Research Directions in Data and Applications Security XVIII: IFIP TC 11/WG 11.3 Eighteenth Annual Conference on Data and Applications Security, July 25-28, 2004, Sitges, Catalonia, Spain, Vol. 18

Farkas C. (ed), Samarati P (en)1402081286

As Information Technology becomes a vital part of our everyday activities, ranging from personal use to government and defense applications, the need to develop high-assurance systems increases. Data and applications security and privacy are crucial elements in developing such systems. Research Directions in Data and Applications Security XVIII presents original unpublished research results, practical experiences, and innovative ideas in the field of data and applications security and privacy. Topics presented in this volume include:-Database theory; -Inference control;-Data protection techniques; -Distributed systems; -Access control models; -Security policy; -Design and management; -Privacy; -Network security. This book is the eighteenth volume in the series produced by the International Federation for Information Processing (IFIP) Working Group 11.3 on Data and Applications Security. It contains twenty-three papers and two invited talks that were presented at the Eighteenth Annual IFIP WG 11.3 Conference on Data and Applications Security, which was sponsored by IFIP and held in Sitges, Catalonia, Spain in July 2004.

---

Table of contents :
Team DDU……Page 1
Contents……Page 6
Preface……Page 10
Conference Organization……Page 11
Contributing Authors……Page 12
Invited Talk – Inference Control Problems in Statistical Database Query Systems……Page 14
Attribute Mutability in Usage Control……Page 28
Star-Tree: An Index Structure for Efficient Evaluation of Spatiotemporal Authorizations……Page 44
An Extended Analysis of Delegating Obligations Andreas Schaad……Page 62
Implementing Real-Time Update of Access Control Policies……Page 78
Defending Against Additive Attacks with Maximal Errors in Watermarking Relational Databases……Page 94
Performance-Conscious Key Management in Encrypted Databases……Page 108
Damage Discovery in Distributed Database Systems……Page 124
Information Flow Analysis for File Systems and Databases Using Labels……Page 138
Refusal in Incomplete Databases……Page 156
Why Is this User Asking so Many Questions?Explaining Sequences of Queries……Page 172
Invited Talk – Towards Semantics-Aware Access Control……Page 190
RBAC/MAC Security for UML……Page 202
Secure Bridges: A Means to Conduct Secure Teleconferences over Public Telephones……Page 218
Policy-based Security Management for Enterprise Systems……Page 232
A Pattern System for Access Control……Page 248
A Design for Parameterized Roles……Page 264
Efficient Verification of Delegation in Distributed Group Membership Management……Page 278
Web Resource Usage Control in RSCLP……Page 294
Securely Distributing Centralized Multimedia Content Utilizing Peer-to-Peer Cooperation……Page 308
On The Damage and Compensation of Privacy Leakage……Page 324
An Experimental Study of Distortion-Based Techniques for Association Rule Hiding……Page 338
Privacy-Preserving Multi-Party Decision Tree Induction……Page 354
Configuring Storage Area Networks for Mandatory Security……Page 370
A Framework for Trusted Wireless Sensor Networks……Page 384
Author Index……Page 398