IFIP TC6 Open Digital Library

23. DBSec 2009: Montreal, Canada

Data and Applications Security XXIII, 23rd Annual IFIP WG 11.3 Working Conference, Montreal, Canada, July 12-15, 2009. Proceedings

Ehud Gudes, Jaideep Vaidya

Springer, Lecture Notes in Computer Science 5645, ISBN: 978-3-642-03006-2



Contents

Database Security I

Controlled Query Evaluation and Inference-Free View Updates.

Joachim Biskup, Jens Seiler, Torben Weibert

 1-16

Implementing Reflective Access Control in SQL.

Lars E. Olson, Carl A. Gunter, William R. Cook, Marianne Winslett

 17-32

Security Policies

An Approach to Security Policy Configuration Using Semantic Threat Graphs.

Simon N. Foley, William M. Fitzgerald

 33-48

Reaction Policy Model Based on Dynamic Organizations and Threat Context.

Fabien Autrel, Nora Cuppens-Boulahia, Frédéric Cuppens

 49-64

Towards System Integrity Protection with Graph-Based Policy Analysis.

Wenjuan Xu, Xinwen Zhang, Gail-Joon Ahn

 65-80

Privacy I

Practical Private DNA String Searching and Matching through Efficient Oblivious Automata Evaluation.

Keith B. Frikken

 81-94

Privacy-Preserving Telemonitoring for eHealth.

Mohamed Layouni, Kristof Verslype, Mehmet Tahir Sandikkaya, Bart De Decker, Hans Vangheluwe

 95-110

Intrusion Detection and Protocols

Analysis of Data Dependency Based Intrusion Detection System.

Yermek Nugmanov, Brajendra Panda, Yi Hu

 111-125

Secure Method Calls by Instrumenting Bytecode with Aspects.

Xiaofeng Yang, Mohammad Zulkernine

 126-141

Access Control

Distributed Privilege Enforcement in PACS.

Christoph Sturm, Ela Hunt, Marc H. Scholl

 142-158

Spatiotemporal Access Control Enforcement under Uncertain Location Estimates.

Heechang Shin, Vijayalakshmi Atluri

 159-174

Using Edit Automata for Rewriting-Based Security Enforcement.

Hakima Ould-Slimane, Mohamed Mejri, Kamel Adi

 175-190

Privacy II

Distributed Anonymization: Achieving Privacy for Both Data Subjects and Data Providers.

Pawel Jurczyk, Li Xiong

 191-207

Detecting Inference Channels in Private Multimedia Data via Social Networks.

Bechara al Bouna, Richard Chbeir

 208-224

Database Security II

Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients.

Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati

 225-239

Data Is Key: Introducing the Data-Based Access Control Paradigm.

Wolter Pieters, Qiang Tang

 240-251

Trusted Computing

Improving Cut-and-Choose in Verifiable Encryption and Fair Exchange Protocols Using Trusted Computing Technology.

Stephen R. Tate, Roopa Vishwanathan

 252-267

PAES: Policy-Based Authority Evaluation Scheme.

Enrico Scalavino, Vaibhav Gowadia, Emil C. Lupu

 268-282

Short Papers

Emerging Trends in Health Care Delivery: Towards Collaborative Security for NIST RBAC.

Solomon Berhe, Steven A. Demurjian, Thomas Agresta

 283-290

Methods for Computing Trust and Reputation While Preserving Privacy.

Ehud Gudes, Nurit Gal-Oz, Alon Grubshtein

 291-298

Building an Application Data Behavior Model for Intrusion Detection.

Olivier Sarrouy, Eric Totel, Bernard Jouga

 299-306

A Trust-Based Access Control Model for Pervasive Computing Applications.

Manachai Toahchoodee, Ramadan Abdunabi, Indrakshi Ray, Indrajit Ray

 307-314