Computer Security - ESORICS 98 5th European Symposium on Research in Computer Security, Louvain-la-Neuve, Belgium, September 16-18, 1998, Proceedings

This book constitutes the refereed proceedings of the 5th European Symposium on Research in Computer Security, ESORICS 98, held in Louvain-la-Neuve, Belgium, in September 1998.
The 24 revised full papers presented were carefully reviewed and selected from a total of 57 submissions. The papers provide current results from research and development in design and specification of security policies, access control modelling and protocol analysis, mobile systems and anonymity, Java and mobile code, watermarking, intrusion detection and prevention, and specific threads.

Fixed vs. variable-length patterns for detecting suspicious process behavior.- A tool for pro-active defense against the buffer overrun attack.- A kernelized architecture for multilevel secure application policies.- Dealing with multi-policy security in large open distributed systems.- A flexible method for information system security policy specification.- On the security of some variants of the RSA signature scheme.- Side channel cryptanalysis of product ciphers.- On the security of digital tachographs.- An authorization model and its formal semantics.- Authorization in CORBA security.- Rules for designing multilevel Object-Oriented Databases.- Byte code verification for Java smart cards based on model checking.- Towards formalizing the Java security architecture of JDK 1.2.- EUROMED-JAVA: Trusted Third Party Services for securing medical Java applets.- MPEG PTY-Marks: Cheap detection of embedded copyright data in DVD-video.- DHWM: A scheme for managing watermarking keys in the Aquarelle multimedia distributed system.- The “ticket” concept for copy control based on embedded signalling.- Panel session: Watermarking.- Authentication and payment in future mobile systems.- Distributed temporary pseudonyms: A new approach for protecting location information in mobile communication networks.- A mix-mediated anonymity service and its payment.- A subjective metric of authentication.- A sound logic for analysing electronic commerce protocols.- Kerberos Version IV: Inductive analysis of the secrecy goals.