Role-based access control (RBAC) is a widely used technology to control information flows as well as control flows within and between applications in compliance with restrictions implied by security policies, in particular, to prevent disclosure of information or access to resources beyond restrictions defined by those security policies. Since RBAC only provides the alternatives of either granting or denying access, more fine-grained control of information flows such as “granting access to information provided that it will not be disclosed to targets outside our organisation during further processing” is not possible. In business processes, in particular those spanning several organisations, which are commonly defined using business process execution language (BPEL), useful information flows not violating security policy-implied limitations would be prevented if only the access control capabilities offered by RBAC are in use. The book shows a way of providing more refined methods of information flow control that allow for granting access to information or resources by taking in consideration the former or further information flow in a business process requesting this access. The methods proposed are comparatively easy to apply and have been proven to be largely machine-executable by a prototypical realisation. As an addition, the methods are extended to be also applicable to BPEL-defined workflows that make use of Grid services or Cloud services. IT Security Specialists Chief Information Officers (CIOs) Chief Security Officers (CSOs) Security Policy and Quality Assurance Officers and Managers Business Process and Web/Grid/Cloud Service Designers, Developers, Operational Managers Interested Learners / Students in the Field of Security Management.

This book constitutes the refereed proceedings of the 12th Asian Computing Science Conference, ASIAN 2007, held in Doha, Qatar, in December 2007. Covering all current aspects of computer and network security, the papers are organized in topical sections on program security, computer security, access control, protocols, intrusion detection, network security, and safe execution.

This book constitutes the refereed proceedings of the Second International Information Security Practice and Experience Conference, ISPEC 2006, held in Hangzhou, China, in April 2006. The 35 revised full papers presented were carefully reviewed and selected from 307 submissions. The papers are organized in topical sections.

This book constitutes the refereed proceedings of the Workshops and Symposiums of the 15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015, held in Zhangjiajie, China, in November 2015. The program of this year consists of 6 symposiums/workshops that cover a wide range of research topics on parallel processing technology: the Sixth International Workshop on Trust, Security and Privacy for Big Data, TrustData 2015; the Fifth International Symposium on Trust, Security and Privacy for Emerging Applications, TSP 2015; the Third International Workshop on Network Optimization and Performance Evaluation, NOPE 2015; the Second International Symposium on Sensor-Cloud Systems, SCS 2015; the Second International Workshop on Security and Privacy Protection in Computer and Network Systems, SPPCN 2015; and the First International Symposium on Dependability in Sensor, Cloud, and Big Data Systems and Applications, DependSys 2015. The aim of these symposiums/workshops is to provide a forum to bring together practitioners and researchers from academia and industry for discussion and presentations on the current research and future directions related to parallel processing technology. The themes and topics of these symposiums/workshops are a valuable complement to the overall scope of ICA3PP 2015 and give additional values and interests.

This volume features the refereed proceedings of the 4th International Conference on Trust and Privacy in Digital Business. The 28 papers were all carefully reviewed. They cover privacy and identity management, security and risk management, security requirements and development, privacy enhancing technologies and privacy management, access control models, trust and reputation, security protocols, and security and privacy in mobile environments.

Web services is rapidly becoming one of the most valued aspects of information technology services, as Web-based technological advancements continue to grow at an exponential rate. Web Services Research and Practices provides researchers, scholars, and practitioners in a variety of settings essential up-to-date research in this demanding field, addressing issues such as communication applications using Web services; Semantic services computing; discovery, modeling, performance, and enhancements of Web services; and Web services architecture, frameworks, and security.

Based on the paradigm of model-driven security, the authors of this book show how to systematically design and realize security-critical applications for SOAs. In a second step, they apply the principles of model-driven security to SOAs.