Report on the 1996 Communications and Multimedia Security Conference
by Alexander Roehm

The joint IFIP TC6 and TC11 working conference on Communications and Multimedia Security 1996 was held on 23rd and 24th of September 1996 at the University of Essen (Germany). The working conference had approx. 90 attendees from 16 different countries. The conference was opened by the organization chair Mr. G. Pernul (University of Essen) and the program chair Mr. P. Horster (Technical University of Chemnitz/Zwickau).

The conference was organized in 10 sessions, 5 each day, of which 2 per day took place in parallel tracks. Talks during the working conference were considered to take 25 min. with additional 5 min. for a discussion on the talk.

The program served a wide range of interests from highly technical R&D projects to user oriented management and administration topics. Papers presented addressed a broad spectrum of communications and multimedia security related subjects, including: basic concepts, multimedia and hypertext systems, attacks, dedicated solutions, healthcare and telemedicine, cryptographic techniques, security infrastructures, payment systems, access control, models and policies, auditing and firewalls.

Monday 23rd:
The first session was chaired by Mr. Horster and addressed 'Multimedia Security'. Three talks were given by Mrs. Krannig, who presented a platform for secure multimedia applications called PLASMA, Mr. Fernandez presented about high level security issues in multimedia and hypertext systems, and Mr. Warren talked on security in healthcare multimedia systems. The next session was chaired by Mr. Katsikas and was on `Attacks`. Mrs. Laurent presented two security risks in the ATM Emulated LAN architecture and Mr. Michels showed a failure in a voting scheme of Itoh, Kurasawa and Park, who also attended the workshop. Mr. Pernul chaired the session 'Dedicated Solutions' where several ideas were presented. Mr. Olivier showed, how to use workflow to enhance security in federated databases. Mr. Kesdogan gave a talk about anonymous mobility management for third generation mobile networks which was followed by a description of security concepts for the WWW, given by Mr. Lipp. After the lunch break a session on 'Network Security' chaired by Mr. Fox took place. It consisted of two talks by Mr. Forne, about securing ISDN and Mr. Chrissikopoulos, who applied network security to a telemedicine system. During the first days last session 'Cryptographic Techniques', three Papers were presented. Mr.Cheng showed, that image decomposition can be used for encryption, Mr. Petersen presented a way to delegate rights by using digital signatures and Mr. Lucks argued, that a blockcipher algorithm, which divides plain text into two blocks, can be modified for arbitrary block sizes. Mr. Michels chaired this session.

Tuesday 24th:
Several aspects of key infrastructure were discussed during second days first session, which was chaired by Mr. Kraaibeek. Mr. Gustavson proposed a WWW based certification infrastructure, while Mr. Oppliger described a distributed registration and key distribution system for online universities. Mr. Schwenk talked proceeded on establishing a key hierarchy for conditional access. The next session was chaired by Mr. Lipp and began with Mr. Zangehnehs talk, who gave an introductory overview on payment systems in the Internet. Mr. Radus talk followed, where he described a blind signature scheme, which can be applied in e-cash systems. Afterwards Mr. Pntz presented a method for secure billing. At the same time a parallel session focusing on 'Access Control' took place, where Mr. Leitold talked about ISDN LAN Access, Mr. Trommler on secure WWW access to server groups and Mrs. Schmidt argued, that handwriting features should be added to electronic access control systems. This session was chaired by Mr. Fernandez. Two presentations were made at the session on Models and Policies, which was chaired by Mr. Vossbein. One by Mr. Kokolakis dealt with problems in up to the present existing security models, the other dealt with attack modeling and was made Mr. Katsikas. The last session of the conference was chaired by Mr. Roehm and was focused on Auditing and Firewalls. Mr. Sobirey presented a way to do privacy oriented auditing, while Mr. Katsikas described the expert system component of SECURENET. Last talk of Mr. Boshoff was on tracing routes using features of TCP/IP for increasing capabilities of firewalls.

The conference is seen as a success by the attendees and speakers. The next Communications and Multimedia Security Conference will be held on 22nd and 23rd of September 1997 in Athens.

There are few volumes of the proceedings left which can be purchased for DM 98,-- (approx. 65 US$). Orders will be treated on a fifo basis. For further information contact Alexader W. Roehm email: