基本説明
Topics: Information Security Management; Standards of Information Security; Threats and Attacks to Information; and more.
Full Description
Recent advances in technology and new software applications are steadily transforming human civilization into what is called the Information Society. This is manifested by the new terminology appearing in our daily activities. E-Business, E-Government, E-Learning, E-Contracting, and E-Voting are just a few of the ever-growing list of new terms that are shaping the Information Society. Nonetheless, as "Information" gains more prominence in our society, the task of securing it against all forms of threats becomes a vital and crucial undertaking.
Addressing the various security issues confronting our new Information Society, this volume is divided into 13 parts covering the following topics:
Information Security Management;
Standards of Information Security;
Threats and Attacks to Information;
Education and Curriculum for Information Security;
Social and Ethical Aspects of Information Security;
Information Security Services;
Multilateral Security;
Applications of Information Security;
Infrastructure for Information Security
Advanced Topics in Security;
Legislation for Information Security;
Modeling and Analysis for Information Security;
Tools for Information Security.
Security in the Information Society: Visions and Perspectives comprises the proceedings of the 17th International Conference on Information Security (SEC2002), which was sponsored by the International Federation for Information Processing (IFIP), and jointly organized by IFIP Technical Committee 11 and the Department of Electronics and Electrical Communications of Cairo University. The conference was held in May 2002 in Cairo, Egypt.
Contents
One Information Security Management.- 1. The Effective Implementation of Information Security in Organizations.- 2. A Practical Approach to Information Security Awareness in the Organization.- 3. RBAC Policies in XML for X.509 Based Privilege Management.- 4. A Top-Down Approach Towards Translating Organizational Security Policy Directives to System Audit Configuration.- 5. Elaborating Quantitative Approaches for IT Security Evaluation.- Two Standards of Information Security.- 6. A Security Evaluation Criteria for Baseline Security Standards.- 7. Maturity Criteria for Developing Secure IS and SW: Limits, and Prospects.- 8. For a Secure Mobile IP and Mobile IPv6 Deployment.- Three Threats and Attacks to Information.- 9. Addressing Internet Security Vulnerabilities: A Benchmarking Study.- 10. The Threat From Within — An Analysis of Attacks on an Internal Network.- 11. Security Vulnerabilities in Event-Driven Systems.- 12. Denial of Service: Another Example.- 13. A Detection Scheme for the SK Virus.- Four Education and Curriculum for Information Security.- 14. An Information Security Curriculum in Finland.- Five Social and Ethical Aspects of Information Security.- 15. Information Security Culture: The Socio-Cultural Dimension in Information Security Management.- 16. Information Security Culture.- Six Information Security Services.- 17. Keystroke Analysis as a Method of Advanced User Authentication and Response.- 18. Zero Knowledge Broadcasting Identification Scheme.- 19. A New End-to-End Authentication Protocol for Mobile Users to Access Internet Services.- 20. Mandatory Security Policies for CORBA Security Model.- 21. Policap-Proposal, Development and Evaluation of a Policy Service and Capabilities for CORBA Security.- 22. Secure Database Connectivity on the WWW.- 23.Towards Semantic Integrity in Rational Database.- 24. Formal Design of Packet Filtering Systems.- 25. Elliptic Curve Cryptosystems on Smart Cards.- Seven Multilateral Security.- 26. Establishing Bilateral Anonymous Communication in Open Networks.- Eight Applications of Information Security.- 27. BRITS-A Holistic Framework for Hedging Shareholder Value in IT Dependent Business.- 28. Information Systems Security and the Information Systems Development Project: Towards a Framework for Their Integration.- 29. An Efficient Hybrid Sealed Bid Auction Protocol.- 30. Self-Determination in Mobile Internet: PiMI Prototype Results.- 31. Secure Component Distribution Using WebCom.- 32. E-Ticket Issuing System with 3-D Pattern Recognition for Mobile Terminals.- 33. An Insight Into User Privacy and Accountable Anonymity for Mobile E-Commerce Transactions.- Nine Infrastructure for Information Security.- 34. Secure Selective Exclusion in Ad Hoc Wireless Network.- Ten Advanced Topics in Security.- 35. Optical Network Models for Quantum Cryptography.- Eleven Legislation for Information Security.- 36. A Unified Regulatory Framework on a European Information Society: Suggested Building Levels.- 37. Revisiting Legal and Regulatory Requirements for Secure E-Voting.- Twelve Modeling and Analysis for Information Security.- 38. A Security Incident Data Model.- 39. Security Levels for Contracting Agents.- 40. Functional Requirements for a Secure Electronic Voting System.- 41. Intelligent IP Packet Filtering.- Thirteen Tools for Information Security.- 42. Human Computer Interaction: An Information Security Perspectives.- 43. A Very Smart Card for Fighting Against Terrorism.- 44. SHEDEL — A Simple Hierarchical Event Description Language for Specifying Attack Signatures.- 45. PropagatingModifications to Mobile Policies.- Author Index.
