Proceedings of the IFIP TC11 13th International Conference on Information Security (SEC '97): 14-16 May 1997, Copenhagen, Denmark
Recently, IT has entered all important areas of society. Enterprises, individuals and civilisations all depend on functioning, safe and secure IT. Focus on IT security has previously been fractionalised, detailed and often linked to non-business applicaitons. The aim of this book is to address the current and future prospects of modern IT security, functionality in business, trade, industry, health care and government. The main topic areas covered include existing IT security tools and methodology for modern IT environments, laws, regulations and ethics in IT security environments, current and future prospects in technology, infrastructures, technique and methodology and IT security in retrospective.
Preface. IFIP SEC' 97 Conference Committees. Part one: Secure information systems. Part two: Secure data bases. Part three: Management of information security and risks (I). Part four: Secure group communication. Part five: Secure commercial systems (I). Part six: Tools for intrusion detection. Part seven: Privacy and education. Part eight: Assessment and evaluation of secure systems. Part nine: Management of information security and risks (II). Part ten: Cryptopolicies. Part eleven: Secure commercial systems (II). Part twelve: Security in healthcare systems. Part thirteen: Secure communications and networks. Index of contributors. Keyword index.
1 Information security - challenges for the next millenium.- 2 Selection of secure single sign-on solutions for heterogeneous computing environments.- 3 A formal model to aid documenting and harmonizing of information security requirements.- 4 A compile-time model for safe information flow in object-oriented databases.- 5 Deriving Authorizations from Process Analysis in Legacy Information Systems.- 6 The Role of Government in Creating the IT Security Infrastructure: Builder or Bystander?.- 7 Code of Practice: A Standard for Information Security Management.- 8 Can security baselines replace risk analysis?.- 9 gGSS-API: a group enhanced generic security service.- 10 Electronic document exchange in Sweden - the legal aspects.- 11 An attack detection system for secure computer systems - outline of the solution.- 12 A taxonomy and overview of information security experiments.- 13 Pseudonymous audit for privacy enhanced intrusion detection.- 14 Individual management of personal reachability in mobile communication.- 15 New vistas on info-system security.- 16 A common criteria framework for the evaluation of information technology systems security.- 17 A methodology for accrediting a commercial distributed database.- 18 A comparison of schemes for certification authorities/trusted third parties.- 19 How to trust systems.- 20 Integrating information security in the development of telematics systems.- 21 Developing secure applications: a systematic approach.- 22 Controlling Internet access at an educational institution.- 23 Analysis of Java security and hostile applets.- 24 New organizational forms for information security management.- 25 Security when outsourcing: concepts, constructs, compliance.- 26 The IFIP TC11 position on cryptopolicies.- 27 Towards an holistic viewof enterprise ICT security and safety.- 28 A taxonomy of electronic cash schemes.- 29 Large scale elections by coordinating electoral colleges.- 30 MVS-SAT: a security administration tool to support SMF protocol data evaluation.- 31 security requirements and solutions in distributed electronic health records.- 32 ODESSA - a new approach to healthcare risk analysis.- 33 A comprehensive need-to-know access control system and its application for medical information systems.- 34 The future of networks and network security.- 35 Securing communications over ATM networks.- 36 Non-intrusive authentication.- 37 Roaming security agents enabling intelligent access control and network protection.- Index of contributors.- Keyword index.
Inhaltsverzeichnis
Preface. IFIP SEC' 97 Conference Committees. Part one: Secure information systems. Part two: Secure data bases. Part three: Management of information security and risks (I). Part four: Secure group communication. Part five: Secure commercial systems (I). Part six: Tools for intrusion detection. Part seven: Privacy and education. Part eight: Assessment and evaluation of secure systems. Part nine: Management of information security and risks (II). Part ten: Cryptopolicies. Part eleven: Secure commercial systems (II). Part twelve: Security in healthcare systems. Part thirteen: Secure communications and networks. Index of contributors. Keyword index.
Klappentext
Recently, IT has entered all important areas of society. Enterprises, individuals and civilisations all depend on functioning, safe and secure IT. Focus on IT security has previously been fractionalised, detailed and often linked to non-business applicaitons. The aim of this book is to address the current and future prospects of modern IT security, functionality in business, trade, industry, health care and government. The main topic areas covered include existing IT security tools and methodology for modern IT environments, laws, regulations and ethics in IT security environments, current and future prospects in technology, infrastructures, technique and methodology and IT security in retrospective.
Springer Book Archives
