Security and Privacy in Dynamic Environments

1. Front Matter

   Pages I-XVI

   PDF

2. Privacy and Privacy-Enhancing Technologies I

   1. Improving Availability of Emergency Health Information without Sacrificing Patient Privacy

      • Inger Anne Tøndel

      Pages 1-12

   2. Ensuring Privacy for Buyer-Seller E-Commerce

      • George Yee, Larry Korba, Ronggong Song

      Pages 13-24

   3. A General Certification Framework with Applications to Privacy-Enhancing Certificate Infrastructures

      • Jan Camenisch, Dieter Sommer, Roger Zimmermann

      Pages 25-37

3. Security in Mobile and Ad Hoc Networks

   1. Authenticated Query Flooding in Sensor Networks

      • Zinaida Benenson, Felix C. Freiling, Ernest Hammerschmidt, Stefan Lucks, Lexi Pimenidis

      Pages 38-49

   2. Identity Based Message Authentication for Dynamic Networks

      • Pietro Michiardi, Refik Molva

      Pages 50-61

   3. Providing Authentication and Access Control in Vehicular Network Environment

      • Hasnaa Moustafa, Gilles Bourdon, Yvon Gourhant

      Pages 62-73

4. Trust and Security Management

   1. A Framework for Web Services Trust

      • Marijke Coetzee, Jan Eloff

      Pages 74-86

   2. Trust: An Element of Information Security

      • Stephen Flowerday, Rossouw von Solms

      Pages 87-98

   3. Security-by-Ontology: A Knowledge-Centric Approach

      • Bill Tsoumas, Panagiotis Papagiannakopoulos, Stelios Dritsas, Dimitris Gritzalis

      Pages 99-110

5. Privacy Enhancing Technologies II

   1. A Methodology for Designing Controlled Anonymous Applications

      • Vincent Naessens, Bart De Decker

      Pages 111-122

   2. Design Options for Privacy-Respecting Reputation Systems within Centralised Internet Communities

      • Sandra Steinbrecher

      Pages 123-134

   3. Protecting (Anonymous) Credentials with the Trusted Computing Group’s TPM V1.2

      • Jan Camenisch

      Pages 135-147

6. Attacks, Vulnerability Analysis, and Tools

   1. Analysis and Improvement of Anti-Phishing Schemes

      • Dinei Florêncio, Cormac Herley

      Pages 148-157

   2. CAT — A Practical Graph & SDL Based Toolkit for Vulnerability Assessment of 3G Networks

      • Kameswari Kotapati, Peng Liu, Thomas F. LaPorta

      Pages 158-170

   3. Protecting Web Services from DoS Attacks by SOAP Message Validation

      • Nils Gruschka, Norbert Luttenberger

      Pages 171-182

7. Access Control and Authentication I

   1. A Flexible and Distributed Architecture to Enforce Dynamic Access Control

      • Thierry Sans, Frédéric Cuppens, Nora Cuppens-Boulahia

      Pages 183-195

   2. A Paradigm for Dynamic and Decentralized Administration of Access Control in Workflow Applications

      • Andreas Mattas, Ioannins Mavridis, Iason Pagkalos

      Pages 196-207

   3. CAS++: An Open Source Single Sign-On Solution for Secure e-Services

      • Claudio Agostino Ardagna, Ernesto Damiani, Sabrina De Capitani di Vimercati, Fulvio Frati, Pierangela Samarati

      Pages 208-220

8. Security Protocols

   1. A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Steps

      • Jianying Zhou, Jose A. Onieva, Javier Lopez

      Pages 221-232

This book contains the Proceedings of the 21st IFIP TC-11 International Information Security Conference (IFIPISEC 2006) on "Security and Privacy in Dynamic Envir- ments" held in May 22-24 2006 in Karlstad, Sweden. The first IFIPISEC conference was arranged in May 1983 in Stockholm, Sweden, one year before TC- 1 1 was founded, with the active participation of the Swedish IT Security Community. The IFIPISEC conferences have since then become the flagship events of TC-11. We are very pleased that we succeeded with our bid to after 23 years hold the IFIPISEC conference again in Sweden. The IT environment now includes novel, dynamic approaches such as mobility, wearability, ubiquity, ad hoc use, mindhody orientation, and businesslmarket ori- tation. This modem environment challenges the whole information security research community to focus on interdisciplinary and holistic approaches whilst retaining the benefit of previous research efforts. Papers offering research contributions focusing on dynamic environments in addition to other aspects of computer security and privacy were solicited for submission to IFIPISEC 2006. We received 141 submissions which were all reviewed by at least three members of the international program committee.

• Information Technology (IT)
• Processing
• Web Services
• access control
• authentication
• control
• information security
• intrusion detection
• management
• networks
• organization
• privacy
• security protocols
• technology
• usability

• Karlstad University, Sweden

  Simone Fischer-Hübner, Stefan Lindskog

• Goethe University, Frankfurt, Germany

  Kai Rannenberg

• Stockholm University/Royal Institute of Technology, Sweden

  Louise Yngström

Policies and ethics