Security of Information and Networks
Proceedings of the First International Conference on Security of Information and Networks (SIN 2007)
by
Book Cover & Preview Text
PREFACE The International Conference on Security of Information and Networks (SIN 2007) was hosted by the Eastern Mediterranean University in Gazimagusa, North Cyprus and co-organized by the Istanbul Technical University, Turkey. SIN 2007 followed a national conference held in Turkey. It is the intention of the SIN steering committee that SIN will become an annual series of international conferences in the area of Security of Information and Networks. The conference provided a relaxed atmosphere in which researchers could present and discuss new work on selected areas of current interest. While SIN 2007 covered all areas of information and network security, the papers presented focused on the following topics: • cryptology: design and analysis of cryptographic algorithms, hardware and software implementations of cryptographic algorithms, and steganography; • network security: authentication, authorization and access control, privacy, intrusion detection, grid security, and mobile and personal area networks; • IT governance: information security management systems, risk and threat analysis, and information security policies. They represented an interesting mix of innovative academic research and experience reports from practitioners. A total of 80 papers were submitted. After an extensive reviewing process, the program committee accepted 24 papers and 16 short papers for presentation at the conference. The program was complemented by a number of invited speakers, who delivered excellent overview talks: • Elisabeth Oswald, University of Bristol, Bristol, UK: Power Analysis Attack -- A Very Brief Introduction; • Marc Joye, Thomson R&D, France: On White-Box Cryptography; • Çetin Kaya Koç, Istanbul Commerce University, Turkey and Oregon State University, USA: Micro-Architectural Side-Channel Attacks and Branch Prediction Attack; • Karthik Bhargawan, Microsoft Research Cambridge, UK: Web Services Security: Protocols, Implementations, and Proofs; • Bart Preneel, Katholieke Universiteit Leuven, Leuven, Belgium: Research Challenges in Cryptology; • Mehmet Ufuk Çağlayan, Boğaziçi University, Turkey: Secure Routing in Ad Hoc Networks and Model Checking. On the days before the conference five tutorials were presented on a broad range of topics. First and foremost we would like to thank the members of the program committee for their efforts on reviewing the papers. We would also like to thank the numerous external reviewers for their assistance. We are also indebted to North Cyprus Turkcell, TRNC Ministry of Education and Culture, Gazimagusa Teknopark, Microsoft Research Cambridge, Microsoft Turkey, Argela Technologies, Nethouse Broadband Internet and EC-Council for financial support of the workshop. We would like to thank the following organizations for their support of the conference: National Research Institute of Electronics and Cryptology (UEKAE), IEEE Turkey Section, IEEE Computer Society Turkey Branch, Chamber of Computer Engineers, TRNC, North Cyprus, Internet Technologies Association (INETD), Turkey and Linux Users Association (LKD), Turkey. We thank our organizers, namely the Faculty of Engineering at the Eastern Mediterranean University (EMU), and the Faculty of Electrical and Electronics Engineering of the Istanbul Technical University. The extensive hosting facilitation provided by the Department of Computer Engineering of EMU in terms of faculty, staff, and equipment has been our steady base in preparing the conference. As such, we gratefully acknowledge the support accorded to SIN 2007 Conference by the Chairman of the Department, Assoc. Prof. Dr. Hasan Kömürcügil, by the Dean, Prof. İzzet Kale, and by the Vice Rector (Research), Prof. Mehmet Altınay. We also wish to thank Internet Technology Research Center of EMU for administrative support, Mr. Behnam Rahnama for developing and maintaining the SIN 2007 website, and, Microsoft Research for providing the MSR Conference Management Tool, the web-based review site. We are gratefull to quite a few people for their unfaltering services during the conference: Ms. Fatma Tansu and İdil Candan at the Registration Desk, Mr. Osman Veysal and Mr. Hurol Mear for technical services, Mr. Erdal Altun for all provisioning relations, volunteers of the ACM EMU Student Chapter under the leadership of Mr. Özcan İlikhan for conference hosting services, Dr. Yıltan Bitirim for his ever-ready & willing to produce results management in local arrangements, and Asst. Prof. Dr. Ahmet Ünveren for his able and timely organizing in order to faciliate the conference site. We also thank Kre-Com Travel Agent and the Salamis Bay Conti Resort Hotel management for their support of the conference. Camera-ready formatting of this book was done by Mr. Behnam Rahnama who painstakingly dealt with every detail to render it right. The elusive background image of the front cover is the creation of Mr. Artiss Akarra and Ms. Ecem Akarra, both of Turin Design, USA. Incidentally, they are also to receive kudos for the attractive SIN 2007 posters. We are greatly indebted to these fine people. Finally we would like to thank all the participants, submitters, authors and presenters who all together made SIN 2007 a great success. We hope that the development of an international conference in this area of the world will bring together researchers in information security, strengthen their cooperation and stimulate their research. June 2007 Atilla Elci, Sıddıka Berna Örs, Bart Preneel
Formats
Book Details
About the Book
This book is a select collection of edited papers from the International Conference on Security of Information and Networks (SIN 2007) on the main theme of Information Assurance, Security, and Public Policy. SIN 2007 was hosted by the Eastern Mediterranean University in Gazimagusa, North Cyprus and co-organized by the Istanbul Technical University, Turkey. While SIN 2007 covered all areas of information and network security, the papers included here focused on the following topics:
- cryptology: design and analysis of cryptographic algorithms, hardware and software implementations of cryptographic algorithms, and steganography;
- network security: authentication, authorization and access control, privacy, intrusion detection, grid security, and mobile and personal area networks;
- IT governance: information security management systems, risk and threat analysis, and information security policies.
