2006 年 ACM Symposium on Information,
Computer and Communications Security
(資訊、電腦與通訊安全國際會議)
結案報告書
指導單位:行政院科技顧問室、國家資通安全會報
主辦單位: Association for Computing Machinery (ACM)
共同主辦單位:國科會、教育部、交通大學、中央研究院、工研院、
中華民國資訊安全學會
承辦單位: 國立交通大學、中央研究院、中華民國資訊安全學會、
工業技術研究院
申請人: 中央研究院李德財所長/院士
國立交通大學資工系謝續平教授
聯絡地址: 新竹市大學路 1001 號 國立交通大學資工系
聯絡人: 交通大學資工系教授/國立交通大學資通安全研究與教學中
心主任謝續平
聯絡電話: (03) 573-1876
E-mail:
[email protected]
目錄
一、會議前言...2 二、ACM 簡介 ...3 三、會議目的...5 四、舉辦日期、地點...5 五、指導單位...5 六、主辦單位...5 七、共同主辦單位...5 八、籌備委員會...6 九、指導委員...8 十、推動委員會(Steering Committee)...9 十一、議程委員會(Program Committee) ...9 十二、參加對象及國家... 11 十三、會議議程...12 十四、會議籌備過程...14 十五、執行成效...15 十六、議會過程簡介...16 十七、與會名單統計資料...20 與會人員統計...20 各天報到狀況...20 十八、經費開銷...21 十九、擬請補助經費明細表...26 十九、擬請補助經費明細表...26 二十、研討會發表論文之審稿制度...27 二十一、活動剪影...27 二十二、主講/持人學經歷及著作一覽表 ...30 附件(一) Sushil Jajodia...30 附件(二) Ravi Sandhu ...45 附件(三) Shankar Sastry...49 附件(四) Doug Tygar...52 附件(五) Virgil D. Gligor ...64 附件(六) Jeannette M. Wing...67 附件(七) Ravishankar K. Iyer...71一、會議前言
ACM 是全世界在資訊與電腦領域中最具權威的學術組織,而 ACM 資訊安 全委員會(Special Interest Group on Security, Audit, and Control)轄下兩大資訊安 全會議,其一即為本研討會。
2006 年 ACM 資訊、電腦與通訊安全國際會議於 2006 年 3 月 20 日到 3 月 24 日在台北國際會議中舉行。討論議題包括 Access control and authorization、 Electronic privacy, anonymity、Authentication, biometrics, smartcards、Information flow、Watermarking and data hiding、Intrusion detection and survivability、Applied cryptography、Digital Right Management、Data integrity and audit、Mobile code and mobile agent security、Database security、Network security、Distributed systems security 、 Formal verification and testing 、 Wireless communications 、 Security protocols、E-commerce and mobile e-commerce 和 Viruses and other malicious code… 等。議程委員會收到 26 個國家將近兩百篇的論文,論文接受率只有 16%, 在目前許多知名國際ACM、IEEE 研討會中,為論文接受率極低者,能於本會報 告之論文將會是國際資訊安全領域中相當傑出之作品。此外,本會並邀請國際資 訊安全之六位相當知名國際學者來给大會進行演講,與國內資訊安全之先進交換 研究心得。 預期可以達到以下成效 z 與會人員可以瞭解電腦通訊安全相關各領域理論及應用研究的最新進 展。 z 與會人員可以交換研究果成經驗與心得。 z 國內相關研究成果可以讓國際人士瞭解。 z 國外知名專家提供新觀念與技術指導。 z 國外學者專家與會可了解國內電腦通訊安全發展情形,提昇國際知名 度。
二、ACM 簡介
Association for Computing Machinery (簡稱 ACM)成立於 1947 年,是世界上
第一個也是最富盛名與學術聲望的資訊領域學術組織,全球約有80000 名會員。
ACM 的 研 究 領 域 包 含 computers, information technology, communications 、 computer networks、network standard 等,其下有許多 Special Interest Group(簡稱 SIG)分別在探討各個相關領域的研究,每個 Special Interest Group 下轄數個重要 Conferences。每個 Conference 每年都會公開徵求世界各地的相關研究,經過評審 審核後發表,並舉辦座談會讓全球的會員們交流意見,另外也會固定發行期刊各 Conference 最新的 paper。
ACM 共有下列 Special Interest Groups
SIGACCESS Accessibility and Computing
SIGACT Algorithms and Computation Theory SIGAda Ada Programming Language
SIGAPL APL Programming Language
SIGAPP Applied Computing
SIGARCH Computer Architecture
SIGART Artificial Intelligence
SIGBED Embedded Systems
SIGCAS Computers and Society
SIGCHI Computer-Human Interaction
SIGCOMM Data Communication
SIGCSE Computer Science Education
SIGDA Design Automation
SIGDOC Systems Documentation
SIGecom Electronic Commerce
SIGGRAPH Computer Graphics
SIGGROUP Groupware
SIGIR Information Retrieval
SIGITE Information Technology Education
SIGKDD Knowledge Discovery in Data SIGMETRICS Measurement and Evaluation
SIGMICRO Microprogramming/Microarchitecture SIGMIS Management Information Systems SIGMM Multimedia
SIGMOBILE Mobility of Systems, Users, Data & Computing SIGMOD Management of Data
SIGSAC Security, Audit & Control
SIGSAM Symbolic and Algebraic Manipulation SIGSIM Simulation & Modeling
SIGSOFT Software Engineering
SIGUCCS University & College Computing Services
SIGWEB Hypertext, Hypermedia and Web
其中 SIGSAC 的研究重點在於發展電腦、通訊、網路和資訊安全,包含電
腦存取控制、認證方法、密碼學、入侵檢測系統、風險分析、和安全協定, 另外一個大方向是系統安全,包括作業系統、資料庫、分散式系統、網路 系 統 以 及 中 介 軟 體… 等 。 下 轄 國 際 知 名 期 刊 ACM Transactions on Information and System Security,與主要兩個國際知名頂級學術 conferences:
ACM Conference on Computer and Communications Security
ACM Symposium on Information, Computer and Communications Security
ACM Symposium on Information, Computer and Communications Security 即 為本次在台舉辦會機。
三、會議目的
主要提供一個公開討論的場合, 充分交換研究成果, 以提昇電腦通訊安全相 關領域理論研究及應用研究。參與會議的成員來自國內外大學教授、學術界知名 學者及科技研究單位。今年會議主題涵蓋Access control and authorization、 Electronic privacy, anonymity、Authentication, biometrics, smartcards、Information flow、Watermarking and data hiding、Intrusion detection and survivability、Applied cryptography、Digital Right Management、Data integrity and audit、Mobile code and mobile agent security、Database security、Network security、Distributed systems security、Formal verification and testing、Wireless communications、Security protocols、E-commerce and mobile e-commerce 和 Viruses and other malicious code… 等相關領域。藉著本國際性會議的舉辦不僅可以達到上述促進國際學術 交流、提昇密碼學相關領域研究應用、促進國際學術交流的目的,對國內學術提 昇有具體貢獻外,亦可展現國內學術研究成果。
四、舉辦日期、地點
日期:民國九十五年三月二十日(星期一)至三月二十四日(星期五) 共五天 地點:台北君悅飯店五、指導單位
行政院科技顧問室、國家資通安全會報六、主辦單位
Association for Computing Machinery (ACM)
七、共同主辦單位
八、籌備委員會
大會榮譽主席 行政院林逢慶政 務委員 大會主席 李德財,中研院 院士暨資訊所所 長 林寶樹,工研院 電通所所長 議程主席 謝續平 交通大 學、中華民國資 安學會 S. Jajodia, GMU (ACM SIGSAC chair) 確認整個會議議程的內容與進行方式,含 Call-for-Paper,Paper review,篩選邀請各 Session Speakers & Panelists 等。提供出版委員會主席整個會議進行的內 容。 Treasurer Chairs 劉培文,資策會 彭仁剛,國安局 吳宗成,台灣科 技大學 何全德,研考會 提出募款計畫書,負責找到支援 ACM 各項活動的贊助者,包含與預期的贊助者 簽定合約、贊助保證邀約書。 維持及傳遞各種募款記錄資料、適時的轉 交發票資料給財務長。 Local arrangement chairs 鄭仁傑,工研院 雷欽隆,台灣大 學、葉義雄,交 通大學 主要負責相關會議室、宴會廳、展示室、 委員會議室、旅館等預訂及ACM 所有活 動的安排。 ACM 活動期間,須負責櫃檯運作及財務 安全,並確保櫃檯服務時間,服務人員盡 忠職守。 負責會議參加報名、及協助財務做帳及財 務報表。 預估ACM 各項活動的參加人數予大會主 席。 安排Local Tour。 會場架設ADSL 無線上網。 Public relation chairs 李惠慈,工研院 黃育綸,交通大 學 陳榮傑,交通大 學 負責ACM 舉辦前或進行中各項活動的協 調與宣傳。 負責新聞發佈/媒體宣傳。 偕同 Organizer、出版委員會主席一起推 銷 ACM 於產、學、研、政、各界。 寄印海報 Publication 曾慧琦,中研院 負責協調、編輯校訂、出版、及分配銷售
chairs 曾文貴,交通大 學
相關會議印刷品(Final Program,
