ISSE/SECURE 2007 Securing Electronic Business Processes

This book presents the most interesting talks given at ISSE/SECURE 2007 - the forum for the interdisciplinary discussion of how to adequately secure electronic business processes.
The topics include: Identity Management, Information Security Management - PKI-Solutions, Economics of IT-Security - Smart Tokens, eID Cards, Infrastructure Solutions - Critical Information Infrastructure Protection, Data Protection, Legal Aspects.
Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE/SECURE 2007.

State-of-the-Art; best papers of the Conference ISSE/SECURE 2007

Vorwort
Best Papers of the Conference ISSE/SECURE 2007

Autorentext
Prof. Dr. Norbert Pohlmann is Professor for System and Information Security at the University of Applied Sciences in Gelsenkirchen, Germany.
Prof. Dr. Helmut Reimer is Senior Partner, TeleTrusT, Germany.
Dipl.-Math. Wolfgang Schneider is Deputy Institute Director, Fraunhofer Institute SIT, Germany.

Inhalt
Legal, Technical and Social Aspects of Security.- Regulating Information Security: A Matter of Principle?.- ISTPA Operational Analysis of International Privacy Requirements.- The Legal Conflict between Security and Privacy in Addressing Crime and Terrorism on the Internet.- Data Encryption on File Servers.- Setting up an Effective Information Security Awareness Programme.- Saferinternet.pl Project Educational Activities for Internet Safety in Poland.- Is Cyber Tribalism Winning Online Information Warfare?.- Phishing Across Interaction Channels: Methods, Experience and Best Practice.- IT-Security Beyond Borders an Assessment of Trust Levels Across Europe.- Analyzing and Improving the Security of Internet Elections.- Remote Access Mechanics as a Source of Threats to Enterprise Network Infrastructure.- Private Investigation in the Computer Environment: Legal Aspects.- Identity, Information Security and Rights Management.- Design Rationale behind the Identity Metasystem Architecture.- Federated ID Management Tackling Risk and Credentialing Users.- Information Security Governance for Executive Management.- Model Driven Security for Agile SOA-Style Environments.- The Business Perspective on Roles Including Root Causes of Implementation Problems and Proven Ways to Overcome them.- A Security Architecture for Enterprise Rights Management.- Rights Management Technologies: A Good Choice for Securing Electronic Health Records?.- Case Studies from Fuzzing Bluetooth, WiFi and WiMAX.- Evaluation of the Possible Utilization of anti-spam Mechanisms Against spit.- Modeling Trust Management and Security of Information.- Smart Tokens, eID Cards, Infrastructure Solutions and Interoperability.- Infrastructure for Trusted Environment: In Search of a Solution.- IntegrityCheck of Remote Computer Systems Trusted Network Connect.- Technical Guidelines for Implementation and Utilization of RFID-based Systems.- High Density Smart Cards: New Security Challenges and Applications.- ID Cards in Practice.- Large Scale Fingerprint Applications: Which Technology Should be Used?.- From the eCard-API-Framework Towards a Comprehensive eID-Framework for Europe.- Making Digital Signatures Work across National Borders.- Financial Fraud Information Sharing.- Enterprise Key Management Infrastructure.- Intrinsic Physical Unclonable Functions in Field Programmable Gate Arrays.- Security Evaluation and Testing Past, Present and Future.- Economics of Security and PKI Applications.- Managing Information Security in Small and Medium Sized Enterprises: A Holistic Approach.- EKIAS Success Criteria of PKI Implementations.- Embedded PKI in Industrial Facilities.- SIM-enabled Open Mobile Payment System Based on Nation-wide PKI.- Evidence Record Syntax a new International Standard for Long-Term Archiving of Electronic Documents and Signed Data.- PKI and Entitlement Key Information Security Management Solutions for Business and IT Compliance.- Future Diffusion of PK1-Technology A German Delphi Study.- The Introduction of Health Telematics in Germany.- The German Identity Card Concepts and Applications.- Infrastructures for Identification and Identity Documents.- The Security Infrastructure of the German Core Application in Public Transportation.- Applications of Citizen Portals.- Virtual Post Office in Practice.