Fighting Malicious Software -- VulnerableMe: Measuring Systemic Weaknesses in Mobile Browser Security -- Security Assessment of Node.js Platform -- Foundations of Dynamic Access Control -- Risk-Aware RBAC Sessions -- A Cognitive Trust Model for Access Control Framework i MANET -- Trust-OrBAC: A Trust Access Control Model in Multi-Organization Environments -- On Policies and Intents -- ProtoLeaks: A Reliable and Protocol-Independent Network Covert Channel -- Keyless Steganography in Spatial Domain Using Energetic Pixels -- Fuzzy Inference Rule Based Reversible Watermarking for Digital Images -- Secure Trust Metadata Management for Mobile Ad-Hoc Networks -- Defence against Wormhole Attacks in Wireless Mesh Networks -- A Novel Key Update Protocol in Mobile Sensor Networks -- Autonomous Certification with List-Based Revocation for Secure V2V Communication -- Mitigating Insider Threat on Database Integrity -- Coercion Resistant MIX for Electronic Auction -- Verification of Money Atomicity in Digital Cash Based Payment System -- Cryptographic Analysis of a Type of Sequence Generators -- Certificate-Less On-Demand Public Key Management (CLPKM) for Self-organized MANETs -- Computationally Efficient Secure Access Control for Vehicular Ad Hoc Networks -- Tracking Insecure Information Flows: A Prototype Evaluator in ASF+SDF -- Attacking Image Based CAPTCHAs Using Image Recognition Techniques -- Correctness Verification in Database Outsourcing: A Trust-Based Fake Tuples Approach.

This book constitutes the refereed proceedings of the 8th International Conference on Information Systems Security, ICISS 2012, held in Guwahati, India, in December 2012. The 18 revised full papers and 3 short papers presented were carefully reviewed and selected from 72 submissions. The papers are organized in topical sections on software security, acces control, covert communications, network security, and database and distributed systems security.