Information Security Practice and Experience

First International Conference, ISPEC 2005, Singapore, April 11-14, 2005, Proceedings

Robert H. Deng, Feng Bao, HweeHwa Pang, Jianying Zhou (Herausgeber)

Buch | Softcover

XII, 428 Seiten

2005 | 2005
Springer Berlin (Verlag)
978-3-540-25584-0 (ISBN)

Artikel merken

The inaugural Information Security Practice and Experience Conference (ISPEC) was held on April 11-14, 2005, in Singapore. As applications of information security technologies become pervasive, - sues pertaining to their deployment and operation are becoming increasingly important. ISPEC is intended to be an annual conference that brings together researchers and practitioners to provide a con?uence of new information se- rity technologies, their applications and their integration with IT systems in various vertical sectors. The Program Committee consisted of leading experts in the areas of information security, information systems, and domain experts in applications of IT in vertical business segments. The topics of the conference covered security applications and case studies, access control, network security, data security, secure architectures, and cryp- graphic techniques. Emphasis was placed on the application of security research to meet practical user requirements, both in the paper selection process and in the invited speeches. Acceptance into the conference proceedings was very competitive. The Call for Papers attracted more than 120 submissions, out of which the Program Committee selected only 35 papers for inclusion in the proceedings. Thisconferencewasmadepossibleonlythroughthecontributionsfrommany individuals and organizations. We would like to thank all the authors who s- mitted papers. We also gratefully acknowledge the members of the Program Committee and the external reviewers, for the time and e?ort they put into reviewing the submissions. Special thanks are due to Ying Qiu for managing the website for paper s- mission,reviewandnoti?cation.PatriciaLohwaskindenoughtoarrangeforthe conference venue, and took care of the administration in runningthe conference.

Network Security.- Risk Assessment of Production Networks Using Honeynets - Some Practical Experience.- POSSET - Policy-Driven Secure Session Transfer.- Modeling and Evaluation of Security Architecture for Wireless Local Area Networks by Indexing Method: A Novel Approach.- Robust Routing in Malicious Environment for Ad Hoc Networks.- Cryptographic Techniques I.- Short Linkable Ring Signatures for E-Voting, E-Cash and Attestation.- Tracing Traitors by Guessing Secrets. The q-Ary Case.- Probabilistic Analyses on Finding Optimal Combinations of Primality Tests in Real Applications.- Countermeasures for Preventing Comb Method Against SCA Attacks.- Secure Architecture I.- An Email Worm Vaccine Architecture.- Enforcing the Principle of Least Privilege with a State-Based Privilege Control Model.- Security On-demand Architecture with Multiple Modules Support.- Measuring Resistance to Social Engineering.- Access Control.- Conformance Checking of RBAC Policy and its Implementation.- A Practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications.- A Task-Oriented Access Control Model for WfMS.- Intrusion Detection.- A Brief Observation-Centric Analysis on Anomaly-Based Intrusion Detection.- Detection of Distributed Denial of Service Attacks Using Statistical Pre-processor and Unsupervised Neural Networks.- Visual Spoofing of SSL Protected Web Sites and Effective Countermeasures.- Model Redundancy vs. Intrusion Detection.- Applications and Case Studies.- An Open Approach for Designing Secure Electronic Immobilizers.- An Empirical Study on the Usability of Logout in a Single Sign-on System.- Secure Software Delivery and Installation in Embedded Systems.- A Restricted Multi-show Credential System and Its Application on E-Voting.- Secure ArchitectureII.- Recard: Using Recommendation Cards Approach for Building Trust in Peer-to-Peer Networks.- Using Trust for Restricted Delegation in Grid Environments.- Computer Vulnerability Evaluation Using Fault Tree Analysis.- An Identity-Based Grid Security Infrastructure Model.- Data Security.- Towards Multilateral-Secure DRM Platforms.- Hiding Data in Binary Images.- Performance Analysis of CDMA-Based Watermarking with Quantization Scheme.- Protecting Mass Data Basing on Small Trusted Agent.- Cryptographic Techniques II.- On the Security of Some Nonrepudiable Threshold Proxy Signature Schemes.- Token-Controlled Public Key Encryption.- A New Class of Codes for Fingerprinting Schemes.- t-Out-of-n String/Bit Oblivious Transfers Revisited.

Erscheint lt. Verlag	5.4.2005
Reihe/Serie	Lecture Notes in Computer Science
Reihe/Serie	Security and Cryptology
Zusatzinfo	XII, 428 p.
Verlagsort	Berlin
Sprache	englisch
Maße	152 x 229 mm
Gewicht	661 g
Themenwelt	Informatik ► Theorie / Studium ► Kryptologie
Schlagworte	authentication • cryptography • Data Security • denial of service • Digital Signatures • DRM • Information • Information Security • installatioin • Intrusion Detection • Network Security • oblivious transfer • Routing • Secure Communications • security • security architectures • session • Systems Security • Trust
ISBN-10	3-540-25584-2 / 3540255842
ISBN-13	978-3-540-25584-0 / 9783540255840
Zustand	Neuware