Proceedings & Rump Session)等事宜,其 他委員會主席及相關人員可適時協助。 議程委員會接受通過的稿件,不論是邀稿 或是自行投稿,都應在會議議程中被刊 登。 所有的印刷物須有特定公司提供會議出 版的商定支援。 提供參加者即時的會議資訊及會議議程。 Registration Chairs 黃世昆,交通大 學 王秋鳳,中研院 網頁維護、設計 註冊系統、自動回覆系統、收據列印 Travel Guide 可放上網頁 Secretariat Chairs 楊明豪,交通大 學 許騰尹,交通大 學 彭文志,交通大 學 負責籌辦期間籌備會召開、會議記錄整 理。 預算編列與掌控。 負責協調財務會計控制預算及支出。 負責協調、編輯校訂、刊載、及所有相關 ACM 所有委員會網頁。
九、指導委員
Virgil Gligor(U of Maryland,USA) Li Gong (Sun Microsystems, USA)
Pradeep Khosla (Carnegie Mellon University)
Shankar Sastry (University of California at Berkeley) 呂學錦(中華電信公司) 杜紫軍(商業司) 林進燈(交通大學) 林勤經 (國防部資源司) 吳重雨 (交通大學) 紀國忠 (國科會) 柯志昇 (資策會) 陳昭義(工業局) 陳文村(台灣聯大、清華大學) 陳俊麟 (行政院研考會) 黃重球(技術處) 黃磊 (國安局) 張俊彥 (交通大學) 張進福(暨南大學) 張真誠(逢甲大學) 賴溪松(成功大學) 簡仁德 (電信總局)
十、推動委員會(Steering Committee)
Virgil Gligor, University of Maryland, College Park, USA Sushil Jajodia, GMU,USAPierangela Samarati, U of Milano, Italy Robert Deng, SMU, Singapore
Shiuhpyng Shieh, National Chiao Tung University, Taiwan (Chair) Hiroshi Imai, Department of Computer Science University of Tokyo
十一、議程委員會(Program Committee)
1. Vijay Atluri, Rutgers U, USA 2. Aditya Bagchi, ISI, India 3. Hao Chen, UC Davis, USA
4. Kefei Chen, Shanghai Jiaotung U, PRC 5. Tsuhan Chen, CMU, USA
6. Ed Dawson, QUT, AU
7. Robert Deng, SMU, Singapore 8. Yvo Desmedt,UCL&FSU, UK 9. Wenliang Du, Syracuse U, USA 10. Simon Foley, U College Cork, Ireland 11. Virgil Gligor, U of Maryland, USA 12. Dieter Gollmann, TUHH, Germany 13. Ravi Iyer, UIUC, USA
14. Pradeep Khosla, CMU, USA 15. Kwangjo Kim, ICU, Korea
16. Michiharu Kudoh, IBM Tokyo Lab, Japan 17. Chi-Sung Laih, ChenKung U, Taiwan 18. Kwok-Yan Lam, Tsinghua U, PRC 19. Chin-Laung Lei, Taiwan U, Taiwan 20. Peng Liu, Penn State U, USA 21. Sharad Mehrotra UC Irvine, USA 22. Jonathan Millen, MITRE, USA 23. Peng Ning, NC State U, USA 24. Eiji Okamoto, U of Tsukuba, Japan 25. Jean-Jacques Quisquater, UCL, Belgium 26. Mike Reiter, CMU, USA
27. Rei Safavi-Naini, U Wollogong, AU 28. Pierangela Samarati, U of Milano, Italy
30. R. Sekar, Stony Brook U, USA 31. Hovav Shacham, Standford U, USA 32. Sean Smith, Dartmouth, USA 33. Dawn Song, CMU, USA
34. Michael Steiner, IBM, Germany
35. Wen-Guey Tzeng, Chiao Tung U, Taiwan 36. Doug Tygar, UC Berkerley, USA
37. Vijay Varadharajan, UWS, AU 38. Huaxiong Wang, Macquarie U, AU 39. Victor Wei, Chinese U of HK, HK 40. Felix Wu, UC Davis, USA
41. Tzong-Chen Wu, NTUST, Taiwan 42. Moti Yung, Columbia U, USA
十二、參加對象及國家
此會議 ACM Symposium on Information, Computer and Communications Security 由 ACM Conference Computer and Communication Security 所衍生新成立, ,依ACM Conference Computer and Communication Security 過去經驗來預測,此
會議參與人員,國外人士有大約160 人參加,包括來自歐洲、美洲、亞洲地區等 二十餘國學者專家,國家計有法國、英國、美國、加拿大、日本、比利時、中國 大陸、丹麥、新加坡、韓國、印度、波蘭、捷克、義大利、西班牙、瑞士、德國、 奧地利、芬蘭、瑞典、以色列、香港、馬來西亞、紐西蘭、澳州等國從事資訊安 全相關研究之專家學者,而國內與會人員大約有150 人,將包括各大學院校、研 究機構及軍方從事相關領域之教授、研究生及研究人員等,預估全部有超過300 人與會(含未報名者)。下表為參加本次會議的國家各國人數統計: 日本 23 台灣 150 紐西蘭 4 韓國 24 法國 9 新加坡 6 英國 5 瑞士 3 比利時 1 德國 4 美國 17 義大利 3 印度 2 泰國 2 加拿大 2 中國大陸 7 澳洲 15 以色列 5 丹麥 5 波蘭 4 捷克 3 西班牙 3 奧地利 4 芬蘭 2 瑞典 2 香港 9
十三、會議議程
會議議程簡表Date 3/20/2006 (Monday)
7:00-9:00pm Registration and reception at the Grand Hotel, Taipei, Taiwan
3/21/2006 (Tuesday)
8:30- 9:00am Registration and welcome drinks and nibbles at the Grand Hotel, Taipei, Taiwan
9:00- 9:20 Opening remarks (Minister Lin, general chairs, program chairs)
9:20-10:10 Distinguish Lecture by Virgil Gligor (簡歷如附件五)
10:10-10:30 Coffee Break 10:30-12:10 Session 1 (4 papers) 12:10-1:10 Lunch 1:10-2:50 Session 2 (4 papers) 2:50- 3:10 Coffee Break 3:10- 4:30 Session 3 (3 papers)
4:30-5:00 Break (moving to the Taipei 101 for rump session) 5:00-6:40 Rump Session (20 Fast Abstract)
7:00-9:00 Reception 3/22/2006
(Wednesday)
8:30-9:20 Invited Talk (1) by Prof. Doug Tygar (簡歷如附件四)
9:20-10:10 Session 4 (2 papers) 10:10-10:30 Coffee Break 10:30-12:10 Session 5 ( 4 papers) 12:10-1:10 Lunch
1:10-2:00 Invited Talk (2) Prof. Michael Reiter (簡歷如附件三)
2:00-2:50 Session 6 (2 papers) 2:50- 3:10 Coffee Break 3:10- 4:50 Session 7 (4 papers) 6:00-9:00 Banquet 3/23/2006 (Thursday)
8:30-9:20 Invited Talk (3) Ravi Sandhu (簡歷如附件二)
9:20-10:10 Session 8 (2 papers) 10:10-10:30 Coffee Break
11:20-12:10 Session 9 ( 2 papers) 12:10-1:10 Lunch
1:10-1:50 Session 10 (2 papers)
1:50-2:40 Invited Talk (4) Jeannette Wing (簡歷如附件六)
2:40- 3:00 Coffee Break 3:00- 4:50 Session 12 (4 papers) 3/24/2006 (Friday) 8:30am – 5:00pm
Excursion to National Palace Museum, Science Park, III, ITRI
十四、會議籌備過程
年度 日期 預定之工作 確定會議地點並預訂場地 2004 12 月 籌備會前會議 2 月 組成籌備委員會 3 月 第一次籌備會議Call For Paper 4/1 線上投稿系統完成 5/1 網站正式上線 7/1 議程委員會 (共 42 位委員), 並陸續邀請中 8/1 線上審稿系統完成 10/1 投稿截止 11/1 線上註冊系統 11/20 通知論文審查結果, 開始受理註冊 2005 12/10 論文集排版完成 2/20 早期註冊截止 2/28 議程確定 3/20 完成場地佈置 3/21 會議開始 3/25 會議期間 7/30 處理會後相關事宜,報帳相關事宜 9/30 召開檢討會議,準備繳交會議成果相關資料給ACM 11/10 參加ACM SIGSAC 年會,繳交報告,報告會議成果 2006 12/31 計畫結案
十五、執行成效
ACM 是世界上第一個也是最富盛名的資訊領域的國際組織,此次相當難得可以
爭取到 ACM 於資訊安全最重要之兩個研討會之一的 ACM Symposium on
Information, Computer and Communications Security 來台舉辦,使國內資訊安全學 者可以有機會不必出國即可參與國際一流之學術研討會。目前議程委員會已收到 25 個國家將近兩百篇的論文,論文接受率只有 16%,在目前許多知名國際 ACM、 IEEE 研討會中,為論文接受率極低者,能於本會報告之論文將會是國際資訊安 全領域中相當傑出之作品。此外,本會並邀請國際資訊安全之六位相當知名學者 來给大會進行演講,與國內資訊安全之先進交換研究心得。 預期可以達到以下成效 z 與會人員可以瞭解電腦通訊安全相關各領域理論及應用研究的最新進 展。 z 與會人員可以交換研究果成經驗與心得。 z 國內相關研究成果可以讓國際人士瞭解。 z 國外知名專家提供新觀念與技術指導。 z 國外學者專家與會可了解國內電腦通訊安全發展情形,提昇國際知名 度。
十六、議會過程簡介
3/20 各項工作人員於下午約 1:30 抵達會場進行準備工作。 於晚間 6:30 工作準備就緒,7:00 正式接受 Pre-registration。
3/21 本日為 conference 第一日,許多著名國內、外學者齊聚一堂,盛況空前。 8:00 於台北君悅大飯店,開始接受registration。
9:00 由林寶樹 所長(Minister Lin)、李德財 院士(General Chair)、謝續平教 授(Program Chair)、Sushil Jajodia(Program Chair)等人發表開場演說。 9:20 由 ACM SIGSAC 主席暨 2005 年 Information Security Award 得主-
Virgil D. Gligor 發表著名的演說,題目為"Emergent Properties in Ad-Hoc Networks: A Security Perspective"。
10:00 Coffee Break
10:20 Session 1 在會議主席-Wenke Lee 的主持下正式開始,這個 Session 主 要談論與Security Protocols 相關的議題,包括:
1. ”Improving Secure Server Performance by Re-balancing SSL/TLS Handshakes.”
