Data and Applications Security XXI

1. Front Matter

   PDF

2. Secure Query Evaluation

   1. Confidentiality Policies for Controlled Query Evaluation

      • Joachim Biskup, Torben Weibert

      Pages 1-13

   2. Provably-Secure Schemes for Basic Query Support in Outsourced Databases

      • Georgios Amanatidis, Alexandra Boldyreva, Adam O’Neill

      Pages 14-30

   3. Authenticated Relational Tables and Authenticated Skip Lists

      • Giuseppe Di Battista, Bernardo Palazzi

      Pages 31-46

3. Location-Based Security/Mobile Security

   1. Location Privacy Protection Through Obfuscation-Based Techniques

      • C. A. Ardagna, M. Cremonini, E. Damiani, S. De Capitani di Vimercati, P. Samarati

      Pages 47-60

   2. Efficient Security Policy Enforcement in a Location Based Service Environment

      • Vijayalakshmi Atluri, Heechang Shin

      Pages 61-76

   3. Reliable Delivery of Event Data from Sensors to Actuators in Pervasive Computing Environments

      • Sudip Chakraborty, Nayot Poolsappasit, Indrajit Ray

      Pages 77-92

4. Short Papers

   1. Privacy-Preserving Schema Matching Using Mutual Information

      • Isabel F. Cruz, Roberto Tamassia, Danfeng Yao

      Pages 93-94

   2. The Interval Revocation Scheme for Broadcasting Messages to Stateless Receivers

      • Anna Zych, Milan Petković, Willem Jonker

      Pages 95-97

5. Distributed Security Issues

   1. Measuring the Overall Security of Network Configurations Using Attack Graphs

      • Lingyu Wang, Anoop Singhal, Sushil Jajodia

      Pages 98-112

   2. Enforcing Honesty in Assured Information Sharing Within a Distributed System

      • Ryan Layfield, Murat Kantarcioglu, Bhavani Thuraisingham

      Pages 113-128

   3. A Privacy-Enhanced Attribute-Based Access Control System

      • Jan Kolter, Rolf Schillinger, Günther Pernul

      Pages 129-143

6. Cryptographic-Based Security

   1. A Scalable and Secure Cryptographic Service

      • Shouhuai Xu, Ravi Sandhu

      Pages 144-160

   2. gVault: A Gmail Based Cryptographic Network File System

      • Ravi Chandra Jammalamadaka, Roberto Gamboni, Sharad Mehrotra, Kent E. Seamons, Nalini Venkatasubramanian

      Pages 161-176

   3. Design and Analysis of Querying Encrypted Data in Relational Databases

      • Mustafa Canim, Murat Kantarcioglu

      Pages 177-194

7. Temporal Access Control and Usage Control

   1. Dynamic Event-Based Access Control as Term Rewriting

      • Clara Bertolissi, Maribel Fernández, Steve Barker

      Pages 195-210

   2. A Spatio-temporal Role-Based Access Control Model

      • Indrakshi Ray, Manachai Toahchoodee

      Pages 211-226

   3. Towards a Times-Based Usage Control Model

      • Baoxian Zhao, Ravi Sandhu, Xinwen Zhang, Xiaolin Qin

      Pages 227-242

8. System Security Issues

   1. New Paradigm of Inference Control with Trusted Computing

      • Yanjiang Yang, Yingjiu Li, Robert H. Deng

      Pages 243-258

   2. Security Patterns for Physical Access Control Systems

      • Eduardo B. Fernandez, Jose Ballesteros, Ana C. Desouza-Doucet, Maria M. Larrondo-Petrie

      Pages 259-274

This volume contains the papers presented at the 21st Annual IFIP WG 11.3 Conference on Data and Applications Security (DBSEC) held July 8–11 in - dondo Beach, California, USA. The purpose of the DBSEC conference is to disseminate original research results and experience reports in data and app- cations security. In response to the call for papers, 44 submissions were received. Following a rigorousreviewingprocess,18high-qualitypaperswereacceptedforpresentation and publication. In addition, two short papers were selected for poster pres- tation. The conference program also included one invited talk and one panel discussion. We believe that the program includes a balanced mix of practical experiences and theoretical results that consolidate existing work and suggest emerging areas of interest for researchers in data and applications security. The continued success of the DBSEC conference is due to the e?orts of many individuals. We would like to thank all of the researchers that submitted - pers to DBSEC for consideration, and the Program Committee members and additional reviewers for making the review process fair and thorough, and for providing valuable suggestions on each submission. We are also indebted to the invited speakers and panelists for their contributions to the success of the c- ference.

• Information
• Trusted Computing
• auditing
• configuration
• cryptography
• data security
• database security
• distributed systems
• inference control
• integrity maintenance
• privacy
• secu
• security
• security assessment
• security protocol
• algorithm analysis and problem complexity

Policies and ethics