Advances in Information Security and Assurance Third International Conference and Workshops, ISA 2009, Seoul, Korea, June 25-27, 2009. Proceedings

Welcome to the Third International Conference on Information Security and Ass- ance (ISA 2009). ISA 2009 was the most comprehensive conference focused on the various aspects of advances in information security and assurance. The concept of security and assurance is emerging rapidly as an exciting new paradigm to provide reliable and safe life services. Our conference provides a chance for academic and industry professionals to discuss recent progress in the area of communication and networking including modeling, simulation and novel applications associated with the utilization and acceptance of computing devices and systems. ISA 2009 was a succ- sor of the First International Workshop on Information Assurance in Networks (IAN 2007, Jeju-island, Korea, December, 2007), and the Second International Conference on Information Security and Assurance (ISA 2008, Busan, Korea, April 2008). The goal of this conference is to bring together researchers from academia and industry as well as practitioners to share ideas, problems and solutions relating to the multifaceted aspects of information technology. ISA 2009 contained research papers submitted by researchers from all over the world. In order to guarantee high-quality proceedings, we put extensive effort into reviewing the papers. All submissions were peer reviewed by at least three Program Committee members as well as external reviewers. As the quality of the submissions was quite high, it was extremely difficult to select the papers for oral presentation and publication in the proceedings of the conference.

Cryptographic Algorithms.- Update on SEED: SEED-192/256.- A New Double-Block-Length Hash Function Using Feistel Structure.- Authentication and Identity Management.- The Dark Side of Timed Opacity.- Certificateless Signature Scheme without Random Oracles.- Authorization and Access Control.- Fine-Grain Access Control Using Shibboleth for the Storage Resource Broker.- Grouping Provenance Information to Improve Efficiency of Access Control.- Tagging the Turtle: Local Attestation for Kiosk Computing.- Selective Regression Test for Access Control System Employing RBAC.- Formal Verification for Access Control in Web Information Sharing System.- Biometrics and Computer Forensics.- Adaptive Iris Segmentation.- Recognizing Partially Occluded Faces from a Single Exemplar Image Per Person.- Methodology and Tools of IS Audit and Computer Forensics – The Common Denominator.- Cryptographic Protocols.- What about Vulnerability to a Fault Attack of the Miller’s Algorithm During an Identity Based Protocol?.- A New Strongly Secure Authenticated Key Exchange Protocol.- Improved Implementations of Cryptosystems Based on Tate Pairing.- Efficient Secure Multiparty Computation Protocol in Asynchronous Network.- Data Integrity and Privacy.- Clustering-Based Frequency l-Diversity Anonymization.- Protect Disk Integrity: Solid Security, Fine Performance and Fast Recovery.- A Kademlia-Based Node Lookup System for Anonymization Networks.- Key Management and Recovery.- A Computationally-Efficient Construction for the Matrix-Based Key Distribution in Sensor Network.- Key-Insulated Encryption Based Key Pre-distribution Scheme for WSN.- Mobile and RFID Network Security.- Securing Mobile Phone Calls with Identity-Based Cryptography.- On the Security Properties and Attacks against Mobile Agent Graph Head Sealing (MAGHS).- Firewall, IDS, Anti-virus, and Other Security Products.- A New Approach to Malware Detection.- ATTENTION: ATTackEr Traceback Using MAC Layer AbNormality DetecTION.- A Deployment Value Model for Intrusion Detection Sensors.- Internet and Web Services Security.- Security Evaluation of an Intrusion Tolerant Web Service Architecture Using Stochastic Activity Networks.- Counteracting Phishing Page Polymorphism: An Image Layout Analysis Approach.- Cyber-attack and Cyber-terrorism.- Signaling-Oriented DoS Attacks in UMTS Networks.- Detecting DDoS Attacks Using Dispersible Traffic Matrix and Weighted Moving Average.- Attack Patterns Discovery by Frequent Episodes Mining from Honeypot Systems.- Other Security Research.- Efficient and Automatic Instrumentation for Packed Binaries.