Information security management, education and privacy :IFIP 18th World Computer Congress : TC11 19th International Information Security Workshops, 22-27 August 2004, Toulouse, France
附註:Includes bibliographical references and index.
Towards Corporate Information Security Education -- A Security Risk Analysis Methodology for Critical Information Infrastructure Protection -- A Framework for Role-based Monitoring of Insider Misuse -- An International Security Perspective -- Highly Qualified Information Security Personnel Training in Russia -- Update/Patch Management Systems: A Protocol Taxonomy with Security Implications -- A Security Model for Anonymous Credential Systems -- Taxonomy of Mixes and Dummy Traffic -- Private Information Storage with Logarithm-Space Secure Hardware -- Identity Management for Self-Portrayal -- Privacy Invasive Software in File-Sharing Tools -- A Risk Driven Approach to Designing Privacy Enhanced Secure -- Infusing Privacy Norms in DRM.
摘要:This volume contains the papers presented at three workshops embedded in the 19th IFIP International Conference on Information Security (SEC2004), which was sponsored by the International Federation for Information Processing (IFIP) and held in August 2004 as a co-located conference of the 18th IFIP World Computer Congress in Toulouse, France. The first workshop was organized by IFIP Working Group 11.1, which is itself dedicated to Information Security Management, i.e., not only to the practical implementation of new security technology issued from recent research and development, but also and mostly to the improvement of security practice in all organizations, from multinational corporations to small enterprises. Methods and techniques are developed to increase personal awareness and education in security, analyze and manage risks, identify security policies, evaluate and certify products, processes and systems. The second workshop was organized by IFIP Working Group 11.8, dedicated to Information Security Education. This year, the workshop was aimed at developing a first draft of an international doctorate program allowing a specialization in IT Security. The draft is based upon selected papers from individuals or groups (from academic, military and government organizations), and discussions at the workshop. This draft will be further refined and eventually published as an IFIP Report. Finally, the last workshop was organized by IFIP Working Group 11.4 on Network Security. The purpose of the workshop was to bring together privacy and anonymity experts from around the world to discuss recent advances and new perspectives on these topics that are increasingly important aspects in electronic services, especially in advanced distributed applications, such as m-commerce, agent-based systems, P2P, etc. The carefully selected papers gathered in this volume show the richness of the information security domain, as well as the liveliness of the working groups cooperating