Advances in information and communication technologies continue to p- vide new means of conducting remote transactions. Services facilitated by these technologies are spreading increasingly into our commercial and private spheres. For many people, these services have changed the way they work, communicate, shop, arrange travel, etc. Remote transactions, however, may also open possibilities for fraud and other types of misuse. Hence, the requi- ment to authorize transactions may arise. Authorization may in turn call for some kind of user authentication. When users have to provide personal inf- mation to access services, they literally leave a part of their life on record. As the number of sites where such records are left increases, so does the d- ger of misuse. So-called identity theft has become a pervasive problem, and a general feeling of unease and lack of trust may dissuade people from using the services on o?er. This,inanutshell,isoneofthemajorchallengesinsecurityengineering- day. How to provide servicesto individuals securelywithout making undue - cursions into their privacy at the same time. Decisions on the limits of privacy intrusions or privacy protection, for that matter are ultimately political decisions. Research can de?ne the design space in which service providers and regulators may try to ?nd acceptable tradeo?s between security and privacy.

Milan Petkovic is a senior scientist in the ISS group (Information and System Security) at the Philips Research in Eindhoven, the Netherlands. Among his research interests are information security, secure content management, privacy protection, multimedia information retrieval, and database systems.

Willem Jonker is currently department head of the Information and System Security department at Philips Research. In addition, he is a part-time full professor of computer science at Twente University. Among his research interest are secure data management, DRM, copyright protection, secure databases, distributed applications, and content management.

Privacy and Security Issues in a Digital World.- Privacy in the Law.- Ethical Aspects of Information Security and Privacy.- Data and System Security.- Authorization and Access Control.- Role-Based Access Control.- XML Security.- Database Security.- Trust Management.- Trusted Platforms.- Strong Authentication with Physical Unclonable Functions.- Privacy Enhancing.- Privacy-Preserving Data Mining.- Statistical Database Security.- Different Search Strategies on Encrypted Data Compared.- Client-Server Trade-Offs in Secure Computation.- Federated Identity Management.- Accountable Anonymous Communication.- Digital Asset Protection.- An Introduction to Digital Rights Management Systems.- Copy Protection Systems.- Forensic Watermarking in Digital Rights Management.- Person-Based and Domain-Based Digital Rights Management.- Digital Rights Management Interoperability.- DRM for Protecting Personal Content.- Enhancing Privacy for Digital Rights Management.- Selected Topics on Privacy and Security in Ambient Intelligence.- The Persuasiveness of Ambient Intelligence.- Privacy Policies.- Security and Privacy on the Semantic Web.- Private Person Authentication in an Ambient World.- RFID and Privacy.- Malicious Software in Ubiquitous Computing.