IFIP TC6 Open Digital Library

SEC 2007: Sandton, South Africa

New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC-11 22nd International Information Security Conference (SEC 2007), 14-16 May 2007, Sandton, South Africa

Hein S. Venter, Mariki M. Eloff, Les Labuschagne, Jan H. P. Eloff, Rossouw von Solms

Springer, IFIP 232, ISBN: 978-0-387-72366-2


Digital Forensics

FORSIGS: Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints.

John Haggerty, Mark John Taylor


Digital Forensic Readiness as a Component of Information Security Best Practice.

Talania Grobler, Buks Louwrens


Human-Computer Interaction I

Value creation and Return On Security Investments (ROSI).

Christer Magnusson, Josef Molvidsson, Sven Zetterqvist


Usability and Security of Personal Firewalls.

Almut Herzog, Nahid Shahmehri


Computer-Based Trust

Trusted Ticket Systems and Applications.

Nicolai Kuntze, Andreas U. Schmidt


Trust Evaluation for Web Applications based on Behavioral Analysis.

Luiz Fernando Rust C. Carmo, Breno G. de Oliveira, Augusto C. Braga


Information Security Management I

Improving the Information Security Model by using TFI.

Rose-Marie Åhlfeldt, Paolo Spagnoletti, Guttorm Sindre


Ontological Mapping of Common Criteria's Security Assurance Requirements.

Andreas Ekelhart, Stefan Fenz, Gernot Goluch, Edgar R. Weippl


Network Security I

Management of Exceptions on Access Control Policies.

Joaquín García-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia


Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols.

Tieyan Li, Guilin Wang


Information Security Management II

Exploratory survey on an Evaluation Model for a Sense of Security.

Natsuko Hikage, Yuko Murayama, Carl Hauser


Employees' Adherence to Information Security Policies: An Empirical Study.

Mikko T. Siponen, Seppo Pahnila, M. Adam Mahmood


Network Security II

Phishing in the Wireless: Implementation and Analysis.

Ivan Martinovic, Frank A. Zdarsky, Adam Bachorek, Christian Jung, Jens B. Schmitt


Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks.

Tyler Moore, Jolyon Clulow


Access Control I

A Credential-Based System for the Anonymous Delegation of Rights.

Liesje Demuynck, Bart De Decker, Wouter Joosen


Development and Application of a Proxy Server for Transparently, Digitally Signing E-Learning Content.

Christian J. Eibl, Basie von Solms, Sigrid E. Schubert


Human-Computer Interaction II

Identity Theft - Empirical evidence from a Phishing Exercise.

Tjaart Steyn, Hennie A. Kruger, Lynette Drevin


A Practical Usability Evaluation of Security Features in End-User Applications.

Steven Furnell, Dimitris Katsabas, Paul Dowland, Fraser Reid


Intrusion Detection Systems

Personal Anomaly-based Intrusion Detection Smart Card Using Behavioural Analysis.

A. Maciej Rossudowski, Hein S. Venter, Jan H. P. Eloff


A Survey of Bots Used for Distributed Denial of Service Attacks.

Vrizlynn L. L. Thing, Morris Sloman, Naranker Dulay


Access Control II

A Hybrid PKI-IBC Based Ephemerizer System.

Srijith Krishnan Nair, Muhammad Torabi Dashti, Bruno Crispo, Andrew S. Tanenbaum


Keystroke Analysis for Thumb-based Keyboards on Mobile Devices.

Sevasti Karatzouni, Nathan L. Clarke


Information Privacy I

Security Remarks on a Convertible Nominative Signature Scheme.

Guilin Wang, Feng Bao


Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions.

Alapan Arnab, Andrew Hutchison


Access Control III

A Role-Based Architecture for Seamless Identity Management and Effective Task Separation.

Evangelos Kotsovinos, Ingo Friese, Martin Kurze, Jörg Heuer


Extending Role Based Access Control Model for Distributed Multidomain Applications.

Yuri Demchenko, Leon Gommans, Cees de Laat


Information Privacy II

A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy.

Claudio Agostino Ardagna, Marco Cremonini, Ernesto Damiani, Sabrina De Capitani di Vimercati, Pierangela Samarati


Enabling Privacy of Real-Life LBS.

Jan Zibuschka, Lothar Fritsch, Mike Radmacher, Tobias Scherner, Kai Rannenberg


Access Control IV

Crafting Web Counters into Covert Channels.

Xiapu Luo, Edmond W. W. Chan, Rocky K. C. Chang


OPA: Onion Policy Administration Model - Another approach to manage rights in DRM.

Thierry Sans, Frédéric Cuppens, Nora Cuppens-Boulahia


Security Services

Non-Repudiation in Internet Telephony.

Nicolai Kuntze, Andreas U. Schmidt, Christian Hett


FirePatch: Secure and Time-Critical Dissemination of Software Patches.

Håvard D. Johansen, Dag Johansen, Robbert van Renesse


Access Control V

An Experimental Evaluation of Multi-Key Strategies for Data Outsourcing.

Ernesto Damiani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati


Building a Distributed Semantic-aware Security Architecture.

Jan Kolter, Rolf Schillinger, Günther Pernul


Trust and Intrusion Detection Systems

Using Trust to Resist Censorship in the Presence of Collusion.

Andriy Panchenko, Lexi Pimenidis


Evaluating the Effects of Model Generalization on Intrusion Detection Performance.

Zhuowei Li, Amitabha Das, Jianying Zhou


Keynote Paper

Modernising MAC: New Forms for Mandatory Access Control in an Era of DRM.

William J. Caelli


IFIP WG 9.6/11.7 - IT Misuse and the Law & the NoE "Future of Identity in the Information Society" (FIDIS) - Workshop on Security and Control of Identity in Society

Covert Identity Information in Direct Anonymous Attestation (DAA).

Carsten Rudolph


Safeguarding Personal Data using Rights Management in Distributed Applications.

Adolf Hohl, Alf Zugenmaier


Identification Now and in the Future: Social Grant Distribution Process in South Africa.

Stephen Flowerday, Gideon Ranga


Hard-drive Disposal and Identity Fraud.

Paula Thomas, Theodore Tryfonas


An analysis of security and privacy issues relating to RFID enabled ePassports.

Eleni Kosta, Martin Meints, Marit Hansen, Mark Gasson


IFIP WG 11.1/11.8 Workshop on Fostering Knowledge and SkUls for Manageable Information Security

Toward User Evaluation of IT Security Certification Schemes: A Preliminary Framework.

Nicholas Tate, Sharman Lichtenstein, Matthew J. Warren


Teaching of Information Security in the "Health Care and Nursing" Postgraduate program.

Tatjana Welzer, Marko Hölbl, Ana Habjanic, Bostjan Brumen, Marjan Druzovec


Remote Virtual Information Assurance Network.

Ronald C. Dodge, Corey Bertram, Daniel Ragsdale


Certifying the Computer Security Professional Using the Project Management Institute's PMP Model.

Kara L. Nance, Brian Hay