ISSE/SECURE 2007 Securing Electronic Business Processes Highlights of the Information Security Solutions Europe/SECURE 2007 Conference

ENISA is proud to be working with eema, TeleTrusT, NASK (the Polish research and development organization and leading Polish data networks operator) and the German Federal Ministry of the Inte rior as well as the German Federal Offce for Information Security for this year’s 9th annual Information Security Solutions Europe Confer ence. The aimof the ISSE has always been to support the developmentof a European information security culture and especially a cross border framework for trustworthy IT applications for citizens, industry and administration. ENISA is committed to these goals. In our work we assist and advise the European Commission, Member States as well as business community on network and information security as well as on legislative requirements, and we are delighted to support the ISSE again this year. The security of communication networks and information systems is of increasing concern. In order to face today’s complex information security challenges it is clear that working collaboratively with one another is the key to generating new strategies to address these problems. It has been an exciting opportunity to facilitate this collaboration at the ISSE 2007, pulling together the wealth of industry knowledge, information and research that we hold in Europe, as well as across the globe. The success of this event in generating ideas and frank, lively debate around the complex topic of IT security is due also to the independent, varied nature of the programme, which was selected by world wide specialists in the feld.

Legal, Technical and Social Aspects of Security.- Regulating Information Security: A Matter of Principle?.- ISTPA Operational Analysis of International Privacy Requirements.- The Legal Conflict between Security and Privacy in Addressing Crime and Terrorism on the Internet.- Data Encryption on File Servers.- Setting up an Effective Information Security Awareness Programme.- Saferinternet.pl Project — Educational Activities for Internet Safety in Poland.- Is Cyber Tribalism Winning Online Information Warfare?.- Phishing Across Interaction Channels: Methods, Experience and Best Practice.- IT-Security Beyond Borders — an Assessment of Trust Levels Across Europe.- Analyzing and Improving the Security of Internet Elections.- Remote Access Mechanics as a Source of Threats to Enterprise Network Infrastructure.- “Private Investigation” in the Computer Environment: Legal Aspects.- Identity, Information Security and Rights Management.- Design Rationale behind the Identity Metasystem Architecture.- Federated ID Management — Tackling Risk and Credentialing Users.- Information Security Governance for Executive Management.- Model Driven Security for Agile SOA-Style Environments.- The Business Perspective on Roles Including Root Causes of Implementation Problems and Proven Ways to Overcome them.- A Security Architecture for Enterprise Rights Management.- Rights Management Technologies: A Good Choice for Securing Electronic Health Records?.- Case Studies from Fuzzing Bluetooth, WiFi and WiMAX.- Evaluation of the Possible Utilization of anti-spam Mechanisms Against spit.- Modeling Trust Management and Security of Information.- Smart Tokens, eID Cards, Infrastructure Solutions and Interoperability.- Infrastructure for Trusted Environment: In Search of a Solution.- IntegrityCheck of Remote Computer Systems Trusted Network Connect.- Technical Guidelines for Implementation and Utilization of RFID-based Systems.- High Density Smart Cards: New Security Challenges and Applications.- ID Cards in Practice.- Large Scale Fingerprint Applications: Which Technology Should be Used?.- From the eCard-API-Framework Towards a Comprehensive eID-Framework for Europe.- Making Digital Signatures Work across National Borders.- Financial Fraud Information Sharing.- Enterprise Key Management Infrastructure.- Intrinsic Physical Unclonable Functions in Field Programmable Gate Arrays.- Security Evaluation and Testing — Past, Present and Future.- Economics of Security and PKI Applications.- Managing Information Security in Small and Medium Sized Enterprises: A Holistic Approach.- EKIAS — Success Criteria of PKI Implementations.- Embedded PKI in Industrial Facilities.- SIM-enabled Open Mobile Payment System Based on Nation-wide PKI.- Evidence Record Syntax — a new International Standard for Long-Term Archiving of Electronic Documents and Signed Data.- PKI and Entitlement — Key Information Security Management Solutions for Business and IT Compliance.- Future Diffusion of PK1-Technology — A German Delphi Study.- The Introduction of Health Telematics in Germany.- The German Identity Card — Concepts and Applications.- Infrastructures for Identification and Identity Documents.- The Security Infrastructure of the German Core Application in Public Transportation.- Applications of Citizen Portals.- Virtual Post Office in Practice.

Prof. Dr. Norbert Pohlmann is Professor for System and Information Security at the University of Applied Sciences in Gelsenkirchen, Germany.
Prof. Dr. Helmut Reimer is Senior Partner, TeleTrusT, Germany.
Dipl.-Math. Wolfgang Schneider is Deputy Institute Director, Fraunhofer Institute SIT, Germany.