Security and Management 2009: Las Vegas, Nevada, USA

Hamid R. Arabnia, Kevin Daimi (Eds.): Proceedings of the 2009 International Conference on Security & Management, SAM 2009, July 13-16, 2009, Las Vegas Nevada, USA, 2 Volumes. CSREA Press 2009, ISBN 1-60132-126-0

Information and Computer Security

Hai Wang, Su Yan: A Stochastic Model of the Damage Propagation in Database Systems. 3-9
Hassan Rasheed, Randy Chow: Adaptive Risk-Aware Application-Level Access Control. 10-16
Max M. North, Greg Quinet, Robert Thacker, DeAnthony Perryman, John Crunk, Sarah M. North: Investigation of Computer Security and Ethics Awareness in University Environment. 17-21
Mohammed Karim, Mohammad Rahman, Aliar Hossain: Information Security and Threats: A study on E-Commerce. 22-27
Michael Pollard, Gejuan Clements, Max M. North, Sarah M. North, Greg Quinet: A Translation of NIST Security Controls Into DBMS Security Procedures (FISMA Compliance). 28-30
Breno Silva Pinto, Varin Khera, Lance Fung: Detecting Anomalies in Network Traffic with Entropy based MA-RMSE Algorithms. 31-36
Ahmad Ghafarian, Jason Garruto: An Analysis of Data Protection Strategies. 37-41
Gevorg Margarov, Vahan Markarov, Ashot Khachaturov: Steganographic System with Dynamically Reconfigurable Structure. 43-45
Ilze Murane: A New Element in Information Security Process Security Aware Smart Household Employee. 46-51
Pavel Minarik, Zdenek Vrbka, Marek Winkler: Advanced Network Traffic Visualization in the Service of Network Security. 52-55
Michel Kamel, Romain Laborde, François Barrère, Abdelmalek Benzekri: An organizational pattern for contributing to the deployment of secure Virtual Enterprises. 56-61
Eric Ke Wang, Lucas Chi Kwong Hui, Siu-Ming Yiu: A New Practical Scheme for Protecting Web Content. 62-66
Artur Rot: Computer Support of Risk Analysis in Information Technology Environment. 67-71
Levent Ertaul, Omicel Catambay: Today & Tomorrow: IEEE 802.11 WLAN Security. 73-77

Cryptography + Key Management Strategies

Artan Luma, Bujar Raufi: New Data Encryption Algorithm and its Implementation for Online User Authentication. 81-85
Ronggong Song, Khalil El-Khatib, Peter Mason: Analysis of Chinese Remainder Theorem Based Group Key Management Protocols. 86-92
Phillip D. Colbert, Ben A. Juliano: A Performance Comparison of Microsoft SQL Server 2008 Transparent Data Encryption and NetLib Encryptionizer. 93-98
Seungmin Lee, Jaehoon Nah, Dongil Seo: Security Requirements for Scalable IPTV Services. 99-102
Kevin Daimi: A Framework for Online Examination Security Based on Cryptology and Biometrics. 103-112
Adbelfatah Yahya, Ayman Abdalla: An AES-Based Encryption Algorithm with Shuffling. 113-116
Le Thi Hoai An, Pham Dinh Tao, Sarra Bouallagui: Cryptanalysis of an Identification Scheme Based on the Perceptron Problem using a Hybridization of Deterministic Optimization and Genetic Algorithm. 117-123
Sharma Abhishek Srinivasan, Ravi Mukkamala, K. Venkataramaniah: Design and Anlysis of Cryptographically Strong S-Boxes: A Novel Approach. 124-129
Alessandro Brawerman, Jose W. Bohner Jr., Victor D. Ribeiro: A Secure Intranet VoIP Framework. 130-135
Ping Luo, Haijian Zhou, Daoshun Wang, Yiqi Dai: Cryptanalysis of RSA with Constrained Low Public Exponent. 136-142
Siddharth Sharma, Akshay Atrey, Saurabh Jain: A Novel And Efficient Algorithm To Enhance The Complexity Of Elliptic Curve Cryptography. 143-148
Mani Arora, Poonamjeet Kaur, Nishima Gakhar, Gauravjeet Singh: Metrics for Analysis of Cryptograhic Algorithms. 149-156
Gevorg Margarov, Siranush Chopuryan, Yeghisabet Alaverdyan: Cryptanalysis of Finite Automata Public Key Cryptosystems. 157-161
Leidy Marcela Giraldo Castano, Edward Yesid Villegas Pulgarin: Optical Encryption with Jigsaw Transform using Matlab. 162-165
Robert Okonigene, Isimhemen Oborkhale: Design of a Cryptographic Software for Wireless Network Security. 166-169

