- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
This book contains the Proceedings of the 22nd IFIP TC-11 International Information Security Conference (IFIP/SEC 2007) on "New Approaches for Security, Privacy and Trust in Complex Environments" held in Sandton, South Africa from 14 to 16 May 2007. The IFIP/SEC conferences are the flagship events of TC-11. In May 1995 South Africa for the first time hosted an IFIP/SEC conference in Cape Town. Now, twelve years later, we are very pleased to have succeeded in our bid to once again present the IFIP/SEC conference in South Africa. The current IT environment deals with novel, complex approaches such as information privacy, trust, digital forensics, management, and human aspects. This modem environment challenges the whole information security research community to focus on interdisciplinary and holistic approaches, whilst retaining the benefit of previous research efforts. Papers offering research contributions that focus both on access control in complex environments and on other aspects of computer security and privacy were solicited for submission to IFIP/SEC 2007. A total of 107 submissions were received, which were all reviewed by at least three members of the international programme committee.
Contents
Digital Forensics.- FORSIGS: Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints.- Digital Forensic Readiness as a Component of Information Security Best Practice.- Human-Computer Interaction I.- Value creation and Return On Security Investments (ROSI).- Usability and Security of Personal Firewalls.- Computer-Based Trust.- Trusted Ticket Systems and Applications.- Trust Evaluation for Web Applications based on Behavioral Analysis.- Information Security Management I.- Improving the Information Security Model by using TFI.- Ontological Mapping of Common Criteria's Security Assurance Requirements.- Network Security I.- Management of Exceptions on Access Control Policies.- Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols.- Information Security Management II.- Exploratory survey on an Evaluation Model for a Sense of Security.- Employees' Adherence to Information Security Policies: An Empirical Study.- Network Security II.- Phishing in the Wireless: Implementation and Analysis.- Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks.- Access Control I.- A Credential-Based System for the Anonymous Delegation of Rights.- Development and Application of a Proxy Server for Transparently, Digitally Signing E-Learning Content.- Human-Computer Interaction II.- Identity Theft — Empirical evidence from a Phishing Exercise.- A Practical Usability Evaluation of Security Features in End-User Applications.- Intrusion Detection Systems.- Personal Anomaly-based Intrusion Detection Smart Card Using Behavioural Analysis.- A Survey of Bots Used for Distributed Denial of Service Attacks.- Access Control II.- A Hybrid PKI-IBC Based Ephemerizer System.- Keystroke Analysis for Thumb-based Keyboards on MobileDevices.- Information Privacy I.- Security Remarks on a Convertible Nominative Signature Scheme.- Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions.- Access Control III.- A Role-Based Architecture for Seamless Identity Management and Effective Task Separation.- Extending Role Based Access Control Model for Distributed Multidomain Applications.- Information Privacy II.- A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy.- Enabling Privacy of Real-Life LBS.- Access Control IV.- Crafting Web Counters into Covert Channels.- OPA: Onion Policy Administration Model — Another approach to manage rights in DRM.- Security Services.- Non-Repudiation in Internet Telephony.- FirePatch: Secure and Time-Critical Dissemination of Software Patches.- Access Control V.- An Experimental Evaluation of Multi-Key Strategies for Data Outsourcing.- Building a Distributed Semantic-aware Security Architecture.- Trust and Intrusion Detection Systems.- Using Trust to Resist Censorship in the Presence of Collusion.- Evaluating the Effects of Model Generalization on Intrusion Detection Performance.- Keynote paper.- Modernising MAC: New Forms for Mandatory Access Control in an Era of DRM.- IFIP WG 9.7/11.7 — IT Missue and the Law & the NoE "Future of Identity in the Information Society" (FIDIS) — Workshop on Security and Control of Identity in Society.- Covert Identity Information in Direct Anonymous Attestation (DAA).- Safeguarding Personal Data using Rights Management in Distributed Applications.- Identification Now and in the Future: Social Grant Distribution Process in South Africa.- Hard-drive Disposal and Identity Fraud.- An analysis of security and privacy issues relating to RFID enabled ePassports.- IFIF WG 11.1/11.8Workshop on Fostering Knowledge and Skills for Managable Information Security.- Toward User Evaluation of IT Security Certification Schemes: A Preliminary Framework.- Teaching of Information Security in the "Health Care and Nursing" Postgraduate program.- Remote Virtual Information Assurance Network.- Certifying the Computer Security Professional Using the Project Management Institute's PMP Model.
