Security, Privacy, and Trust in Modern Data Management

1. Front Matter

   Pages I-XVIII

   PDF

2. Introduction

   1. Front Matter

      Pages 1-1

      PDF

   2. Privacy and Security Issues in a Digital World

      • Milan Petković, Willem Jonker

      Pages 3-10

   3. Privacy in the Law

      • Jeroen Terstegge

      Pages 11-20

   4. Ethical Aspects of Information Security and Privacy

      • Philip Brey

      Pages 21-36

3. Data and System Security

   1. Front Matter

      Pages 37-37

      PDF

   2. Authorization and Access Control

      • Sabrina De Capitani di Vimercati, Sara Foresti, Pierangela Samarati

      Pages 39-53

   3. Role-Based Access Control

      • Sylvia L. Osborn

      Pages 55-70

   4. XML Security

      • Claudio A. Ardagna, Ernesto Damiani, Sabrina De Capitani di Vimercati, Pierangela Samarati

      Pages 71-86

   5. Database Security

      • Elisa Bertino, Ji-Won Byun, Ashish Kamra

      Pages 87-101

   6. Trust Management

      • Claudio A. Ardagna, Ernesto Damiani, Sabrina De Capitani di Vimercati, Sara Foresti, Pierangela Samarati

      Pages 103-117

   7. Trusted Platforms

      • Klaus Kursawe

      Pages 119-131

   8. Strong Authentication with Physical Unclonable Functions

      • Pim Tuyls, Boris Škorić

      Pages 133-148

4. Privacy Enhancing

   1. Front Matter

      Pages 149-149

      PDF

   2. Privacy-Preserving Data Mining

      • Ljiljana Brankovic, Md. Zahidul Islam, Helen Giggins

      Pages 151-165

   3. Statistical Database Security

      • Ljiljana Brankovic, Helen Giggins

      Pages 167-181

   4. Different Search Strategies on Encrypted Data Compared

      • Richard Brinkman

      Pages 183-196

   5. Client-Server Trade-Offs in Secure Computation

      • Berry Schoenmakers, Pim Tuyls

      Pages 197-211

   6. Federated Identity Management

      • Jan Camenisch, Birgit Pfitzmann

      Pages 213-238

   7. Accountable Anonymous Communication

      • Claudia Diaz, Bart Preneel

      Pages 239-253

Advances in information and communication technologies continue to p- vide new means of conducting remote transactions. Services facilitated by these technologies are spreading increasingly into our commercial and private spheres. For many people, these services have changed the way they work, communicate, shop, arrange travel, etc. Remote transactions, however, may also open possibilities for fraud and other types of misuse. Hence, the requi- ment to authorize transactions may arise. Authorization may in turn call for some kind of user authentication. When users have to provide personal inf- mation to access services, they literally leave a part of their life on record. As the number of sites where such records are left increases, so does the d- ger of misuse. So-called identity theft has become a pervasive problem, and a general feeling of unease and lack of trust may dissuade people from using the services on o?er. This,inanutshell,isoneofthemajorchallengesinsecurityengineering- day. How to provide servicesto individuals securelywithout making undue - cursions into their privacy at the same time. Decisions on the limits of privacy intrusions – or privacy protection, for that matter – are ultimately political decisions. Research can de?ne the design space in which service providers and regulators may try to ?nd acceptable tradeo?s between security and privacy.

• Access
• access control
• ambient intelligence
• authentication
• data mining
• data security
• database
• identity management
• information
• information security
• privacy
• radio-frequency identification (RFID)
• security
• ubiquitous computing
• watermarking

• Philips Research Europe, Eindhoven, The Netherlands

  Milan Petković

• Philips Research Europe, Philips Research / Twente University, Eindhoven, The Netherlands

  Willem Jonker

Milan Petkovic is a senior scientist in the ISS group (Information and System Security) at the Philips Research in Eindhoven, the Netherlands. Among his research interests are information security, secure content management, privacy protection, multimedia information retrieval, and database systems.

Willem Jonker is currently department head of the Information and System Security department at Philips Research. In addition, he is a part-time full professor of computer science at Twente University. Among his research interest are secure data management, DRM, copyright protection, secure databases, distributed applications, and content management.

Policies and ethics