Security and Privacy in Dynamic Environments

1. Security Protocols

   1. On the Cryptographic Key Secrecy of the Strengthened Yahalom Protocol

      • Michael Backes, Birgit Pfitzmann

      Pages 233-245

   2. Sealed-Bid Micro Auctions

      • Kun Peng, Colin Boyd, Ed Dawson

      Pages 246-257

2. Intrusion Detection

   1. Detecting Known and Novel Network Intrusions

      • Yacine Bouzida, Frédéric Cuppens

      Pages 258-270

   2. Evaluating Classifiers for Mobile-Masquerader Detection

      • Oleksiy Mazhelis, Seppo Puuronen, Mika Raento

      Pages 271-283

   3. VisFlowCluster-IP: Connectivity-Based Visual Clustering of Network Hosts

      • Xiaoxin Yin, William Yurcik, Adam Slagell

      Pages 284-295

3. Usability and Awareness

   1. A Usability Study of Security Policy Management

      • Almut Herzog, Nahid Shahmehri

      Pages 296-306

   2. Considering the Usability of End-User Security Software

      • Steven Furnell, Adila Jusoh, Dimitris Katsabas, Paul Dowland

      Pages 307-316

   3. Utilizing the Common Criteria for Advanced Student Research Projects

      • Thuy D. Nguyen, Cynthia E. Irvine

      Pages 317-328

4. Privacy Enhancing Technologies III

   1. On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems

      • Rafael Accorsi

      Pages 329-339

   2. Privacy-Preserving Shared-Additive-Inverse Protocols and Their Applications

      • Huafei Zhu, Tieyan Li, Feng Bao

      Pages 340-350

5. Access Control and Authentication II

   1. Click Passwords

      • Darko Kirovski, Nebojša Jojić, Paul Roberts

      Pages 351-363

   2. Cryptographically Enforced Personalized Role-Based Access Control

      • Milan Petković, Claudine Conrado, Malik Hammoutène

      Pages 364-376

6. Access Control and Authentication III

   1. Using VO Concept for Managing Dynamic Security Associations

      • Yuri Demchenko, Leon Gommans, Cees de Laat

      Pages 377-388

   2. Secure Fast Handover in an Open Broadband Access Network using Kerberos-style Tickets

      • Martin Gilje Jaatun, Inger Anne Tøndel, Frédéric Paint, Tor Hjalmar Johannessen, John Charles Francis, Claire Duranton

      Pages 389-400

7. Forensics

   1. Network Forensics on Packet Fingerprints

      • Chia Yuan Cho, Sin Yeung Lee, Chung Pheng Tan, Yong Tai Tan

      Pages 401-412

   2. Oscar — File Type Identification of Binary Data in Disk Clusters and RAM Pages

      • Martin Karresand, Nahid Shahmehri

      Pages 413-424

8. IFIP WG 11.1/11.8 Security Culture Workshop

   1. Organizational Security Culture: More Than Just an End-User Phenomenon

      • Anthonie B. Ruighaver, Sean B. Maynard

      Pages 425-430

   2. Cyber Security Training and Awareness Through Game Play

      • Benjamin D. Cone, Michael F. Thompson, Cynthia E. Irvine, Thuy D. Nguyen

      Pages 431-436

   3. Internalisation of Information Security Culture amongst Employees through Basic Security Knowledge

      • Omar Zakaria

      Pages 437-441

   4. Bridging the Gap between General Management and Technicians — A Case Study in ICT Security

      • Jabiri Kuwe Bakari, Charles N. Tarimo, Christer Magnusson, Louise Yngström

      Pages 442-447

This book contains the Proceedings of the 21st IFIP TC-11 International Information Security Conference (IFIPISEC 2006) on "Security and Privacy in Dynamic Envir- ments" held in May 22-24 2006 in Karlstad, Sweden. The first IFIPISEC conference was arranged in May 1983 in Stockholm, Sweden, one year before TC- 1 1 was founded, with the active participation of the Swedish IT Security Community. The IFIPISEC conferences have since then become the flagship events of TC-11. We are very pleased that we succeeded with our bid to after 23 years hold the IFIPISEC conference again in Sweden. The IT environment now includes novel, dynamic approaches such as mobility, wearability, ubiquity, ad hoc use, mindhody orientation, and businesslmarket ori- tation. This modem environment challenges the whole information security research community to focus on interdisciplinary and holistic approaches whilst retaining the benefit of previous research efforts. Papers offering research contributions focusing on dynamic environments in addition to other aspects of computer security and privacy were solicited for submission to IFIPISEC 2006. We received 141 submissions which were all reviewed by at least three members of the international program committee.

• Information Technology (IT)
• Processing
• Web Services
• access control
• authentication
• control
• information security
• intrusion detection
• management
• networks
• organization
• privacy
• security protocols
• technology
• usability

• Karlstad University, Sweden

  Simone Fischer-Hübner, Stefan Lindskog

• Goethe University, Frankfurt, Germany

  Kai Rannenberg

• Stockholm University/Royal Institute of Technology, Sweden

  Louise Yngström

Policies and ethics