DBSec 2009
23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security
July 12-15, 2009
Concordia University, Montreal, Canada
www.ciise.concordia.ca/dbsec09
About the Conference
The DBSec’09 conference is the 23rd Annual Working Conference of IFIP WG 11.3 on Data and Application Security. The conference will be a full 3-day event featuring technical presentations of 18 full papers and 5 short papers, a keynote and a tutorial.
Registration
Registration information is available at http://www.ciise.concordia.ca/newsandevents/2009/dbsec09/registration.htm
Program
Sunday 12th July 2009
19:00-21:30 Reception at the Montefiore Club
Monday 13th July 2009
9.00-9.30 Registration.
9.30-9.45 Opening Remark and Welcome
9.45-10.45 Session 1: Database Security I
Controlled Query Evaluation and Inference-Free View Updates. Joachim Biskup, Jens Seiler, and Torben Weibert.
Implementing Reflective Access Control in SQL. Lars E. Olson, Carl A. Gunter, William R. Cook, and Marianne Winslett.
10.45-11.15 Break
11.15-12.45 Session 2: Security Policies I
An Approach to Security Policy Configuration Using Semantic Threat Graphs. Simon N. Foley and William M. Fitzgerald.
Formal Specification of a Reaction Policy. Fabien Autrel, Nora Cuppens-Boulahia, and Frederic Cuppens.
Towards System Integrity Protection with Graph-Based Policy Analysis. Wenjuan Xu, Xinwen Zhang, and Gail-Joon Ahn.
12.45-14.00 Lunch at the Montefiore Club
14.00-15.00 Session 3: Privacy I: Applications
Practical Private DNA String Searching and Matching through Efficient. Oblivious Automata Evaluation. Keith B. Frikken.
Privacy-Preserving Telemonitoring for eHealth. Mohamed Layouni, Kristof Verslype, Mehmet Tahir Sandikkaya, Bart De Decker, and Hans Vangheluwe.
15.00-15.30 Break
15.30-17.00 Session 4: Access Control
Distributed Privilege Enforcement in PACS. Christoph Sturm, Ela Hunt, and Marc H. Scholl.
Spatiotemporal Access Control Enforcement under Uncertain Location. Estimates Heechang Shin and Vijayalakshmi Atluri.
Using Edit Automata for Rewriting-Based Security Enforcement. Hakima Ould-Slimane, Mohamed Mejri, and Kamel Adi.
Tuesday 14th July 2009
9.15-10.15 Keynote speaker: Prof. Mike Reiter.
Better Architectures and New Security Applications for Coarse Network Monitoring
10.15-11.15 Session 5: Privacy II
Distributed Anonymization: Achieving Privacy for Both Data Subjects and Data Providers. Pawel Jurczyk and Li Xiong
Detecting Inference Channels in Private Multimedia Data via Social Networks. Bechara Al Bouna and Richard Chbeir.
11.15-11.40 Break
11.40-13.00 Session 6: Short Papers
Emerging Trends in Health Care Delivery: Towards Collaborative Security for NIST RBAC. Steven Demurjian, Solomon Berhe and Thomas Agresta.
Methods for computing trust and reputation while preserving privacy. Ehud Gudes, Nurit Gal-Oz, and Alon Grubshtein.
Building an application data behavior model for intrusion detection. Olivier Sarrouy, Eric Totel and Bernard Jouga.
A Trust-Based Access Control Model for Pervasive Computing Systems. Manachai Toahchoodee, Ramadan Abdunabi, Indrakshi Ray and Indrajit Ray.
13.00-14.00 Lunch at the Montefiore Club
14.00-15.00 Session 7: Intrusion detection and protocols
Analysis of Data Dependency Based Intrusion Detection System. Yermek Nugmanov, Brajendra Panda and Yi Hu.
Secure Method Calls by Instrumenting Bytecode with Aspects. Xiaofeng Yang and Mohammad Zulkernine.
15.00-15.30 Break
15.30-17.00 Session 8: Panel in memory of Prof. Reind van de Riet
Emerging directions in data and applications security. Organized by: Bhavani Thuraisingham.
17.00-18.00 Business Meeting
19:00-22:30 Banquet at Le bateau Mouche
Wednesday 15th July 2009
8.30-10.30 Tutorial
How to Protect Information: Inference Control For Logic-Oriented Information Systems. Prof. Joachim Biskup.
10.30-11.00 Break
11.00-12.00 Session 9: Database Security II
Enforcing confidentiality constraints on sensitive databases with lightweight trusted clients. Valentina Ciriani, Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi and Pierangela Samarati.
Data is key: introducing the data-based access control paradigm. Wolter Pieters and Qiang Tang.
12.00-13.00 Session 10: Trusted Computing
Improving Cut-and-Choose Protocols using Trusted Computing Technology, with Applications to Fair Exchange and Verifiable Encryption. Roopa Vishwanathan and Steve Tate.
PAES: Policy-Based Authority Evaluation Scheme. Enrico Scalavino, Vaibhav Gowadia and Emil C. Lupu.
13.00-14.00 Lunch at the Montefiore Club
General Chair
Mourad Debbabi, Concordia University, Canada
Program Co-Chairs
Ehud Gudes, Ben-Gurion University of the Negev, Israel
Jaideep Vaidya, Rutgers University, U.S.A.
Contact Person
Ms. Sheila Anderson (anderson@ciise.concordia.ca)