Data and Applications Security and Privacy XXIV

This book constitutes the proceedings of the 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, held in Rome Italy in June 2010. The 18 full and 11 short papers presented in this volume were carefully reviewed and selected from 61 submissions. The topics covered are query and data privacy; data protection; access control; data confidentiality and query verification; policy definition and enforcement; and trust and identity management.

Inhalt

Query and Data Privacy.- Generalizing PIR for Practical Private Retrieval of Public Data.- A Logic of Privacy.- Understanding Privacy Risk of Publishing Decision Trees.- Data Protection.- Secure Outsourcing of DNA Searching via Finite Automata.- A Labelling System for Derived Data Control.- On the Identification of Property Based Generalizations in Microdata Anonymization.- Access Control.- Role Mining in the Presence of Noise.- Distributed and Secure Access Control in P2P Databases.- Constructing Key Assignment Schemes from Chain Partitions.- Data Confidentiality and Query Verification.- fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality.- Efficient Inference Control for Open Relational Queries.- Query Racing: Fast Completeness Certification of Query Results.- Policy Definition and Enforcement.- Mining Likely Properties of Access Control Policies via Association Rule Mining.- Scalable and Efficient Reasoning for Enforcing Role-Based Access Control.- Enforcing Request Integrity in Web Applications.- Trust and Identity Management.- Using Trust-Based Information Aggregation for Predicting Security Level of Systems.- Modelling Dynamic Trust with Property Based Attestation in Trusted Platforms.- Towards Privacy-Enhancing Identity Management in Mashup-Providing Platforms.- Short Papers.- An Access Control Model for Web Databases.- Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems.- Evaluating the Risk of Adopting RBAC Roles.- Preserving Integrity and Confidentiality of a Directed Acyclic Graph Model of Provenance.- When ABE Meets RSS.- PriMan : A Privacy-Preserving Identity Framework.- Detecting Spam Bots in Online Social Networking Sites: A Machine Learning Approach.- Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach.- A Secure RFID Ticket System for Public Transport.- Performance Evaluation of Non-parallelizable Client Puzzles for Defeating DoS Attacks in Authentication Protocols.- Secure Location Verification.