Trust, privacy, and security in digital Business : Third International Conference, TrustBus 2006, Kraków, Poland, September 2006 : proceedings

This book constitutes the refereed proceedings of the Third International Conference on Trust and Privacy in Digital Business, TrustBus 2006, held in conjunction with DEXA 2006. The book presents 24 carefully reviewed, revised full papers, organized in topical sections on privacy and identity management, security and risk management, security requirements and development, privacy enhancing technologies and privacy management, access control models, trust and reputation, security protocols and more.

Session 1: Privacy and Identity Management.- Towards Scalable Management of Privacy Obligations in Enterprises.- A New User-Centric Identity Management Infrastructure for Federated Systems.- Session 2: Security and Risk Management.- Information Security Risk Assessment Model for Risk Management.- On the Limits of Cyber-Insurance.- Towards a Risk Management Perspective on AAIs.- Session 3: Security Requirements and Development.- Towards a UML 2.0 Extension for the Modeling of Security Requirements in Business Processes.- A Framework for Exploiting Security Expertise in Application Development.- On Diffusion and Confusion - Why Electronic Signatures Have Failed.- Session 4: Privacy Enhancing Technologies and Privacy Management.- Extending P3P to Facilitate Proxies Which Pose as a Potential Threat to Privacy.- A Systematic Approach to Privacy Enforcement and Policy Compliance Checking in Enterprises.- A Generic Privacy Enhancing Technology for Pervasive Computing Environments.- Bringing the User Back into Control: A New Paradigm for Usability in Highly Dynamic Systems.- Session 5: Access Control Models.- Extending SQL to Allow the Active Usage of Purposes.- FGAC-QD: Fine-Grained Access Control Model Based on Query Decomposition Strategy.- A Framework for Modeling Restricted Delegation in Service Oriented Architecture.- Session 6: Trust and Reputation.- Reputation-Based Trust Systems for P2P Applications: Design Issues and Comparison Framework.- Towards Trust in Digital Rights Management Systems.- Cluster-Based Analysis and Recommendation of Sellers in Online Auctions.- Trust Model Architecture: Defining Prejudice by Learning.- Session 7: Security Protocols.- How to Protect a Signature from Being Shown to a Third Party.- Security Analysis and Improvement for Key Issuing Schemes in ID-Based Cryptography.- A Secure E-Tender Submission Protocol.- Session 8: Security and Privacy in Mobile Environments.- A Sophisticated Solution for Revealing Attacks on Wireless LAN.- Information Leakage in Ubiquitous Voice-over-IP Communications.