Research Directions in Data and Applications Security XVIII

Preface. Conference Organization. Contributing Authors. I: Invited Talk I. Invited Talk - Inference Control Problem in Statistical Database Query Systems L.H. Cox. II: Access Control. Attribute Mutability in Usage Control Jaehong Park, et al. Star Tree: An Index Structure for Efficient Evaluation of Spatiotemporal Authorizations V. Alturi, Qui Guo. An Extended Analysis of Delegating Obligations A. Schaad. Implementing Real-Time Update of Access Control Policies I. Rai, Tai Xin. III: Data Protection Techniques. Defending against Additive Attacks with Maximal Errors in Watermarking Relational Databases Jingjui Li, et al. Performance-Conscious Key Management in Encrypted Databases H. Hacigumus, S. Mehrotra. Damage Discovery in Distributed Database Systems Yanjun Zuo, B. Panda. IV: Database Theory and Inference Control. Information Flow Analysis for File Systems and Databases Using Labels E. Gudes, et al. Refusal in Incomplete Databases J. Biskup, T. Weibert. Why is This User Asking so Many Questions? Explaining Sequences of Queries A.C. Acar, A. Motro. V: Invited Talk II. Invited Talk - Towards Semantics-Aware Access Control E. Damiani, S. De Capitani-de Vimercati. VI: System Security Analysis. RBAC/MAC Security for UML T. Doan, et al. Secure Bridges: A Means to Conduct Secure Teleconferences over Public Telephones I. Youn, D. Wijesekera. VII: Access Control Design and Management. Policy-based Security Management for Enterprise Systems R. Mukkamala, et al. A Pattern System for Access Control T. Priebe, et al. A Design for Parameterized Roles Mei Ge, S.L. Osborn.VIII: Distributed Systems. Efficient Verification of Delegation in Distributive Group Membership Management L. Huraj, H. Reiser. Web Resource Usage Control in RSCLP S. Barker. Securely Distributing Centralized Multimedia Content Utilizing Peer-to-Peer Cooperation I. Ray T. Hajek. IX: Privacy. On the Damage and Compensation of Privacy Leakage Da-Wei Wang, et al. An Experimental Study of Distortion-Based Techniques for Association Rule Hiding E.D. Pontikakis, et al. Privacy-Preserving Multi-Party Decision Tree Induction J.Z. Zhan, et al. X: Network Protection and Configuration. Configuring Storage Area Networks for Mandatory Security B. Aziz, et al. A Framework for Trusted Wireless Networks J.S. Park, A. Jain. Author Index.

[1]  Pierangela Samarati,et al.  Secure Interoperation of Heterogeneous Systems: A Mediator-Based Approach , 1998 .

[2]  Markus Schumacher,et al.  Security Engineering with Patterns: Origins, Theoretical Models, and New Applications , 2003 .

[3]  Kwangjo Kim,et al.  Efficient Offline Path Validation , 2001 .

[4]  Joachim Biskup,et al.  A Hybrid PKI Model: Application to Secure Mediation , 2002, DBSec.

[5]  Gene Tsudik,et al.  Secure group services for storage area networks , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[6]  M. Ufuk Çaglayan,et al.  An efficient, dynamic and trust preserving public key infrastructure , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[7]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[8]  Kenneth A. Ross,et al.  The well-founded semantics for general logic programs , 1991, JACM.

[9]  Joachim Biskup,et al.  Controlled query evaluation for enforcing confidentiality in complete information systems , 2004, International Journal of Information Security.

[10]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[11]  Stefano Basagni,et al.  Distributed and mobility-adaptive clustering for multimedia support in multi-hop wireless networks , 1999, Gateway to 21st Century Communications Village. VTC 1999-Fall. IEEE VTS 50th Vehicular Technology Conference (Cat. No.99CH36324).

[12]  LiWu Chang,et al.  A Bayesian Network Schema for Lessening Database Inference , 2001 .

[13]  T. C. Ting,et al.  Safety and Liveness for an RBAC/MAC Security Model , 2003, DBSec.