2. ”Provably Secure Password-Based Authentication in TLS” 3. ”Certified Mailing Lists.”
4. ”Designated Group Credentials.” 12:00 午餐招待
13:00 Invited Talk 在 Pierangela Samarati 的主持下開始,由前 ACM SIGSAC 主席-Ravi Sandhu 帶來一場精采的演講,題目為”Secure Information Sharing Enabled by Trusted Computing and PEI Models”.
13:40 Session2 在會議主席-Pierangela Samarati 主持下開始,這個 Session 主要討論與Database Security 相關的議題,包括:
1. “Privacy-preserving Semantic Interoperation and Access Control of Heterogeneous Databases”
2. “Publicly Verifiable Ownership Protection for Relation Databases” 14:30 Coffee Break
14:50 Session3 在會議主席-Rei Safavi-Naini 的主持下開始,這個 Session 主 要討論與 Intrusion Detection and Modeling 相關的議題,包括:
1. “Measuring Intrusion Detection Capacity: An Information-Theoretic Approach”
2. “Time Series Modeling for IDS Alert Management”
3. “Augmenting Storage with an Intrusion Response Primitive to Ensure the Security of Critical Data”
4. “Design Space and Analysis of Worm Defense Strategies”
16:30 由台北君悅大飯店移動到台北 101 的會場,沿途有專人指示行走路 徑。
這個會議總共有四個主題,討論與 Multimedia Security、Network Security、Digital Signature、Cryptosystem 相關的議題,包括: z Multimedia Security:
1. “Digital Invisible lnk: Revealing True Secrets via Attacking” 2. “Quadtree based Perceptual Watermarking Scheme”
3. “Continuous Fingerprint Classification By Symmetrical Filters ”
z Network Security:
1. “A General Design Towards Secure Ad-Hoc Collaboration” 2. “A Distributed Key Assignment Protocol For Multicast Based
on Proxy Cryptography”
3. “An Efficient Secure Communication Between Set-top Box and Smart card in DTV Broadcasting”
4. “Forgery Attack on the RPC Incremental Unforgeable Encryption Scheme”
5. “A Control Flow Obfuscation Method to Discourage Malicious Tampering of Software Codes”
6. “Problems on the MR Micropayment Schemes”
7. “Design and Implementation of a Reconfigurable Hardware for Secure Embedded Systems”
z Digital Signature:
1. “Democratic Group Signatures”
2. “Analysis of Traceability Attack on Camenisch et al.’s Blind Signature Scheme”
3. “Restricted Message Signing” z Cryptosystem:
1. “Policy-based Encryption Schemes from Bilinear Pairings” 2. “A Refined Look at Bernstein’s AES Side-Channel Analysis” 19:00 於台北 101 享用晚餐.
21:00 結束第一日的會議行程 3/22 本日為 conference 第二日。
8:30 於君悅飯店,開始接受registration。
9:00 Session 4 正式開始,主題為 P2P& Ad Hoc Networks, 會議主席為 Jean-Pierre Seifert,其中內容包含:
1. “Self-Organized Group Key Management for Ad Hoc Networks”
2. “Lightweight, Pollution-Attack Resistant Multicast Authentication Scheme” 進行演講。
9:50 邀請 Jean-Pierre Seifert 進行 invited talk,題目為 ” TRUST: In Cyberspace and Beyond” 。
10:50 Session 5 正式開始,由 Wen-Guey Tzeng 主持,主題為:Digital Rights Management and Watermarking, 內容有:
1. “An Attack-Localizing Watermarking Scheme for Natural Language Documents”
2. ”Tamper Proofing and Attack Identification of Corrupted Image by using Semi-fragile Multiple-watermarking Algorithm” 3. “Image-Adaptive Watermarking Based in Perceptually Shaping
Watermark Blockwise”
4. “Finding the Original Point Set Hidden among Chaffs” 12:30 Lunch
13:15 進行 Invited talk,由 Bao Feng 發表 “Attack graph Generation and Analysis” 演說。
13:55 Session 6 正式開始,主題為 Software security, 議會主席為 Bao Feng, 討論內容有:
1. “Software Integrity Protection Using Timed Executable Agents” 2. “Application Security Support in the Operating System Kernel” 14:45 Coffee Break
15:05 Session 7 正式開始,由 Hiroaki Kikuchi 主持,主題為 Access Control and Authentication,題目有:
1. “Supporting Location-Based Conditions in Access Control Policies”
2. ”A Secure System for Data Access Based in Anonymous Authentication and Time-Dependent Hierarchical Keys” 3. “Approvability”
4. “Safety Analysis of Usage Control Authorization Models”. 18:00 Banquet
3/23 本日為 conference 第三日。
8:30 於君悅飯店,繼續接受registration。
9:00 Session 8 正式開始,會議主席為 Bodo Moller,討論主題為 Authentication and Biometrics, 內容包括:
1. “Fortifying Passwrod Authentication in Integrated Healthcare Delivery Systems”
2. “Collusion Secure Convolutional Fingerprinting Information Codes”
9:20 開始 Invited Talk 由 Bodo Moller 主持,由 Ravi lyer 講解 “Security Vulnerability: From Measurements to Design”
10:30 Coffee Break
10:50 Session 9 正式開始,主題為 Cryptosystem and Analysis,由 Tzong-Chen Wu 擔任主席,內容包括:
Complexity of 2-adic FCSR Combiner Generators” 2. “Cryptanalysis of The Grain Family of Stream Ciphers” 3. “Addressing the Shortcomings of One-Way Chains” 4. “Ring Signature without Random Oracles”
12:30 午餐時間
13:15 開始 Invited Talk 在 Masahiro Mambo 主持下,由 Prof. Doug Tygar 發 表 ”Can Machine Learning Be Secure?" 演說。
13:55 Session 10 正式開始,主題為 Wireless Sensor Networks,議會主席為 Masahiro Mambo,內容有:
1. “An Efficient Key Establishment Scheme for Secure Aggregating Sensor Networks”
2. “An Efficient Broadcast Authentitation Scheme in Wireless Sensor Networks”
14:45 Coffee Break;
15:05 Session 11 在 Peng Liu 主持下,正式開始主題為 Secure Routing and Firewall,討論內容有:
1. “Identity-Based Registry for Secure Interdomain Routing” 2. “Dynamic Rule-ordering Optimization or High-speed Firewall
Filtering”
3. “Digitally Signed Document Sanitizing Scheme Based On Bilinear Maps”
16:20 由謝續平教授(Program Chair)及 Sushil Jajodia(Program Chair) 等人為 研討會圓滿落幕,發表Closing Remarks,並宣布下屆ACM Symposium on Information, Computer and Communications Security 將在新加坡舉行。
3/24 此日為 Free tour 分成 half day tour 與 one day tour,由二位工作人員帶領許
多外國學者參觀我國「故宮博物館」、「新竹工業技術研究院」以及「新竹
十七、與會名單統計資料
與會人員統計
1. 事前報名人數:220 人
2. 現場報名人數: 13 人
3. 現場應到人數:233 人
4. 現場實到人數:209 人,出席率:90%
各天報到狀況
ACM 各天報到狀況
現場應到人數 233 實到人數 209 人數 比率 3 月 20 日報到者 18 9% 3 月 21 日報到者 157 74% 3 月 22 日報到者 16 8% 3 月 23 日報到者 18 9% 總人數 209十八、經費開銷
支出 大項 支出項目 總額 細目 金額 備註 人事費 1,142,000專任助理 700,000
臨時工資 300,000
大會臨時工作人員 110,000
主持人費用 32,000 2,000/場*16
人事費用
合計
1,142,000 支出 大項 支出項目 總額 細目 金額 備註 印刷費 748,000論文集 400,000
海報(大) 90,000
Call For Paper 印
刷 30,000 30 元/張*1,000 張
Call For Participation 48,000
大會手冊 90,000 150 元/份*600 份
Final Program Brochure 90,000
業務費
餐飲費 2,709,000晚宴(含飲料,服 務費) 264,000 8,800 元/桌(10 人)*30 桌
晚餐(Rump Session)(含飲 料,服務費) 440,000 22,000 元/桌(12 人)*20 桌
場地租用費(含 服務費、午餐及 每日兩次點心及 稅金 1,980,000 300 人*2,200*3 天