Authentication + Biometrics

Joon Park, Yasir Shaikh, Rohit Mahajan: Prevention of ATM Fraud Using F-PIN. 173-178
Eric Ke Wang, Yi Jun He, Lucas Chi Kwong Hui, Siu-Ming Yiu: A Practical SMS-based Mutual Authentication Protocol for Secure Online Banking. 179-183
Pino Caballero-Gil, Candelaria Hernández-Goya, Amparo Fúster-Sabater: Differentiated Services to Provide Efficient Node Authentication in VANETs. 184-187
Takumi Yamamoto, Yuko Kojima, Masakatsu Nishigaki: A Shoulder-Surfing-Resistant Image-Based Authentication System with Temporal Indirect Image Selection. 188-194
Hiroshi Dozono, Masanori Nakakuni, Takayuki Inoue, Hidetaka Nozaki: Study of Biometric Authentication Method Using Behavior Characteristics on Game Consoles. 195-200
Yong-Zhong He, Zhen Han, Huirong Fu: Usage Control in Conditional Access System with malicious Set-top Box. 201-205
Naveen Kumar: Secure Authentication Using Visual Cryptography. 206-210
Gevorg Margarov, Maha Tolba: Fingerprint Biometric Solution for Securely Secret Sharing. 211-213
Stella C. Chiemeke, Olumide B. Longe: Conditional Access Systems for Internet Content Protection. 214-219
Woei-Jiunn Tsaur, You-Mine Lin: An Agent-Based Single Sign-On Scheme for Web Services Environments. 220-226
Guiyue Jin, Eun Young Jeong, Ho-Youl Jung, Ki Dong Lee: RFID Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard. 227-231
Sunil V. K. Gaddam, Manohar Lal: An Effective Method for Revocable Biometric Key Generation. 232-237
Sunghyuck Hong: A Secure Certificate for Secure Group Communication. 238-240
Veronica Akwukwuma, Annie Egwali: Authentication Practices At The User Interface: Vulnerability Of Users And Organizations In Nigeria. 241-247

Privacy Issues + Intrusion Detection and Firewalls + Attack Prevention

Ossama Toutonji, Seong-Moo Yoo: Realistic Approach against Worm Attack on Computer Networks by Emulating Human Immune System. 251-257
Ryu Watanabe, Toshiaki Tanaka: Denial of Service Attack Resilience on Area Expanded WLAN Services. 258-264
Richard Lundeen, Charles Burns: Simplified Single Packet Authorization. 265-270
Farah Barika, Karim Hadjar, Nabil El-Kadhi: Artificial Neural Network for IDS Solution. 271-277
Andrzej Bialas: Validation of the Specification Means Ontology on the Simple Firewall Case. 278-284
Charlie Obimbo: An Intrusion Detection System for Mobile Ad-Hoc Networks. 285-290
Eun-Ae Cho, Chang-Joo Moon, Dae-Ha Park, Jeong-Oog Lee, Doo-Kwon Baik: A Database Firewall Server Using Data Masking. 291-296
Samuel Shepard, Larry Dunning Dunning, Ray Kresman: Data Mining and Anonymous Opt-out. 297-303

Access Control and Signatures

Starsky H. Y. Wong, Zoe L. Jiang, Lucas Chi Kwong Hui, Siu-Ming Yiu: Two Efficient Proxy Signature Schemes for Delegation Chains with Nonrepudiation and Untraceability. 307-313
Jerome Dossogne, Olivier Markowitch: A Tripartite Strong Designated Verifier Scheme Based On Threshold RSA Signatures. 314-317
Mohammad M. Rasheed, Norita Norwawi, Mohammed M. Kadhum, Osman Ghazali: Intelligent Anti-Internet Worm Automatically Detect and Update Signatures Server. 318-322
Qingshui Xue, Fengying Li, Yuan Zhou, Jiping Zhang, Zhenfu Cao, Haifeng Qian: Bilinear-pairings Based Designated-verifier Threshold Proxy Signature Scheme. 323-327

