Trusted information : the new decade challenge : IFIP TC11 16th International Conference on Information Security (IFIP/Sec '01), June 11-13, 2001, Paris, France

Since the early eighties IFIP/Sec has been an important rendezvous for Information Technology researchers and specialists involved in all aspects of IT security. The explosive growth of the Web is now faced with the formidable challenge of providing trusted information. IFIP/Sec'01 is the first of this decade (and century) and it will be devoted to "Trusted Information - the New Decade Challenge" This proceedings are divided in eleven parts related to the conference program. Session are dedicated to technologies: Security Protocols, Smart Card, Network Security and Intrusion Detection, Trusted Platforms. Others sessions are devoted to application like eSociety, TTP Management and PKI, Secure Workflow Environment, Secure Group Communications, and on the deployment of applications: Risk Management, Security Policies andTrusted System Design and Management. The year 2001 is a double anniversary. First, fifteen years ago, the first IFIP/Sec was held in France (IFIP/Sec'86, Monte-Carlo) and 2001 is also the anniversary of smart card technology. Smart cards emerged some twenty years ago as an innovation and have now become pervasive information devices used for highly distributed secure applications. These cards let millions of people carry a highly secure device that can represent them on a variety of networks. To conclude, we hope that the rich "menu" of conference papers for this IFIP/Sec conference will provide valuable insights and encourage specialists to pursue their work in trusted information.

• Preface. IFIP/Sec'01 Conference Committees. Part One: eSociety. 1. PyTHIA: Towards Anonymity in Authentication
• D. Gritzalis, et al. 2. Certificate Based PKI and B2B E-Commerce
• Suitable Match or Not?
• K.M. Ang, W.J. Caelli. 3. Internet Anonymity: Problems and Solutions
• C. Eckert, A. Pircher. Part Two: TTP Management and PKI. 4. Reducing Certificate Revocation Cost using NPKI
• A. Levi, C.K. Koc. 5. The Need and Practice of User Authentication and TTP Services in Distributed Health Information Systems
• B. Blobel, P. Pharow. Part Three: Smart Cart. 6. Is the Performance of Smart Card Cryptographic Functions the Real Bottleneck?
• K. Markantonakis. 7. Modelling Audit Security for Smart-Card Payment Schemes with UML-SEC
• J. Jurgens. Part Four: Security Protocols. 8. Strong Forward Security
• M. Burmester, et al. 9. Secret Sharing and Visual Cryptography Schemes
• A. de Bonis, A. de Santis. 10. A Two-Level Time-Stamping System
• A. Gabillon, J. Byun. 11. Security Analysis of the Cliques Protocols Suites: First Results
• O. Pereira, J.-J. Quisquater. Part Five: Secure Workflow Environment. 12. A Secure Workflow System for Dynamic Collaboration
• J.S. Park, et al. 13. On Securely Scheduling a Meeting
• T. Herlea, et al. 14. Modeling and Analyzing Separation of Duties in Workflow Environments
• K. Knorr, H. Stormer. Part Six: Secure Group Communications. 15. Group Security Association (GSA) Management in IP Multicast
• T.Hardjono, et al. 16. Communication-Efficient Group Key Agreement
• Y. Kim, et al. Part Seven: Security Policies. 17. Going Beyond MAC and DAC Using Mobile Policies
• A. Fayad, et al. 18. An Access Control Model for Data Archives
• P. Bonatti, et al. Part Eight: Risk Management. 19. Checklist-Based Risk Analysis with Evidential Reasoning
• S. Cho, Z. Ciechanowicz. 20. Improving the Protection of Assets in Open Distributed Systems by Use of X-ifying Risk Analysis
• A. Frisinger. 21. The Security Model to Combine the Corporate and Information Security
• T. Virtanen. 22. Design Criteria to Classified Information Systems Numerically
• T. Virtanen. Part Nine: Network Security and Intrusion Detection. 23. Deception: A Tool and Curse for Security Management
• M. Warren, W. Hutchinson. 24. A Methodology to Detect Temporal Regularities in User Behavior for Anomaly Detection
• A. Seleznyov. 25. ADeLe: An Attack Description Language for Knowledge-Based Intrusion Detection
• C. Michel, L. Me. 26. Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework
• X. Wang, et al. Part Ten: Trusted Platforms. 27. An Efficient Software Protection Scheme
• A. Mana, E. Pimentel. 28. Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs
• A. Spalka, et al. Part Eleven: Trusted System Design and Management. 29. Security Concerns for Contemporary Development Practices: A Case Study