Proceedings of the Ifip Tc 11 23rd International Information Security Conference: Ifip 20th World Computer Congress, Ifip SEC'08, September 7-10, 2008 (Hardcover, 2008)

Hiding in Groups: On the Expressiveness of Privacy Distributions.- Practical Privacy-Preserving Benchmarking.- Enhancing Privacy in Remote Data Classification.- Minimizing SSO Effort in Verifying SSL Anti-phishing Indicators.- Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks.- Collaborative architecture for malware detection and analysis.- Realizing Stateful Public Key Encryption in Wireless Sensor Network.- Establishing secure links in low-rate wireless personal area networks.- An Asynchronous Node Replication Attack in Wireless Sensor Networks.- A B Formal Framework for Security Developments in the Domain of Smart Card Applications.- An Implementation of a Privacy Enforcement Scheme based on the Java Security Framework using XACML Policies.- Negotiation of Prohibition: An Approach Based on Policy Rewriting.- An Integrity Lock Architecture for Supporting Distributed Authorizations in Database Federations.- Role Signatures for Access Control in Open Distributed Systems.- Policies and Security Aspects For Distributed Scientific Laboratories.- A Fuzzy Model for the Composition of Intrusion Detectors.- Investigating the problem of IDS false alarms: An experimental study using Snort.- User Session Modeling for Effective Application Intrusion Detection.- A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems.- Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs.- Behavioral Intrusion Detection Indicators.- Leveraging Lattices to Improve Role Mining.- A Parallelization Framework for Exact Knowledge Hiding in Transactional Databases.- Efficient Coalition Detection in Traitor Tracing.- SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned.- Detecting More SIP Attacks on VoIP Services by Combining Rule Matching and State Transition Models.- A Decentralized Bayesian Attack Detection Algorithm for Network Security.- An Operation-Based Metric for CPA Resistance.- YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems.- Adversary Modeling and Simulation in Cyber Warfare.- Interactive Selection of ISO 27001 Controls under Multiple Objectives.- Feasibility of Automated Information Security Compliance Auditing.- Software Licence Protection and Management for Organisations.- A Vulnerability Prioritization System Using A Fuzzy Risk Analysis Approach.- ASTRA : A Security Analysis Method Based on Asset Tracking.- A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack.- Portable User-Centric Identity Management.- Ubiquitous Privacy-Preserving Identity Managment.- Facilitating Privacy Related Decisions in Different Privacy Contexts on the Internet by Evaluating Trust in Recipients of Private Data.- Using Virtualization to Create and Deploy Computer Security Lab Exercises.- DigForNet: Digital Forensic in Networking.- A Live Digital Forensic system for Windows networks.- HoneyID : Unveiling Hidden Spywares by Generating Bogus Events.- A Security Protocol for Self-Organizing Data Storage.- Protecting Financial Institutions from Brute-Force Attacks.- Agency Theory: Can it be Used to Strengthen IT Governance?.- A new Accounting Mechanism for Modern and Future AAA Services.- A user survey on the sense of security, Anshin.- Multi-Layer Encryption for Multi-Level Access Control in Wireless Sensor Networks.- A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection.- Managing the lifecycle of XACML delegation policies in federated environments.- Assessing the Likelihood of Privacy Policy Compliance.- Classification features for detecting Server-side and Client-side Web attacks.