Novel Systems + Implementation Issues

Vincent Zimmer: Cloud Net-Booting Beyond BIOS Using the Unified Extensible Firmware Interface. 331-339
Tobias Wegner: A Secure Multi-Provider OSGi Platform Enabling Process-Isolation by Using Distribution. 340-345
Greg Vert, Evangelos Triantaphyllou: Security Level Determination Using Branes for Contextual Based Global Processing: An Architecture. 346-350
Vincent Zimmer: Access Control Beyond BIOS Using the Unified Extensible Firmware Interface. 351-359

Protocols and Related Issues

Levent Ertaul, Dilraba Ibrahim: Evaluation of Secure Routing Protocols in Mobile Ad Hoc Networks (MANETs). 363-369
Xiaowen Zhang, Qinghai Gao, Mohamed Saad: Analysis of RFID Authentication Protocols Based on Static and Dynamic Shared Secret. 370-376

Security Issues + Applications + Algorithms + Management Strategies + Policies

Sato Hiroyuki: A Service Framework based on Grades of IdPs and SPs. 379-385
Michael Grimaila, Larry Fortson, Janet Sutton: Design Considerations for a Cyber Incident Mission Impact Assessment (CIMIA) Process. 386-391
DongHo Kang, BoHeung Jung, KyoungSon Jhang, KiYoung Kim: USB Data leakage prevention Using hardware based data inspection technique. 392-396
Mikhail I. Gofman, Ruiqi Luo, Jian He, Yingbin Zhang, Ping Yang: Incremental Information Flow Analysis of Role Based Access Control. 397-403
Rattikorn Hewett, Phongphun Kijsanayothin: Location Contexts in Role-based Security Policy Enforcement. 404-410
Francis Manning: Securing the Environment: A Methodology for Weighting and Analyzing Attack Graphs. 411-416
Byoung-koo Kim, Seungyong Yoon, Ikkyun Kim, Jintae Oh: Multi-region based Clustering Analysis Method for Unknown Malicious Code Detection. 417-422
Kanaka Rajanala, Huiping Guo, Chengyu Sun: Tamper Detection and Localization for Categorical Data Using Fragile Watermarks for Multi Owner Databases. 423-428
Siranush Chopuryan: The Stability of Trapdoor One Way Function Based on Finite Automata. 429-433
Nabil El-Kadhi, Sofien Beji: Ontology Driven Security for Mobile Applications. 434-440
Guillermo Francia III, Suprasith Jarupathirun: Security Metrics-Review and Research Directions. 441-446
Priscilla Hope, Jason Bowling, Kathy Liszka: Artificial Neural Networks as a Tool for Identifying Image Spam. 447-451
Seungyong Yoon, Byoung-koo Kim, Hwashin Moon, Ikkyun Kim, Jintae Oh: Abnormal Traffcic Detection using Flow-based Traffic Measuring Scheme. 452-456
Seung-Hyun Kim, DaeSeon Choi, Seung-Hun Jin: Digital ID Wallet: Provide Selective Disclosure and Users Control of Identity Information. 457-462
Hicham Tout, William Hafner, Wei Li, Easwar A. Nyshadham: Phishpin: An Integrated Anti-Phishing Framework. 463-468
Lucas Vespa, Ning Weng: Split-DFA (SDFA) for Scalable Pattern Matching in Network Security. 469-474
Robert Erbacher: Visualization for Rapid Assessment and Projection in Cyber Situational Awareness. 475-480
Ye Liu, Zhihui Li, Rui Guo: A Multi-secret Sharing Scheme in an Access Structure. 481-484
Sungdo Park, Bokman Jang, Hyokyung Chang, Bonghoi Kim, Euiin Choi: Rule-Based Auditing System for Security Assurance in Ubiquitous Computing. 485-489
Anton Romanov, Eiji Okamoto: A Framework for Building and Managing Secured ERP Landscape. 490-495
Madhavi Nidamarthy, Huiping Guo, Chengyu Sun: Multiple Watermarking for Relational Data. 496-500
Michael Workman: A Matter of Trust: Studies of Organizational Systems of Justice Perceptions on Attitudes about Corporate Surveillance. 501-508
Erlo Meister, Elmarie Biermann: Increasing Security Awareness: Designing a Socially Engineered E-mail Worm. 509-514
Anand Singh, David J. Lilja: Using a Statistical Approach for Optimal Security Parameter Determination. 515-520
Rune Steinsmo Odegard, Danilo Gligoroski: On the Randomness and Regularity of Reduced Edon-R Compression Function. 521-525

