Information security for global information infrastructures : IFIP TC11 sixteenth annual Working Conference on Information Security, August 22-24, 2000, Beijing, China

IFIP/SEC2000, being part of the 16th IFIP World Computer Congress (WCC2000), is being held in Beijing, China from August 21 to 25, 2000. SEC2000 is the annual conference of TCll (Information Security) of the International Federation of Information Processing. The conference focuses on the seamless integration of information security services as an integral part of the Global Information Infrastructure in the new millenniUm. SEC2000 is sponsored by the China Computer Federation (CCF), IFIP/TCll, and Engineering Research Centre for Information Security Technology, Chinese Academy of Sciences (ERCIST, CAS). There were 180 papers submitted for inclusion, 50 papers among them have been accepted as long papers and included in this proceeding, 81 papers have been accepted as short papers and published in another proceeding. All papers presented in this conference were reviewed blindly by a minimum of two international reviewers. The authors' affiliations of the 180 submissions and the accepted 131 papers range over 26 and 25 countries or regions, respectively. We would like to appreciate all who have submitted papers to IFIP/SEC2000, and the authors of accepted papers for their on-time preparation of camera-ready fmal versions. Without their contribution there would be no conference. We wish to express our gratitude to all program committee members and other reviewers for their hard work in reviewing the papers in a short time and for contributing to the conference in different ways. We would like to thank Rein Venter for his time and expertise in compiling the fmal version of the proceedings.

• Preface. Acknowledgements. Part one - Reviewed papers
• 1. IT Security Certification and Criteria
• K. Rannenberg. 2. Information Security: Process Evaluation and Product Evaluation
• M. Eloff, B. von Solms. 3.Managing Information Security in Healthcare - an Action Research Experience
• H. Armstrong. 4.From Trusted Information Security Controls to a Trusted Information Security Environment
• R. von Solms, H. van de Haar. 5. A Qualitative Approach to Information Availability
• T. Tryfonas, et al. 6. A Postgraduate Programme on Information and Communication Systems Security
• S. K. Katsikas. 7. Information Security Management through Measurement
• E. von Solms, B. von Solms. 8.The Defense Framework for Large-scale Computer Network System
• J. Jiang, et al. 9. Identity Mapping: An Approach to Unravel Enterprise Security Management Policies
• W. Essmayr, E. Weippl. 10. Independent Policy Oriented Layering of Security Services
• H. Leitold, et al. 11. Reducing Computer Fraud through Situational Crime Prevention
• R. Willison. 12. Policies for Construction of Information Systems' Security Guidelines: Five Approaches
• M. T. Siponen. 13. DNA-proofing' for Computer Systems - A New Approach to Computer Security? B. Louwrens, B. von Solms. 14.Using Smart Cards in an Educational Environment: Services and Security Features
• C. Lambrinoudakis. 15.MASS: Model for an Auditing Security System
• A. Liebenberg, J. Eloff. 16. Classifying Information for External Release
• S. Dawson, et al. 17. Using Mobile Agent Results to Create Hard-To-Detect Computer Viruses
• Y. Wang. 18.CARDS: A Distributed System for Detecting Coordinated Attacks
• J. Yang, et al. 19.Robust Audio Watermarking based on Secure Spread Spectrum and Auditory Perception Model
• P. Horvatic, et al. 20.A Simple and Efficient Approach to Verifying Cryptographic Protocols
• S. Yongxing, W. Xinmei. 21. Power Analysis of RC6 and Serpent
• W. Wenling, et al. 22.A Simple Algorithm for Computing Several Sequences Synthesis
• W. Mingsheng, et al. 23. GSFS A New Group-Aware Cryptographic File System
• C. Eckert, et al. 24. Robustness-Agile Encryptor for ATM Networks
• H. Leitold, et al. 25. Fast Construction of Secure Discrete Logarithm Problems over Jacobian Varieties
• J. Chao, et al. 26. A New Serial/Parallel Architecture for a Low Power Modular Multiplier
• J. Grossschadl. 27.Defending Against Null Calls Stream Attacks by Using a Double-Threshold Dynamic Filter
• H. Xu, et al. 28.A Multi-party Non-repudiation Protocol
• S. Kremer, O. Markowitch. 29.Analysis and Design of E-voting Protocol
• J. Shaoquan, et al. 30. Integrated Multi-Agent Approach to Network Security Assurance: Models of Agents' Community
• V. Gorodetski, et al. 31. Towards Network Denial of Service Resistant Protocols
• J. Leiwo, et al. 32. A Generic Graphical Specification Environment for Security Protocol Modelling
• E. Saul, A. Hutchison. 33.Anonymous Electronic Voting System with Non-Transferable Voting Passes
• R. Chan, et a