Data and Applications Security XXII

1. Front Matter

   PDF

2. Access Control

   1. Dynamic Meta-level Access Control in SQL

      • Steve Barker

      Pages 1-16

   2. On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model

      • Manachai Toahchoodee, Indrakshi Ray

      Pages 17-32

3. Audit and Logging

   1. A Unified Audit Expression Model for Auditing SQL Queries

      • Vikram Goyal, S. K. Gupta, Anand Gupta

      Pages 33-47

   2. A New Approach to Secure Logging

      • Di Ma, Gene Tsudik

      Pages 48-63

4. Keynote

   1. Security, Functionality and Scale?

      • Ross Anderson

      Pages 64-64

5. Privacy I

   1. P4A: A New Privacy Model for XML

      • Angela C. Duta, Ken Barker

      Pages 65-80

   2. Privacy-Aware Collaborative Access Control in Web-Based Social Networks

      • Barbara Carminati, Elena Ferrari

      Pages 81-96

   3. A Privacy-Preserving Ticketing System

      • Kristof Verslype, Bart De Decker, Vincent Naessens, Girma Nigusse, Jorn Lapon, Pieter Verhaeghe

      Pages 97-112

   4. Systems Security

      1. The Analysis of Windows Vista Disk Encryption Algorithm

         • Mohamed Abo El-Fotouh, Klaus Diepold

         Pages 113-126

      2. Shared and Searchable Encrypted Data for Untrusted Servers

         • Changyu Dong, Giovanni Russello, Naranker Dulay

         Pages 127-143

      3. Secure Construction of Contingency Tables from Distributed Data

         • Haibing Lu, Xiaoyun He, Jaideep Vaidya, Nabil Adam

         Pages 144-157

   5. Invited Talk

      1. Web Services Security: Techniques and Challenges (Extended Abstract)

         • Anoop Singhal

         Pages 158-158

   6. Certificate Management

      1. Empirical Analysis of Certificate Revocation Lists

         • Daryl Walleck, Yingjiu Li, Shouhuai Xu

         Pages 159-174

      2. Using New Tools for Certificate Repositories Generation in MANETs

         • Candelaria Hernández-Goya, Pino Caballero-Gil, Oscar Delgado-Mohatar, Jezabel Molina-Gil, Cándido Caballero-Gil

         Pages 175-189

6. Privacy II

   1. Exclusive Strategy for Generalization Algorithms in Micro-data Disclosure

      • Lei Zhang, Lingyu Wang, Sushil Jajodia, Alexander Brodsky

      Pages 190-204

   2. Protecting the Publishing Identity in Multiple Tuples

      • Youdong Tao, Yunhai Tong, Shaohua Tan, Shiwei Tang, Dongqing Yang

      Pages 205-218

   3. Panel

      1. Panel Session: What Are the Key Challenges in Distributed Security?

         • Steve Barker, David Chadwick, Jason Crampton, Emil Lupu, Bhavani Thuraisingham

         Pages 219-221

   4. Trusted Computing Platforms

      1. On the Applicability of Trusted Computing in Distributed Authorization Using Web Services

         • Aarthi Nagarajan, Vijay Varadharajan, Michael Hitchens, Saurabh Arora

         Pages 222-237

      2. Sharing but Protecting Content Against Internal Leakage for Organisations

         • Muntaha Alawneh, Imad M. Abbadi

         Pages 238-253

This volume contains the papers presented at the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC) held in L- don, UK, July 13–16, 2008. This year’s working conference continued its tra- tion of being a forum for disseminating original research results and practical experiences in data and applications security. This year we had an excellent program that consists of 9 research paper s- sions with 22 high-quality research papers, which were selected from a total of 56 submissions after a rigorous reviewing process by the Program Committee members and external reviewers. These sessions included such topics as access control, privacy, auditing, systems security and data security in advanced app- cation domains. In addition, the programincluded a keynote address, an invited talk and a panel session. The success of this conference was a result of the e?orts of many people. I would like to extend my appreciation to the Program Committee members and external reviewers for their hard work. I would like to thank the General Chair, SteveBarker,fortakingcareoftheorganizationaspectsoftheconferenceandfor arranging the keynote address and the panel session. I would also like to thank Claudio Ardagna for serving as the Publicity Chair and for promptly updating the conference Web page, and Don Lokuadassuriyage for serving as the Local Arrangements Chair. Special thanks go to Alfred Hofmann, Editorial Director at Springer, for agreeing to include these conference proceedings in the Lecture Notes in Computer Science series.

• Access
• access control
• anonymity
• auditing
• authentication
• authorization
• concurrency control
• cryptography
• data publishing
• database security
• disk encryption
• dynamic analysis
• integrity maintenance
• pervasive computin
• security
• algorithm analysis and problem complexity

Policies and ethics