Computer Security - ESORICS 2004 9th European Symposium on Research Computer Security, Sophia Antipolis, France, September 13-15, 2004. Proceedings

This book constitutes the refereed proceedings of the 9th European Symposium on Research in Computer Security, ESORICS 2004, held in Sophia Antipolis, France in September 2004.
The 27 revised full papers presented were carefully reviewed and selected from 159 submissions. Among the topics addressed are access control, authorization frameworks, privacy policies, security protocols, trusted computing, anonymity, information hiding, steganography, digital signature schemes, encrypted communication, information flow control, authentication, key distribution, public key cryptography, intrusion prevention, and attack discovery.

Incorporating Dynamic Constraints in the Flexible Authorization Framework.- Access-Condition-Table-Driven Access Control for XML Databases.- An Algebra for Composing Enterprise Privacy Policies.- Deriving, Attacking and Defending the GDOI Protocol.- Better Privacy for Trusted Computing Platforms.- A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol.- A Formalization of Anonymity and Onion Routing.- Breaking Cauchy Model-Based JPEG Steganography with First Order Statistics.- Comparison Between Two Practical Mix Designs.- Signature Bouquets: Immutability for Aggregated/Condensed Signatures.- Towards a Theory of Data Entanglement.- Portable and Flexible Document Access Control Mechanisms.- Possibilistic Information Flow Control in the Presence of Encrypted Communication.- Information Flow Control Revisited: Noninfluence = Noninterference + Nonleakage.- Security Property Based Administrative Controls.- A Vector Model of Trust for Developing Trustworthy Systems.- Parameterized Authentication.- Combinatorial Design of Key Distribution Mechanisms for Wireless Sensor Networks.- Hindering Eavesdropping via IPv6 Opportunistic Encryption.- On the Role of Key Schedules in Attacks on Iterated Ciphers.- A Public-Key Encryption Scheme with Pseudo-random Ciphertexts.- A Host Intrusion Prevention System for Windows Operating Systems.- Re-establishing Trust in Compromised Systems: Recovering from Rootkits That Trojan the System Call Table.- ARCHERR: Runtime Environment Driven Program Safety.- Sets, Bags, and Rock and Roll.- Redundancy and Diversity in Security.- Discovering Novel Attack Strategies from INFOSEC Alerts.