Security in the Information Society: Visions and PerspectivesM. Adeeb Ghonaimy, Mahmoud T. El-Hadidi, Heba K. Aslan Springer Science & Business Media, 2002 M04 30 - 586 pages Recent advances in technology and new software applications are steadily transforming human civilization into what is called the Information Society. This is manifested by the new terminology appearing in our daily activities. E-Business, E-Government, E-Learning, E-Contracting, and E-Voting are just a few of the ever-growing list of new terms that are shaping the Information Society. Nonetheless, as "Information" gains more prominence in our society, the task of securing it against all forms of threats becomes a vital and crucial undertaking. Addressing the various security issues confronting our new Information Society, this volume is divided into 13 parts covering the following topics:
Security in the Information Society: Visions and Perspectives comprises the proceedings of the 17th International Conference on Information Security (SEC2002), which was sponsored by the International Federation for Information Processing (IFIP), and jointly organized by IFIP Technical Committee 11 and the Department of Electronics and Electrical Communications of Cairo University. The conference was held in May 2002 in Cairo, Egypt. This volume is essential reading for scholars, researchers, and practitioners interested in keeping pace with the ever-growing field of Information Security. |
Contents
THE EFFECTIVE IMPLEMENTATION OF INFORMATION SECURITY IN ORGANIZATIONS | 1 |
A PRACTICAL APPROACH TO INFORMATION SECURITY AWARENESS IN THE ORGANIZATION | 19 |
RBAC POLICIES IN XML FOR X509 BASED PRIVILEGE MANAGEMENT | 39 |
A TOPDOWN APPROACH TOWARDS TRANSLATING ORGANIZATIONAL SECURITY POLICY DIRECTIVES TO SYSTEM AUDIT CONFIG... | 55 |
ELABORATING QUANTITATIVE APPROACHES FOR IT SECURITY EVALUATION | 67 |
A SECURITY EVALUATION CRITERIA FOR BASELINE SECURITY STANDARDS | 79 |
MATURITY CRITERIA FOR DEVELOPING SECURE IS AND SW Limits and Prospects | 91 |
FOR A SECURE MOBILE IP AND MOBILE IPV6 DEPLOYMENT | 109 |
ELLIPTIC CURVE CRYPTOSYSTEMS ON SMART CARDS | 311 |
ESTABLISHING BILATERAL ANONYMOUS COMMUNICATION IN OPEN NETWORKS | 323 |
BRITSA HOLISTIC FRAMEWORK FOR HEDGING SHAREHOLDER VALUE IN IT DEPENDENT BUSINESS | 335 |
INFORMATION SYSTEMS SECURITY AND THE INFORMATION SYSTEMS DEVELOPMENT PROJECT Towards a framework for their integra... | 347 |
AN EFFICIENT HYBRID SEALED BID AUCTION PROTOCOL | 357 |
SELFDETERMINATION IN MOBILE INTERNET PiMI Prototype Results | 373 |
SECURE COMPONENT DISTRIBUTION USING WEBCOM | 387 |
ETICKET ISSUING SYSTEM WITH 3D PATTERN RECOGNITION FOR MOBILE TERMINALS | 399 |
ADDRESSING INTERNET SECURITY VULNERABILITIES A Benchmarking Study | 121 |
THE THREAT FROM WITHIN AN ANALYSIS OF ATTACKS ON AN INTERNAL NETWORK | 133 |
SECURITY VULNERABILITIES IN EVENTDRIVEN SYSTEMS | 147 |
DENIAL OF SERVICE ANOTHER EXAMPLE | 161 |
A DETECTION SCHEME FOR THE SK VIRUS | 171 |
AN INFORMATION SECURITY CURRICULUM IN FINLAND | 183 |
INFORMATION SECURITY CULTURE The SocioCultural Dimension in Information Security Management | 191 |
INFORMATION SECURITY CULTURE | 203 |
KEYSTROKE ANALYSIS AS A METHOD OF ADVANCED USER AUTHENTICATION AND RESPONSE | 215 |
ZERO KNOWLEDGE BROADCASTING IDENTIFICATION SCHEME | 227 |
A NEW ENDTOEND AUTHENTICATION PROTOCOL FOR MOBILE USERS TO ACCESS INTERNET SERVICES | 239 |
MANDATORY SECURITY POLICIES FOR CORBA SECURITY MODEL | 251 |
POLICAP PROPOSAL DEVELOPMENT AND EVALUATION OF A POLICY SERVICE AND CAPABILITIES FOR CORBA SECURITY | 263 |
SECURE DATABASE CONNECTIVITY ON THE WWW | 275 |
TOWARDS SEMANTIC INTEGRITY IN RELATIONAL DATABASES | 287 |
FORMAL DESIGN OF PACKET FILTERING SYSTEMS | 299 |
AN INSIGHT INTO USER PRIVACY AND ACCOUNTABLE ANONYMITY FOR MOBILE E COMMERCE TRANSACTIONS | 411 |
SECURE SELECTIVE EXCLUSION IN AD HOC WIRELESS NETWORK | 423 |
OPTICAL NETWORK MODELS FOR QUANTUM CRYPTOGRAPHY | 435 |
A UNIFIED REGULATORY FRAMEWORK ON A EUROPEAN INFORMATION SOCIETY SUGGESTED BUILDING LEVELS | 453 |
REVISITING LEGAL AND REGULATORY REQUIREMENTS FOR SECURE EVOTING | 469 |
A SECURITY INCIDENT DATA MODEL | 481 |
SECURITY LEVELS FOR CONTRACTING AGENTS | 495 |
FUNCTIONAL REQUIREMENTS FOR A SECURE ELECTRONIC VOTING SYSTEM | 507 |
INTELLIGENT IP PACKET FILTERING | 521 |
HUMAN COMPUTER INTERACTION AN INFORMATION SECURITY PERSPECTIVES | 535 |
A VERY SMART CARD FOR FIGHTING AGAINST TERRORISM | 547 |
SHEDEL A SIMPLE HIERARCHICAL EVENT DESCRIPTION LANGUAGE FOR SPECIFYING ATTACK SIGNATURES | 559 |
PROPAGATING MODIFICATIONS TO MOBILE POLICIES | 573 |
585 | |