Trusted Information

1. Front Matter

   Pages i-xiv

   PDF

2. eSociety

   1. PyTHIA: Towards Anonymity in Authentication

      • Dimitris Gritzalis, Kostantinos Moulinos, John Iliadis, Costas Lambrinoudakis, Steven Xarhoulacos

      Pages 1-17

   2. Certificate Based PKI and B2B E-Commerce: Suitable Match or Not?

      • Kok Ming Ang, William J. Caelli

      Pages 19-34

   3. Internet Anonymity: Problems and Solutions

      • Claudia Eckert, Alexander Pircher

      Pages 35-50

3. TTP Management and PKI

   1. Reducing Certificate Revocation Cost using NPKI

      • Albert Levi, Cetin Kaya Koç

      Pages 51-59

   2. The Need and Practice of User Authentication and TTP Services in Distributed Health Information Systems

      • Bernd Blobel, Peter Pharow

      Pages 61-76

4. Smart Card

   1. Is the Performance of Smart Card Crytographic Functions the Real Bottleneck?

      • Konstantinos Markantonakis

      Pages 77-91

   2. Modelling Audit Security for Smart-Card Payment Schemes with UML-Sec

      • Jan Jürjens

      Pages 93-107

5. Security Protocols

   1. Strong Forward Security

      • Mike Burmester, Vassilios Chrissikopoulos, Panayiotis Kotzanikolaou, Emmanouil Magkos

      Pages 109-121

   2. Secret Sharing and Visual Cryptography Schemes

      • Annalisa De Bonis, Alfredo De Santis

      Pages 123-137

   3. A Two-level Time-Stamping System

      • Alban Gabillon, Jungsoo Byun

      Pages 139-149

   4. Security Analysis of the Cliques Protocols Suites: First Results

      • O. Pereira, J-J. Quisquater

      Pages 151-166

6. Secure Workflow Environment

   1. A Secure Workflow System for Dynamic Collaboration

      • Joon S. Park, Myong H. Kang, Judith N. Froscher

      Pages 167-181

   2. On Securely Scheduling a Meeting

      • Thomas Herlea, Joris Claessens, Bart Preneel, Gregory Neven, Frank Piessens, Bart De Decker

      Pages 183-198

   3. Modeling and Analyzing Separation of Duties in Workflow Environments

      • Konstantin Knorr, Henrik Stormer

      Pages 199-212

7. Secure Group Communications

   1. Group Security Association (GSA) Management in IP Multicast

      • Thomas Hardjono, Mark Baugher, Hugh Harney

      Pages 213-228

   2. Communication-Efficient Group Key Agreement

      • Yongdae Kim, Adrian Perrig, Gene Tsudik

      Pages 229-244

8. Security Policies

   1. Going Beyond MAC and DAC Using Mobile Policies

      • Amgad Fayad, Sushil Jajodia, Don Faatz, Vinti Doshi

      Pages 245-260

   2. An Access Control Model for Data Archives

      • P. Bonatti, E. Damiani, S. De Capitani di Vimercati, P. Samarati

      Pages 261-276

9. Risk Management

   1. Checklist-Based Risk Analysis with Evidential Reasoning

      • Sungbaek Cho, Zbigniew Ciechanowicz

      Pages 277-292

Since the early eighties IFIP/Sec has been an important rendezvous for Information Technology researchers and specialists involved in all aspects of IT security. The explosive growth of the Web is now faced with the formidable challenge of providing trusted information. IFIP/Sec’01 is the first of this decade (and century) and it will be devoted to “Trusted Information - the New Decade Challenge” This proceedings are divided in eleven parts related to the conference program. Session are dedicated to technologies: Security Protocols, Smart Card, Network Security and Intrusion Detection, Trusted Platforms. Others sessions are devoted to application like eSociety, TTP Management and PKI, Secure Workflow Environment, Secure Group Communications, and on the deployment of applications: Risk Management, Security Policies andTrusted System Design and Management. The year 2001 is a double anniversary. First, fifteen years ago, the first IFIP/Sec was held in France (IFIP/Sec’86, Monte-Carlo) and 2001 is also the anniversary of smart card technology. Smart cards emerged some twenty years ago as an innovation and have now become pervasive information devices used for highly distributed secure applications. These cards let millions of people carry a highly secure device that can represent them on a variety of networks. To conclude, we hope that the rich “menu” of conference papers for this IFIP/Sec conference will provide valuable insights and encourage specialists to pursue their work in trusted information.

• Analysis
• Audit
• B2B
• E-Commerce
• IT security
• communication
• cryptography
• data security
• distributed systems
• information
• information processing
• information system
• management
• modeling

• SGDN/DCSSI/CERTA, France

  Michel Dupuy

• Gemplus Labs, France

  Pierre Paradinas

Policies and ethics