信息系统安全/Information systems security

This book constitutes the refereed proceedings of the Second International Conference on Information Systems Security, ICISS 2006, held in Kolkata, India in December 2006.
The 20 revised full papers and 5 short papers presented together with 4 invited papers and 3 ongoing project summaries were carefully reviewed and selected from 79 submissions. The papers discuss in depth the current state of the research and practice in information systems security and are organized in topical sections on data and application security, access control, key management and security in wireless networks, threat analysis, detection and recovery, cryptography and encryption, as well as short papers and research reports.

The LNCS series reports state-of-the-art results in computer science research,development,and education,at a high level and in both printed and electronic form.Enjoying tight cooperation with the R&D community,with numerous individuals,as well as with prestigious organizations and societies,LNCS has grown into the most comprehensive computer science resarch forum available.
The scope of LNCS,including its subseries LNAI,spans the whole range of computer science and information technology including interdisciplinary topics in a variety of application fields.The type of material publised traditionally includes.
-proceedings(published in time for the respective conference)
-post-proceedings(consisting of thoroughly revised final full papers)
-research monographs(which may be basde on outstanding PhD work,research projects,technical reports,etc.).

Invited Papers
　Privacy in the Electronic Society
　A Data Sharing Agreement Framework
　Password Exhaustion: Predicting the End of Password Usefulness
　Network Monitoring for Security and Forensics
Data and Application Security
　Fairness Strategy for Multilevel Secure Concurrency Control Protocol
　Optimistic Anonymous Participation in Inter-organizational Workflow Instances
　O2O: Virtual Private Organizations to Manage Security Policy Interoperability
　Privacy Preserving Web-Based Email
Access Control
　Context-Aware Provisional Access Control
　LRBAC: A Location-Aware Role-Based Access Control Model
　Extending Context Descriptions in Semantics-Aware Access Control
　Specification and Realization of Access Control in SPKI/SDSI
Key Management and Security in Wireless Networks
　Design of Key Establishment Protocol Using One-Way Functions to Avert insider-replay Attack
　An Efficient Key Assignment Scheme for Access Control in a Hierarchy
　Adaptation of IEEE 802.1X for Secure Session Establishment Between Ethernet Peers
　Secure Data Management in Reactive Sensor Networks
Threat Analysis, Detection and Recovery
　Security Ontology: Simulating Threats to Corporate Assets
　Two-Stage Credit Card Fraud Detection Using Sequence Alignment
　New Malicious Code Detection Using Variable Length n-grams
　A Dead-Lock Free Self-healing Algorithm for Distributed Transactional Processes
Cryptography and Encryption
　An Efficient Public Key Cryptosystem Secure Against Chosen Ciphertext Attack
　A Partial Image Encryption Method with Pseudo Random Sequences
……
Short Papers and Research Reports
Author Index