Information Systems Security

1. Front Matter

   PDF

2. Keynote Talks

   1. A Survey of Voice over IP Security Research

      • Angelos D. Keromytis

      Pages 1-17

   2. Security for a Smarter Planet

      • Nataraj Nagaratnam

      Pages 18-18

   3. The WOMBAT Attack Attribution Method: Some Results

      • Marc Dacier, Van-Hau Pham, Olivier Thonnard

      Pages 19-37

   4. Biometrics and Security

      • Venu Govindaraju

      Pages 38-38

3. Authentication

   1. Remote Electronic Voting with Revocable Anonymity

      • Matt Smart, Eike Ritter

      Pages 39-54

   2. On Secure Implementation of an IHE XUA-Based Protocol for Authenticating Healthcare Professionals

      • Massimiliano Masi, Rosario Pugliese, Francesco Tiezzi

      Pages 55-70

   3. On the Untraceability of Anonymous RFID Authentication Protocol with Constant Key-Lookup

      • Bing Liang, Yingjiu Li, Changshe Ma, Tieyan Li, Robert Deng

      Pages 71-85

4. Verification

   1. Biometric Identification over Encrypted Data Made Feasible

      • Michael Adjedj, Julien Bringer, Hervé Chabanne, Bruno Kindarji

      Pages 86-100

   2. Correcting and Improving the NP Proof for Cryptographic Protocol Insecurity

      • Zhiyao Liang, Rakesh M. Verma

      Pages 101-116

   3. Formal Verification of Security Policy Implementations in Enterprise Networks

      • P. Bera, S. K. Ghosh, Pallab Dasgupta

      Pages 117-131

5. Systems Security

   1. Making Peer-Assisted Content Distribution Robust to Collusion Using Bandwidth Puzzles

      • Michael K. Reiter, Vyas Sekar, Chad Spensky, Zhenghao Zhang

      Pages 132-147

   2. An E-Cash Based Implementation Model for Facilitating Anonymous Purchasing of Information Products

      • Zhen Zhang, K. H. (Kane) Kim, Myeong-Ho Kang, Tianran Zhou, Byung-Ho Chung, Shin-Hyo Kim et al.

      Pages 148-162

   3. DROP: Detecting Return-Oriented Programming Malicious Code

      • Ping Chen, Hai Xiao, Xiaobin Shen, Xinchun Yin, Bing Mao, Li Xie

      Pages 163-177

6. Behavior Analysis

   1. A Framework for Behavior-Based Malware Analysis in the Cloud

      • Lorenzo Martignoni, Roberto Paleari, Danilo Bruschi

      Pages 178-192

   2. BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

      • Vanessa Frias-Martinez, Salvatore J. Stolfo, Angelos D. Keromytis

      Pages 193-207

   3. Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders

      • Jonathan White, Brajendra Panda

      Pages 208-221

7. Database Security

   1. Database Relation Watermarking Resilient against Secondary Watermarking Attacks

      • Gaurav Gupta, Josef Pieprzyk

      Pages 222-236

   2. A Robust Damage Assessment Model for Corrupted Database Systems

      • Ge Fu, Hong Zhu, Yingjiu Li

      Pages 237-251

   3. A Generic Distortion Free Watermarking Technique for Relational Databases

      • Sukriti Bhattacharya, Agostino Cortesi

      Pages 252-264

The management of services and operations in today’s organizations are - coming increasingly dependent on their enterprise local area network (enterprise LAN). An enterprise LAN consists of a set of network zones (logical group of networkelements)correspondingto di?erent departments orsections,connected through various interface switches (typically, Layer-3 switches). The network service accesses between these zones and also with the external network (e. g. , Internet) are governed by a global network security policy of the organization. This global policy is de?ned as a collection of service access rules across various network zones where the services referred network applications conforming to TCP/IP protocol. For example, some of the known network services aressh, t- net,http etc. In reality, the security policy may be incompletely speci?ed; which explicitly states the “permit” and “deny” access rules between speci?c network zones keeping remaining service access paths as unspeci?ed. The global security policy is realized in the network by con?guring the n- work interfaces with appropriate sets of access control rules (ACLs). One of the major challenges in network security management is ensuring the conformation of the distributed security implementations with the global security policy.

• Radio-Frequency Identification (RFID)
• access control
• authentication
• authorization
• biometric
• biometrics
• complexity
• copyright protection
• cryptography
• intrusion detection
• network security
• networks
• privacy
• reversibility
• social networks

• Electrical Engineering and Computer Science Department, University of Michigan, Ann Arbor, USA

  Atul Prakash

• Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, India

  Indranil Sen Gupta