Titel: Database and Application Security XV
IFIP TC11 / WG11. 3 Fifteenth Annual Working Conference on Database and Application Security July 15-18, 2001, Niagara on the Lake, Ontario, Canada.
'International Federation for Information Processing (IFIP)'.
Herausgegeben von Martin S. Olivier, David L. Spooner
30. April 2002 - gebunden - 348 Seiten
Database and Application Security XV provides a forum for original research results, practical experiences, and innovative ideas in database and application security. With the rapid growth of large databases and the application systems that manage them, security issues have become a primary concern in business, industry, government and society. These concerns are compounded by the expanding use of the Internet and wireless communication technologies.
This volume covers a wide variety of topics related to security and privacy of information in systems and applications, including:
Access control models;
Role and constraint-based access control;
Information warfare and intrusion detection;
New application areas including XML.
Database and Application Security XV contains papers, keynote addresses, and panel discussions from the Fifteenth Annual Working Conference on Database and Application Security, organized by the International Federation for Information Processing (IFIP) Working Group 11.3 and held July 15-18, 2001 in Niagara on the Lake, Ontario, Canada.
Part I: Keynote address. Recent Advances in Access Control Models; S. Jajodia, D. Wijesekera.
Part II: Role and Constraint-Based Access Control. Role-based Access Control on the Web Using LDAP; J.S. Park, Gail-Joon Ahn, R. Sandhu. Constraints-based Access Control; Wee Yeh Tan. Secure Role-Based Workflow Models; S. Kandala, R. Sandhu.
Part III: Distributed Systems. Subject Switching Algorithms for Access Control in Federated Databases; J. Yang, D. Wijesekera, S. Jajodia. Efficient Damage Assessment and Repair in Resilient Distributed Database Systems; Peng Liu, Xu Hao.Administering Permissions for Distributed Data: Factoring and Automated Inference; A. Rosenthal, E. Sciore. State-Dependent Security Decisions for Distributed Object-Systems; J. Biskup, T. Leineweber.
Part IV: Information Warfare and Intrusion Detection. Reorganization of Database Log for Information Warfare Data Recovery; R. Sobhan, B. Panda. Randomly Roving Agents For Intrusion Detection; I.S. Moskowitz, Myong H. Kang, Li Wu Chang, G.E. Longdon. Public Telephone Network Vulnerabilities; G. Lorenz, J. Keller, G. Manes, J. Hale, S. Shenoi.
Part V: Relational Databases. Flexible Security Policies in SQL; S. Barker, A. Rosenthal. The Inference Problem and Updates in Relational Databases; C. Farkas, T.S. Toland, C.M. Eastman. Managing Classified Documents in a Relational Database; A. Spalka.
Part VI: Implementation Issues. A Comparison Between ConSA and Current Linux Security Implementations; A. Hardy, M.S. Olivier. A Novel Approach to Certificate Revocation Management; R. Mukkamala, S. Jajodia. ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications; P. Luenam, Peng Liu.
Part VII: Multilevel Systems. An Extended Transaction Model Approach for Multilevel Secure Transaction Processing; V. Atluri, R. Mukkamala. Maintaining the Confidentiality of Interoperable Databases with a Multilevel Federated Security System; M. Oliva, F. Saltor.
Part VIII: New Application Areas. Security Procedures for Classification Mining Algorithms; T. Johnsten, V.V. Raghavan. Regulating Access to XML documents; A. Gabillon, E. Bruno.
Part IX: Panel and discussion. Panel on XML and Security; S. Osborn, B. Thuraisingham, P. Samarati. Selected Summary of Discussions; D.L. Spooner, M.S. Olivier.