Research Directions in Data and Applications Security describes original research results and innovative practical developments, all focused on maintaining security and privacy in database systems and applications that pervade cyberspace. The areas of coverage include:

-Role-Based Access Control;
-Database Security;
-XML Security;
-Data Mining and Inference;
-Multimedia System Security;
-Network Security;
-Public Key Infrastructure;
-Formal Methods and Protocols;
-Security and Privacy.

Research Directions in Data and Applications Security describes original research results and innovative practical developments, all focused on maintaining security and privacy in database systems and applications that pervade cyberspace. The areas of coverage include: -Role-Based Access Control; -Database Security; -XML Security; -Data Mining and Inference; -Multimedia System Security; -Network Security; -Public Key Infrastructure; -Formal Methods and Protocols; -Security and Privacy.

This volume contains the papers presented at the 23rd Annual IFIP WG 11. 3 Working Conference on Data and Applications Security (DBSEC) held at C- cordia University, Montreal, Canada, July 12-15, 2009. This year's working conference continued its tradition of being a forum for disseminating original research results and practical experiences in data and applications security. This year we had an excellent program consisting of 9 research paper s- sionswith 18 full researchpapers, and 4 shortpaperswhich were selected froma total of 47 submissions after a rigorous reviewing process by the Program C- mittee members and external reviewers. These sessions included such topics as access control, security policies, privacy, intrusion detection, trusted computing and data security in advanced application domains. In addition, the program included a keynote address, a tutorial and a panel session. We would like to thank Michael Reiter for his keynote address on "Better Architectures and New Security Applications for Coarse Network Monitoring. " We would also like to thank Joachim Biskup for a stimulating tutorial on "How to protect Infor- tion: Inference Control for Logic-Oriented Information Systems. " The success of this conference was a result of the e?orts of many people. We would like to extend our appreciation to the Program Committee members and externalreviewersfortheirhardwork. WewouldliketothanktheGeneralChair, MouradDebbabi, for taking care of the organizationalaspects of the conference.