This volume contains the papers presented at the 23rd Annual IFIP WG 11. 3 Working Conference on Data and Applications Security (DBSEC) held at C- cordia University, Montreal, Canada, July 12–15, 2009. This year’s working conference continued its tradition of being a forum for disseminating original research results and practical experiences in data and applications security. This year we had an excellent program consisting of 9 research paper s- sionswith 18 full researchpapers,and 4 shortpaperswhich were selected froma total of 47 submissions after a rigorous reviewing process by the Program C- mittee members and external reviewers. These sessions included such topics as access control, security policies, privacy, intrusion detection, trusted computing and data security in advanced application domains. In addition, the program included a keynote address, a tutorial and a panel session. We would like to thank Michael Reiter for his keynote address on “Better Architectures and New Security Applications for Coarse Network Monitoring. ” We would also like to thank Joachim Biskup for a stimulating tutorial on “How to protect Infor- tion: Inference Control for Logic-Oriented Information Systems. ” The success of this conference was a result of the e?orts of many people. We would like to extend our appreciation to the Program Committee members and externalreviewersfortheirhardwork. WewouldliketothanktheGeneralChair, MouradDebbabi, for taking care of the organizationalaspects of the conference.

Database Security I.- Controlled Query Evaluation and Inference-Free View Updates.- Implementing Reflective Access Control in SQL.- Security Policies.- An Approach to Security Policy Configuration Using Semantic Threat Graphs.- Reaction Policy Model Based on Dynamic Organizations and Threat Context.- Towards System Integrity Protection with Graph-Based Policy Analysis.- Privacy I.- Practical Private DNA String Searching and Matching through Efficient Oblivious Automata Evaluation.- Privacy-Preserving Telemonitoring for eHealth.- Intrusion Detection and Protocols.- Analysis of Data Dependency Based Intrusion Detection System.- Secure Method Calls by Instrumenting Bytecode with Aspects.- Access Control.- Distributed Privilege Enforcement in PACS.- Spatiotemporal Access Control Enforcement under Uncertain Location Estimates.- Using Edit Automata for Rewriting-Based Security Enforcement.- Privacy II.- Distributed Anonymization: Achieving Privacy for Both Data Subjects and Data Providers.- Detecting Inference Channels in Private Multimedia Data via Social Networks.- Database Security II.- Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients.- Data Is Key: Introducing the Data-Based Access Control Paradigm.- Trusted Computing.- Improving Cut-and-Choose in Verifiable Encryption and Fair Exchange Protocols Using Trusted Computing Technology.- PAES: Policy-Based Authority Evaluation Scheme.- Short Papers.- Emerging Trends in Health Care Delivery: Towards Collaborative Security for NIST RBAC.- Methods for Computing Trust and Reputation While Preserving Privacy.- Building an Application Data Behavior Model for Intrusion Detection.- A Trust-Based Access Control Model for Pervasive Computing Applications.

This volume contains the papers presented at the 23rd Annual IFIP WG 11. 3 Working Conference on Data and Applications Security (DBSEC) held at C- cordia University, Montreal, Canada, July 12–15, 2009. This year’s working conference continued its tradition of being a forum for disseminating original research results and practical experiences in data and applications security. This year we had an excellent program consisting of 9 research paper s- sionswith 18 full researchpapers,and 4 shortpaperswhich were selected froma total of 47 submissions after a rigorous reviewing process by the Program C- mittee members and external reviewers. These sessions included such topics as access control, security policies, privacy, intrusion detection, trusted computing and data security in advanced application domains. In addition, the program included a keynote address, a tutorial and a panel session. We would like to thank Michael Reiter for his keynote address on “Better Architectures and New Security Applications for Coarse Network Monitoring. ” We would also like to thank Joachim Biskup for a stimulating tutorial on “How to protect Infor- tion: Inference Control for Logic-Oriented Information Systems. ” The success of this conference was a result of the e?orts of many people. We would like to extend our appreciation to the Program Committee members and externalreviewersfortheirhardwork. WewouldliketothanktheGeneralChair, MouradDebbabi, for taking care of the organizationalaspects of the conference.