This book constitutes the refereed proceedings of the 28th IFIP WG 11.3 International Working Conference on Data and Applications Security and Privacy, DBSec 2014, held in Vienna, Austria, in July 2014. The 22 revised full papers and 4 short papers presented were carefully reviewed and selected from 63 submissions. The papers are organized in topical sections on access control, privacy, networked and mobile environments, data access, cloud databases, and private retrieval.

Computer technology evolves at a rate that challenges companies to maintain appropriate security for their enterprises. With the rapid growth in Internet and www facilities, database and information systems security remains a key topic in businesses and in the public sector, with implications for the whole of society. Research Advances in Database and Information Systems Security covers issues related to security and privacy of information in a wide range of applications, including: * Critical Infrastructure Protection; * Electronic Commerce; * Information Assurance; * Intrusion Detection; * Workflow; * Policy Modeling; * Multilevel Security; * Role-Based Access Control; * Data Mining; * Data Warehouses; * Temporal Authorization Models; * Object-Oriented Databases. This book contains papers and panel discussions from the Thirteenth Annual Working Conference on Database Security, organized by the International Federation for Information Processing (IFIP) and held July 25-28, 1999, in Seattle, Washington, USA.Research Advances in Database and Information Systems Security provides invaluable reading for faculty and advanced students as well as for industrial researchers and practitioners engaged in database security research and development.

Security of Data and Transaction Processing brings together in one place important contributions and up-to-date research results in this fast moving area. Security of Data and Transaction Processing serves as an excellent reference, providing insight into some of the most challenging research issues in the field.

Information security is receiving a great deal of attention as computers increasingly process more and more sensitive information. A multilevel secure database management system (MLS DBMS) is designed to store, retrieve and process information in compliance with certain mandatory security requirements, essential for protecting sensitive information from unauthorized access, modification and abuse. Such systems are characterized by data objects labeled at different security levels and accessed by users cleared to those levels. Unless transaction processing modules for these systems are designed carefully, they can be exploited to leak sensitive information to unauthorized users. In recent years, considerable research has been devoted to the area of multilevel secure transactions that has impacted the design and development of trusted MLS DBMS products. Multilevel Secure Transaction Processing presents the progress and achievements made in this area. The book covers state-of-the-art research in developing secure transaction processing for popular MLS DBMS architectures, such as kernelized, replicated, and distributed architectures, and advanced transaction models such as workflows, long duration and nested models. Further, it explores the technical challenges that require future attention. Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.

This volume contains the papers presented at the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC) held in L- don, UK, July 13-16, 2008. This year's working conference continued its tra- tion of being a forum for disseminating original research results and practical experiences in data and applications security. This year we had an excellent program that consists of 9 research paper s- sions with 22 high-quality research papers, which were selected from a total of 56 submissions after a rigorous reviewing process by the Program Committee members and external reviewers. These sessions included such topics as access control, privacy, auditing, systems security and data security in advanced app- cation domains. In addition, the programincluded a keynote address, an invited talk and a panel session. The success of this conference was a result of the e?orts of many people. I would like to extend my appreciation to the Program Committee members and external reviewers for their hard work. I would like to thank the General Chair, SteveBarker,fortakingcareoftheorganizationaspectsoftheconferenceandfor arranging the keynote address and the panel session. I would also like to thank Claudio Ardagna for serving as the Publicity Chair and for promptly updating the conference Web page, and Don Lokuadassuriyage for serving as the Local Arrangements Chair. Special thanks go to Alfred Hofmann, Editorial Director at Springer, for agreeing to include these conference proceedings in the Lecture Notes in Computer Science series.

Computer technology evolves at a rate that challenges companies to maintain appropriate security for their enterprises. With the rapid growth in Internet and www facilities, database and information systems security remains a key topic in businesses and in the public sector, with implications for the whole of society. Research Advances in Database and Information Systems Security covers issues related to security and privacy of information in a wide range of applications, including: Critical Infrastructure Protection; Electronic Commerce; Information Assurance; Intrusion Detection; Workflow; Policy Modeling; Multilevel Security; Role-Based Access Control; Data Mining; Data Warehouses; Temporal Authorization Models; Object-Oriented Databases. This book contains papers and panel discussions from the Thirteenth Annual Working Conference on Database Security, organized by the International Federation for Information Processing (IFIP) and held July 25-28, 1999, in Seattle, Washington, USA. Research Advances in Database and Information Systems Security provides invaluable reading for faculty and advanced students as well as for industrial researchers and practitioners engaged in database security research and development.

Security of Data and Transaction Processing brings together in one place important contributions and up-to-date research results in this fast moving area. Security of Data and Transaction Processing serves as an excellent reference, providing insight into some of the most challenging research issues in the field.

Information security is receiving a great deal of attention as computers increasingly process more and more sensitive information. A multilevel secure database management system (MLS DBMS) is designed to store, retrieve and process information in compliance with certain mandatory security requirements, essential for protecting sensitive information from unauthorized access, modification and abuse. Such systems are characterized by data objects labeled at different security levels and accessed by users cleared to those levels. Unless transaction processing modules for these systems are designed carefully, they can be exploited to leak sensitive information to unauthorized users. In recent years, considerable research has been devoted to the area of multilevel secure transactions that has impacted the design and development of trusted MLS DBMS products. Multilevel Secure Transaction Processing presents the progress and achievements made in this area. The book covers state-of-the-art research in developing secure transaction processing for popular MLS DBMS architectures, such as kernelized, replicated, and distributed architectures, and advanced transaction models such as workflows, long duration and nested models. Further, it explores the technical challenges that require future attention. Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.

This book constitutes the refereed proceedings of the 16th European Symposium on Computer Security, ESORICS 2011, held in Leuven, Belgium, in September 2011. The 36 papers included in the book were carefully reviewed and selected from 155 papers. The articles are organized in topical sections on wireless security; Web security; forensics, biometrics and software protection; access control; cryptography and protocol analysis; information flow, side channels, and vulnerability analysis; usability, trust, and economics of security and privacy; and privacy.