Workshop on Ubiquitous Computing Security - UC-Sec 09

Hossein Rezaei Ghaleh, Mohammad-Ali Doostari: Improving the Client Security Using the Smart Card and Trusted Server. 529-534
Seung-Hee Oh, Deok-Gyu Lee, Jong Wook Han, Jong Hyuk Park: The Detection and Response Mechanism against Abnormal Traffic Attack in ATN Network. 535-540
Wan S. Yi, Woong Go, Soo-kyun Kim, Dongho Won, Jin Kwak: Fingerprint Based Secure Authentication Protocol using OTP in e-Banking. 541-546
Wan S. Yi, Dongbum Lee, Sang-Soo Yeo, Dongho Won, Jin Kwak: Security and Efficiency Analyses of Security Mechanisms in e-Passport Systems. 547-553

Special Track on Applied Cryptology and Network Security

Ali Akbar Sobhi Afshar, Alireza Sharifi, Taraneh Eghlidos: On the Security and Efficiency of Secure Channel Coding Schemes Based on Punctured Codes. 557-562
Fernando Hernandez Alvarez, Luis Hernández Encinas, Carmen Sanchez Avila: Biometric Fuzzy Extractor Scheme for Iris Templates. 563-569
Yasuo Hatano, Kunihiko Miyazaki, Toshinobu Kaneko: A Study on Multi-Resipient Encryptions for Selective Disclosure. 570-575
Raul Duran Diaz, Fernando Hernandez Alvarez, Luis Hernández Encinas: Graphic Multisecret Sharing Schemes with One-Dimensional Cellular Automata. 576-582
Amadou Moctar Kane: On the use of Continued Fractions for Stream Ciphers. 583-589

Late Papers

Mahadevan Gomathisankaran, Ruby Lee: Tantra: A Fast PRNG Algorithm and its Implementation. 593-598
Muhammad Ali, Deepthi Jangum: The Development of a Security Engineering Course at Tuskegee University. 599-602
Vladimir S. Zaborovsky, Anton Titov: Specialized Solutions for Improvement of Firewall Performance and Conformity to Security Policy. 603-608
Peter Hannay: Fun & Games: An Introduction to Console Forensics. 609-612
Craig Valli, Andrew Woodward: SCADA Security - Slowly Circling a Disaster Area. 613-617
Craig Valli: Snort IDS for SCADA Networks. 618-621
Andrew Woodward: Do Current BitTorrent Clients Running on Windows 7 Beta Leave Behind Meaningful Data? 622-617
Lei Hou, Hai-Xin Duan, Jianping Wu: Selecting Trust Peers Based on Updated Credit Value in Peer-to-Peer Networks. 628-634
Peter Hannay, Andrew Woodward: Firewire Forensics in Modern Operating Systems. 635-638
Zhiqian Xu, Hai Jiang: Data Protection in Object-based Storage Devices. 639-644
Arnur G. Tokhtabayev, Victor A. Skormin, Andrey Dolgikh, Mamirbek Beisenbi, Moldir Kargaldayeva: Detection of Specific Semantic Functionalities, such as Self-Replication Mechanism, in Malware Using Colored Petri Nets. 645-651
Mohssen Mohammed, H. Anthony Chan, Neco Ventura, Mohsin Hashim, Izzeldin Amin: A modified Knuth-Morris-Pratt Algorithm for Zero-day Polymorphic Worms Detection. 652-657
Hala Bahjat Abdul Wahab, Abdul Monem Rahma, Hilal M. Yousif Al-Bayatti: Proposed New Quantum Cryptography System Using Quantum Description Techniques for Generated Curves. 658-664
Mousa Farajallah, Rushdi Hamamreh: Self Generating Multi Keys Cryptosystem Model for Non-Invertible Matrices based on Hill Cipher. 665-672