Data and applications security XVII : status and prospects : IFIP TC11/WG11.3 seventeenth Annual Working Conference on Data and Applications security, August 4-6, 2003, Estes Park, Colorado, USA

Security and privacy are paramount concerns in information processing systems, which are vital to business, government and military operations and, indeed, society itself. Meanwhile, the expansion of the Internet and its convergence with telecommunication networks are providing incredible connectivity, myriad applications and, of course, new threats. Data and Applications Security XVII: Status and Prospects describes original research results, practical experiences and innovative ideas, all focused on maintaining security and privacy in information processing systems and applications that pervade cyberspace. The areas of coverage include: -Information Warfare, -Information Assurance, -Security and Privacy, -Authorization and Access Control in Distributed Systems, -Security Technologies for the Internet, -Access Control Models and Technologies, -Digital Forensics. This book is the seventeenth volume in the series produced by the International Federation for Information Processing (IFIP) Working Group 11.3 on Data and Applications Security. It presents a selection of twenty-six updated and edited papers from the Seventeenth Annual IFIP TC11 / WG11.3 Working Conference on Data and Applications Security held at Estes Park, Colorado, USA in August 2003, together with a report on the conference keynote speech and a summary of the conference panel. The contents demonstrate the richness and vitality of the discipline, and other directions for future research in data and applications security. Data and Applications Security XVII: Status and Prospects is an invaluable resource for information assurance researchers, faculty members and graduate students, as well as for individuals engaged in research and development in the information technology sector.

• Contributing Authors. Preface. Conference Committees. One: Information Warfare. Remote Computer Fingerprinting for Cyber Crime Investigations
• J. Novotny, et al. Improving Damage Assessment Efficacy in Case of Frequent Attacks on Databases
• P. Ragothaman, B. Panda. Two: Information Assurance. Delivering Services with Integrity Guarantees in Survivable Database Systems
• Jianyong Zhang, Peng Liu. Certifying Data from Multiple Sources
• G. Nuckolls, et al. Ensuring the Integrity of Encrypted Databases in the Database-as-a-Service Model
• H. Hacigumus, et al. Adapting Query Optimization Techniques for Efficient Alert Correlation
• Peng Ning, Dingbang Xu. Three: Security and Privacy. Collaborative Privacy Preserving Frequent Item Set Mining in Vertically Partitioned Databases
• E. Gudes, B. Rozenberg. Privacy under Conditions of Concurrent Interaction with Multiple Parties
• M.S. Oliver. Correlated Data Inference
• C. Farkas, A.G. Stoica. Anti-Tamper Databases: Querying Encrypted Databases
• G. Ozsoyoglu, et al. Four: Authorization and Access Control in Distributed Systems. Administration Rights in the SDSD-System
• J. Biskup, et al. Secure Authorization for Web Services
• S. Indrakanti, et al. A Decentralized Approach for Controlled Sharing of Resources in Virtual Communities
• E. Bertino, et al. Supporting Delegation in Secure Workflow Management Systems
• V. Atluri, et al. Five: Security Technologies for the Internet. Modifying LDAP to Support PKI
• D.W. Chadwick, et al. ECPV: Efficient Certificate Path Validation in Public-Key Infrastructure
• M. Halappanavar, R. Mukkamala. Semantics-Aware PerimeterProtection
• M. Cremonini, et al. Systematic Development of a Family of Fair Exchange Protocols
• P.D. Ezhilchelvan, S.K. Shrivastava. Six: Access Control Models and Technologies. High-Speed Access Control for XML Documents
• Jong P. Yoon. Chinese Wall Security Policy Models: Information Flows and Confining Trojan Horses
• Tsau Young Lin. RBAC Policy Implementation for SQL Databases
• S. Barker, P. Douglas. An Administrative Model for Role Graphs
• He Wang, S.L. Osborne. Safety and Liveness for an RBAC/MAC Security Model
• C. Phillips, et al. Schema-Based XML Security: RBAC Approach
• Xinwen Zhang, et al. Persistent versus Dynamic Role Membership
• J. Bacon, et al. FlexFlow: A Flexible Flow Control Policy Specification Framework
• Shiping Chen, et al. Seven: Key Note. Data and Applications Security: Past, Present and Future
• B. Thuraisingham. Eight: Panel. Digital Forensics: Operational, Legal and Research Issues
• M. Pollitt, et al.