SIGSAC 技術委 員會議場地費 25,000 場地器材租 用費 300,000
記錄費(含照相. 錄影.音控等) 80,000 2,000 元/天*4 天
麥克風喇叭 NB 租借費 100,000
場地佈置費 120,000 旅運費 200,000
國外差旅費 120,000
國內差旅費 80,000 耗材費 270,000 影印及印刷費 200,000 光碟片、磁片 20,000 碳粉匣等 30,000 消費性器材 20,000
業務費
交通費與膳 雜宿費 1,798,000受邀海外來賓生 活費 420,000 10,000 元/人*6 人*7 天
受邀海外傑出學 者機票費 (商務 艙) 1,200,000 (Dr. S. Jajodia, former Chair of ACM SIGSAC & Prof. Of GMU; Dr. Doug Tygar, Prof. Of UC Berkeley & Chair of the Defense Department's ISAT Study Group on Security with Privacy; Dr. Michael Reiter, Prof. Of CMU & Editor in-Chief of ACM TISSEC; Dr. Ravi Sandhu, Prof. Of GMU & former Editor-in-Chief of ACM TISSEC & ACM & IEEE fellows; Virgil Gligor, newly elected ACM SIGSAC chair & Prof. Of Univ. of Maryland; Jeannet Wing, IEEE fellow & Prof. & Chair Of CMU) 200,000 元/人*6 人
國內專家受邀演 講費 18,000 6,000/人*3 人
國內交通費(遊 覽車) 160,000 10,000 元*4*4 天 工作會 660,000
籌備會 360,000 20,000 元/次*18 次
檢討會 300,000 大會網站製 作與維護費 450,000 網站維護費 150,000
業務費
網頁製作費 150,000程式設計費 150,000 郵電、文具 237,500 郵電費(含海外 聯繫費) 65,000 文具、紙張 172,500 紀念品 500,000 紀念品 500,000紀念品 1000 元/人份*500 份 晚宴表演費 300,000 表演費 300,000 參觀景點費 (認識台 灣) 390,000 參觀故宮、科學園區,增 進國外人士認識台灣的文 化與科技發展 參觀費 390,0001,500 元/人*260 人 (餐費 及當天導遊費用) 補助國外學 者費 200,000
補助貧困地區國 外優秀作者(學 生或學者)前來 發表論文 200,000 20,000 元/人*10 人 補助國內學 生費 840,000
由於 ACM 國際 會議報名費較 高,國內學生較 難負擔,故補助 國內學生報名 費,以鼓勵學生 參加難得在台灣 舉辦的國際會 議。 840,000 12,000 元/人*70 人 (約 20 個學校,每個學校 3-4 名學生參加)
業務費
最佳論文獎 金100,000
補助最佳論文獎 得主費用 100,000 50,000 元/人*2 人 雜支 250,000 給 ACM 費 用 600,000 依 ACM 規定, 支付 ACM 相關 費用 600,000 合計 10,552,500 總計
11,694,500
十九、擬請補助經費明細表
支 出
項 目
細目
金 額
備 註
人
事
費
補助人事費
222,000 由教育部補助款支出,單
據留存備查(部分補助)
交通費與膳雜宿
費(邀請國外知名
invited speaker 費
用)
810,000 (商務艙機票 200,000+
生活費
70,000)*3 人,由
教育部補助款支出,單據
留存備查(部分補助)
補助國內學生(由
於 ACM 國際會議
報名費較高,國內
學生較難負擔,故
補助國內學生報
名費,以鼓勵學生
參加難得在台灣
舉 辦 的 國 際 會
議。)
840,000 補助國內各大學研究所碩
博士班學生,每人
12000
*70 人,由教育部補助款
支出,單據留存備查
最佳論文獎補助
100,000 由教育部補助款支出,單
據留存備查
大會網站製作與
維護費
250,000 由教育部補助款支出,單
據留存備查(部分補助)
郵 電、文 具
168,000 由教育部補助款支出,單
據留存備查(部分補助)
業
務
費
場地租用費
350,000 由教育部補助款支出,單
據留存備查(部分補助)
合計
2,740,000
二十、研討會發表論文之審稿制度
論文審查程序依照國際慣例由本研討會所組成之議程委員會以匿名審查方 式,每篇論文將會指定三位審查委員審視所有投稿文章,並由議程委員會開會討 論審查意見後決定接受發表之論文。二十一、活動剪影
1. 註冊與研討會實況
二十二、主講/持人學經歷及著作一覽表
附件(一) Sushil Jajodia
Sushil Jajodia is BDM International Professor of Information Technology and the director of Center for Secure Information Systems at the George Mason University, Fairfax, Virginia. He served as the chair of the Department of Information and
Software Engineering during 1998-2002. He joined GMU after serving as the director of the Database and Expert Systems Program within the Division of Information, Robotics, and Intelligent Systems at the National Science Foundation. Before that he was the head of the Database and Distributed Systems Section in the Computer Science and Systems Branch at the Naval Research Laboratory, Washington and Associate Professor of Computer Science and Director of Graduate Studies at the
University of Missouri, Columbia. He has also been a visiting professor at the University of Milan and University of Rome "La Sapienza", Italy and at the Isaac
Newton Institute for Mathematical Sciences, Cambridge University, England. Dr. Jajodia received his PhD from the University of Oregon, Eugene. His research interests include information security, temporal databases, and replicated databases. He has authored five books, edited twenty two books, and published more than 250 technical papers in the refereed journals and conference proceedings. He received the 1996 Kristian Beckman award from IFIP TC 11 for his contributions to the discipline of Information Security, and the 2000 Outstanding Research Faculty Award from GMU's School of Information Technology and Engineering.
Dr. Jajodia has served in different capacities for various journals and conferences. He is the founding editor-in-chief of the Journal of Computer Security and on the
editorial boards of ACM Transactions on Information and Systems Security,
International Journal of Cooperative Information Systems, and International Journal of Information and Computer Security. He is the consulting editor of the Kluwer International Series on Advances in Information Security. He also serves as the chair
of the ACM Special Interest Group on Security, Audit, and Control (SIGSAC) and the
IFIP WG 11.5 on Systems Integrity and Control. He has been named a Golden Core
member for his service to the IEEE Computer Society, and received International Federation for Information Processing (IFIP) Silver Core Award "in recognition of outstanding services to IFIP" in 2001. He is a past chairman of the IEEE Computer Society Technical Committee on Data Engineering. He is a senior member of the IEEE and a member of IEEE Computer Society and Association for Computing Machinery. The URL for his web page is http://csis.gmu.edu/faculty/jajodia.html.
List of Publications 1999 and beyond
AUTHORED BOOKS
1. Peng Ning, Sushil Jajodia, X. Sean Wang, Intrusion Detection in Distributed Systems: An Abstraction-based Approach, ISBN 1-4020-7624-X, Kluwer Academic Publishers, Boston, 2003, 156 pages.
2. Peng Liu, Sushil Jajodia Trusted Recovery and Defensive Information Warfare, ISBN 0-7923-7572-6, Kluwer Academic Publishers, Boston, 2002, 152 pages.
3. Neil F. Johnson, Zoran Duric, Sushil Jajodia, Information Hiding: Steganography and Watermarking - Attacks and Countermeasures, ISBN 0-7923-7204-2 Kluwer Academic Publishers, Boston, 2001, 137 pages. 4. Claudio Bettini, Sushil Jajodia, X. Sean Wang, Time Granularities in
Databases, Data Mining, and Temporal Reasoning, ISBN 3-540-66997-3, Springer-Verlag, Berlin, July 2000, 226 pages.
5. Vijay Atluri, Sushil Jajodia, Binto George, Multilevel Secure Transaction Processing, ISBN 0-7923-7702-8, Kluwer Academic Publishers, Boston, November 1999, 144 pages.
EDITED BOOKS
1. Daniel Barbara, Sushil Jajodia, Applications of Data Mining in Computer Security, ISBN 1-4020-7054-3, Kluwer Academic Publishers, Boston, 2002, 252 pages.
