Corporate Information Security Education.- Towards Corporate Information Security Obedience.- CIIP-RAM- A Security Risk Analysis Methodology for Critical Information Infrastructure Protection.- A Framework for Role-Based Monitoring of Insider Misuse.- Update/Patch Management Systems.- Investigating a Smart Technology.- Laboratory Support for Information Security Education.- An Holistic Approach to an International Doctoral Program.- A New Paradigm for Information Security Education at Doctoral Level.- Highly Qualified Information Security Personnel Training in Russia.- Doctor of Philosophy: It Security.- Doctoral Programme on ICS Security at the University of the Aegean.- An International Security Education Perspective.- DO Military Forces Need Ph.D.’s?.- A Doctoral Program with Specialization in Information Security.- A Security Model for Anonymous Credential Systems.- Private Information Storage with Logarithmic-Space Secure Hardware.- Taxonomy of Mixes and Dummy Traffic.- Identity Management for Self-Portrayal.- Privacy Preserving Online Reputation Systems.- A Risk-Driven Approach to Designing Privacy-Enhanced Secure Applications.- Privacy-Invasive Software in Filesharing Tools.- Infusing Privacy Norms in DRM.

Information Security Management, Education and Privacy
E dited by Yves Deswarte, Frédéric Cuppens, Sushil Jajodia, and Lingyu Wang
This volume contains the papers presented at three workshops embedded in the 19th IFIP International Conference on Information Security (SEC2004), which was sponsored by the International Federation for Information Processing (IFIP) and held in August 2004 as a co-located conference of the 18th IFIP World Computer Congress in Toulouse, France.
The first workshop was organized by IFIP Working Group 11.1, which is itself dedicated to Information Security Management, i.e., not only to the practical implementation of new security technology issued from recent research and development, but also and mostly to the improvement of security practice in all organizations, from multinational corporations to small enterprises. Methods and techniques are developed to increase personal awareness and education in security, analyze and manage risks, identify security policies, evaluate and certify products, processes and systems.
The second workshop was organized by IFIP Working Group 11.8, dedicated to Information Security Education. This year, the workshop was aimed at developing a first draft of an international doctorate program allowing a specialization in IT Security. The draft is based upon selected papers from individuals or groups (from academic, military and government organizations), and discussions at the workshop. This draft will be further refined and eventually published as an IFIP Report. Finally, the last workshop was organized by IFIP Working Group 11.4 on Network Security. The purpose of the workshop was to bring together privacy and anonymity experts from around the world to discuss recent advances and new perspectives on these topics that are increasingly important aspects in electronic services, especially in advanced distributed applications, such as m-commerce, agent-based systems, P2P, etc. The carefully selected papers gathered in this volume show the richness of the information security domain, as well as the liveliness of the working groups cooperating in the IFIP Technical Committee 11 on Security and Protection in Information Processing Systems.
Information Security Management, Education and Privacy is essential reading for scholars, researchers, and practitioners interested in keeping pace with the ever-growing field of information security.