Cover image for Security and privacy in dynamic environments : proceedings of the IFIP TC-11 21st International Information Security Conference (SEC 2006), 22-24 May 2006, Karlstad, Sweden
Security and privacy in dynamic environments : proceedings of the IFIP TC-11 21st International Information Security Conference (SEC 2006), 22-24 May 2006, Karlstad, Sweden
Publication Information:
New York, NY : Springer, 2006
Physical Description:
xvi, 494 p. : ill. ; 25 cm.
Added Author:


Item Barcode
Call Number
Material Type
Item Category 1
30000010139632 QA76.9.A25 S429 2006 Open Access Book Proceedings, Conference, Workshop etc.

On Order



This book contains the Proceedings of the 21st IFIP TC-11 International Information Security Conference (IFIP/SEC 2006) on "Security and Privacy in Dynamic Environments". The papers presented here place a special emphasis on Privacy and Privacy Enhancing Technologies. Further topics addressed include security in mobile and ad hoc networks, access control for dynamic environments, new forms of attacks, security awareness, intrusion detection, and network forensics.

Table of Contents

Inger Anne TøndelGeorge Yee and Larry Korba and Ronggong SongJan Camenisch and Dieter Sommer and Roger ZimmermannZinaida Benenson and Felix C. Freiling and Ernest Hammerschmidt and Stefan Lucks and Lexi PimenidisPietro Michiardi and Refik MolvaHasnaa Moustafa and Gilles Bourdon and Yvon GourhantMarijke Coetzee and Jan EloffStephen Flowerday and Rossouw von SolmsBill Tsoumas and Panagiotis Papagiannakopoulos and Stelios Dritsas and Dimitris GritzalisVincent Naessens and Bart De DeckerSandra SteinbrecherJan CamenischDinei Florêncio and Cormac HerleyKameswari Kotapati and Peng Liu and Thomas F. LaPortaNils Gruschka and Norbert LuttenbergerThierry Sans and Frédéric Cuppens and Nora Cuppens-BoulahiaAndreas Mattas and Ioannins Mavridis and Iason PagkalosClaudio Agostino Ardagna and Ernesto Damiani and Sabrina De Capitani di Vimercati and Fulvio Frati and Pierangela SamaratiJianying Zhou and Jose A. Onieva and Javier LopezMichael Backes and Birgit PfitzmannKun Peng and Colin Boyd and Ed DawsonYacine Bouzida and Frédéric CuppensOleksiy Mazhelis and Seppo Puuronen and Mika RaentoXiaoxin Yin and William Yurcik and Adam SlagellAlmut Herzog and Nahid ShahmehriSteven Furnell and Adila Jusoh and Dimitris Katsabas and Paul DowlandThuy D. Nguyen and Cynthia E. IrvineRafael AccorsiHuafei Zhu and Tieyan Li and Feng BaoDarko Kirovski and Nebojsa Jojic and Paul RobertsMilan Petkovic and Claudine Conrado and Malik HammouteneYuri Demchenko and Leon Gommans and Cees de LaatMartin Gilje Jaatun and Inger Anne Tondel and Frederic Paint and Tor Hjalmar Johannessen and John Charles Francis and Claire DurantonChia Yuan Cho and Sin Yeung Lee and Chung Pheng Tan and Yong Tai TanMartin Karresand and Nahid ShahmehriAnthonie B. Ruighaver and Sean B. MaynardBenjamin D. Cone and Michael F. Thompson and Cynthia E. Irvine and Thuy D. NguyenOmar ZakariaJabiri Kuwe Bakari and Charles N. Tarimo and Christer Magnusson and Louise YngströmLynette Drevin and Hennie Kruger and Tjaart SteynRonald C. Dodge and Aaron J. FergusonJan CamenischFlorian KerschbaumSiani Pearson and Marco Casassa-MontGergely Tóth and Zoltán Hornák
Privacy and Privacy-Enhancing Technologies I
Improving Availability of Emergency Health Information without Sacrificing Patient Privacyp. 1
Ensuring Privacy for Buyer-Seller E-Commercep. 13
A General Certification Framework with Applications to Privacy-Enhancing Certificate Infrastructuresp. 25