2. Paul Ammann, Bruce H. Barnes, Sushil Jajodia, Edgar H. Sibley, eds., Computer Security, Dependibility, and Assurance: From Needs to Solutions , ISBN 0-7695-0337-3, IEEE Computer Society Press, Los Alamitos (1999), 224 pages.
EDITED PROCEEDINGS
1. Sushil Jajodia, Leon Strous, eds., Integrity and Internal Control in Information Systems VI, ISBN 1-4020-7900-1, Kluwer Academic Publishers, Boston, 2004, 272 pages.
2. Yves Deswarte, Frederic Cuppens, Sushil Jajodia, Lingyu Wang, Security and Protection in Information Processing Systems, ISBN 1-4020-8142-1, Kluwer Academic Publishers, Boston, 2004, 562 pages.
3. Yves Deswarte, Frederic Cuppens, Sushil Jajodia, Lingyu Wang, Information Security Management, Education, and Privacy, ISBN 1-4020-8144-8, Kluwer Academic Publishers, Boston, 2004, 328 pages.
4. Hideko S. Kunii, Sushil Jajodia, Arne Solvberg, eds., Conceptual Modeling - ER 2001, Springer Lecture Notes in Computer Science, Volume 2224, ISBN 3-540-42866-6, Springer, Berlin (2001), 614 pages. 2001.
5. Sushil Jajodia and Pierangela Samarati, eds., Proc. 7th ACM Conf. on Computer and Communications Security, ISBN 1-58113-203-4, ACM Press, New York, November 2000, 256 pages.
6. Sushil Jajodia, ed., Database Security XII: Status and Prospects, Kluwer Academic Publishers, Boston, 1999, 320 pages.
JOURNAL ARTICLES
1. Alberto Ceselli, Ernesto Damiani, Sabrina De Capitani di Vimercati, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati, "Modeling and assessing inference exposure in encrypted databases, ACM Trans. on Information and
System Security, To appear.
2. Claudio Bettini, X. Sean Wang, sushil Jajodia, "Information release control: A learning-based architecture," Journal on Data Semantics, To appear.
3. Lingyu Wang, Duminda Wijesekera, Sushil Jajodia, “Cardinality-based
inference control in data cubes,” Journal of Computer Security, Vol. 12, No. 5, 2004, pages 655-692.
4. Claudio Bettini, Sushil Jajodia, X. Sean Wang, Duminda Wijesekera,
“Reasoning with advanced policy rules and its application to access control,”
International Journal on Digital Libraries, Vol. 4, No. 3, November 2004,
pages 156-170.
5. Kenneth Smith, Sushil Jajodia, Vipin Swarup, Jeffery Hoyt, Gail Hamilton, Donald Faatz, Todd Cornett, “Enabling the sharing of neuroimaging data through well-defined intermediate levels of visibility,” NeuroImage, Vol. 22, No. 4, August 2004, pages 1646-1656.
6. Duminda Wijesekera, Sushil Jajodia, Francesco Parisi-Presicce, Asa Hagstrom, “Removing permissions in the Flexible Authorization Framework,” ACM
7. Alessandro Mei, Luigi V. Mancini, Sushil Jajodia, “Secure dynamic fragment and replica allocation in large-scale distributed file systems,” IEEE Trans. on
Parallel and Distributed Systems, Vol. 14, No. 9, September 2003, pages
885-896.
8. Claudio Bettini, Sushil Jajodia, X. Sean Wang, Duminda Wijesekera,
“Provisions and obligations in policy rule management,” Journal of Network
and Systems Management, Vol. 11, No. 3, September 2003, pages 351-372.
9. Daniel Barbara, Rajni Goel, Sushil Jajodia, “A checksum-based corruption detection techniques,” Journal of Computer Security, Vol. 11, No. 3, 2003, pages 315-329.
10. Duminda Wijesekera, Sushil Jajodia, ``A propositional policy algebra for access control,'' ACM Trans. on Information and System Security, Vol. 6, No. 2, May 2003, pages 286-325.
11. Yingjiu Li, Peng Ning, X. Sean Wang, Sushil Jajodia, ``Discovering calendar-based temporal association rules,'' Data and Knowledge
Engineering, Vol. 4, No. 2, 2003, pages 193-218.
12. Roberto Di Pietro, Luigi V. Mancini, Sushil Jajodia, "Providing secrecy in key management protocols for large wireless sensor networks," Ad Hoc Networks, Vol. 1, No. 4, 2003, pages 455-468.
13. Claudio Bettini, X. Sean Wang, and Sushil Jajodia, ``Solving multi-granularity temporal constraint networks,'' Artificial Intelligence, Vol. 140, No. 1/2, 2002, pages 107-152.
14. Paul Ammann, Sushil Jajodia, Peng Liu, ``Recovering from malicious
transactions,'' IEEE Trans. on Knowledge and Data Engineering, Vol. 14, No. 5, September/October 2002, pages 1167-1185.
15. Sanjeev Setia, Sencun Zhu, Sushil Jajodia, ``A comparative performance analysis of reliable group rekey transport protocols for secure multicast,
Performance Evaluation, Vol. 49, No. 1-4, September 2002, pages 21-41.
16. Claudio Bettini, Sushil Jajodia, X. Sean Wang, ``Temporal reasoning in workflow systems,'' Distributed and Parallel Databases, Vol. 11, No. 3, May 2002, pages 269-306.
17. Peng Ning, X. Sean Wang, Sushil Jajodia, ``An algebraic representation of calendars,'' Annals of Mathematics and Artificial Intelligence, Vol. 36, No. 1-2, September 2002, pages 5-38.
18. Yingjiu Li, Ningning Wu, Sushil Jajodia, X. Sean Wang, ``Enhancing profiles for anomaly detection using time granularities,'' Jour. of Computer Security, Vol. 10, No. 1/2, 2002, pages 137-157.
19. Peng Ning, Sushil Jajodia, X. Sean Wang, ``Design and implementation of a decentralized prototype system for detecting distributed attacks,'' Computer
20. Susan Chapin, Don Faatz, Sushil Jajodia, Amgad Fayad, ``Consistent policy enforcement in distributed systems using mobile policies,'' Data & Knowledge
Engineering, Vol. 43, No. 3, December, 2002, pages 261-280.
21. Sushil Jajodia, Pierangela Samarati, Maria Luisa Sapino, V. S. Subrahmanian, ``Flexible support for multiple access control policies,'' ACM Trans. on
Database Systems, Vol. 26, No. 2, June 2001, pages 214-260.
22. Peng Ning, Sushil Jajodia, Xiaoyang Sean Wang, ``Abstraction-based
intrusion detection in distributed environments,'' ACM Trans. on Information
and System Security, Vol. 4, No. 4, November 2001, pages 407-452.
23. Pierangela Samarati, Michael K. Reiter, Sushil Jajodia, ``An authorization model for a public key management service,'' ACM Trans. on Information and
System Security, Vol. 4, No. 4, November 2001, pages 453-482.
24. Peng Liu, Peng Ning, Sushil Jajodia, ``Avoiding loss of fairness owing to failures in fair data exchange systems,'' Decision Support Systems, Vol. 31, No. 3, 2001, pages 337-350.
25. Sushil Jajodia, Vijaylakshmi Atluri, Thomas F. Keefe, Catherine D. McCollum, Ravi Mukkamala, ``Multilevel secure transaction processing,'' Jour. of
Computer Security, Vol. 9, No. 3, 2001, pages 165-195.
26. Alexander Brodsky, Csilla Farkas, Sushil Jajodia, ``Secure databases:
Constraints, inference channels, and monitoring disclosures,'' IEEE Trans. on
Knowledge and Data Engineering, Vol. 12, No. 6, November/December 2000,
pages 900-919.
27. I. Ray, L. V. Mancini, S. Jajodia, E. Bertino, ``ASEP: A secure and flexible commit protocols for MLS distributed database systems,'' IEEE Trans. on
Knowledge and Data Engineering, Vol. 12, No. 6, November/December 2000,
pages 880-899.
28. Indrakshi Ray, Paul Ammann, Sushil Jajodia, ``Using semantic correctness in multidatabases to achieve local autonomy, distribute coordination, and
maintain global integrity,'' Information Sciences, Vol. 129, No. 1-4, December 2000, pages 155-195.
29. Peng Liu, Sushil Jajodia, Catherine D. McCollum, ``Intrusion confinement by isolation in information systems,'' Jour. of Computer Security, Vol. 8, No. 4, 2000, 243-279.
30. Peng Ning, X. Sean Wang, Sushil Jajodia, ``Modeling requests among
cooperating intrusion detection systems,'' Computer Communications, Vol. 23, No. 17, November 2000, pages 1702-1715.
31. Luigi V. Mancini, Indrajit Ray, Sushil Jajodia, and Elisa Bertino, ``Flexible transaction dependencies in database systems,'' Distributed and Parallel
32. Peng Liu, Paul Ammann, and Sushil Jajodia, ``Rewriting histories: Recovering from malicious transactions,'' Distributed and Parallel Databases, Vol. 8, No. 1, January 2000, pages 7-40.
