Ebook: Data and Application Security: Developments and Directions

New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society.
Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including:

• Electronic Commerce, XML and Web Security;
• Workflow Security and Role-based Access Control;
• Distributed Objects and Component Security;
• Inference Problem, Data Mining and Intrusion Detection;
• Language and SQL Security;
• Security Architectures and Frameworks;
• Federated and Distributed Systems Security;
• Encryption, Authentication and Security Policies.

This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.

---

New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society.
Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including:

• Electronic Commerce, XML and Web Security;
• Workflow Security and Role-based Access Control;
• Distributed Objects and Component Security;
• Inference Problem, Data Mining and Intrusion Detection;
• Language and SQL Security;
• Security Architectures and Frameworks;
• Federated and Distributed Systems Security;
• Encryption, Authentication and Security Policies.

This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.

---

New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society.
Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including:

• Electronic Commerce, XML and Web Security;
• Workflow Security and Role-based Access Control;
• Distributed Objects and Component Security;
• Inference Problem, Data Mining and Intrusion Detection;
• Language and SQL Security;
• Security Architectures and Frameworks;
• Federated and Distributed Systems Security;
• Encryption, Authentication and Security Policies.

This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.
Content:
Front Matter....Pages i-xiv
Protecting Information when Access is Granted for Collaboration....Pages 1-14
Author-?: A Java-Based System For XML Data Protection....Pages 15-26
A Fair-Exchange E-Commerce Protocol With Automated Dispute Resolution....Pages 27-38
XML Access Control Systems: A Component-Based Approach....Pages 39-50
A Configurable Security Architecture Prototype....Pages 51-62
Distributed Policies for Data Management — Making Policies Mobile....Pages 63-75
Security Architecture of The Multimedia Mediator....Pages 77-88
Simulation And Analysis of Cryptographic Protocols....Pages 89-100
Authentic Third-Party Data Publication....Pages 101-112
Protecting File Systems Against Corruption Using Checksums....Pages 113-124
Web Security and Privacy....Pages 125-126
Coordinating Policy for Federated Applications....Pages 127-134
Integrating Multilevel Security Policies in Multilevel Federated Database Systems....Pages 135-147
Wrappers – A Mechanism to Support State-Based Authorization in Web Applications....Pages 149-160
An Integrated Framework for Database Privacy Protection....Pages 161-172
Discovery of Multi-Level Security Policies....Pages 173-184
Protecting Deductive Databases from Unauthorized Retrievals....Pages 185-196
Confidentiality vs Integrity in Secure Databases....Pages 197-208
Extending SQL’s Grant Operation to Limit Privileges....Pages 209-220
Language Extensions for Programmable Security....Pages 221-232
Protecting Privacy from Continuous High-Resolution Satellite Surveillance....Pages 233-244
Database Security Integration Using Role-Based Access Control....Pages 245-257
User Role-Based Security Model for a Distributed Environment....Pages 259-270
WorkFlow Analyzed for Security and Privacy in using Databases....Pages 271-282
Identifying Security Holes in OLAP Applications....Pages 283-294
Algorithms and Experience in Increasing the Intelligibility and Hygiene of Access Control in Large Organizations....Pages 295-316
Database Security 2000....Pages 317-321
Declarative Semantics of Belief Queries in Mls Deductive Databases....Pages 323-328
Trust Management in Distributed Databases....Pages 329-337
Active Authorization as High-level Control....Pages 339-345
Conference Key Agreement Protocol using Oblivious Transfer....Pages 347-353
An Integration Model of Role-Based Access Control and Activity-Based Access Control Using Task....Pages 355-360
Authorization Model in Object-Oriented Systems....Pages 361-366
Panel 2....Pages 367-371
Conference Summary....Pages 373-374
Back Matter....Pages 375-376

---

New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society.
Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including:

• Electronic Commerce, XML and Web Security;
• Workflow Security and Role-based Access Control;
• Distributed Objects and Component Security;
• Inference Problem, Data Mining and Intrusion Detection;
• Language and SQL Security;
• Security Architectures and Frameworks;
• Federated and Distributed Systems Security;
• Encryption, Authentication and Security Policies.

This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.
Content:
Front Matter....Pages i-xiv
Protecting Information when Access is Granted for Collaboration....Pages 1-14
Author-?: A Java-Based System For XML Data Protection....Pages 15-26
A Fair-Exchange E-Commerce Protocol With Automated Dispute Resolution....Pages 27-38
XML Access Control Systems: A Component-Based Approach....Pages 39-50
A Configurable Security Architecture Prototype....Pages 51-62
Distributed Policies for Data Management — Making Policies Mobile....Pages 63-75
Security Architecture of The Multimedia Mediator....Pages 77-88
Simulation And Analysis of Cryptographic Protocols....Pages 89-100
Authentic Third-Party Data Publication....Pages 101-112
Protecting File Systems Against Corruption Using Checksums....Pages 113-124
Web Security and Privacy....Pages 125-126
Coordinating Policy for Federated Applications....Pages 127-134
Integrating Multilevel Security Policies in Multilevel Federated Database Systems....Pages 135-147
Wrappers – A Mechanism to Support State-Based Authorization in Web Applications....Pages 149-160
An Integrated Framework for Database Privacy Protection....Pages 161-172
Discovery of Multi-Level Security Policies....Pages 173-184
Protecting Deductive Databases from Unauthorized Retrievals....Pages 185-196
Confidentiality vs Integrity in Secure Databases....Pages 197-208
Extending SQL’s Grant Operation to Limit Privileges....Pages 209-220
Language Extensions for Programmable Security....Pages 221-232
Protecting Privacy from Continuous High-Resolution Satellite Surveillance....Pages 233-244
Database Security Integration Using Role-Based Access Control....Pages 245-257
User Role-Based Security Model for a Distributed Environment....Pages 259-270
WorkFlow Analyzed for Security and Privacy in using Databases....Pages 271-282
Identifying Security Holes in OLAP Applications....Pages 283-294
Algorithms and Experience in Increasing the Intelligibility and Hygiene of Access Control in Large Organizations....Pages 295-316
Database Security 2000....Pages 317-321
Declarative Semantics of Belief Queries in Mls Deductive Databases....Pages 323-328
Trust Management in Distributed Databases....Pages 329-337
Active Authorization as High-level Control....Pages 339-345
Conference Key Agreement Protocol using Oblivious Transfer....Pages 347-353
An Integration Model of Role-Based Access Control and Activity-Based Access Control Using Task....Pages 355-360
Authorization Model in Object-Oriented Systems....Pages 361-366
Panel 2....Pages 367-371
Conference Summary....Pages 373-374
Back Matter....Pages 375-376
....