[14]  Timothy W. Finin,et al.  Authorization and privacy for semantic Web services , 2004, IEEE Intelligent Systems.

[15]  Deborah A. Frincke,et al.  The Policy Machine for Security Policy Management , 2001, International Conference on Computational Science.

[16]  Elisa Bertino,et al.  Exception-based information flow control in object-oriented systems , 1998, TSEC.

[17]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[18]  Markus Stumptner,et al.  Configuring Large Systems Using Generative Constraint Satisfaction , 1998, IEEE Intell. Syst..

[19]  Wenliang Du,et al.  Using randomized response techniques for privacy-preserving data mining , 2003, KDD '03.

[20]  Theodore M. P. Lee,et al.  Using mandatory integrity to enforce 'commercial' security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[21]  L. Jean Camp,et al.  Trust and Risk in Internet Commerce , 2000 .

[22]  Gerd Wagner,et al.  Design rationale of RuleML - a markup language for the semantic web , 2001 .

[23]  Tsan-sheng Hsu,et al.  Preserving confidentiality when sharing medical database with the Cellsecu system , 2003, Int. J. Medical Informatics.

[24]  Tuomas Aura,et al.  Privacy and Accountability in Certificate Systems , 2000 .

[25]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[26]  Keith A. Brewster,et al.  Inference and aggregation issues in secure database management systems , 1996 .

[27]  James A. Hendler,et al.  Trust Networks on the Semantic Web , 2003, WWW.

[28]  Eduardo B. Fernandez,et al.  The Object Filter and Access Control Framework , 2000 .

[29]  Sanjay Mittal,et al.  Towards a Generic Model of Configuraton Tasks , 1989, IJCAI.

[30]  Richard T. Snodgrass,et al.  The temporal query language TQuel , 1987, TODS.

[31]  R. Sandhu,et al.  Access control: principles and practice , 1994, IEEE Commun. Mag..

[32]  Gu Si-yang,et al.  Privacy preserving association rule mining in vertically partitioned data , 2006 .

[33]  Rajesh Krishnan,et al.  Message-efficient self-organization of wireless sensor networks , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[34]  Jonathan K. Millen Local reconfiguration policies , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[35]  Jessica Staddon,et al.  Dynamic inference control , 2003, DMKD '03.

[36]  Reind P. van de Riet,et al.  Answering queries without revealing secrets , 1983, TODS.

[37]  Ravi S. Sandhu,et al.  Towards a UML based approach to role engineering , 1999, RBAC '99.

[38]  Simon N. Foley The specification and implementation of “commercial” security requirements including dynamic segregation of duties , 1997, CCS '97.

[39]  W. B. Barksdale,et al.  New randomized response techniques for control of non-sampling errors in surveys , 1971 .

[40]  Ira S. Moskowitz,et al.  Parsimonious downgrading and decision trees applied to the inference problem , 1998, NSPW '98.

[41]  T. C. Ting A User-Role Based Data Security Approach , 1988, Database Security.

[42]  Sylvia L. Osborn,et al.  Commercial integrity, roles and object orientation , 1995 .

[43]  Timothy W. Finin,et al.  Agents, trust, and information access on the semantic web , 2002, SGMD.

[44]  Alberto O. Mendelzon,et al.  Formal aspects of querying RDF databases , 2003, SWDB.

[45]  Sushil Jajodia,et al.  Towards a Multilevel Secure Relational Data Model , 1991, SIGMOD Conference.

[46]  Joachim Biskup,et al.  Lying versus refusal for known potential secrets , 2001, Data Knowl. Eng..

[47]  Sushil Jajodia,et al.  Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures , 2000, IEEE Trans. Knowl. Data Eng..

[48]  Karl N. Levitt,et al.  Security Policy Specification Using a Graphical Approach , 1998, ArXiv.

