Security and Privacy in the Age of Ubiquitous Computing IFIP TC11 20th International Information Security Conference, May 30 - June 1, 2005, Chiba, Japan

Even in the age of ubiquitous computing, the importance of the Internet will not change and we still need to solve conventional security issues. In addition, we need to deal with new issues such as security in the P2P environment, privacy issues in the use of smart cards, and RFID systems. Security and Privacy in the Age of Ubiquitous Computing addresses these issues and more by exploring a wide scope of topics. The volume presents a selection of papers from the proceedings of the 20th IFIP International Information Security Conference held from May 30 to June 1, 2005 in Chiba, Japan. Topics covered include cryptography applications, authentication, privacy and anonymity, DRM and content security, computer forensics, Internet and web security, security in sensor networks, intrusion detection, commercial and industrial security, authorization and access control, information warfare and critical protection infrastructure. These papers represent the most current research in information security, including research funded in part by DARPA and the National Science Foundation.

Regular Papers.- Accountable Anonymous E-Mail.- Protecting Consumer Data in Composite Web Services.- A Decision Matrix Approach.- Assignment of Security Clearances in an Organization.- Tool Supported Management of Information Security Culture.- ERPSEC - A Reference Framework to Enhance Security in ERP Systems.- A New Architecture for User Authentication and Key Exchange Using Password for Federated Enterprises.- A Secure Quantum Communication Protocol Using Insecure Public Channels.- Trusted Component Sharing by Runtime Test and Immunization for Survivable Distributed Systems.- Design and Implementation of TPM SUP320.- Mathematical Models of IP Traceback Methods and Their Verification.- Transferable E-Cash Revisit.- A License Transfer System for Supporting Content Portability in Digital Rights Management.- Secure Human Communications Based on Biometrics Signals.- Distance-Bounding Proof of Knowledge to Avoid Real-Time Attacks.- An Adaptive Polling Scheme for IEEE 802.11 Wireless LAN.- The Pairing Problem with User Interaction.- Network Smart Card.- Protection Against Spam Using Pre-Challenges.- Automatically Hardening Web Applications Using Precise Tainting.- Traffic Redirection Attack Protection System (TRAPS).- Statistical Signatures for Early Detection of Flooding Denial-of-Service Attacks.- Design, Implementation, and Evaluation of Fritrace.- Design and Implementation of a High-Performance Network Intrusion Prevention System.- STRIDE: Polymorphic Sled Detection Through Instruction Sequence Analysis.- Piranha: Fast and Memory-Efficient Pattern Matching for Intrusion Detection.- Designated-Verifier Proxy Signature Schemes.- Tripartite Concurrent Signatures.- Signcryption in Hierarchical Identity Based Cryptosystem.- Protecting Group Dynamic Information in Large ScaleMulticast Groups.- Secure Group Communication with Distributed Generation of Private Keys for Ad-Hoc Networks.- Ensuring Media Integrity on Third-Party Infrastructures.- A New Fragile Mesh Watermarking Algorithm for Authentication.- New Paradigm in Graph-Based Visual Secret Sharing Scheme by Accepting Reversal in Black-White Images.- Workshop Papers.- Overcoming Channel Bandwidth Constraints in Secure SIM Applications.- On the Performance of Certificate Revocation Protocols Based on a Java Card Certificate Client Implementation.- On-the-Fly Formal Testing of a Smart Card Applet.- A Computationally Feasible SPA Attack on AES VIA Optimized Search.- The Proof by 2M-1: A Low-Cost Method to Check Arithmetic Computations.- Streamto: Streaming Content Using a Tamper-Resistant Token.