappearing or adapting (G.G. Gable, G.B. Davis). Electronic Data Interface (EDI) security and audit: a practical approach (I. Ekebrink). A generic security platform for workstations (B. Lindberg). Evaluation of an academic programme in IT security 1985-1990 (L. Yngstroem). Fighting the viruses: practical anti-virus training (M. Larsson). A quantitative accreditation model - assessing the value of assurance (M. Ohlin). Superseding manual generation of access control specification - from policies to profiles (D. Pottas, S.H. von Solms). Extending the ISO access framework for multiple policies (M.D. Abrams, M.V. Joyce). Evolution of IT security in India - implementation issues (K. Subramanian). Legal response to a computer crime - retrospect of a mere chance case (J. Saari). Information systems security and fraud prevention in office automation systems (P.M. Stanley). A process approach to information security management (R. von Solms, S.H. von Solms, J.M. Carroll). MRA: a computational technique for security in high-performance systems (M. Abdelguerfi, A. Dunham, W. Patterson).