Security and Privacy - Silver Linings in the Cloud: 25th IFIP TC 11 International Information Security Conference, SEC 2010, Held as Part of WCC 2010, Brisbane, Australia, September 20-23, 2010, Proceedings - IFIP Advances in Information and Communication 2010 edition

Marc Notes: Papers presented at the 25th IFIP TC 11 international information security conference in Brisbane, Australia, September 20-23, 2010.; Includes bibliographical references and index. Table of Contents: Kristian Beckman Award Awardee Keynote -- The 5 Waves of Information Security - From Kristian Beckman to the Present / S. H. (Basie) von Solms -- Security Management -- A Business Continuity Management Simulator / William J. Caelli, Lam-For Kwok, Dennis Longley -- Mining Business-Relevant RBAC States through Decomposition / Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, Nino Vincenzo Verde -- Group Dynamics in a Security Risk Management Team Context: A Teaching Case Study / Rostyslav Barabanov, Stewart Kowalski -- Security Management & Governance -- Using Actor Network Theory to Understand Information Security Management / Karin HedstrOm, Gurpreet Dhillon, Fredrik Karlsson -- Information Security Governance: When Compliance Becomes More Important than Security / Terence C. C. Tan, Anthonie B. Ruighaver, Atif Ahmad -- Network Security & Authentication -- Understanding Domain Registration Abuses / Scott E. Coull, Andrew M. White, Ting-Fang Yen, Fabian Monrose, Michael K. Reiter -- Who on Earth Is Mr. Cypher: Automated Friend Injection Attacks on Social Networking Sites / Markus Huber, Martin Mulazzani, Edgar Weippl -- Authentic Refinement of Semantically Enhanced Policies in Pervasive Systems / Julian SchUtte, Nicolai Kuntze, Andreas Fuchs, Atta Badii -- Qualified Mobile Server Signature / Clemens Orthacker, Martin Centner, Christian Kittl -- Intrusion Detection, Trust Management, and Models -- Fraud Detection in ERP Systems Using Scenario Matching / Asadul Khandoker Islam, Malcom Corney, George Mohay, Andrew Clark, Shane Bracher, Tobias Raub, Ulrich Flegel -- Use of IP Addresses for High Rate Flooding Attack Detection / Ejaz Ahmed, George Mohay, Alan Tickle, Sajal Bhatia -- Augmenting Reputation-Based Trust Metrics with Rumor-Like Dissemination of Reputation Information / Sascha Hauke, Martin Pyka, Markus Borschbach, Dominik Heider -- Ex-SDF; An Extended Service Dependency Framework for Intrusion Impact Assessment / Nizar Kheir, Nora Cuppens-Boulahia, FrEdEric Cuppens, HervE Debar -- Software Security and Assurance -- A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism / Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes -- On-the-fly Inlining of Dynamic Security Monitors / Jonas Magazinius, Alejandro Russo, Andrei Sabelfeld -- A Metric-Based Scheme for Evaluating Tamper Resistant Software Systems / Gideon Mylesc, Hongxia Jin -- Evaluation of the Offensive Approach in Information Security Education / Martin Mink, Rainer Greifeneder -- Panel -- Research Methodologies in Information Security Research: The Road Ahead / Johan F. van Niekerk, Rossouw von Solms -- Access Control and Privacy -- Purpose-Based Access Control Policies and Conflicting Analysis / Hua Wang, Lili Sun, Vijay Varadharajan -- Delegation in Predicate Encryption Supporting Disjunctive Queries / Dongdong Sun, Colin Boyd, Juan Manuel GonzAlez Nieto -- Tagging Disclosures of Personal Data to Third Parties to Preserve Privacy / Sven Wohlgemuth, Isao Echizen, Noboru Sonehara, GUnter MUller -- k-Shares: A Privacy Preserving Reputation Protocol for Decentralized Environments / Omar Hasan, Lionel Brunie, Elisa Bertino -- Privacy -- Towards Fair Indictment for Data Collection with Self-Enforcing Privacy / Mark Stegelmann -- How to Enhance Privacy and Identity Management for Mobile Communities: Approach and User Driven Concepts of the PICOS Project / Christian Kahl, Katja BOttcher, Markus Tschersich, Stephan Heim, Kai Rannenberg -- Performance Analysis of Accumulator-Based Revocation Mechanisms / Jorn Lapon, Markulf Kohlweiss, Bart De Decker, Vincent Naessens -- Appendix -- IFIP Technical Committee 11 Security and Privacy Protection in Information Processing Systems / Kai Rannenberg, S. H. (Basie) von Solms, Leon Strous -- Author Index. Publisher Marketing: These proceedings contain the papers of IFIP/SEC 2010. It was a special honour and privilege to chair the Program Committee and prepare the proceedings for this conf- ence, which is the 25th in a series of well-established international conferences on security and privacy organized annually by Technical Committee 11 (TC-11) of IFIP. Moreover, in 2010 it is part of the IFIP World Computer Congress 2010 celebrating both the Golden Jubilee of IFIP (founded in 1960) and the Silver Jubilee of the SEC conference in the exciting city of Brisbane, Australia, during September 20-23. The call for papers went out with the challenging motto of "Security & Privacy Silver Linings in the Cloud" building a bridge between the long standing issues of security and privacy and the most recent developments in information and commu- cation technology. It attracted 102 submissions. All of them were evaluated on the basis of their significance, novelty, and technical quality by at least five member of the Program Committee. The Program Committee meeting was held electronically over a period of a week. Of the papers submitted, 25 were selected for presentation at the conference; the acceptance rate was therefore as low as 24. 5% making SEC 2010 a highly competitive forum. One of those 25 submissions could unfortunately not be included in the proceedings, as none of its authors registered in time to present the paper at the conference.