Research Advances in Database and Information Systems Security IFIP TC11 WG11.3 Thirteenth Working Conference on Database Security July 25–28, 1999, Seattle, Washington, USA

Computer technology evolves at a rate that challenges companies to maintain appropriate security for their enterprises. With the rapid growth in Internet and www facilities, database and information systems security remains a key topic in businesses and in the public sector, with implications for the whole of society.
Research Advances in Database and Information Systems Security covers issues related to security and privacy of information in a wide range of applications, including:

• Critical Infrastructure Protection;
• Electronic Commerce;
• Information Assurance;
• Intrusion Detection;
• Workflow;
• Policy Modeling;
• Multilevel Security;
• Role-Based Access Control;
• Data Mining;
• Data Warehouses;
• Temporal Authorization Models;
• Object-Oriented Databases.

This book contains papers and panel discussions from the Thirteenth Annual Working Conference on Database Security, organized by the International Federation for Information Processing (IFIP) and held July 25-28, 1999, in Seattle, Washington, USA.
Research Advances in Database and Information Systems Security provides invaluable reading for faculty and advanced students as well as for industrial researchers and practitioners engaged in database security research and development.

I Intrusion Detection.- 1 Intrusion Confinement by Isolation in Information Systems.- 2 Analyzing the Performance of Program Behavior Profiling for Intrusion Detection.- 3 Integrating Data Mining Techniques with Intrusion Detection Methods.- II Role-Based Access Control.- 4 RBAC on the Web by Secure Cookies.- 5 eMEDAC: Role-based Access Control Supporting Discretionary and Mandatory Features.- 6 Software Agents for Role Based Security.- III Critical Infrastructure Protection Panel.- 7 Selected Topics in Infrastructure and Information Assurance.- IV Policy/Modeling.- 8 A Secret Splitting Method for Assuring the Confidentiality of Electronic Records.- 9 For Unknown Secrecies Refusal is Better than Lying.- V Workflow Systems.- 10 Extending The BFA Workflow Authorization Model to Express Weighted Voting.- 11 A Strategy for an MLS Workflow Management System.- VI Data Mining/Data Warehousing.- 12 Impact of Decision-Region Based Classification Mining Algorithms on Database Security.- 13 Protecting Against Data Mining through Samples.- 14 Security Administration for Federations, Warehouses, and other Derived Data.- VII Intrusion Detection Panel.- 15 Panel on Intrusion Detection.- VIII Multilevel Security.- 16 Enforcing Integrity While Maintaining Secrecy.- 17 The Effect of Confidentiality on the Structure of Databases.- IX Temporal Authorization Models.- 18 Temporal Authorization in the Simplified Event Calculus.- 19 Specifying and Computing Hierarchies of Temporal Authorizations.- X Object-Oriented Databases.- 20 The Security Problem against Inference Attacks on Object-Oriented Databases.- 21 A Logical Formalization for Specifying Authorizations in Object-Oriented Databases.

Vijay Atluri is an Assistant Professor of Computer Information Systems and Member of the Center for Information Management, Integration and Connectivity in the Management Science and Information Systems Department at Rutgers University, Newark, NJ, USA John Hale is an Assistant Professor of Computer Science and Director of the Center for Information Security at the University of Tulsa, Tulsa, OK, USA.