SEC 2007: Sandton, South Africa
New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC-11 22nd International Information Security Conference (SEC 2007), 14-16 May 2007, Sandton, South Africa
Hein S. Venter, Mariki M. Eloff, Les Labuschagne, Jan H. P. Eloff, Rossouw von Solms
Springer, IFIP 232, ISBN: 978-0-387-72366-2
Contents
Digital Forensics
FORSIGS: Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints.
John Haggerty, Mark John Taylor
1-12
Digital Forensic Readiness as a Component of Information Security Best Practice.
Talania Grobler, Buks Louwrens
13-24
Human-Computer Interaction I
Value creation and Return On Security Investments (ROSI).
Christer Magnusson, Josef Molvidsson, Sven Zetterqvist
25-35
Computer-Based Trust
Trust Evaluation for Web Applications based on Behavioral Analysis.
Luiz Fernando Rust C. Carmo, Breno G. de Oliveira, Augusto C. Braga
61-72
Information Security Management I
Improving the Information Security Model by using TFI.
Rose-Marie Åhlfeldt, Paolo Spagnoletti, Guttorm Sindre
73-84
Ontological Mapping of Common Criteria's Security Assurance Requirements.
Andreas Ekelhart, Stefan Fenz, Gernot Goluch, Edgar R. Weippl
85-95
Network Security I
Management of Exceptions on Access Control Policies.
Joaquín García-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia
97-108
Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols.
Tieyan Li, Guilin Wang
109-120
Information Security Management II
Exploratory survey on an Evaluation Model for a Sense of Security.
Natsuko Hikage, Yuko Murayama, Carl Hauser
121-132
Employees' Adherence to Information Security Policies: An Empirical Study.
Mikko T. Siponen, Seppo Pahnila, M. Adam Mahmood
133-144
Network Security II
Phishing in the Wireless: Implementation and Analysis.
Ivan Martinovic, Frank A. Zdarsky, Adam Bachorek, Christian Jung, Jens B. Schmitt
145-156
Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks.
Tyler Moore, Jolyon Clulow
157-168
Access Control I
A Credential-Based System for the Anonymous Delegation of Rights.
Liesje Demuynck, Bart De Decker, Wouter Joosen
169-180
Christian J. Eibl, Basie von Solms, Sigrid E. Schubert
181-192
Human-Computer Interaction II
Identity Theft - Empirical evidence from a Phishing Exercise.
Tjaart Steyn, Hennie A. Kruger, Lynette Drevin
193-203
A Practical Usability Evaluation of Security Features in End-User Applications.
Steven Furnell, Dimitris Katsabas, Paul Dowland, Fraser Reid
205-216
Intrusion Detection Systems
Personal Anomaly-based Intrusion Detection Smart Card Using Behavioural Analysis.
A. Maciej Rossudowski, Hein S. Venter, Jan H. P. Eloff
217-228
A Survey of Bots Used for Distributed Denial of Service Attacks.
Vrizlynn L. L. Thing, Morris Sloman, Naranker Dulay
229-240
Access Control II
A Hybrid PKI-IBC Based Ephemerizer System.
Srijith Krishnan Nair, Muhammad Torabi Dashti, Bruno Crispo, Andrew S. Tanenbaum
241-252
Keystroke Analysis for Thumb-based Keyboards on Mobile Devices.
Sevasti Karatzouni, Nathan L. Clarke
253-263
Information Privacy I
Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions.
Alapan Arnab, Andrew Hutchison
277-288
Access Control III
A Role-Based Architecture for Seamless Identity Management and Effective Task Separation.
Evangelos Kotsovinos, Ingo Friese, Martin Kurze, Jörg Heuer
289-300
Extending Role Based Access Control Model for Distributed Multidomain Applications.
Yuri Demchenko, Leon Gommans, Cees de Laat
301-312
Information Privacy II
A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy.
Claudio Agostino Ardagna, Marco Cremonini, Ernesto Damiani, Sabrina De Capitani di Vimercati, Pierangela Samarati
313-324
Enabling Privacy of Real-Life LBS.
Jan Zibuschka, Lothar Fritsch, Mike Radmacher, Tobias Scherner, Kai Rannenberg
325-336
Access Control IV
OPA: Onion Policy Administration Model - Another approach to manage rights in DRM.
Thierry Sans, Frédéric Cuppens, Nora Cuppens-Boulahia
349-360
Security Services
FirePatch: Secure and Time-Critical Dissemination of Software Patches.
Håvard D. Johansen, Dag Johansen, Robbert van Renesse
373-384
Access Control V
An Experimental Evaluation of Multi-Key Strategies for Data Outsourcing.
Ernesto Damiani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati
385-396
Building a Distributed Semantic-aware Security Architecture.
Jan Kolter, Rolf Schillinger, Günther Pernul
397-408
Trust and Intrusion Detection Systems
Using Trust to Resist Censorship in the Presence of Collusion.
Andriy Panchenko, Lexi Pimenidis
409-420
Evaluating the Effects of Model Generalization on Intrusion Detection Performance.
Zhuowei Li, Amitabha Das, Jianying Zhou
421-432
Keynote Paper
IFIP WG 9.6/11.7 - IT Misuse and the Law & the NoE "Future of Identity in the Information Society" (FIDIS) - Workshop on Security and Control of Identity in Society
Safeguarding Personal Data using Rights Management in Distributed Applications.
Adolf Hohl, Alf Zugenmaier
449-456
Identification Now and in the Future: Social Grant Distribution Process in South Africa.
Stephen Flowerday, Gideon Ranga
457-459
An analysis of security and privacy issues relating to RFID enabled ePassports.
Eleni Kosta, Martin Meints, Marit Hansen, Mark Gasson
467-472
IFIP WG 11.1/11.8 Workshop on Fostering Knowledge and SkUls for Manageable Information Security
Toward User Evaluation of IT Security Certification Schemes: A Preliminary Framework.
Nicholas Tate, Sharman Lichtenstein, Matthew J. Warren
473-478
Teaching of Information Security in the "Health Care and Nursing" Postgraduate program.
Tatjana Welzer, Marko Hölbl, Ana Habjanic, Bostjan Brumen, Marjan Druzovec
479-484
Remote Virtual Information Assurance Network.
Ronald C. Dodge, Corey Bertram, Daniel Ragsdale
485-490
Certifying the Computer Security Professional Using the Project Management Institute's PMP Model.
Kara L. Nance, Brian Hay
491-496