This book contains the Proceedings of the 21st IFIP TC-11 International Information Security Conference (IFIPISEC 2006) on "Security and Privacy in Dynamic Envir- ments" held in May 22-24 2006 in Karlstad, Sweden.

Privacy and Privacy-Enhancing Technologies I.- Improving Availability of Emergency Health Information without Sacrificing Patient Privacy.- Ensuring Privacy for Buyer-Seller E-Commerce.- A General Certification Framework with Applications to Privacy-Enhancing Certificate Infrastructures.- Security in Mobile and Ad Hoc Networks.- Authenticated Query Flooding in Sensor Networks.- Identity Based Message Authentication for Dynamic Networks.- Providing Authentication and Access Control in Vehicular Network Environment.- Trust and Security Management.- A Framework for Web Services Trust.- Trust: An Element of Information Security.- Security-by-Ontology: A Knowledge-Centric Approach.- Privacy Enhancing Technologies II.- A Methodology for Designing Controlled Anonymous Applications.- Design Options for Privacy-Respecting Reputation Systems within Centralised Internet Communities.- Protecting (Anonymous) Credentials with the Trusted Computing Group’s TPM V1.2.- Attacks, Vulnerability Analysis, and Tools.- Analysis and Improvement of Anti-Phishing Schemes.- CAT — A Practical Graph & SDL Based Toolkit for Vulnerability Assessment of 3G Networks.- Protecting Web Services from DoS Attacks by SOAP Message Validation.- Access Control and Authentication I.- A Flexible and Distributed Architecture to Enforce Dynamic Access Control.- A Paradigm for Dynamic and Decentralized Administration of Access Control in Workflow Applications.- CAS++: An Open Source Single Sign-On Solution for Secure e-Services.- Security Protocols.- A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Steps.- On the Cryptographic Key Secrecy of the Strengthened Yahalom Protocol.- Sealed-Bid Micro Auctions.- Intrusion Detection.- Detecting Known and Novel Network Intrusions.-Evaluating Classifiers for Mobile-Masquerader Detection.- VisFlowCluster-IP: Connectivity-Based Visual Clustering of Network Hosts.- Usability and Awareness.- A Usability Study of Security Policy Management.- Considering the Usability of End-User Security Software.- Utilizing the Common Criteria for Advanced Student Research Projects.- Privacy Enhancing Technologies III.- On the Relationship of Privacy and Secure Remote Logging in Dynamic Systems.- Privacy-Preserving Shared-Additive-Inverse Protocols and Their Applications.- Access Control and Authentication II.- Click Passwords.- Cryptographically Enforced Personalized Role-Based Access Control.- Access Control and Authentication III.- Using VO Concept for Managing Dynamic Security Associations.- Secure Fast Handover in an Open Broadband Access Network using Kerberos-style Tickets.- Forensics.- Network Forensics on Packet Fingerprints.- Oscar — File Type Identification of Binary Data in Disk Clusters and RAM Pages.- IFIP WG 11.1/11.8 Security Culture Workshop.- Organizational Security Culture: More Than Just an End-User Phenomenon.- Cyber Security Training and Awareness Through Game Play.- Internalisation of Information Security Culture amongst Employees through Basic Security Knowledge.- Bridging the Gap between General Management and Technicians — A Case Study in ICT Security.- Value-Focused Assessment of Information Communication and Technology Security Awareness in an Academic Environment.- Using Phishing for User Email Security Awareness.- IFIP WG 11.4 I-NetSec’06 Workshop.- Anonymous Credentials: Opportunities and Challenges.- Practical Private Regular Expression Matching.- A System for Privacy-Aware Resource Allocation and Data Processing in Dynamic Environments.- The APROB Channel: AdaptiveSemi-Real-Time Anonymous Communication.

International Federation for Information Processing The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication.  The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction.  Proceedings and post-proceedings of referred international conferences in computer science and interdisciplinary fields are featured.  These results often precede journal publication and represent the most current research.  The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing.   For more information about the 300 other books in the IFIP series, please visit www.springeronline.com.   For more information about IFIP, please visit www.ifip.org.