- Secure Cover Selection Steganography.- Side-Channel Leakage in Masked Circuits Caused by Higher-Order Circuit Effects.- Performance Analysis of Digital Secure Voice Transmission over HF Radio Channel.- Energy Analysis of Multimedia Video Streaming on Mobile Devices.- Combating Index Poisoning in P2P File Sharing.- A Cryptanalytic View of the NSA’s Skipjack Block Cipher Design.- MinuCode: A Fixed-Value Representation of Fingerprint Minutiae for Biometric Cryptosystem.- Self-initialized Distributed Certificate Authority for Mobile Ad Hoc Network.- Design and Delivery of Undergraduate IT Security Management Course.- MoWiN 2009.- Secure Multi-party Computation Using Virtual Parties for Computation on Encrypted Data.- Using a Link Metric to Improve Communication Mechanisms and Real-Time Properties in an Adaptive Middleware for Heterogeneous Sensor Networks.- Performance Evaluation of DSR in Multi-services Ad Hoc Networks.- Implementation and Evaluation of WiMedia MAC LSI.- A Reliable and Efficient Pedal Back Data Disseminating Scheme for Ad-Hoc WSNs.- Improved Location Acquisition Algorithms for the Location-Based Alert Service.- An Enhanced Trust Center Based Authentication in ZigBee Networks.- Sensor Disposition Problem in Wireless Ad-Hoc Sensor Networks.- Performance Evaluation of Cost Effective Routing for Packet Transmissions in Mobile Ad Hoc Networks.- Energy Lesser Broadcasting Algorithms Using Adjustable Transmission Ranges in Mobile Ad Hoc Networks.- A Multi-Path Routing Supported Scheduling Algorithm for Multi-Channel Single-Transceiver Wireless Mesh Networks.- Predictive Scheme for Location Service in Mobile Ad-Hoc Networks.- An Efficient Hybrid Routing Approach for Hybrid Wireless Mesh Networks.- Relationship between Motivation and Satisfaction of Online Computer Games: Evidence from Adolescent Players Using Wireless Service in Taiwan.- DISHES: A Distributed Shell System for Ubiquitous Computing.- Error Control Scheme of Hybrid ARQ Based on Majority Voting Bit by Bit.- Secure Error-Correction Network Coding in a Randomized Setting.- Bayesian Approach Based Comment Spam Defending Tool.- NASSUE 2009.- An Improved Secure Identity-Based On-Line/Off-Line Signature Scheme.- Honeybee-Based Model to Detect Intrusion.- A Data Mining Framework for Building Intrusion Detection Models Based on IPv6.- FPGA Implementation of Elliptic Curve Point Multiplication over GF(2191).- A Forward-Secrecy WTLS Handshake Protocol Based on XTR.- Application of 2D Barcode in Hardcopy Document Verification System.- Protecting Global SOA from DoS and Other Security Threats.- CRYPTEX Model for E-Commercial Contract of Software Source Code Using Secrete Sharing Scheme.- HOTP-Based User Authentication Scheme in Home Networks.- IAWSN 2009.- A Comparative Analysis of HC-128 and Rabbit Encryption Schemes for Pervasive Computing in WSN Environment.- A Comparative Analysis of PKC and Semi-PKC Based Key Management Schemes for Hierarchical Sensor Networks.- A Mathematical Approach towards Trust Based Security in Pervasive Computing Environment.- A Secure Group Rekeying Scheme with Compromised Node Revocation in Wireless Sensor Networks.- Fault Tolerant Secure Routing in Cluster Based Mobile Sensor Networks.- Hardware-Based Random Number Generation in Wireless Sensor Networks(WSNs).- Authenticated Encryption in WSN Using eSTREAM Ciphers.- WNGS 2009 and CGMS 2009.- Aggregate and Verifiably Encrypted Signatures from Multilinear Maps without Random Oracles.- Device Authentication/Authorization Protocol for Home Network in Next Generation Security.- A Study on Feasibility and Establishment of a Security Grade Certification Scheme for the New IT Services.- Domain Specific Intended Use Evaluation Method: Intrusion Detection Specific Intended Use Evaluation Method.- A Study of International Trend Analysis on Web Service Vulnerabilities in OWASP and WASC.- Cryptanalysis of Secure Key Exchange Protocol between STB and Smart Card in IPTV Broadcasting.- Free-Form Deformation Axis Aligned Bounding Box.- SHCI-ISA 2009.- A Study on Mosaic Based CCTV System Using Localization.- Selecting the Wireless Communication Methods for Establishing Ubiquitous City-Gas Facilities in Korea.- Safety High Accuracy Context-Aware Matrix (CAM) Making Based on X.509 Proxy Certificate.