Trusted Information

1. Risk Management

   1. Improving the Protection of Assets in Open Distributed Systems by Use of X-ifying Risk Analysis

      • Ann Frisinger

      Pages 293-303

   2. The Security Model to Combine the Corporate and Information Security

      • Teemupekka Virtanen

      Pages 305-316

   3. Design Criteria to Classified Information Systems Numerically

      • Teemupekka Virtanen

      Pages 317-325

2. Network Security and Intrusion Detection

   1. Deception: A Tool and Curse for Security Management

      • M. Warren, W. Hutchinson

      Pages 327-337

   2. A Methodology to Detect Temporal Regularities in User Behavior for Anomaly Detection

      • Alexandr Seleznyov

      Pages 339-352

   3. ADeLe: An Attack Description Language for Knowledge-Based Intrusion Detection

      • Cédric Michel, Ludovic Mé

      Pages 353-368

   4. Sleepy Watermark Tracing: An Active Network-Based Intrusion Response Framework

      • Xinyuan Wang, Douglas S. Reeves, S. Felix Wu, Jim Yuill

      Pages 369-384

3. Trusted Platforms

   1. An Efficient Software Protection Scheme

      • Antonio Maña, Ernesto Pimentel

      Pages 385-401

   2. Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs

      • Adrian Spalka, Armin B. Cremers, Hanno Langweg

      Pages 403-419

4. Trusted System Design and Management

   1. Security Concerns for Contemporary Development Practices

      • T. Tryfonas, E. Kiountouzis

      Pages 421-435

   2. A Paradigmatic Analysis of Conventional Approaches for Developing and Managing Secure IS

      • Mikko T. Siponen

      Pages 437-452

   3. Redefining Information Systems Security: Viable Information Systems

      • Maria Karyda, Spyros Kokolakis, Evangelos Kiountouzis

      Pages 453-467

   4. Extended Description Techniques for Security Engineering

      • Guido Wimmel, Alexander Wisspeintner

      Pages 469-485

   5. Erratum to: Trusted Information

      • Michel Dupuy, Pierre Paradinas

      Pages E1-E1

Since the early eighties IFIP/Sec has been an important rendezvous for Information Technology researchers and specialists involved in all aspects of IT security. The explosive growth of the Web is now faced with the formidable challenge of providing trusted information. IFIP/Sec’01 is the first of this decade (and century) and it will be devoted to “Trusted Information - the New Decade Challenge” This proceedings are divided in eleven parts related to the conference program. Session are dedicated to technologies: Security Protocols, Smart Card, Network Security and Intrusion Detection, Trusted Platforms. Others sessions are devoted to application like eSociety, TTP Management and PKI, Secure Workflow Environment, Secure Group Communications, and on the deployment of applications: Risk Management, Security Policies andTrusted System Design and Management. The year 2001 is a double anniversary. First, fifteen years ago, the first IFIP/Sec was held in France (IFIP/Sec’86, Monte-Carlo) and 2001 is also the anniversary of smart card technology. Smart cards emerged some twenty years ago as an innovation and have now become pervasive information devices used for highly distributed secure applications. These cards let millions of people carry a highly secure device that can represent them on a variety of networks. To conclude, we hope that the rich “menu” of conference papers for this IFIP/Sec conference will provide valuable insights and encourage specialists to pursue their work in trusted information.

• Analysis
• Audit
• B2B
• E-Commerce
• IT security
• communication
• cryptography
• data security
• distributed systems
• information
• information processing
• information system
• management
• modeling

• SGDN/DCSSI/CERTA, France

  Michel Dupuy

• Gemplus Labs, France

  Pierre Paradinas

Policies and ethics