[49]  Wendi Heinzelman,et al.  Energy-efficient communication protocol for wireless microsensor networks , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[50]  Ernesto Damiani,et al.  Managing and Sharing Servents' Reputations in P2P Systems , 2003, IEEE Trans. Knowl. Data Eng..

[51]  Dorothy E. Denning,et al.  A fast procedure for finding a tracker in a statistical database , 1980, TODS.

[52]  Latanya Sweeney,et al.  Guaranteeing anonymity when sharing medical data, the Datafly System , 1997, AMIA.

[53]  Chris Clifton,et al.  Privacy-preserving k-means clustering over vertically partitioned data , 2003, KDD '03.

[54]  Lance J. Hoffman,et al.  Building Privacy into the Semantic Web: An Ontology Needed Now , 2002 .

[55]  Jeffrey M. Bradshaw,et al.  Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder , 2003, SEMWEB.

[56]  Ernesto Damiani,et al.  Human-Centered e-Business , 2003, Springer US.

[57]  A. Tamhane Randomized Response Techniques for Multiple Sensitive Attributes , 1981 .

[58]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[59]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[60]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[61]  Eduardo B. Fernandez,et al.  Comparing the Security Architectures of Sun ONE and Microsoft .NET , 2004 .

[62]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[63]  James A. Hendler,et al.  Dynamic Ontologies on the Web , 2000, AAAI/IAAI.

[64]  P. Jones Making Decisions , 1971, Nature.

[65]  Tsan-sheng Hsu,et al.  A Logical Model for Privacy Protection , 2001, ISC.

[66]  T. C. Ting,et al.  Towards a Definitive Paradigm for Security in Object-Oriented Systems and Applications , 1997, Journal of computing and security.

[67]  Simon N. Foley,et al.  Modeling and detecting the cascade vulnerability problem using soft constraints , 2004, SAC '04.

[68]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[69]  Asuman Dogac,et al.  A Semantic based Privacy Framework for Web Services , 2003 .

[70]  Shafi Goldwasser,et al.  Multi party computations: past and present , 1997, PODC '97.

[71]  Ian T. Foster,et al.  Security for Grid services , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.

[72]  Gary D. Eppen Quantitative Concepts for Management: Decision Making Without Algorithms , 1979 .

[73]  Dieter Fensel,et al.  Towards the Semantic Web: Ontology-driven Knowledge Management , 2002 .

[74]  Ivar Jacobson,et al.  Unified Modeling Language , 2020, Definitions.

[75]  Ramanathan V. Guha,et al.  Propagation of trust and distrust , 2004, WWW '04.

[76]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[77]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[78]  Sushil Jajodia,et al.  FlexFlow: A Flexible Flow Control Policy Specification Framework , 2003, DBSec.

[79]  Matthew Richardson,et al.  Trust Management for the Semantic Web , 2003, SEMWEB.

[80]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[81]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[82]  Simon N. Foley,et al.  Aggregation and Separation as Noninterference Properties , 1992, J. Comput. Secur..

[83]  Joseph W. Yoder,et al.  Architectural Patterns for Enabling Application Security , 1998 .

[84]  T. C. Ting,et al.  Role-Based Security in a Distributed Resource Environment , 2000, DBSec.

[85]  David Toman,et al.  Logics for Databases and Information Systems , 1998 .

[86]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[87]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[88]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[89]  Sarit Kraus,et al.  Foundations of Secure Deductive Databases , 1995, IEEE Trans. Knowl. Data Eng..

[90]  Sujeet Shenoi,et al.  Analyzing FD Inference in Relational Databases , 1996, Data Knowl. Eng..

[91]  Stephan Olariu,et al.  Information assurance in wireless sensor networks , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[92]  Jeffrey Scott Vitter,et al.  Strategic directions in storage I/O issues in large-scale computing , 1996, CSUR.

[93]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[94]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[95]  Travis Earl Russell,et al.  Signaling System #7 , 1995 .

[96]  Petra Perner,et al.  Data Mining - Concepts and Techniques , 2002, Künstliche Intell..

