Information Systems Security 5th International Conference, ICISS 2009 Kolkata, India, December 14-18, 2009 Proceedings

The management of services and operations in today’s organizations are - coming increasingly dependent on their enterprise local area network (enterprise LAN). An enterprise LAN consists of a set of network zones (logical group of networkelements)correspondingto di?erent departments orsections,connected through various interface switches (typically, Layer-3 switches). The network service accesses between these zones and also with the external network (e. g. , Internet) are governed by a global network security policy of the organization. This global policy is de?ned as a collection of service access rules across various network zones where the services referred network applications conforming to TCP/IP protocol. For example, some of the known network services aressh, t- net,http etc. In reality, the security policy may be incompletely speci?ed; which explicitly states the “permit” and “deny” access rules between speci?c network zones keeping remaining service access paths as unspeci?ed. The global security policy is realized in the network by con?guring the n- work interfaces with appropriate sets of access control rules (ACLs). One of the major challenges in network security management is ensuring the conformation of the distributed security implementations with the global security policy.

Keynote Talks.- A Survey of Voice over IP Security Research.- Security for a Smarter Planet.- The WOMBAT Attack Attribution Method: Some Results.- Biometrics and Security.- Authentication.- Remote Electronic Voting with Revocable Anonymity.- On Secure Implementation of an IHE XUA-Based Protocol for Authenticating Healthcare Professionals.- On the Untraceability of Anonymous RFID Authentication Protocol with Constant Key-Lookup.- Verification.- Biometric Identification over Encrypted Data Made Feasible.- Correcting and Improving the NP Proof for Cryptographic Protocol Insecurity.- Formal Verification of Security Policy Implementations in Enterprise Networks.- Systems Security.- Making Peer-Assisted Content Distribution Robust to Collusion Using Bandwidth Puzzles.- An E-Cash Based Implementation Model for Facilitating Anonymous Purchasing of Information Products.- DROP: Detecting Return-Oriented Programming Malicious Code.- Behavior Analysis.- A Framework for Behavior-Based Malware Analysis in the Cloud.- BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs.- Automatic Identification of Critical Data Items in a Database to Mitigate the Effects of Malicious Insiders.- Database Security.- Database Relation Watermarking Resilient against Secondary Watermarking Attacks.- A Robust Damage Assessment Model for Corrupted Database Systems.- A Generic Distortion Free Watermarking Technique for Relational Databases.- Cryptography.- On Some Weaknesses in the Disk Encryption Schemes EME and EME2.- TWIS – A Lightweight Block Cipher.- Short Papers.- Quantitative Analysis of a Probabilistic Non-repudiation Protocol through Model Checking.- Method-Specific Java Access Control via RMI Proxy Objects Using Annotations.- Let Only the Right One IN: Privacy Management Scheme for Social Network.- Detecting and Resolving Misconfigurations in Role-Based Access Control (Short Paper).