IFIP TC6 Open Digital Library

22. DBSec 2008: London, UK

Data and Applications Security XXII, 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, London, UK, July 13-16, 2008, Proceedings

Vijay Atluri

Springer, Lecture Notes in Computer Science 5094, ISBN: 978-3-540-70566-6



Contents

Access Control

Dynamic Meta-level Access Control in SQL.

Steve Barker

 1-16

On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model.

Manachai Toahchoodee, Indrakshi Ray

 17-32

Audit and Logging

A Unified Audit Expression Model for Auditing SQL Queries.

Vikram Goyal, Shyam K. Gupta, Anand Gupta

 33-47

A New Approach to Secure Logging.

Di Ma, Gene Tsudik

 48-63

Keynote

Security, Functionality and Scale?

Ross J. Anderson

 64

Privacy I

P4A: A New Privacy Model for XML.

Angela Cristina Duta, Ken Barker

 65-80

Privacy-Aware Collaborative Access Control in Web-Based Social Networks.

Barbara Carminati, Elena Ferrari

 81-96

A Privacy-Preserving Ticketing System.

Kristof Verslype, Bart De Decker, Vincent Naessens, Girma Nigusse, Jorn Lapon, Pieter Verhaeghe

 97-112

Systems Security

The Analysis of Windows Vista Disk Encryption Algorithm.

Mohamed Abo El-Fotouh, Klaus Diepold

 113-126

Shared and Searchable Encrypted Data for Untrusted Servers.

Changyu Dong, Giovanni Russello, Naranker Dulay

 127-143

Secure Construction of Contingency Tables from Distributed Data.

Haibing Lu, Xiaoyun He, Jaideep Vaidya, Nabil R. Adam

 144-157

Invited Talk

Web Services Security: Techniques and Challenges (Extended Abstract).

Anoop Singhal

 158

Certificate Management

Empirical Analysis of Certificate Revocation Lists.

Daryl Walleck, Yingjiu Li, Shouhuai Xu

 159-174

Using New Tools for Certificate Repositories Generation in MANETs.

Candelaria Hernández-Goya, Pino Caballero-Gil, Oscar Delgado-Mohatar, Jezabel Molina-Gil, Cándido Caballero-Gil

 175-189

Privacy II

Exclusive Strategy for Generalization Algorithms in Micro-data Disclosure.

Lei Zhang 0004, Lingyu Wang, Sushil Jajodia, Alexander Brodsky

 190-204

Protecting the Publishing Identity in Multiple Tuples.

Youdong Tao, Yunhai Tong, Shaohua Tan, Shiwei Tang, Dongqing Yang

 205-218

Panel

Panel Session: What Are the Key Challenges in Distributed Security?.

Steve Barker, David Chadwick, Jason Crampton, Emil Lupu, Bhavani M. Thuraisingham

 219-221

Trusted Computing Platforms

On the Applicability of Trusted Computing in Distributed Authorization Using Web Services.

Aarthi Nagarajan, Vijay Varadharajan, Michael Hitchens, Saurabh Arora

 222-237

Sharing but Protecting Content Against Internal Leakage for Organisations.

Muntaha Alawneh, Imad M. Abbadi

 238-253

Security Policies and Metrics

Regulating Exceptions in Healthcare Using Policy Spaces.

Claudio Agostino Ardagna, Sabrina De Capitani di Vimercati, Tyrone Grandison, Sushil Jajodia, Pierangela Samarati

 254-267

Towards Automation of Testing High-Level Security Properties.

Aiman Hanna, Hai Zhou Ling, Jason Furlong, Mourad Debbabi

 268-282

An Attack Graph-Based Probabilistic Security Metric.

Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia

 283-296

Web and Pervasive Systems

An Opinion Model for Evaluating Malicious Activities in Pervasive Computing Systems.

Indrajit Ray, Nayot Poolsappasit, Rinku Dewri

 297-312

DIWeDa - Detecting Intrusions in Web Databases.

Alex Roichman, Ehud Gudes

 313-329

Securing Workflows with XACML, RDF and BPEL.

Vijayant Dhankhar, Saket Kaushik, Duminda Wijesekera

 330-345