[97]  Sushil Jajodia,et al.  Aggregation in Relational Databases: Controlled Disclosure of Sensitive Information , 1994, ESORICS.

[98]  Ehud Gudes,et al.  Compile-Time Flow Analysis of Transactions and Methods in Object-Oriented Databases , 1997, DBSec.

[99]  S. Sitharama Iyengar,et al.  Efficient and Fault-Tolerant Feature Extraction in Wireless Sensor Networks , 2003, IPSN.

[100]  Joachim Biskup,et al.  Confidentiality Policies and Their Enforcement for Controlled Query Evaluation , 2002, ESORICS.

[101]  Andrew C. Myers,et al.  Protecting privacy using the decentralized label model , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[102]  Teodor C. Przymusinski On the Declarative Semantics of Deductive Databases and Logic Programs , 1988, Foundations of Deductive Databases and Logic Programming..

[103]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[104]  Ivar Jacobson,et al.  Object-oriented software engineering - a use case driven approach , 1993, TOOLS.

[105]  Lucila Ohno-Machado,et al.  Using Boolean reasoning to anonymize databases , 1999, Artif. Intell. Medicine.

[106]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[107]  Vipin Chaudhary,et al.  History-based access control for mobile code , 1998, CCS '98.

[108]  Miodrag Potkonjak,et al.  Localized algorithms in wireless ad-hoc networks: location discovery and sensor exposure , 2001, MobiHoc '01.

[109]  Eric Anderson,et al.  Proceedings of the Fast 2002 Conference on File and Storage Technologies Hippodrome: Running Circles around Storage Administration , 2022 .

[110]  Elisa Bertino,et al.  A system to specify and manage multipolicy access control models , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[111]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[112]  Sylvia L. Osborn,et al.  Privilege Administration for the Role Graph Model , 2002, DBSec.

[113]  S L Warner,et al.  Randomized response: a survey technique for eliminating evasive answer bias. , 1965, Journal of the American Statistical Association.

[114]  Haiyun Luo,et al.  Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks , 2000 .

[115]  Sylvia L. Osborn,et al.  A role-based approach to access control for XML databases , 2004, SACMAT '04.

[116]  Yi-Ting Chiang,et al.  How Much Privacy? - A System to Safe Guard Personal Privacy while Releasing Databases , 2002, Rough Sets and Current Trends in Computing.

[117]  Timothy W. Finin,et al.  Security for DAML Web Services: Annotation and Matchmaking , 2003, SEMWEB.

[118]  Ravi S. Sandhu,et al.  Configuring role-based access control to enforce mandatory and discretionary access control policies , 2000, TSEC.

[119]  Stefano Basagni,et al.  Distributed clustering for ad hoc networks , 1999, Proceedings Fourth International Symposium on Parallel Architectures, Algorithms, and Networks (I-SPAN'99).

[120]  Bharat K. Bhargava,et al.  E-notebook Middleware for Accountability and Reputation Based Trust in Distributed Data Sharing Communities , 2004, iTrust.

[121]  Joachim Biskup,et al.  Controlled Query Evaluation for Known Policies by Combining Lying and Refusal , 2004, Annals of Mathematics and Artificial Intelligence.

[122]  Judith N. Froscher,et al.  A Strategy for Information Survivability , .

[123]  Pascal Van Hentenryck The OPL optimization programming language , 1999 .

[124]  Massimo Marchiori W5: The Five W's of the World Wide Web , 2004, iTrust.

[125]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[126]  Sylvia L. Osborn,et al.  The role graph model and conflict of interest , 1999, TSEC.

[127]  Ramakrishnan Srikant,et al.  Fast algorithms for mining association rules , 1998, VLDB 1998.

[128]  William E. Lorensen,et al.  Object-Oriented Modeling and Design , 1991, TOOLS.

[129]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[130]  Sylvia L. Osborn,et al.  Modeling users in role-based access control , 2000, RBAC '00.

[131]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[132]  Peter J. Stuckey,et al.  Flexible access control policy specification with constraint logic programming , 2003, TSEC.