33. Chunru Zhang, Kwok-Yan Lam, Sushil Jajodia, ``Scalable threshold closure,''
Theoretical Computer Science, Vol. 226, 1999, pages 185-206.
34. S. Jajodia, P. Ammann, C. D. McCollum, ``Surviving information warfare attacks,'' IEEE Computer, Vol. 32, No. 4, April 1999, pages 57-63. 35. Sushil Jajodia, Catherine D. McCollum and Paul Ammann, ``Trusted
recovery,'' Communications of the ACM, Vol. 42, No. 7, July 1999, pages 71-75.
36. E. Bertino, S. Jajodia, and P. Samarati, ``A flexible authorization mechanism for relational data management systems,'' ACM Trans. on Information Systems, April 1999, Vol. 17, No. 2, April 1999, pages 101-140.
ARTICLES IN REFEREED CONFERENCE AND WORKSHOP
PROCEEDINGS
1. Lingyu Wang, Sushil Jajodia, Duminda Wijesekera, “Securing OLAP data cubes against privacy breaches,” Proc. IEEE Symp. On Security and Privacy, Oakland, CA, May 2004, pages 161-175 (Acceptance ratio 19/186).
2. Sencun Zhu, Sanjeev Setia, Sushil Jajodia, Peng Ning, “An interleaved hop-by-hop authentication scheme for filtering false data injection in sensor networks,” Proc. IEEE Symp. On Security and Privacy, Oakland, CA, May 2004, pages 259-271 (Acceptance ratio 19/186).
3. Shiping Chen, Duminda Wijesekera, Sushil Jajodia, “Incorporating Dynamic Constraints in the Flexible Authorization Framework,” Proc. 9th
European Symp. on Research in Computer Security (ESORICS 2004), Springer Lecture Notes in Computer Science, Vol. 3193, Sophia Antipolis, France, September
2004, pages 1-16 (Acceptance ratio 27/159).
4. Steve Noel, Sushil Jajodia, Eric Robertson, "Correlating intrusion events and building attack scenarios through attack graph distances," Proc. 20th Annual
Computer Security Applications Conference, Tucson, Arizona, December 6-10,
2004, pages 350-359. PDF
5. Lingyu Wang, Duminda Wijesekera, Sushil Jajodia, "A logic-based framework for attribute based access control," Proc. 2nd ACM Workshop on Formal
Methods in Security Engineering (FMSE 2004), October 2004, pages 45-55
6. Steve Noel, Sushil Jajodia, "Managing attack graph complexity through visual hierarchical aggregation" Proc. ACM Workshop on Visualization and Data
Mining for Computer Security, October 2004, pages109-118 (Acceptance ratio
13/36). PDF
7. Yingjiu Li, Huiping Guo, Sushil Jajodia, "Tamper detection and localization for categorical data using fragile watermarks," Proc. ACM Workshop on
Digital Rights Management, Washington, DC, October 2004, pages 73-82
(Acceptance ratio 10/27). PDF
8. Claudio Bettini, X. Sean Wang, Sushil Jajodia, "Identifying Sensitive
Associations in Databases for Release Control," Proc. International Workshop
on Secure Data Management in a Connected World, Springer Lecture Notes in Computer Science, Vol. 3178, Willem Jonker and Milan Petkovic, eds.,
Toronto, Canada, August 2004, pages 187-201.
9. Yingjiu Li, Vipin Swarup, Sushil Jajodia, “Defending against additive attacks with maximal errors in watermarking relational databases,” Proc. 18th
IFIP WG 11.3 Working Conference on Data and Application Security, Research Directions in Data and Applications Security XVIII, Csilla Farkas and
Pierangela Samarati, editors, Kluwer Academic Publishers, Boston, 2004, pages 81-94 (Acceptance ratio 23/49).
10. Shiping Chen, Duminda Wijesekera, Sushil Jajodia, "FlexFlow: A flexible flow control policy specification framework," in Data and Applications
Security XVII: Status and Prospects, Sabrina De Capitani di Vimercati,
Indrakshi Ray, and Indrajit Ray, eds., Kluwer Academic Publishers, Boston, 2004, pages 358-371 (Acceptance ratio 26/59).
11. Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia, “GKMPAN: An efficient group rkeying scheme for secure multicast in ad-hoc networks,” Proc.
First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services (MobiQuitous 2004), Boston, MA, August 22-25,
2004, pages 42-51.
12. Claudio Bettini, X. Sean Wang, Sushil Jajodia, “A learning-based approach to information release control,” in Integrity and Internal Control in Information
Systems VI, Sushil Jajodia, Leon Strous, eds., Kluwer Academic Publishers,
Boston, 2004, pages 83-105.
13. Sencun Zhu, Sushil Jajodia, “Scalable group rekeying for secure multicast: A survey,” Proc. 5th International Workshop on Distributed Computing,
Springer Lecture Notes in Computer Science, Vol. 2918 (Samir R. Das and
Sajal K. Das, editors), 2004, pages 1-10.
14. Sushil Jajodia,Duminda Wijesekera, "A flexible authorization framework for E-commerce," Proc. First International Conference on Distributed Computing
and Internet Technology, Springer Lecture Notes in Computer Science, Vol. 3347 (R. K. Ghosh and H. Mohanty, eds.), 2004, pages 336-345.
15. Kaushal Sarda, Duminda Wijesekera, Sushil Jajodia "Implementing consistency checking in correlating attacks," Proc. First International
Conference on Distributed Computing and Internet Technology, Springer Lecture Notes in Computer Science, Vol. 3347 (R. K. Ghosh and H. Mohanty,
eds.), 2004, pages 379-384.
16. Sencun Zhu, Sanjeev Setia, Sushil Jajodia, “LEAP: Efficient security mechanisms for large-scale distributed sensor networks,” Proc. 10th
ACM Conf. On Computer and Communications Security, Washington, DC, October 27-31,
2003, pages 62-72 (Acceptance ratio 36/252).
17. Ernesto Damiani, Sabrina De Capitani di Vimercati, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati, “Balancing confidentiality and efficiency in untrusted Relational DBMSs,” Proc. 10th
ACM Conf. On Computer and Communications Security, Washington, DC, October 27-31, 2003, pages
93-102 (Acceptance ratio 36/252).
18. Yingjiu Li, Vipin Swarup, Sushil Jajodia, “Constructing a virtual primary key for fingerprinting relational data, Proc. ACM Workshop on Digital Rights
Management, Washington, DC, October 2003, pages 133-141 (Acceptance
ratio 13/30).
19. Lingyu Wang, Yingjiu Li, Duminda Wijesekera, Sushil Jajodia, “Precisely answering multidimensional range queries without privacy breach,” Proc. 8th
European Symposium on Research in Computer Security (ESORICS 2003), Springer Lecture Notes in Computer Science, Volume 2808, October 2003,
pages 100-115 (Acceptance ratio 19/114).
20. Steve Noel, Sushil Jajodia, Brian O’Berry, Mike Jacobs, “Efficient
minimum-cost network hardening via exploit dependency graphs,” Proc. 19th
Annual Computer Security Applications Conference, Las Vegas, Nevada,
December 8-12, 2003, pages 86-95.
21. Yingjiu Li, Vipin Swarup, Sushil Jajodia, “A robust watermarking scheme for relational data,” Proc. 13th
Workshop on Information Technology and Systems (WITS’03), Seattle, Washington, December 2003, pages 195-200.
22. S. Zhu, S. Xu, S. Setia, S. Jajodia, “Establishing pair-wise keys for secure communication networks: a probabilistic approach,” Proc. 11th IEEE
International Conference on Network Protocols, Atlanta, Georgia, November
4-7, 2003 (Acceptance ratio 30/230).
23. E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, M. Finetti, S. Jajodia, “Implementation of a storage mechanism for untrusted DBMSs,”
24. Sencun Zhu, Sanjeev Setia, Sushil Jajodia, “Performance optimizations for group key management schemes for secure multicast,” Proc. IEEE 23rd
Int’l. Conf. On Distributed Computing Systems, Providence, Rhode Island, May
19-22, 2003 (Acceptance ratio 72/406).
25. Sencun Zhu, Sanjeev Setia, Sushil Jajodia, “Adding reliable and self-healing key distribution to the subset difference group rekeying method for secure multicast,” Fifth International Workshop on Networked Group
Communications (NGC'03), Munich, Germany, September 16-19, 2003 (Acceptance ratio 17/51).
26. Sencun Zhu, Shouhuai Xu, Sanjeev Setia and Sushil Jajodia, “LHAP: A lightweight hop-by-hop authentication protocol for ad-hoc networks,” Proc.
International Workshop on Mobile and Wireless Networks (MWN 2003), May
2003 (Acceptance ratio 30/60).
