Table of Contents

Digital Forensics.- FORSIGS: Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints.- Digital Forensic Readiness as a Component of Information Security Best Practice.- Human-Computer Interaction I.- Value creation and Return On Security Investments (ROSI).- Usability and Security of Personal Firewalls.- Computer-Based Trust.- Trusted Ticket Systems and Applications.- Trust Evaluation for Web Applications based on Behavioral Analysis.- Information Security Management I.- Improving the Information Security Model by using TFI.- Ontological Mapping of Common Criteria’s Security Assurance Requirements.- Network Security I.- Management of Exceptions on Access Control Policies.- Security Analysis of Two Ultra-Lightweight RFID Authentication Prools.- Information Security Management II.- Exploratory survey on an Evaluation Model for a Sense of Security.- Employees’ Adherence to Information Security Policies: An Empirical Study.- Network Security II.- Phishing in the Wireless: Implementation and Analysis.- Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks.- Access Control I.- A Credential-Based System for the Anonymous Delegation of Rights.- Development and Application of a Proxy Server for Transparently, Digitally Signing E-Learning Content.- Human-Computer Interaction II.- Identity Theft — Empirical evidence from a Phishing Exercise.- A Practical Usability Evaluation of Security Features in End-User Applications.- Intrusion Detection Systems.- Personal Anomaly-based Intrusion Detection Smart Card Using Behavioural Analysis.- A Survey of Bots Used for Distributed Denial of Service Attacks.- Access Control II.- A Hybrid PKI-IBC Based Ephemerizer System.- Keystroke Analysis for Thumb-based Keyboards on MobileDevices.- Information Privacy I.- Security Remarks on a Convertible Nominative Signature Scheme.- Using Payment Gateways to Maintain Privacy in Secure Electronic Transactions.- Access Control III.- A Role-Based Architecture for Seamless Identity Management and Effective Task Separation.- Extending Role Based Access Control Model for Distributed Multidomain Applications.- Information Privacy II.- A Middleware Architecture for Integrating Privacy Preferences and Location Accuracy.- Enabling Privacy of Real-Life LBS.- Access Control IV.- Crafting Web Counters into Covert Channels.- OPA: Onion Policy Administration Model — Another approach to manage rights in DRM.- Security Services.- Non-Repudiation in Internet Telephony.- FirePatch: Secure and Time-Critical Dissemination of Software Patches.- Access Control V.- An Experimental Evaluation of Multi-Key Strategies for Data Outsourcing.- Building a Distributed Semantic-aware Security Architecture.- Trust and Intrusion Detection Systems.- Using Trust to Resist Censorship in the Presence of Collusion.- Evaluating the Effects of Model Generalization on Intrusion Detection Performance.- Keynote paper.- Modernising MAC: New Forms for Mandatory Access Control in an Era of DRM.- IFIP WG 9.7/11.7 — IT Missue and the Law & the NoE “Future of Identity in the Information Society” (FIDIS) — Workshop on Security and Control of Identity in Society.- Covert Identity Information in Direct Anonymous Attestation (DAA).- Safeguarding Personal Data using Rights Management in Distributed Applications.- Identification Now and in the Future: Social Grant Distribution Process in South Africa.- Hard-drive Disposal and Identity Fraud.- An analysis of security and privacy issues relating to RFID enabled ePassports.- IFIF WG 11.1/11.8Workshop on Fostering Knowledge and Skills for Managable Information Security.- Toward User Evaluation of IT Security Certification Schemes: A Preliminary Framework.- Teaching of Information Security in the “Health Care and Nursing” Postgraduate program.- Remote Virtual Information Assurance Network.- Certifying the Computer Security Professional Using the Project Management Institute’s PMP Model.