Preface. Conference Organization. Contributing Authors. I: Invited Talk I. Invited Talk - Inference Control Problem in Statistical Database Query Systems; L.H. Cox. II: Access Control. Attribute Mutability in Usage Control; Jaehong Park, et al. Star Tree: An Index Structure for Efficient Evaluation of Spatiotemporal Authorizations; V. Alturi, Qui Guo. An Extended Analysis of Delegating Obligations; A. Schaad. Implementing Real-Time Update of Access Control Policies; I. Rai, Tai Xin. III: Data Protection Techniques. Defending against Additive Attacks with Maximal Errors in Watermarking Relational Databases; Jingjui Li, et al. Performance-Conscious Key Management in Encrypted Databases; H. Hacigümüs, S. Mehrotra. Damage Discovery in Distributed Database Systems; Yanjun Zuo, B. Panda. IV: Database Theory and Inference Control. Information Flow Analysis for File Systems and Databases Using Labels; E. Gudes, et al. Refusal in Incomplete Databases; J. Biskup, T. Weibert. Why is This User Asking so Many Questions? Explaining Sequences of Queries; A.C. Acar, A. Motro. V: Invited Talk II. Invited Talk - Towards Semantics-Aware Access Control; E. Damiani, S. De Capitani-de Vimercati. VI: System Security Analysis. RBAC/MAC Security for UML; T. Doan, et al. Secure Bridges: A Means to Conduct Secure Teleconferences over Public Telephones; I. Youn, D. Wijesekera. VII: Access Control Design and Management. Policy-based Security Management for Enterprise Systems; R. Mukkamala, et al. A Pattern System for Access Control; T. Priebe, et al. A Design for Parameterized Roles; Mei Ge, S.L. Osborn.VIII: Distributed Systems. Efficient Verification of Delegation in Distributive Group Membership Management; L. Huraj, H. Reiser. Web Resource Usage Control in RSCLP; S. Barker. Securely Distributing Centralized Multimedia Content Utilizing Peer-to-Peer Cooperation; I. Ray T. Hajek. IX: Privacy. On the Damage and Compensation of Privacy Leakage; Da-Wei Wang, et al. An Experimental Study of Distortion-Based Techniques for Association Rule Hiding; E.D. Pontikakis, et al. Privacy-Preserving Multi-Party Decision Tree Induction; J.Z. Zhan, et al. X: Network Protection and Configuration. Configuring Storage Area Networks for Mandatory Security; B. Aziz, et al. A Framework for Trusted Wireless Networks; J.S. Park, A. Jain. Author Index.