Titel: Data and Application Security
Developments and Directions.
HC runder Rücken kaschiert.
Herausgegeben von Klaus R. Dittrich, Zahir Tari, B. Thuraisingham
30. September 2001 - gebunden - 392 Seiten
New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society.
Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including: Electronic Commerce, XML and Web Security;
Workflow Security and Role-based Access Control;
Distributed Objects and Component Security;
Inference Problem, Data Mining and Intrusion Detection;
Language and SQL Security;
Security Architectures and Frameworks;
Federated and Distributed Systems Security;
Encryption, Authentication and Security Policies.
This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.
Preface. List of Contributors. 1. Keynote I: Protecting Information when Access is Granted for Collaboration; G. Wiederhold. 2. Author X: A Java-Based System for XML Data Protection; E. Bertino, M. Braun, S. Castano, E. Ferrari, M. Mesiti. 3. A Fair-Exchange E-Commerce Protocol with Automated Dispute Resolution; I. Ray, I. Ray, N. Narasimhamurthi. 4. XML Access Control Systems: A Component-Based Approach; E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati. 5. A Configurable Security Architecture Prototype; A.E Hardy, M.S. Olivier. 6. Distributed Policies for Data Management - Making Policies Mobile; S. Chapin, D. Faatz, S. Jajodia. 7. Security Architecture of the Multimedia Mediator; C. Altenschmidt, J. Biskup, Y. Karabulut. 8. Simulation and Analysis of Cryptographic Protocols; M. Papa, O. Bremer, S. Magill, J. Hale, S. Shenoi. 9. Authentic Third-Party Data Publication; P. Devanbu, M. Gertz, C. Martel, S.G. Stubblebine. 10. Protecting File Systems Against Corruption Using Checksums; D. Barbará, R. Goel, S. Jajodia. 11. Web Security and Privacy, Panel 1; B. Thuraisingham. 12. Keynote II: Coordinating Policy for Federated Applications; K. Moody. 13. Integrating Multilevel Security Policies in Multilevel Federated Database Systems; M. Oliva, F. Saltor. 14. Wrappers - A Mechanism to Support State-Based Authorization in Web Applications; M.S. Olivier, E. Gudes. 15. An Integrated Framework for Database Privacy Protection; LiWu Chang, I.S. Moskowitz. 16. Discovery ofMulti-level Security Policies; C. Yip Chung, M. Gertz, K. Levitt. 17. Protecting Deductive Databases from Unauthorized Retrievals; S. Barker. 18. Confidentiality vs Integrity in Secure Databases; A. Spalka, A.B. Cremers. 19. Extending SQL's Grant Operation to Limit Privileges; A. Rosenthal, E. Sciore. 20. Language Extensions for Programmable Security; J. Hale, R. Chandia, C. Campbell, M. Papa, S. Shenoi. 21. Protecting Privacy from Continuous High-Resolution Satellite Surveillance; Soon Ae Chun, V. Atluri. 22. Database Security Integration Using Role-Based Access Control; S. Osborn. 23. User Role-Based Security Model for a Distributed Environment; S. Demurjian, T.C. Ting, J. Balthazar, H. Ren, C. Phillips, P. Barr. 24. WorkFlow Analyzed for Security and Privacy in using Databases; W. Teepe, R. van de Riet, M.S. Olivier. 25. Identifying Security Holes in OLAP Applications; J. Steger, H. Günzel, A. Bauer. 26. Algorithms and Experience in Increasing the Intelligibility and Hygiene of Access Control in Large Organizations; M. Donner, D. Nochlin, D. Shasha, W. Walasek. 27. Database Security 2000; J.R. Campbell. 28. Declarative Semantics of Belief Queries in MLS Deductive Databases; H.M. Jamil. 29. Trust Management in Distributed Databases; J.B. Michael, L.T. Gaines. 30. Active Authorization as High-level Control; D. Cvrcek. 31. Conference Key Agreement Protocol using Oblivious Transfer; A. Moesriami Barmawi, S. Takada, N. Doi. 32. An Integration Model of Role-Based Access Control