Pierangela Samarati Books

This book constitutes the refereed proceedings of the 29th Annual IFIP WG 11.3 International Working Conference on Data and Applications Security and Privacy, DBSec 2015, held in Fairfax, VA, USA, in July 2015. The 18 revised full papers and 6 short papers presented were carefully reviewed and selected from 45 submissions. The papers are organized in the following topical sections: data anonymization and computation; access control and authorization; user privacy; authentication and information integration; privacy and trust; access control and usage policies; network and internet security; and information flow and inference.

These proceedings contain the papers selected for presentation at the 4th Wo- shop on Information Security Theory and Practice (WISTP 2010), held during April 12-14, 2010 in Passau, Germany. In response to the call for papers, 69 papers were submitted to the wo- shop. These papers were evaluated on the basis of their signi?cance, novelty, and technicalquality. Eachpaper was reviewedby four members of the Program Committee. Reviewing was double-blind meaning that the Program Committee was not able to see the names and a?liations of the authors, and the authors were not told which committee members reviewed which papers. The Program Committee meeting was held electronically, holding intensive discussions over a periodoftwo weeks.Of the papers submitted, 20 full papersand 10shortpapers were selected for presentation at the workshop. This workshop was sponsored by Vodaphone, who also provided a best - per award. We would like to thank this organization for their support, which helped make this workshop possible. Their continued support helps to reduce registration fees and make WISTP a continuing success. WISTP 2010 was also organized in cooperation with the International - sociation for Cryptologic Research (IACR), the IFIP WG 11.2 Pervasive S- tems Security, and ACM SIGSAC. Their support has signi?cantly contributed to raising the pro?le of WISTP, which is re?ected in the number of high-quality submissions that we received.

This book constitutes the refereed proceedings of the 12th International Conference on Information Security Conference, ISC 2009, held in Pisa, Italy, September 7-9, 2009. The 29 revised full papers and 9 revised short papers presented were carefully reviewed and selected from 105 submissions. The papers are organized in topical sections on analysis techniques, hash functions, database security and biometrics, algebraic attacks and proxy re-encryption, distributed system security, identity management and authentication, applied cryptography, access control, MAC and nonces, and P2P and Web services.

This work explores various advanced topics in security and privacy, presenting innovative frameworks and methodologies. It discusses dynamic constraints within flexible authorization systems and introduces access-control mechanisms tailored for XML databases. The text delves into the algebra of enterprise privacy policy composition and examines the GDOI protocol's vulnerabilities and defenses. It highlights enhancements in privacy for trusted computing platforms and provides a cryptographically sound security proof for the Otway-Rees protocol. Anonymity and onion routing are formally analyzed, alongside techniques for breaking JPEG steganography using statistical methods. The work compares practical mix designs and proposes signature bouquets for aggregated signatures' immutability. It advances the theory of data entanglement and presents portable document access control mechanisms. The discussion includes possibilistic information flow control amid encrypted communication and revisits information flow control principles. Security property-based controls are examined, and a vector model of trust is proposed for trustworthy systems. Key distribution mechanisms for wireless sensor networks are combinatorially designed, and strategies to hinder eavesdropping via IPv6 encryption are detailed. The text addresses the significance of key schedules in cipher attacks, introduces a public-key encryption scheme with pseudo-random ciphe