This book constitutes the refereed proceedings of the 23nd Annual IFIP WG 11. 3 Working Conference on Data and Applications Security held in Montreal, Canada, in July 2009.
The 18 revised full papers and 4 short papers were carefully reviewed and selected from 47 submissions. The papers are organized in topical sections on database security; security policies; privacy; intrusion detection and protocols; and trusted computing.
Inhaltsverzeichnis
Database Security I. - Controlled Query Evaluation and Inference-Free View Updates. - Implementing Reflective Access Control in SQL. - Security Policies. - An Approach to Security Policy Configuration Using Semantic Threat Graphs. - Reaction Policy Model Based on Dynamic Organizations and Threat Context. - Towards System Integrity Protection with Graph-Based Policy Analysis. - Privacy I. - Practical Private DNA String Searching and Matching through Efficient Oblivious Automata Evaluation. - Privacy-Preserving Telemonitoring for eHealth. - Intrusion Detection and Protocols. - Analysis of Data Dependency Based Intrusion Detection System. - Secure Method Calls by Instrumenting Bytecode with Aspects. - Access Control. - Distributed Privilege Enforcement in PACS. - Spatiotemporal Access Control Enforcement under Uncertain Location Estimates. - Using Edit Automata for Rewriting-Based Security Enforcement. - Privacy II. - Distributed Anonymization: Achieving Privacy for Both Data Subjects and Data Providers. - Detecting Inference Channels in Private Multimedia Data via Social Networks. - Database Security II. - Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients. - Data Is Key: Introducing the Data-Based Access Control Paradigm. - Trusted Computing. - Improving Cut-and-Choose in Verifiable Encryption and Fair Exchange Protocols Using Trusted Computing Technology. - PAES: Policy-Based Authority Evaluation Scheme. - Short Papers. - Emerging Trends in Health Care Delivery: Towards Collaborative Security for NIST RBAC. - Methods for Computing Trust and Reputation While Preserving Privacy. - Building an Application Data Behavior Model for Intrusion Detection. - A Trust-Based Access Control Model for Pervasive Computing Applications.