27. Douglas E. Williams, Amgad Fayad, Sushil Jajodia, Daniel Calle, “A user friendly guard with mobile post-release access control policy,” in Security and
Privacy in the Age of Uncertainty, Dimitris Gritzalis, Sabrina De Capitani di
Vimercati, Pierangela Samarati, Sokratis Katsikas, eds., Kluwer Academic Publishers, Boston, 2003, pages 265-276 (Acceptance ratio 33/121). 28. Lingyu Wang, Duminda Wijesekera, Sushil Jajodia, ``Towards secure XML
federations,'' in Research Directions in Data and Applications Security, Ehud Gudes, Sujeet Shenoi, eds., Kluwer Academic Publishers, Boston, 2003, pages 117-131 (Acceptance ratio 25/50).
29. Daniel Barbara, Rajni Goel, Sushil Jajodia, ``Mining malicious data corruption with hidden markov models,'' in Research Directions in Data and Applications
Security, Ehud Gudes, Sujeet Shenoi, eds., Kluwer Academic Publishers,
Boston, 2003, pages 175-189 (Acceptance ratio 25/50). 30. Daniel Barbará, Yi Li, Jia-Ling Lin, Sushil Jajodia, Julia Couto,
“Bootstrapping a data mining intrusion detection system,” Proc. ACM Symp.
on Applied Computing (SAC), Melbourne, FL, March 2003, pages 421-425.
31. Kenneth Smith, Vipin Swarup, Sushil Jajodia, Donald B. Faatz, Todd Cornett, Jeffery Hoyt, “Securely sharing neuroimagery,” Proc. ACM International
Conference on Information and Knowledge Management, New Orleans,
Louisiana, November 2-8, 2003, pages 375-377.
32. Claudio Bettini, Sushil Jajodia, Sean Wang, Duminda Wijesekera, ``Provisions and obligations in policy rule management and security applications,'' Proc.
28th International Conference on Very Large Data Bases, Hong Kong, China,
August 2002, pages 502-513 (Acceptance ratio 69/432).
33. Duminda Wijesekera, Sushil Jajodia, ``Policy Algebras for Access Control - The predicate Case,'' Proc. 8th ACM Conference on Computer and
Communications Security, Washington, DC, November 17-22, 2002, pages
171-180 (Acceptance ratio 27/161).
34. Lingyu Wang, Duminda Wijesekera, Sushil Jajodia, ``Cardinality-based inference control in sum-only data cubes,'' Proc. 7th European Symposium on
Research in Computer Security (ESORICS 2002), Lecture Notes in Computer Science, Vol. 2502, Zurich, Switzerland, October 14-16, 2002, pages 55-71
(Acceptance ratio 16/83).
35. Peng Liu, Sushil Jajodia, Paul Ammann, Jie Li, ``Can-follow concurrency control,'' Proc. IASTED Int'l. Conf. on Networks, Parallel and Distributed
Processing, and Applications, Tsukuba, Japan, October 1-4, 2002.
36. Yingjiu Li, Senchun Zhu, Lingyu Wang, Sushil Jajodia, ``A privacy-enhanced microaggregation method,'' Proc. 2nd Int'l. Symp. on Foundations of
Information and Knowledge Systems (FoIKS 2002), Springer-Verlag Lecture Notes in Computer Science, Vol. 2284 (T. Eiter and K.-D. Schwe, eds),
February 2002, pages 148-159. (Acceptance ratio 15/55).
37. Yingjiu Li, Lingyu Wang, X. Sean Wang, Sushil Jajodia, ``Auditing
interval-based inference,'' Proc. 14th Conf. on Advanced Information Systems
Engineering (CAiSE'02), Springer-Verlag Lecture Notes in Computer Science, Vol. 2348 (A. Banks Pidduck, J. Mylopoulos, C. C. Woo, M. Tamer Ozsu, eds.),
May 2002, pages 553-568 (Acceptance ratio 42/173).
38. Yingjiu Li, Lingyu Wang, Sushil Jajodia, ``Preventing interval-based inference by random data perturbation,'' Proc. Workshop on Privacy Enhancing
Technologies, San Francisco, CA, April 2002 (Acceptance ratio 16/47).
39. Claudio Bettini, Sushil Jajodia, X. Sean Wang, Duminda Wijesekera, ``Obligation monitoring in policy management,'' Proc. 3rd International
Workshop on Policies for Distributed Systems and Networks (POLICY 2002),
Monterey, CA, IEEE Computer Society, June 2002, pages 2-12 (Acceptance ratio 17/67).
40. Sushil Jajodia, Duminda Wijesekera, ``Recent advances in access control models,'' in Database and Application Security XV, Martin S. Olivier and David L. Spooner, eds., Kluwer Academic Publishers, Boston, 2002, pages 3-15.
41. Jackie Yang, Duminda Wijesekera, Sushil Jajodia, ``Subject switching algorithms for access control in federated databases,'' in Database and
Application Security XV, Martin S. Olivier and David L. Spooner, eds., Kluwer
Academic Publishers, Boston, 2002, pages 61-74.
42. Ravi Mukkamala, Sushil Jajodia, ``A novel approach to certificate revocation management,'' in Database and Application Security XV, Martin S. Olivier and David L. Spooner, eds., Kluwer Academic Publishers, Boston, 2002, pages
43. Roberto Di Pietro, Luigi V. Mancini, Sushil Jajodia, ``Efficient and secure keys management for wireless mobile communications,’’ Proc. 2nd ACM Int’l.
Workshop on Mobile Computing, Toulouse, France, October 2002, pages
66-73.
44. Roberto Di Pietro, Luigi V. Mancini, Sushil Jajodia, ``Secure selective exclusion in ad hoc wireless network,'' in Security in the information Society:
Visions and Perspectives, M. Adeeb Ghonaimy, Mahmoud T. El-Hadidi, Heba
K. Aslan, eds., Kluwer Academic Publishers, Boston, 2002, pages 423-434. 45. Ken Smith, Don Faatz, Amgad Fayad, Sushil Jajodia, ``Propagating
modifications to mobile policies,'' in Security in the information Society:
Visions and Perspectives, M. Adeeb Ghonaimy, Mahmoud T. El-Hadidi, Heba
K. Aslan, eds., Kluwer Academic Publishers, Boston, 2002, pages 573-584. 46. Duminda Wijesekera, Sushil Jajodia, ``Policy Algebras for Access Control -
The Propositional Case,'' Proc. 8th ACM Conference on Computer and
Communications Security, Philadelphia, PA, November 5-8, 2001, pages 38-47
(Acceptance ratio 27/153).
47. Daniel Barbara, Ningning Wu, Sushil Jajodia, ``Detecting novel network intrusions using bayes estimators,'' Proc. 1st SIAM International Conference
on Data Mining (SDM 2001),, Chicago, IL, April 2001.
48. Asa Hagstrom, Sushil Jajodia, Francesco Parisi-Presicce, Duminda Wijesekera, ``Revocations - a classification,'' Proc. 14th IEEE Computer Security
Foundations Workshop, Nova Scotia, Canada, June 2001, pages 44-58.
49. Peng Liu, Sushil Jajodia, ``Multi-phase damage confinement in database systems for intrusion tolerance,'' Proc. 14th IEEE Computer Security
Foundations Workshop, Nova Scotia, Canada, June 2001, pages 191-205.
50. Yingjiu Li, Peng Ning, X. Sean Wang, Sushil Jajodia, ``Discovering
calendar-based temporal association rules,'' Proc. 8th Int'l. Symp. on Temporal
Representation and Reasoning (TIME 2001), Cividale del Fruily, Italy, June
2001, pages 111-118.
51. Amgad Fayad, Sushil Jajodia, Don Faatz, Vinti Doshi, ``Going beyond MAC and DAC using mobile policies,'' in Trusted Information - The New Decade
Challenge (Michel Dupuy and Pierre Pardinas, editors), Kluwer Academic
Publishers, Boston, June 2001, pages 245-260.
52. Yingjiu Li, X. Sean Wang, Sushil Jajodia, ``Discovering temporal patterns in multiple granularities,'' Proc. Int'l. Workshop on Temporal, Spatial, and
Spatio-Temporal Data Mining, Springer-Verlag Lecture Notes in Artificial Intelligence, Vol. 2007 , 2001, pages 5-19.
53. Daniel Barbara, Rajni Goel, and Sushil Jajodia, ``Protecting file systems against corruption using checksums,'' in Data and Applications Security:
Klaus R. Dittrich, Jahir Tari, eds. Kluwer Academic Publishers, Boston, 2001, pages 113-124.
54. Susan Chapin, Don Faatz, Sushil Jajodia, ``Distributed policies for data management making policies mobile,'' in Data and Applications Security:
Developments and Directions, Bhavani Thuraisingham, Reind van de Riet,
Klaus R. Dittrich, Jahir Tari, eds. Kluwer Academic Publishers, Boston, 2001, pages 63-75.
55. Daniel Barbara, Julia Couto, Sushil Jajodia, Leonard Popyack, Ningning Wu, ``ADAM: Detecting intrusions by data mining,'' Proc. IEEE Workshop on
Information Assurance and Security, West Point, NY, June 2001, pages 11-16.
56. Sanjeev Setia, Samir Koussih, Sushil Jajodia, Eric Harder, ``Kronos: A
scalable group re-keying approach for secure multicast,'' Proc. IEEE Symp. on
Security and Privacy, Oakland, CA, May 2000 (Acceptance ratio 18/137).
