IFIP TC6 Open Digital Library

SEC 2009: Pafos, Cyprus

Emerging Challenges for Security, Privacy and Trust, 24th IFIP TC 11 International Information Security Conference, SEC 2009, Pafos, Cyprus, May 18-20, 2009. Proceedings

Dimitris Gritzalis, Javier Lopez

Springer, IFIP Advances in Information and Communication Technology 297, ISBN: 978-3-642-01243-3


Identification and Authentication I

Flexible and Transparent User Authentication for Mobile Devices.

Nathan L. Clarke, Sevasti Karatzouni, Steven Furnell


Combining Authentication, Reputation and Classification to Make Phishing Unprofitable.

Amir Herzberg


Audio CAPTCHA for SIP-Based VoIP.

Yannis Soupionis, George Tountas, Dimitris Gritzalis


Threats and Attacks

Roving Bugnet: Distributed Surveillance Threat and Mitigation.

Ryan Farley, Xinyuan Wang


On Robust Covert Channels Inside DNS.

Lucas Nussbaum, Pierre Neyron, Olivier Richard


Discovering Application-Level Insider Attacks Using Symbolic Execution.

Karthik Pattabiraman, Nithin Nakka, Zbigniew Kalbarczyk, Ravishankar K. Iyer


Identification and Authentication II

Custom JPEG Quantization for Improved Iris Recognition Accuracy.

Gerald Stefan Kostmajer, Herbert Stögner, Andreas Uhl


On the IPP Properties of Reed-Solomon Codes.

Marcel Fernandez, Josep Cotrina Navau, Miguel Soriano, Neus Domingo


A Generic Authentication LoA Derivation Model.

Li Yao, Ning Zhang


Applications of Cryptography and Information Hiding

Media-Break Resistant eSignatures in eGovernment: An Austrian Experience.

Herbert Leitold, Reinhard Posch, Thomas Rössler


How to Bootstrap Security for Ad-Hoc Network: Revisited.

Wook Shin, Carl A. Gunter, Shinsaku Kiyomoto, Kazuhide Fukushima, Toshiaki Tanaka


Steganalysis of Hydan.

Jorge Blasco Alís, Julio César Hernández Castro, Juan M. Estévez-Tapiador, Arturo Ribagorda, Miguel A. Orellana-Quiros


Trusted Computing

On the Impossibility of Detecting Virtual Machine Monitors.

Shay Gueron, Jean-Pierre Seifert


Implementation of a Trusted Ticket System.

Andreas Leicher, Nicolai Kuntze, Andreas U. Schmidt


Security Policies

A Policy Based Approach for the Management of Web Browser Resources to Prevent Anonymity Attacks in Tor.

Guillermo Navarro-Arribas, Joaquín García-Alfaro


A Policy Language for Modelling Recommendations.

Anas Abou El Kalam, Philippe Balbiani


Validation, Verification, Evaluation

On the Security Validation of Integrated Security Solutions.

Andreas Fuchs, Sigrid Gürgens, Carsten Rudolph


Verification of Security Policy Enforcement in Enterprise Systems.

Puneet Gupta, Scott D. Stoller


Optimization of the Controlled Evaluation of Closed Relational Queries.

Joachim Biskup, Jan-Hendrik Lochner, Sebastian Sonntag


Privacy Protection - Security Assessment

Collaborative Privacy - A Community-Based Privacy Infrastructure.

Jan Kolter, Thomas Kernchen, Günther Pernul


Security and Privacy Improvements for the Belgian eID Technology.

Pieter Verhaeghe, Jorn Lapon, Bart De Decker, Vincent Naessens, Kristof Verslype


A Structured Security Assessment Methodology for Manufacturers of Critical Infrastructure Components.

Thomas Brandstetter, Konstantin Knorr, Ute Rosenbaum


Role Mining and Content Protection

Mining Stable Roles in RBAC.

Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, Nino Vincenzo Verde


Privacy-Preserving Content-Based Publish/Subscribe Networks.

Abdullatif Shikfa, Melek Önen, Refik Molva


Broadcast Encryption for Differently Privileged.

Hongxia Jin, Jeffery Lotspiech


Ontology-Based Secure XML Content Distribution.

Mohammad Ashiqur Rahaman, Yves Roudier, Philip Miseldine, Andreas Schaad


Security Protocols

NGBPA Next Generation BotNet Protocol Analysis.

Felix Leder, Peter Martini


Non-repudiation Analysis with LySa.

Mayla Brusò, Agostino Cortesi


A Provably Secure Secret Handshake with Dynamic Controlled Matching.

Alessandro Sorniotti, Refik Molva


Towards a Theory of White-Box Security.

Amir Herzberg, Haya Shulman, Amitabh Saxena, Bruno Crispo


Access Control

On a Taxonomy of Delegation.

Quan Pham, Jason Reid, Adrian McCullagh, Ed Dawson


Efficient Key Management for Enforcing Access Control in Outsourced Scenarios.

Carlo Blundo, Stelvio Cimato, Sabrina De Capitani di Vimercati, Alfredo De Santis, Sara Foresti, Stefano Paraboschi, Pierangela Samarati


A Probabilistic Bound on the Basic Role Mining Problem and Its Applications.

Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, Nino Vincenzo Verde


Automating Access Control Logics in Simple Type Theory with LEO-II.

Christoph Benzmüller


Internet and Web Applications Security

In Law We Trust? Trusted Computing and Legal Responsibility for Internet Security.

Yianna Danidou, Burkhard Schafer


Persona: Network Layer Anonymity and Accountability for Next Generation Internet.

Yannis Mallios, Sudeep Modi, Aditya Agarwala, Christina Johns


Jason: A Scalable Reputation System for the Semantic Web.

Sandra Steinbrecher, Stephan Groß, Markus Meichau


Which Web Browsers Process SSL Certificates in a Standardized Way?

Ahmad Samer Wazan, Romain Laborde, David W. Chadwick, François Barrère, Abdelmalek Benzekri