RFID, e-ID Cards, Trusted Computing, Interoperability.- Radio Frequency Identification (RFID) and Data Protection Legal Issues.- e-ID and Smartcards — Current Status, Hopeful Developments and Best Practices.- European Citizen Card Combined with Travel Document Function, Convergence or Divergence?.- Physical Unclonable Functions for enhanced security of tokens and tags.- Hardware Security Features for Secure Embedded Devices.- Security in Next Generation Consumer Electronic Devices.- Security Architecture for Device Encryption and VPN.- TPM Enterprise Key Management requires centralized Hardware-based Security.- Implementation of DRM Systems under the EU Legal Framework.- IT-Grundschutz: Two-Tier Risk Assessment for a Higher Efficiency in IT Security Management.- ISOIIEC 24727 — A Future Standard for Smart Card Middleware.- Information Security Standardization — the ETSI Perspective.- Digital Signatures without the Headaches.- Could Test Standards Help on the Way to Achieve Global e-Passport Interoperability?.- A New Standard Based Road to Interoperable Strong Authentication.- Identity Management, Biometrics, PKI-Solutions, Network Security.- Identifying Patterns of Federation Adoption.- Fidelity: Federated Identity Management Security based on Liberty Alliance on European Ambit.- Deflecting Active Directory Attacks.- Implementing role based access control — How we can do it better!.- Identity and Access Control — Demonstrating Compliance.- Robust and Secure Biometrics: Some Application Examples.- Selecting the Optimal Biometric 2-factor Authentication Method — a User’s Viewpoint.- A Face Recognition System for Mobile Phones.- Advanced certificate validation service for secure Service-Oriented Architectures.- An Introduction to Validation for Federated PKIs.- MADSig: Enhancing Digital Signature to Capture Secure Document Processing Requirements.- PKi Consolidation Project and Multiapplicative Smart Payment Cards.- Security Analysis and Configuration of Large Networks.- S-VPN Policy: Access List Conflict Automatic Analysis and Resolution.- Lock-Keeper: A New Implementation of Physical Separation Technology.- SPEECH: Secure Personal End-to-End Communication with Handheld.- Finding the Mobile Trusted Element.- Security Management, Applications.- Centrally Administered COIs Using Cross-Organizational Trust.- Improving Assurance of Information Security Rol.- Modelling the Economics of Free and Open Source Software Security.- Securing service-oriented applications.- A Service Oriented Trust Development Platform.- A Trust Label for Secure and Compliant e-ID Applications: The Belgian Experience.- Electronic signature in Italy after ten years of “running in”.- Awareness Raising, Compliance, Data Protection, Cyberspace Regulation.- Internet Early Warning System: The Global View.- IT Security Vulnerability and Incident Response Management.- Blending Corporate Governance with Information Security.- On Privacy-aware Information Lifecycle Management in Enterprises: Setting the Context.- Regulation of State Surveillance of the Internet.- How Can NRA Contribute to the Improvement of IT Security?.- Information Security Regulation: Tomorrow Never Dies?.- Introducing Regulatory Compliance Requirements Engineering.- Legal Issues in Secure Grid Computing Environments.- The Impact of Monitoring Technology on the Law.

Prof. Dr. Sachar Paulus is Chief Security Officer of SAP, Walldorf, Germany.
Prof. Dr. Norbert Pohlmann is Professor for System and Information Security at the University of Applied Sciences in Gelsenkirchen, Germany.
Prof. Dr. Helmut Reimer is Chief Executive Officer of TeleTrusT, Germany.

This book presents the most interesting talks given at ISSE 2006 - the forum for the interdisciplinary discussion of how to adequately secure electronic business processes.
The topics include: Smart Token and e-ID-Card Developments and their Application - Secure Computing and how it will change the way we trust computers - Risk Management and how to quantify security threats - Awareness raising, Data Protection and how we secure corporate information.
Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2006.