This book presents the most interesting talks given at ISSE 2008 the forum for the interdisciplinary discussion of how to adequately secure electronic business processes.
The topics include: - Identity Management, Information Security Management - PKI-Solutions, Economics of IT-Security - Smart Tokens, e-ID-Cards, Infrastructur Solutions - Critical Information Infrastructure Protection, Data Protection, Legal Aspects.
Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2008.

Norbert Pohlmann: Professor for System and Information Security at the University of Applied Sciences in Gelsenkirchen
Helmut Reimer: Senior Partner, TeleTrusT
Wolfgang Schneider: Deputy Institute Director, Fraunhofer Institute SIT

Security Management and Economics of Security.- The Information Security Framework for Daimler Financial Services and its Implementation.- Information Security Status in Organisations 2008.- Quantified Trust Levels for Authentication.- Identity Management in Open Environments.- Identity management and privacy languages technologies: Improving user control of data privacy.- Security Economics and European Policy.- How Economy and Society affect Enterprise Security Management.- Information Security Industry: State of the Art.- Privacy, Data Protection and Awareness.- Freedom and Security Responses to the Threat of International Terrorism.- The Anonymity vs. Utility Dilemma.- Governmental Control of the Internet in addressing Law Enforcement and National Security.- Theft of Virtual Property Towards Security Requirements for Virtual Worlds.- Trusted Computing and Biometrics.- Trusted Storage: Putting Security and Data Together.- Trust in Consumer Electronics.- NAC 2.0 Unifying Network Security.- Towards real Interoperable, real Trusted Network Access Control: Experiences from Implementation and Application of Trusted Network Connect.- Empirical research of IP blacklists.- GIDRE: Grid-based Detection Intrusion and Response Environment.- Biometrics and ID Cards Enablers for Personal Security.- Agatha: Multimodal Biometric Authentication Platform in Large-Scale Databases.- Web 2.0 Security and Large Scale Public Applications.- Development and Implementation of an Encryption Strategy for a global Enterprise.- Transforming Mobile Platform with KI-SIM Card into an Open Mobile Identity Tool.- Symmetric Key Services Markup Language (SKSML).- Managing business compliance using model-driven security management.- Secure E-Business applications based on the EuropeanCitizen Card.- Electronic Signatures for Public Procurement across Europe.- Progress through uniformity.- PPs for applications with the Spanish National Electronic Identity Card.- Fraud Detection, Prevention and Critical Infrastructures.- OTP and Challenge/Response algorithms for financial and e-government identity assurance: current landscape and trends.- NSA Suite B and its significance for non-USA organisations.- Managing vulnerabilities and achieving compliance for Oracle databases in a modern ERP environment.- Identity Theft in Electronic Financial Transactions The experience of the Central Bank of Spain.- The need for the Protection of Critical National Infrastructures.- Challenges for the Protection of Critical ICT-Based Financial Infrastructures.- Security for VoIP, Mobility and Web.- Evaluating Measures and Countermeasures for SPAM over Internet Telephony.- Influence of Security Mechanisms on the Quality of Service of VoIP.- The security of mass transport ticketing systems.- Authentication for Web Services with the Internet Smart Card.- Hardened Client Platforms for Secure Internet Banking.- Securing Flash Technology: How Does It Look From Inside?.- German Workshop: European Citizen Cards.- Deployment of German Electronic Citizen Cards in Banking: Opportunities and Challenges.- Security Requirements for One Stop Government.- Infrastructures and Middleware for the Application of eID Cards in eGovernment.- Securing Contactless Chips with PACE.