Infrastructure Security

1. Front Matter

   Pages I-XI

   PDF

2. Biometrics

   1. Biometric Authentication in Infrastructure Security

      • John Armington, Purdy Ho, Paul Koznek, Richard Martinez

      Pages 1-18

   2. Denial of Access in Biometrics-Based Authentication Systems

      • Luciano Rila

      Pages 19-29

3. Identification, Authentication, and Process

   1. A Novel Approach to Proactive Password Checking

      • Carlo Blundo, Paolo D’Arco, Alfredo De Santis, Clemente Galdi

      Pages 30-39

   2. Single Sign-On Architectures

      • Jan De Clercq

      Pages 40-58

   3. Active Digital Credentials: Dynamic Provision of Up-to-Date Identity Information

      • Marco Casassa Mont, Richard Brown

      Pages 59-72

4. Analysis Process

   1. How to Buy Better Testing Using Competition to Get the Most Security and Robustness for Your Dollar

      • Stuart Schechter

      Pages 73-87

   2. Structured Risk Analysis

      • Neil McEvoy, Andrew Whitcombe

      Pages 88-103

   3. A Model Enabling Law Compliant Privacy Protection through the Selection and Evaluation of Appropriate Security Controls

      • E. S. Siougle, V. C. Zorkadis

      Pages 104-114

5. Mobile Networks

   1. Authentication and Authorization of Mobile Clients in Public Data Networks

      • Prakash Reddy, Venky Krishnan, Kan Zhang, Devaraj Das

      Pages 115-128

   2. A Contemporary Foreword on GSM Security

      • Paulo S. Pagliusi

      Pages 129-144

6. Vulnerability Assessment and Logs

   1. Vulnerability Assessment Simulation for Information Infrastructure Protection

      • HyungJong Kim, KyungHee Koh, DongHoon Shin, HongGeun Kim

      Pages 145-161

   2. Pseudonymizing Unix Log Files

      • Ulrich Flegel

      Pages 162-179

7. System Design

   1. DPS: An Architectural Style for Development of Secure Software

      • Pascal Fenkam, Harald Gall, Mehdi Jazayeri, Christopher Kruegel

      Pages 180-198

   2. A New Infrastructure for User Tracking Prevention and Privacy Protection in Internet Shopping

      • Matthias Enzmann, Thomas Kunz, Markus Schneider

      Pages 199-213

   3. Different Smartcard-Based Approaches to Physical Access Control

      • Óscar Cánovas, Antonio F. Gómez, Humberto Martínez, Gregorio Martínez

      Pages 214-226

8. Formal Methods

   1. Authenticity and Provability — A Formal Framework

      • Sigrid Gürgens, Peter Ochsenschläger, Carsten Rudolph

      Pages 227-245

   2. Protocol Engineering Applied to Formal Analysis of Security Systems

      • Javier Lopez, Juan J. Ortega, Jose M. Troya

      Pages 246-259

9. Cryptographic Techniques

   1. Applications of Multiple Trust Authorities in Pairing Based Cryptosystems

      • L. Chen, K. Harrison, D. Soldera, N. P. Smart

      Pages 260-275

   2. Plausible Deniability Using Automated Linguistic Stegonagraphy

      • Mark Chapman, George Davida2

      Pages 276-287

Infrastructure Security Conference 2002 (InfraSec 2002) was created to promote security research and the development of practical solutions in the security of infrastructures – both government and commercial – such as the effective prevention of, detection of, reporting of, response to and recovery from security incidents. The conference, sponsored by the Datacard Group and Hewlett-Packard Laboratories, was held on October 1–3, 2002. Organizational support was provided by the Center for Cryptography, Computer and Network Security Center at the University of Wisconsin- Milwaukee. Organizing a conference is a major undertaking requiring the efforts of many individuals. The Conference President, Graham Higgins (Datacard Group), oversaw all arrangements for the conference, and the General Chair, Susan Thompson (Datacard Group), oversaw the local organization and registration. Local arrangements were directed by Jan Ward (Hewlett-Packard Laboratories) and Jamie Wilson (Datacard Group). Financial arrangements were managed by Natalie Churchill (Hewlett-Packard Laboratories). We wish to thank the organizers, without whose support this conference would not have been possible. This conference program included two keynote speakers: Bob Evans (Office of the e-Envoy) and Vic Maconachy (Department of Defense). The program committee considered 44 submissions of which 23 papers were accepted. Each submitted paper was reviewed by a minimum of three referees. These proceedings contain revised versions of the accepted papers. Revisions were not checked and the authors bear full responsibility for the content of their papers.

• Authentication
• Information
• Internet
• authenticity
• authorization systems
• biometric identification
• biometrics
• communications protocols
• identity
• information infrastructure protection
• networks
• privacy
• risk analysis
• security architectures
• trust

• University of Wisconsin-Milwaukee, Milwaukee, USA

  George Davida

• TechTegrity LLC, Westfield, USA

  Yair Frankel

• Hewlett-Packard Laboratories, Bristol, UK

  Owen Rees

Policies and ethics