Keynote Address.- BitBlaze: A New Approach to Computer Security via Binary Analysis.- Languages and Formal Methods.- On the Decidability of Model-Checking Information Flow Properties.- Synthesizing Enforcement Monitors wrt. the Safety-Progress Classification of Properties.- Implicit Flows: Can’t Live with ‘Em, Can’t Live without ‘Em.- Protocols.- A Robust Reputation Scheme for Decentralized Group Management Systems.- Complexity of Checking Freshness of Cryptographic Protocols.- Secure Internet Voting Based on Paper Ballots.- Short Papers.- A Secure Round-Based Timestamping Scheme with Absolute Timestamps (Short Paper).- A Framework for Trustworthy Service-Oriented Computing (Short Paper).- Revisiting Bluetooth Security (Short Paper).- A Verification Framework for Temporal RBAC with Role Hierarchy (Short Paper).- Keynote Address.- Computing on Encrypted Data.- Ongoing Research.- Identification of Cryptographically Strong and Weak Pseudorandom Bit Generators.- Proxy Re-signature Schemes.- Keynote Address.- Fast Signature Matching Using Extended Finite Automaton (XFA).- Intrusion Detection.- Real-Time Alert Correlation with Type Graphs.- Incorporation of Application Layer Protocol Syntax into Anomaly Detection.- A Parallel Architecture for Stateful, High-Speed Intrusion Detection.- Biometrics, Forensics and Steganography.- Indexing Multimodal Biometric Databases Using Kd-Tree with Feature Level Fusion.- Audio Watermarking Based on Quantization in Wavelet Domain.- Overwriting Hard Drive Data: The Great Wiping Controversy.- Practical Applications.- Optimizing the Block Cipher and Modes of Operations Overhead at the Link Layer Security Framework in the Wireless Sensor Networks.- Privacy Management for Facebook.- HyDRo – Hybrid Development of Roles.- Keynote Address.- The Enlightened Era of Enterprise Security (Invited Talk).

This book constitutes the refereed proceedings of the 4th International Conference on Information Systems Security, ICISS 2008, held in Hyderabad, India, in December 2008.

The 15 revised full papers, 4 short papers, and 2 research reports presented together with 4 keynote talks were carefully reviewed and selected from 81 submissions. The papers span a wide range of topics including access control, cryptography, forensics, formal methods and language-based security, intrusion detection, malware defense, network and Web security, operating system security, and privacy, and are organized in topical sections on languages and formal methods, protocols, ongoing research, intrusion detection, biometrics, forensics and steganography, and practical applications.