- Table View
- List View
Secure IT Systems: 29th Nordic Conference, NordSec 2024 Karlstad, Sweden, November 6–7, 2024 Proceedings (Lecture Notes in Computer Science #15396)
by Leonardo Martucci Leonardo Horn Iwaya Liina Kamm Tobias PullsThis book constitutes the refereed proceedings of the 29th International Conference on Secure IT Systems, NordSec 2024, held in Karlstad, Sweden, during November 6–7, 2024. The 25 full papers presented in this book were carefully reviewed and selected from 59 submissions. They focus on topics such as: Authentication; Cryptography; Cyber-Physical Systems; Cybersecurity and Policy; LLMs for Security; Formal Verification; Mobile and IoT; Network Security; and Privacy.
Secure Image Transmission in Wireless Sensor Network (Lecture Notes in Electrical Engineering #564)
by Mohamed Elhoseny K. ShankarThis book offers an essential guide to Wireless Sensor Networks, IoT Security, Image Processing, Secure Information Systems, and Data Encryption. In addition, it introduces students and aspiring practitioners to the subject of destination marketing in a structured manner. It is chiefly intended for researcher students in the areas of Wireless Sensor Networks and Secure Data Communication (including image encryption, and intrusion detection systems), academics at universities and colleges, IT professionals, policymakers and legislators. Given its content, the book can be used as a reference text for both undergraduate and graduate studies, in courses on Wireless Sensor Networks, Secure Image Processing, and Data Encryption applications. The book is written in plain and easy-to-follow language and explains each main concept the first time it appears, helping readers with no prior background in the field. As such, it is a “must-read” guide to the subject matter.
Secure Information Management Using Linguistic Threshold Approach
by Marek R. Ogiela Urszula OgielaIn recent years, cryptographic techniques for protecting and hiding secret information have been included in directions of research on intelligent information management. Data can be managed securely due to the use of algorithms for ensuring the confidentiality of data, information splitting techniques as well as protocols for sharing information and methods of its reconstruction. This is why techniques of advanced splitting and reconstruction of information form the primary subject of Secure Information Management Using Linguistic Threshold Approach, whose main purpose is to discuss the so-called linguistic threshold schemes for information sharing. An attempt is also made to describe the opportunities of using these techniques to create new models of managing strategic information shared within a commercial organisation or a state institution. Such information is specially protected, and its contents are used only if the authorised users are enabled to access it. This monograph attempts to define a model structure of information flow and for assigning information shares to particular groups of individuals concerned. The proposed information flow model can be integrated into practical solutions within any organisation or institution, improving the functionality of its legacy information systems. The use of strong mathematical cryptographic models to manage information constitutes a scientific innovation and a demonstration of the methods and opportunities of using advanced techniques for confidentially exchanging information in tasks supporting data flow within a commercial organisation. The interdisciplinary nature of the solutions proposed means that the subject of linguistic threshold schemes forming part of intelligent information management becomes a new challenge for the research and application work carried out.The authors of this monograph hope that it will guide readers on an interesting journey through the cutting edge solution in the field of secure information management.
Secure Integrated Circuits and Systems
by Ingrid M.R. VerbauwhedeOn any advanced integrated circuit or "system-on-chip" there is a need for security. In many applications the actual implementation has become the weakest link in security rather than the algorithms or protocols. The purpose of the book is to give the integrated circuits and systems designer an insight into the basics of security and cryptography from the implementation point of view. As a designer of integrated circuits and systems it is important to know both the state-of-the-art attacks as well as the countermeasures. Optimizing for security is different from optimizations for speed, area, or power consumption. It is therefore difficult to attain the delicate balance between the extra cost of security measures and the added benefits.
Secure Java: For Web Application Development
by B. V. Kumar Abhay BhargavMost security books on Java focus on cryptography and access control, but exclude key aspects such as coding practices, logging, and web application risk assessment. Encapsulating security requirements for web development with the Java programming platform, Secure Java: For Web Application Development covers secure programming, risk assessment, and
Secure Knowledge Management In Artificial Intelligence Era: 8th International Conference, SKM 2019, Goa, India, December 21–22, 2019, Proceedings (Communications in Computer and Information Science #1186)
by Vishwas Patil Sanjay K. Sahay Nihita Goel Murtuza JadliwalaThis book constitutes the refereed proceedings of the 8th International Conference On Secure Knowledge Management In Artificial Intelligence Era, SKM 2019, held in Goa, India, in December 2019. The 12 full papers presented were carefully reviewed and selected from 34 submissions. They were organized according to the following topical sections: cyber security; security and artifcial intelligence; access control models; and social networks.
