This book constitutes the refereed proceedings of the 26th IFIP WG 11.3 International Conference on Data and Applications Security and Privacy, DBSec 2012, held in Paris, France in July 2012.
The 17 revised full and 15 short papers presented together with 1 invited paper were carefully reviewed and selected from 49 submissions. The papers are organized in topical sections on access control, confidentiality and privacy, smart cards security, privacy-preserving technologies, data management, intrusion and malware, probabilistic attacks and protection, and cloud computing.

Invited Paper Logics for Security and Privacy.-Access Control A User-to-User Relationship-Based Access Control Model for Online Social Networks.-Automated and Efficient Analysis of Role-Based Access Control with Attributes.-A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC.-Confidentiality and Privacy.-Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies.-Privacy Consensus in Anonymization Systems via Game Theory .-Uniform Obfuscation for Location Privacy.-Smart Cards Security (Short Papers).-Security Vulnerabilities of User Authentication Scheme Using Smart Card.-Secure Password-Based Remote User Authentication Scheme with Non-tamper Resistant Smart Cards.-A Friendly Framework for Hidding fault enabled virus for Java Based Smartcard.-Privacy-Preserving Technologies.-Approximate Privacy-Preserving Data Mining on Vertically Partitioned Data.-Security Limitations of Using Secret Sharing for Data Outsourcing.-Privacy-Preserving Subgraph Discovery.-Data Management.-Decentralized Semantic Threat Graphs.-Code Type Revealing Using Experiments Framework.-From MDM to DB2: A Case Study of Security Enforcement Migration.-Intrusion and Malware.-XSS-Dec: A Hybrid Solution to Mitigate Cross-Site Scripting Attacks.-Randomizing Smartphone Malware Profiles against Statistical Mining Techniques.-Probabilistic Attacks and Protection (Short Papers).-Layered Security Architecture for Masquerade Attack Detection.-k-Anonymity-Based Horizontal Fragmentation to Preserve Privacy in Data Outsourcing.-Reconstruction Attack through Classifier Analysis.-Cloud Computing.-Distributed Data Federation without Disclosure of User Existence.-Improving Virtualization Security by Splitting Hypervisor into Smaller Components.-Enforcing Subscription-Based Authorization Policies in Cloud Scenarios.-