They represent an interesting mix of innovative academic research and experience reports from practitioners. This is further complemented by a number of invited papers providing excellent overviews:
- Elisabeth Oswald, University of Bristol, Bristol, UK: Power Analysis Attack: A Very Brief Introduction;
- Marc Joye, Thomson R&D, France: On White-Box Cryptography;
- Bart Preneel, Katholieke Universiteit Leuven, Leuven, Belgium: Research Challenges in Cryptology;
- Mehmet Ufuk Caglayan, Bogazici University, Turkey: Secure Routing in Ad Hoc Networks and Model Checking.
The papers are organized in a logical sequence covering Ciphers; Mobile Agents & Networks; Access Control and Security Assurance; Attacks, Intrusion Detection, and Security Recommendations; and, Security Software, Performance, and Experience.
About the Author
Internet Technology Research Center (President), and Dept. of Computer Engineering, Eastern Mediterranean University, Gazimagusa, North Cyprus. e-mail: Atilla.Elci@emu.edu.tr; home site: cmpe.emu.edu.tr/aelci.
Dr. Atilla Elçi received M.Sc. and Ph.D. degrees at Purdue University in Computer Sciences with high honors citation. He was a faculty member in the Dept. of Computer Sciences & Engineering in Middle East Technical Univ., Turkey, during 1976- 1985. He served in the positions of Chairman (2 years), Asst. Chairman (4 years), and Manager of the University Computer Center (3 years) besides teaching. He was head of Systems and Languages Major for 5 years. He became Associate Professor in Software major in 1983. From 1985 till 1997, he was consultant to the International Telecommunication Union (ITU), serving in computerization development projects of UNDP. He held numerous positions as chief technical adviser, senior expert, project designer and project manager in more than 20 countries in five continents. Subsequently he founded and ran his own company in Turkey offering IT and communications solutions (1998-2003). In 2001 he established the Department of Computer Engineering in Haliç University, Istanbul, serving as its Chairman till 2003. He is currently with the Department of Computer Engineering, and the President of the Internet Technologies Research Center, Eastern Mediterranean University, North Cyprus. Dr. Elçi has extensive experience in semantic Web, Web technology, multi-agent systems, semantic robotics, Internet, systems and languages, software engineering, education and training, and information systems in the telecoms agencies. He published over 100 papers, edited several proceedings, a series of 17 computer-based coursewares, designed several UNDP/ITU development projects in telecoms computerization, and organized several conferences, such as ESAS 2006 & 2007 and SIN 2007. Dr. Elçi is a member of ACM, IEEE, IEEE CS, and Turkish Informatics Association.
--------------------------------------------------------------------------------S. Berna Ors received the Electronics and Communication Engineering Degree in 1995 and the M.Sc. Degree in Electronics and Communication Engineering in 1998 from the Istanbul Technical University, in Istanbul, Turkey. She received the Ph.D. Degree in applied sciences from the Katholieke Universiteit Leuven, in Leuven, Belgium in 2005. She is currently assistant professor at Istanbul Technical University. Her interests include circuits, processor architectures and embedded systems in application domains such as security, cryptography, digital signal processing and wireless applications.
--------------------------------------------------------------------------------Preneel received the Electrical Engineering degree and the Doctorate in Applied Sciences from the Katholieke Universiteit Leuven (Belgium). He is currently full professor at the Katholieke Universiteit Leuven. He has been visiting professors at the Technical University of Denmark (2007), Graz University of Technology in Austria (1997-2006), the University of Bergen in Norway (1997-2001), Ruhr-Universitaet Bochum in Germany (2001-2002) and at the University of Ghent (1994-2002). He is a scientific advisor of Philips Research (the Netherlands). During the academic year 1993-1994, he was a research fellow of the EECS Department of the University of California at Berkeley. His main research interests are cryptology and information security.
He has authored and co-authored more than 200 scientific publications and is inventor of two patents. He is vice president of the IACR (International Association for Cryptologic Research) and a member of the Editorial Board of the Journal of Cryptology, the IEEE Transactions on Information Forensics and Security, and the International Journal of Information and Computer Security.
He is also a member of the Accreditation Board of the Computer and Communications Security Reviews (ANBAR, UK).
He has participated to more than 20 research projects sponsored by the European Commission, for four of these as project manager. He is currently project manager of the European Network of Excellence ECRYPT (www.ecrypt.eu.org) which groups more than 250 researchers in the area of cryptology and watermarking.
He was program (co-)chairman of 9 international conferences (including Eurocrypt 2000 and SAC 2005) and has been a member of more than 100 international program committees. He has been invited speaker at 25 international conferences and workshops. He has lectured at 30 international Summer Schools in 15 countries.
In 2003, he has received the European Information Security Award in the area of academic research, and he received an honorary Certified Information Security Manager (CISM) designation by the Information Systems Audit and Control Association (ISACA).
Since 1989, he is a Belgian expert in working group ISO/IEC JTC1/SC27/WG2 (Security Techniques and Mechanisms), where he has edited five international standards.
He is president of L-SEC vzw. (Leuven Security Excellence Consortium), an association of 50 companies and research institutions in the area of e-security.