Secure Knowledge Management In The Artificial Intelligence Era: 9th International Conference, SKM 2021, San Antonio, TX, USA, October 8–9, 2021, Proceedings (Communications in Computer and Information Science #1549)
by H. Raghav Rao Sanjay K. Sahay Ram Krishnan Sagar Samtani Ziming ZhaoThis book constitutes the refereed proceedings of the 9th International Conference On Secure Knowledge Management In Artificial Intelligence Era, SKM 2021, held in San Antonio, TX, USA, in 2021. Due to the COVID-19 pandemic the conference was held online. The 11 papers presented were carefully reviewed and selected from 30 submissions. They were organized according to the following topical sections: intrusion and malware detection; secure knowledge management; deep learning for security; web and social network.
Secure Multi-Party Computation Against Passive Adversaries (Synthesis Lectures on Distributed Computing Theory)
by Arpita Patra Ashish ChoudhuryThis book focuses on multi-party computation (MPC) protocols in the passive corruption model (also known as the semi-honest or honest-but-curious model). The authors present seminal possibility and feasibility results in this model and includes formal security proofs. Even though the passive corruption model may seem very weak, achieving security against such a benign form of adversary turns out to be non-trivial and demands sophisticated and highly advanced techniques. MPC is a fundamental concept, both in cryptography as well as distributed computing. On a very high level, an MPC protocol allows a set of mutually-distrusting parties with their private inputs to jointly and securely perform any computation on their inputs. Examples of such computation include, but not limited to, privacy-preserving data mining; secure e-auction; private set-intersection; and privacy-preserving machine learning. MPC protocols emulate the role of an imaginary, centralized trusted third party (TTP) that collects the inputs of the parties, performs the desired computation, and publishes the result. Due to its powerful abstraction, the MPC problem has been widely studied over the last four decades.
Secure Multiparty Computation and Secret Sharing
by Ronald Cramer Ivan Bjerre Damgård Jesper Buus NielsenIn a data-driven society, individuals and companies encounter numerous situations where private information is an important resource. How can parties handle confidential data if they do not trust everyone involved? This text is the first to present a comprehensive treatment of unconditionally secure techniques for multiparty computation (MPC) and secret sharing. In a secure MPC, each party possesses some private data, while secret sharing provides a way for one party to spread information on a secret such that all parties together hold full information, yet no single party has all the information. The authors present basic feasibility results from the last 30 years, generalizations to arbitrary access structures using linear secret sharing, some recent techniques for efficiency improvements, and a general treatment of the theory of secret sharing, focusing on asymptotic results with interesting applications related to MPC.
Secure Networked Inference with Unreliable Data Sources
by Aditya Vempaty Bhavya Kailkhura Pramod K. VarshneyThe book presents theory and algorithms for secure networked inference in the presence of Byzantines. It derives fundamental limits of networked inference in the presence of Byzantine data and designs robust strategies to ensure reliable performance for several practical network architectures. In particular, it addresses inference (or learning) processes such as detection, estimation or classification, and parallel, hierarchical, and fully decentralized (peer-to-peer) system architectures. Furthermore, it discusses a number of new directions and heuristics to tackle the problem of design complexity in these practical network architectures for inference.
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
by Matt Messier John ViegaPassword sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:How to avoid common programming errors, such as buffer overflows, race conditions, and format string problemsHow to properly SSL-enable applicationsHow to create secure channels for client-server communication without SSLHow to integrate Public Key Infrastructure (PKI) into applicationsBest practices for using cryptography properlyTechniques and strategies for properly validating input to programsHow to launch programs securelyHow to use file access mechanisms properlyTechniques for protecting applications from reverse engineeringThe book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
Secure Quantum Network Coding Theory
by Tao Shang Jianwei LiuThis is the first book on secure quantum network coding, which integrates quantum cryptography into quantum communication. It summarizes the main research findings on quantum network coding, while also systematically introducing readers to secure quantum network coding schemes. With regard to coding methods, coding models and coding security, the book subsequently provides a series of quantum network coding schemes based on the integration of quantum cryptography into quantum communication. Furthermore, it describes the general security analysis method for quantum cryptographic protocols. Accordingly, the book equips readers with effective tools for researching and applying quantum network coding.
