Information Systems Security

The 1st InternationalConference on Information Systems Security (ICISS 2005) was held December 19 21, 2005 at Jadavpur University, Kolkata, India. The objectives of the conference were to discuss in depth the current state of the research and practice in information systems security, enable participants to bene?tfrompersonalcontactwithotherresearchersandexpandtheirknowledge, and disseminate the research results. This volumecontains 4 invitedpapers,19refereedpapersthat werepresented at the conference, and 5 ongoing project summaries. The refereed papers, which were selected from the 72 submissions, were rigorouslyreviewed by the Program Committee members. The volume provides researcherswith a broad perspective of recent developments in information systems security. A special note of thanks goes to the many volunteers whose e?orts made this conference a success. We wish to thank Prem Chand, Ernesto Damiani, Patrick McDaniel, R. Sekar, and Vijay Varadharajan for agreeing to deliver the invited talks, the authors for their worthy contributions, and the referees for their time and e?ort in reviewing the papers. We are grateful to Arun Majumdar and Aditya Bagchi for serving as the General Chairs. Last, but certainly not least, our thanks go to Vijay Kowtha of the U.S. O?ce ofNaval ResearchGlobal and MichaelCheetham of the INDO-US Science & Technology Forum for providing the generous ?nancial support.

Inhalt
Authorization and Trust Enhanced Security for Distributed Applications.- Toward Exploiting Location-Based and Video Information in Negotiated Access Control Policies.- Understanding Mutable Internet Pathogens, or How I Learned to Stop Worrying and Love Parasitic Behavior.- Building India as the Destination for Secure Software Development Next Wave of Opportunities for the ICT Industry.- Auditable Anonymous Delegation.- A Robust Double Auction Protocol Based on a Hybrid Trust Model.- VTrust: A Trust Management System Based on a Vector Model of Trust.- Analysis and Modelling of Trust in Distributed Information Systems.- EPAL Based Privacy Enforcement Using ECA Rules.- An Attribute Graph Based Approach to Map Local Access Control Policies to Credential Based Access Control Policies.- Protection of Relationships in XML Documents with the XML-BB Model.- EISA An Enterprise Application Security Solution for Databases.- Event Detection in Multilevel Secure Active Databases.- Key Management for Multicast Fingerprinting.- A Key Reshuffling Scheme for Wireless Sensor Networks.- CCMEA: Customized Cellular Message Encryption Algorithm for Wireless Networks.- A Hybrid Design of Key Pre-distribution Scheme for Wireless Sensor Networks.- Detecting ARP Spoofing: An Active Technique.- Episode Based Masquerade Detection.- A Game-Theoretic Approach to Credit Card Fraud Detection.- Modifications of SHA-0 to Prevent Attacks.- How to Solve Key Escrow and Identity Revocation in Identity-Based Encryption Schemes.- On Broadcast Encryption with Random Key Pre-distribution Schemes.- A Framework for Examining Skill Specialization, Gender Inequity, and Career Advancement in the Information Security Field.- SPEAR: Design of a Secured Peer-to-Peer Architecture.- A Web-Enabled EnterpriseSecurity Management Framework Based on a Unified Model of Enterprise Information System Security.- Development of a Comprehensive Intrusion Detection System Challenges and Approaches.- A Transparent End-to-End Security Solution.