57. Daniel Barbará, Rajni Goel, and Sushil Jajodia, ``Using checksums to detect data corruption,'' Proc. Conf. on Extending Database Technology, Springer
Lecture Notes in Computer Science, Vol. 1777 Konstanz, Germany, March
2000, pages 136-149 (Acceptance ratio 30/180).
58. Yingjiu Li, Ningning Wu, Sushil Jajodia, X. Sean Wang, ``Enhancing profiles for anomaly detection using time granularities,'' Proc. 1st Workshop on
Intrusion Detection Systems, Athens, Greece, November 2000.
59. Vinti Doshi, Amgad Fayad, Sushil Jajodia, Roswitha MacLean, ``Using attribute certificates with mobile policies in electronic commerce
applications,'' Proc. 16th Annual Computer Security Applications Conf., New Orleans, LA, December 2000, pages 298-307.
60. Paul Ammann and Sushil Jajodia, ``The integrity challenge,'' Integrity and
Internal Controls in Information Systems: Strategic View on the Need for the Control, (Margaret E. van Biene-Hershey and Leon Strous, eds.), Kluwer,
Boston, 2000, pages 59-69.
61. Jiahai Yang, Peng Ning, X. Sean Wang, Sushil Jajodia, ``CARDS: A
distributed system for detecting coordinated attacks,'' in Information Security
For Global Information Infrastructures: IFIP TC11 Sixteenth Annual Working Conference on Information Security, (Sihan Qing and Jan H.P. Elof eds.),
Kluwer, Boston, August 2000, pages 171-180 (Acceptance ratio 50/180). 62. Claudio Bettini, X. Sean Wang, Sushil Jajodia, ``Free schedules for free agents
in workflow systems,'' Proc. 7th Int'l. Symp. on Temporal Representation and
Reasoning (TIME 2000), Nova Scotia, Canada, July 2000, pages 31-37.
63. Peng Ning, X. Sean Wang, Sushil Jajodia, ``An algebraic representations of calendars,'' Proc. AAAI Workshop on Spatial and Temporal Granularity, Austin, TX, June 2000, pages 1-8.
64. Sushil Jajodia, Michiharu Kudo, V. S. Subrahmanian, ``Provisional
authorizations,'' Proc. 1st Workshop on Security and Privacy in E-Commerce, Athens, Greece, November 2000.
65. Peng Liu, Peng Ning, Sushil Jajodia ``Avoiding loss of fairness owing to process crashes in fair data exchange protocols,'' IEEE Workshop on
Dependability despite Malicious Faults, In Proc. IEEE Int'l. Conf. on
Dependable Systems and Networks, New York, NY, June 2000, pages 631-640.
66. Neil F. Johnson, Zoran Duric, Sushil Jajodia, ``Recovery from watermarks on distorted images.'' Proc. 3rd Workshop on Information Hiding, Springer-Verlag
Lecture Notes in Computer Science, Vol. 1768 , 2000, pages 318-332.
67. Peng Ning, X. Sean Wang, Sushil Jajodia, ``A query facility for common intrusion detection framework,'' Proc. 23rd National Information Systems
Security Conf., Baltimore, MD, October 2000.
68. Peng Liu, Sushil Jajodia and Catherine D. McCollum, ``Intrusion confinement by isolation in information systems,'' Research Advances in Database and
Information Systems Security, Vijay Atluri and John Hale, editors, Kluwer
Publishers, Boston, 2000, pages 3-18.
69. Ravi Mukkamala, Jason Gagnon, and Sushil Jajodia, ``Integrating data mining techniques with intrusion detection,'' Research Advances in Database and
Information Systems Security, Vijay Atluri and John Hale, editors, Kluwer
Publishers, Boston, 2000, pages 33-46.
70. Peng Liu, Paul Ammann, Sushil Jajodia, ``Incorporating transaction semantics to reduce reprocessing overhead in replicated mobile data applications,'' IEEE
Int'l. Conf. on Distributed Computing Systems, 1999, pages 414-423
(Acceptance ratio 57/173).
71. Amgad Fayad, Sushil Jajodia, Catherine D. McCollum, ``Application-level isolation using data inconsistency detection,'' Proc. 15th Annual Computer
Security Applications Conf., Phoenix, AZ, December 1999, pages 119-126.
72. Sushil Jajodia, Peng Liu, Paul Ammann, ``A fault tolerance approach to survivability,'' Symp. on Protecting NATO Information Systems in the 21st
Century, Washington, DC, October 1999.
73. Neil F. Johnson, Zoran Duric, Sushil Jajodia, ``On ``fingerprinting'' images for recognition,'' Proc. 5th Int'l. Workshop on Multimedia Information Systems, Palm Springs Desert, CA, October 1999.
1. Sushil Jajodia, Steve Noel, Brian O’Berry, “Topological analysis of network attack vulnerability,” in Managing Cyber Threats: Issues, Approaches and
Challenges, Vipin Kumar, Jaideep Srivastava and Aleksandar Lazarevic,
eds., Kluwer Academic Publishers, Boston, 2004, To appear.
2. Sushil Jajodia, "Database security and privacy," in Computer Science
Handbook, 2nd edition, Allen B. Tucker, Jr., ed., CRC Press, Boca Raton, FL,
June 2004.
3. Anoop Singhal, Sushil Jajodia, "Data mining for intrusion detection," in Data
Mining and Knowledge Discovery Handbook: A Complete Guide for
Practitioners and Researchers, Oded Maimon and Lior Rokach, eds., Kluwer
Academic Publishers, Boston, 2004, To appear.
4. Mohamed Eltoweissy, Sushil Jajodia, Ravi Mukkamala, "Secure multicast for mobile commerce applications: Issues and challenges," in Advances in
Security and Payment Methods for Mobile Commerce, Wen Chen Hu,
Chung-Wei Lee, and Weidong Kou, eds., Idea Group Publishing, Hershey, PA, 2004, pages 164-190.
5. Duminda Wijesekera, Sushil Jajodia, “A flexible authorization framework,” in
Information Security: Policies and Actions in Modern Integrated Systems,
Marigrazia Fugini and Carlo Bellettini, eds. Idea Group Publishing, Hershey, PA, 2004, pages 149-176.
6. Peng Ning, Sushil Jajodia, “Intrusion Detection Systems Basics,” in Handbook
of Information Security, Hossein Bidgoli, ed., John Wiley, 2004.
7. Peng Ning, Sushil Jajodia, “Intrusion Detection Techniques,” in The Internet
Encyclopedia, Hossein Bidgoli, ed., John Wiley, ISBN 0-471-22201-1,
December 2003.
8. Daniel Barbara, Julia Couto, Sushil Jajodia, Ningning Wu, ``An architecture for anomaly detection,'' in Applications of Data Mining in Computer Security, Daniel Barbara, Sushil Jajodia, eds., ISBN 1-4020-7054-3, Kluwer Academic Publishers, Boston, 2002, pages 63-76.
9. Yingjiu Li, Ninging Wu, X. Sean Wang, and Sushil Jajodia, ``Enhancing
profiles for anomaly detection using time granularities,'' in Intrusion Detection, Deborah Frincke, ed., IOS Press, Amsterdam, 2002, pages 137-157.
10. Sushil Jajodia, Michiharu Kudo, V. S. Subrahmanian, ``Provisional authorizations,'' in E-Commerce Security and Privacy, Anup Ghosh, ed., Kluwer Academic Publishers, Boston, 2001, pages 133-159.
11. Sabrina Di Capitani di Vimercati, Pierangela Samarati, Sushil Jajodia, ``Database Security,'' in Encyclopedia of Software Engineering, 2nd edition, John Marciniak, ed., John Wiley, New York, 2001.
Needs to Solutions , P.Ammann, B. H. Barnes, S. Jajodia, E. H. Sibley, eds.,
IEEE Computer Society Press, Los Alamitos (1999), pages 204-212. 13. Pierangela Samarati and Sushil Jajodia, ``Data Security,'' in Wiley
Encyclopedia of Electrical and Electronics Engineering, Volume 4, John G.
Webster, ed., John Wiley, NY, (1999) pages 743-759.
OTHER ARTICLES
1. Csilla Farkas and Sushil Jajodia, ``The Inference problem: A survey,’’ ACM
SIGKDD Explorations, Vol. 4, No. 2, 2003, pages 6-11.
2. Daniel Barbara, Julia Couto, Sushil Jajodia, Ningning Wu, ``ADAM: A testbed for exploring the use of data mining in intrusion detection,'' ACM SIGMOD
Record, Vol. 30, No. 4, December 2001, pages 15-24.
3. Sushil Jajodia, Duminda Wijesekera, ``Security in Federated Database Systems,'' Information Security Technical Report, Vol. 6, No. 2, 2001, pages 69-79.
4. Paul Ammann and Sushil Jajodia, ``Computer security, fault Tolerance, and software assurance,'' IEEE Concurrency, Vol. 7, No. 1, January-March 1999, pages 4-6.