[133]  Ira S. Moskowitz,et al.  A Study of Inference Problems in Distributed Databases , 2002, DBSec.

[134]  Günther Pernul,et al.  Towards integrative enterprise knowledge portals , 2003, CIKM '03.

[135]  T. Aura,et al.  Robust Membership Management for Ad-hoc Groups , 2000 .

[136]  Harry S. Delugach,et al.  Applying Conceptual Graphs for Inference Detection Using Second Path Analysis , 2001 .

[137]  Benjamin N. Grosof Representing e-commerce rules via situated courteous logic programs in RuleML , 2004, Electron. Commer. Res. Appl..

[138]  Randy H. Katz,et al.  A case for redundant arrays of inexpensive disks (RAID) , 1988, SIGMOD '88.

[139]  Gail-Joon Ahn,et al.  UML-based representation of role-based access control , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).

[140]  Kan Zhang,et al.  On Rough Sets and Inference Analysis , 1997, ISW.

[141]  Indrakshi Ray,et al.  Using Parameterized UML to Specify and Compose Access Control Models , 2003, IICIS.

[142]  Catherine A. Meadows Extending the Brewer-Nash model to a multilevel context , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[143]  Eduardo B. Fernandez,et al.  A pattern language for security models , 2001 .

[144]  Janusz Zalewski,et al.  Rough sets: Theoretical aspects of reasoning about data , 1996 .

[145]  Elisa Bertino,et al.  Information Flow Control in Object-Oriented Systems , 1997, IEEE Trans. Knowl. Data Eng..

[146]  Wei-Min Shen,et al.  An Overview of Database Mining Techniques , 1995, KDOOD/TDOOD.

[147]  Ira S. Moskowitz,et al.  A Strategy for an MLS Workflow Management System , 1999, DBSec.

[148]  Robin Kravets,et al.  MOCA : MObile Certificate Authority for Wireless Ad Hoc Networks , 2004 .

[149]  Elisa Bertino,et al.  An authorization system for digital libraries , 2002, The VLDB Journal.

[150]  Keith L. Clark,et al.  Negation as Failure , 1987, Logic and Data Bases.

[151]  Karl N. Levitt,et al.  Data level inference detection in database systems , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[152]  Tsan-sheng Hsu,et al.  Quantifying Privacy Leakage through Answering Database Queries , 2002, ISC.

[153]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[154]  Sujeet Shenoi,et al.  Policy mediation for multi-enterprise environments , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[155]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[156]  Csilla Farkas,et al.  Ontology Guided XML Security Engine , 2004, Journal of Intelligent Information Systems.

[157]  Elisa Bertino,et al.  Hiding Association Rules by Using Confidence and Support , 2001, Information Hiding.

[158]  Eugene C. Freuder Eliminating Interchangeable Values in Constraint Satisfaction Problems , 1991, AAAI.

[159]  Majid Sarrafzadeh,et al.  Optimal Energy Aware Clustering in Sensor Networks , 2002 .

[160]  Amihai Motro,et al.  Intensional Answers to Database Queries , 1994, IEEE Trans. Knowl. Data Eng..

[161]  Dieter Fensel,et al.  Ontologies: A silver bullet for knowledge management and electronic commerce , 2002 .

[162]  Timothy W. Finin,et al.  A Policy Based Approach to Security for the Semantic Web , 2003, SEMWEB.

[163]  Andrew C. Myers,et al.  Complete, safe information flow with decentralized labels , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[164]  Alexandre V. Evfimievski,et al.  Privacy preserving mining of association rules , 2002, Inf. Syst..

[165]  Sabrina De Capitani di Vimercati,et al.  Managing Multiple and Dependable Identities , 2003, IEEE Internet Comput..

[166]  Steve Barker Protecting Deductive Databases from Unauthorized Retrievals , 2000, DBSec.

[167]  Yolanda Gil,et al.  Trusting Information Sources One Citizen at a Time , 2002, SEMWEB.