Ebook: Information Security Management, Education and Privacy: IFIP 18th World Computer Congress TC11 19th International Information Security Workshops 22–27 August 2004 Toulouse, France
- Tags: Management of Computing and Information Systems
- Series: IFIP International Federation for Information Processing 148
- Year: 2004
- Publisher: Springer US
- Edition: 1
- Language: English
- pdf
This volume gathers the papers presented at three workshops that are embedded in the IFIP/Sec Conference in 2004, to enlighten specific topics that are currently particularly active in Security. The first one is the 10th IFIP Annual Working Conference on Information Security Management. It is organized by the IFIP WG 11. 1, which is itself dedicated to Information Security Management, i. e. , not only to the practical implementation of new security technology issued from recent research and development, but also and mostly to the improvement of security practice in all organizations, from multinational corporations to small enterprises. Methods and techniques are developed to increase personal awareness and education in security, analyze and manage risks, identify security policies, evaluate and certify products, processes and systems. Matt Warren, from Deakin University, Australia, who is the current Chair of WG 11. 1, acted as the Program Chair. The second workshop is organized by the IFIP WG 11. 8, dedicated to Information Security Education. This workshop is a follow-up of three issues of the World Conference on Information Security Education (WISE) that were also organized by WG 11. 8. The first WISE was organized by Louise Yngstrom in 1999 in Stockholm, and the next one, WISE’4, will be held in Moscow, Russia, 18-20 May 2005. This year, the workshop is aimed at developing a first draft of an international doctorate program allowing a specialization in IT Security.
This volume contains the papers presented at three workshops embedded in the 19th IFIP International Conference on Information Security (SEC2004), which was sponsored by the International Federation for Information Processing (IFIP) and held in August 2004 as a co-located conference of the 18th IFIP World Computer Congress in Toulouse, France.
The first workshop was organized by IFIP Working Group 11.1, which is itself dedicated to Information Security Management, i.e., not only to the practical implementation of new security technology issued from recent research and development, but also and mostly to the improvement of security practice in all organizations, from multinational corporations to small enterprises. Methods and techniques are developed to increase personal awareness and education in security, analyze and manage risks, identify security policies, evaluate and certify products, processes and systems.
The second workshop was organized by IFIP Working Group 11.8, dedicated to Information Security Education. This year, the workshop was aimed at developing a first draft of an international doctorate program allowing a specialization in IT Security. The draft is based upon selected papers from individuals or groups (from academic, military and government organizations), and discussions at the workshop. This draft will be further refined and eventually published as an IFIP Report. Finally, the last workshop was organized by IFIP Working Group 11.4 on Network Security. The purpose of the workshop was to bring together privacy and anonymity experts from around the world to discuss recent advances and new perspectives on these topics that are increasingly important aspects in electronic services, especially in advanced distributed applications, such as m-commerce, agent-based systems, P2P, etc. The carefully selected papers gathered in this volume show the richness of the information security domain, as well as the liveliness of the working groups cooperating in the IFIP Technical Committee 11 on Security and Protection in Information Processing Systems.
Information Security Management, Education and Privacy is essential reading for scholars, researchers, and practitioners interested in keeping pace with the ever-growing field of information security.
This volume contains the papers presented at three workshops embedded in the 19th IFIP International Conference on Information Security (SEC2004), which was sponsored by the International Federation for Information Processing (IFIP) and held in August 2004 as a co-located conference of the 18th IFIP World Computer Congress in Toulouse, France.
The first workshop was organized by IFIP Working Group 11.1, which is itself dedicated to Information Security Management, i.e., not only to the practical implementation of new security technology issued from recent research and development, but also and mostly to the improvement of security practice in all organizations, from multinational corporations to small enterprises. Methods and techniques are developed to increase personal awareness and education in security, analyze and manage risks, identify security policies, evaluate and certify products, processes and systems.
The second workshop was organized by IFIP Working Group 11.8, dedicated to Information Security Education. This year, the workshop was aimed at developing a first draft of an international doctorate program allowing a specialization in IT Security. The draft is based upon selected papers from individuals or groups (from academic, military and government organizations), and discussions at the workshop. This draft will be further refined and eventually published as an IFIP Report. Finally, the last workshop was organized by IFIP Working Group 11.4 on Network Security. The purpose of the workshop was to bring together privacy and anonymity experts from around the world to discuss recent advances and new perspectives on these topics that are increasingly important aspects in electronic services, especially in advanced distributed applications, such as m-commerce, agent-based systems, P2P, etc. The carefully selected papers gathered in this volume show the richness of the information security domain, as well as the liveliness of the working groups cooperating in the IFIP Technical Committee 11 on Security and Protection in Information Processing Systems.
Information Security Management, Education and Privacy is essential reading for scholars, researchers, and practitioners interested in keeping pace with the ever-growing field of information security.