Security in Mobile and Ad Hoc Networks
Authenticated Query Flooding in Sensor Networksp. 38
Identity Based Message Authentication for Dynamic Networksp. 50
Providing Authentication and Access Control in Vehicular Network Environmentp. 62
Trust and Security Management
A Framework for Web Services Trustp. 74
Trust: An Element of Securityp. 87
Security-by-Ontology: A Knowledge-Centric Approachp. 99
Privacy Enhancing Technologies II
A Methodology for Designing Controlled Anonymous Applicationsp. 111
Design Options for Privacy-Respecting Reputation Systems within Centralised Internet Communitiesp. 123
Protecting (Anonymous) Credentials with the Trusted Computing Group's Trusted Platform Modules V1.2p. 135
Attacks, Vulnerability Analysis, and Tools
Analysis and Improvement of Anti-Phishing Schemesp. 148
CAT - A Practical Graph & SDL Based Toolkit for Vulnerability Assessment of 3G Networksp. 158
Protecting Web Services from DOS Attacks by SOAP Message Validationp. 171
Access Control and Authentication I
A Flexible and Distributed Architecture to Enforce Dynamic Access Controlp. 183
A Paradigm for Dynamic and Decentralized Administration of Access Control in Workflow Applicationsp. 196
CAS++: An Open Source Single Sign-on Solution for Secure E-servicesp. 208
Security Protocols
A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Stepsp. 221
On the Cryptographic Key Secrecy of the Strengthened Yahalom Protocolp. 233
Sealed-Bid Micro Auctionsp. 246
Intrusion Detection
Detecting Known and Novel Network Intrusionsp. 258
Evaluating Classifiers for Mobile-Masquerader Detectionp. 271
VisFlowCluster-IP: Connectivity-Based Visual Clustering of Network Hostsp. 284
Usability and Awareness
A Usability Study of Security Policy Managementp. 296
Considering the Usability of End-User Security Softwarep. 307
Utilizing the Common Criteria for Advanced Student Research Projectsp. 317
Privacy Enhancing Technologies III
On the Relationship of Privacy and Secure Remote Logging in Dynamic Systemsp. 329
Privacy-Preserving Shared-Additive-Inverse Protocols and Their Applicationsp. 340
Access Control and Authentication II
Click Passwordsp. 351
Cryptographically Enforced Personalized Role-Based Access Controlp. 364
Access Control and Authentication III
Using VO Concept for Managing Dynamic Security Associationsp. 377
Secure Fast Handover in an Open Broadband Access Network using Kerberos-style Ticketsp. 389
Network Forensics on Packet Fingerprintsp. 401
Oscar - File Type Identification of Binary Data in Disk Clusters and RAM Pagesp. 413
IFIP WG 11.1/11.8 Security Culture Workshop
Organizational Security Culture: More Than Just an End-User Phenomenonp. 425
Cyber Security Training and Awareness Through Game Playp. 431
Internalisation of Information Security Culture amongst Employees through Basic Security Knowledgep. 437
Bridging the Gap between General Management and Technicians - A Case Study in ICT Securityp. 442
Value-Focused Assessment of Information Communication and Technology Security Awareness in an Academic Environmentp. 448
Using Phishing for User Email Security Awarenessp. 454
IFIP WG 11.4 I-NetSec'06 Workshop
Invited Talk: Anonymous Credentials: Opportunities and Challengesp. 460
Practical Private Regular Expression Matchingp. 461
A System for Privacy-Aware Resource Allocation and Data Processing in Dynamic Environmentsp. 471
The APROB-Channel: Adaptive Semi-Real-Time Anonymous Communicationp. 483
Author Indexp. 493