Table of Contents

I Keynote address.- Recent Advances in Access Control Models.- II Role and Constraint-Based Access Control.- Role-based Access Control on the Web Using LDAP.- Constraints-based Access Control.- Secure Role-Based Workflow Models.- III Distributed Systems.- Subject Switching Algorithms for Access Control in Federated Databases.- Efficient Damage Assessment and Repair in Resilient Distributed Database Systems.- Administering Permissions for Distributed Data: Factoring and Automated Inference.- State-Dependent Security Decisions for Distributed Object-Systems.- IV Information Warfare and Intrusion Detection.- Reorganization of Database Log for Information Warfare Data Recovery.- Randomly roving agents for intrusion detection.- Public Telephone Network Vulnerabilities.- V Relational Databases.- Flexible Security Policies in SQL.- The Inference Problem and Updates in Relational Databases.- Managing Classified Documents in a Relational Database.- VI Implementation Issues.- A Comparison Between ConSA and Current Linux Security Implementations.- A Novel Approach to Certificate Revocation Management.- ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications.- VII Multilevel Systems.- An Extended Transaction Model Approach for Multilevel Secure Transaction Processing.- Maintaining the Confidentiality of Interoperable Databases with a Multilevel Federated Security System.- VIII New Application Areas.- Security Procedures for Classification Mining Algorithms.- Regulating Access to XML documents.- IX Panel and discussion.- Panel on XML and Security.- Selected Summary of Discussions.