Content:
Front Matter....Pages i-xiii
Corporate Information Security Education....Pages 3-18
Towards Corporate Information Security Obedience....Pages 19-31
CIIP-RAM- A Security Risk Analysis Methodology for Critical Information Infrastructure Protection....Pages 33-49
A Framework for Role-Based Monitoring of Insider Misuse....Pages 51-65
Update/Patch Management Systems....Pages 67-80
Investigating a Smart Technology....Pages 81-98
Laboratory Support for Information Security Education....Pages 101-116
An Holistic Approach to an International Doctoral Program....Pages 117-132
A New Paradigm for Information Security Education at Doctoral Level....Pages 133-140
Highly Qualified Information Security Personnel Training in Russia....Pages 141-146
Doctor of Philosophy: It Security....Pages 147-152
Doctoral Programme on ICS Security at the University of the Aegean....Pages 153-158
An International Security Education Perspective....Pages 159-165
DO Military Forces Need Ph.D.’s?....Pages 165-172
A Doctoral Program with Specialization in Information Security....Pages 173-180
A Security Model for Anonymous Credential Systems....Pages 183-199
Private Information Storage with Logarithmic-Space Secure Hardware....Pages 201-216
Taxonomy of Mixes and Dummy Traffic....Pages 217-232
Identity Management for Self-Portrayal....Pages 233-247
Privacy Preserving Online Reputation Systems....Pages 249-264
A Risk-Driven Approach to Designing Privacy-Enhanced Secure Applications....Pages 265-280
Privacy-Invasive Software in Filesharing Tools....Pages 281-296
Infusing Privacy Norms in DRM....Pages 297-312
This volume contains the papers presented at three workshops embedded in the 19th IFIP International Conference on Information Security (SEC2004), which was sponsored by the International Federation for Information Processing (IFIP) and held in August 2004 as a co-located conference of the 18th IFIP World Computer Congress in Toulouse, France.
The first workshop was organized by IFIP Working Group 11.1, which is itself dedicated to Information Security Management, i.e., not only to the practical implementation of new security technology issued from recent research and development, but also and mostly to the improvement of security practice in all organizations, from multinational corporations to small enterprises. Methods and techniques are developed to increase personal awareness and education in security, analyze and manage risks, identify security policies, evaluate and certify products, processes and systems.
The second workshop was organized by IFIP Working Group 11.8, dedicated to Information Security Education. This year, the workshop was aimed at developing a first draft of an international doctorate program allowing a specialization in IT Security. The draft is based upon selected papers from individuals or groups (from academic, military and government organizations), and discussions at the workshop. This draft will be further refined and eventually published as an IFIP Report. Finally, the last workshop was organized by IFIP Working Group 11.4 on Network Security. The purpose of the workshop was to bring together privacy and anonymity experts from around the world to discuss recent advances and new perspectives on these topics that are increasingly important aspects in electronic services, especially in advanced distributed applications, such as m-commerce, agent-based systems, P2P, etc. The carefully selected papers gathered in this volume show the richness of the information security domain, as well as the liveliness of the working groups cooperating in the IFIP Technical Committee 11 on Security and Protection in Information Processing Systems.
Information Security Management, Education and Privacy is essential reading for scholars, researchers, and practitioners interested in keeping pace with the ever-growing field of information security.
Content:
Front Matter....Pages i-xiii
Corporate Information Security Education....Pages 3-18
Towards Corporate Information Security Obedience....Pages 19-31
CIIP-RAM- A Security Risk Analysis Methodology for Critical Information Infrastructure Protection....Pages 33-49
A Framework for Role-Based Monitoring of Insider Misuse....Pages 51-65
Update/Patch Management Systems....Pages 67-80
Investigating a Smart Technology....Pages 81-98
Laboratory Support for Information Security Education....Pages 101-116
An Holistic Approach to an International Doctoral Program....Pages 117-132
A New Paradigm for Information Security Education at Doctoral Level....Pages 133-140
Highly Qualified Information Security Personnel Training in Russia....Pages 141-146
Doctor of Philosophy: It Security....Pages 147-152
Doctoral Programme on ICS Security at the University of the Aegean....Pages 153-158
An International Security Education Perspective....Pages 159-165
DO Military Forces Need Ph.D.’s?....Pages 165-172
A Doctoral Program with Specialization in Information Security....Pages 173-180
A Security Model for Anonymous Credential Systems....Pages 183-199
Private Information Storage with Logarithmic-Space Secure Hardware....Pages 201-216
Taxonomy of Mixes and Dummy Traffic....Pages 217-232
Identity Management for Self-Portrayal....Pages 233-247
Privacy Preserving Online Reputation Systems....Pages 249-264
A Risk-Driven Approach to Designing Privacy-Enhanced Secure Applications....Pages 265-280
Privacy-Invasive Software in Filesharing Tools....Pages 281-296
Infusing Privacy Norms in DRM....Pages 297-312
....