| IFIP SEC'96 Conference Committees | |
| Preface | |
| A practical solution to the complex human issues of information security design | p. 3 |
| The use of business process models for security design in organisations | p. 13 |
| An analyst's view of IS security | p. 23 |
| Location management strategies increasing privacy in mobile communication | p. 39 |
| ID-based authentication for mobile conference call | p. 49 |
| New security paradigms: orthodoxy and heresy | p. 61 |
| Security assurance in information systems | p. 74 |
| A framework for dealing with and specifying security requirements in information systems | p. 88 |
| The effects of time on integrity in information systems | p. 100 |
| EPHOS security: procurement of secure open systems | p. 111 |
| Canada's computer crime laws: ten years of experience | p. 122 |
| Delivery and installation of software: disputes and the burden of proof | p. 142 |
| Information security on the electronic superhighway | p. 153 |
| A taxonomy for analyzing hazards to information systems | p. 167 |
| Models and tools for quantitative assessment of operational security | p. 177 |
| Activating dynamic counter measures to reduce risk | p. 187 |
| Distributed registration and key distribution (DiRK) | p. 199 |
| On the reconstruction of shared secrets | p. 209 |
| A hierarchical threshold scheme with unique partial keys | p. 219 |
| Efficient and provably secure key agreement | p. 227 |
| Internetwork access control using public key certificates | p. 237 |
| The security architecture of IRO-DB | p. 249 |
| Securely executing multilevel transactions | p. 259 |
| A decentralized temporal authorization model | p. 271 |
| Applications of keystroke analysis for improved login security and continuous user authentication | p. 283 |
| MoFAC: a model for fine-grained access control | p. 295 |
| A discretionary security model for object oriented environments | p. 306 |
| Intention modelling: approximating computer user intentions for detection and prediction of intrusions | p. 319 |
| An attack detection system for secure computer systems - design of the ADS | p. 337 |
| IT security and privacy education | p. 351 |
| A human approach to security management in health care | p. 365 |
| Security enforcement in a European medical device vigilance system network | p. 377 |
| Design of secure medical database systems | p. 387 |
| Evaluation of the security of distributed IT systems through ITSEC/ITSEM: experiences and findings | p. 405 |
| SNMP-based network security management using a temporal database approach | p. 417 |
| Security profile for interconnected open distributed systems with varying vulnerability | p. 428 |
| A model for the detection of the message stream delay attack | p. 438 |
| Security model for distributed object framework and its applicability to CORBA | p. 452 |
| Software quality assurance: the underlying framework for achieving secure and reliable software systems | p. 467 |
| Configuration management - a basis of the high assurance software engineering process | p. 477 |
| Multi-purpose security module based on smart cards | p. 480 |
| An authentication service supporting domain-based access control policies | p. 482 |
| On security models | p. 485 |
| Risks on the way to the global information society | p. 487 |
| Crypto Manager: an object oriented software library for cryptographic mechanisms | p. 489 |
| Cryptographic key distribution and authentication protocols for secure group communication | p. 492 |
| A new hybrid encryption scheme for computer networks | p. 494 |
| From zero-knowledge to a practical authentication protocol | p. 496 |
| Index of contributors | p. 498 |
| Keyword index | p. 499 |
| Table of Contents provided by Blackwell. All Rights Reserved. |