Secure RESTful APIs: Simple Solutions for Beginners (Apress Pocket Guides)
by Massimo NardoneSecure your RESTful APIs with confidence and efficiency. This straightforward guide outlines the essential strategies and best practices for protecting sensitive data when developing RESTful APIs for your applications. Inside, you’ll explore the fundamental functionalities to implement industry-standard authentication authorization mechanisms for Java applications. With chapters covering key security concerns, data protection, and designing and testing secure APIs, this book provides a hands-on approach to protecting user data, validating inputs, and implementing security mechanisms such as JSON Web Tokens (JWT) and OAuth2 authentication. This book offers a focused introduction without unnecessary complexity. Whether you are a beginner or busy professional, this is the only book designed to help you secure your RESTful APIs in no time. What You Will Learn Understand the fundamentals of RESTful APIs and why it is critical to secure them Identify common security risks concerning RESTful APIs and explore effective protection techniques Know how to design and test RESTful APIs, including with input and response data validation Review examples of how to secure JSON Web Token (JWT) and OAuth3 with RestFUL APIs Who This Book is For Web developer beginners who want to learn how to develop Security RESTful APIs applications
Secure Searchable Encryption and Data Management
by Brij B. Gupta MamtaWith the advent of the IT revolution, the volume of data produced has increased exponentially and is still showing an upward trend. This data may be abundant and enormous, but it’s a precious resource and should be managed properly. Cloud technology plays an important role in data management. Storing data in the cloud rather than on local storage has many benefits, but apart from these benefits, there are privacy concerns in storing sensitive data over third-party servers. These concerns can be addressed by storing data in an encrypted form; however, while encryption solves the problem of privacy, it engenders other serious issues, including the infeasibility of the fundamental search operation and a reduction in flexibility when sharing data with other users, amongst others. The concept of searchable encryption addresses these issues. This book provides every necessary detail required to develop a secure, searchable encryption scheme using both symmetric and asymmetric cryptographic primitives along with the appropriate security models to ensure the minimum security requirements for real-world applications.
Secure Semantic Service-Oriented Systems
by Bhavani ThuraisinghamAs the demand for data and information management continues to grow, so does the need to maintain and improve the security of databases, applications, and information systems. In order to effectively protect this data against evolving threats, an up-to-date understanding of the mechanisms for securing semantic Web technologies is essential. Reviewi
Secure Smart Embedded Devices, Platforms and Applications
by Konstantinos Markantonakis Keith MayesNew generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and considerations, while focusing strongly on technical and practical security issues. The benefits and pitfalls of developing and deploying applications that rely on embedded systems and their security functionality are presented. A sufficient level of technical detail to support embedded systems is provided throughout the text, although the book is quite readable for those seeking awareness through an initial overview of the topics. This edited volume benefits from the contributions of industry and academic experts and helps provide a cross-discipline overview of the security and practical issues for embedded systems, tokens, and platforms. It is an ideal complement to the earlier work, Smart Cards Tokens, Security and Applications from the same editors.
Secure Software Systems
by Erik Fretheim Marie DescheneSecure Software Systems presents an approach to secure software systems design and development that tightly integrates security and systems design and development (or software engineering) together. It addresses the software development process from the perspective of a security practitioner. The text focuses on the processes, concepts, and concerns of ensuring that secure practices are followed throughout the secure software systems development life cycle, including the practice of following the life cycle rather than just doing ad hoc development.
Secure System Design and Trustable Computing
by Miodrag Potkonjak Chip-Hong ChangThis book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade. Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions and networking services. This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of and trust in, modern society's microelectronic-supported infrastructures.
Secure Voice Processing Systems against Malicious Voice Attacks (SpringerBriefs in Computer Science)
by Shu Wang Kun SunThis book provides readers with the basic understanding regarding the threats to the voice processing systems, the state-of-the-art defense methods as well as the current research results on securing voice processing systems.It also introduces three mechanisms to secure the voice processing systems against malicious voice attacks under different scenarios, by utilizing time-domain signal waves, frequency-domain spectrum features, and acoustic physical attributes.First, the authors uncover the modulated replay attack, which uses an inverse filter to compensate for the spectrum distortion caused by the replay attacks to bypass the existing spectrum-based defenses. The authors also provide an effective defense method that utilizes both the time-domain artifacts and frequency-domain distortion to detect the modulated replay attacks. Second, the book introduces a secure automatic speech recognition system for driverless car to defeat adversarial voice command attacks launched from car loudspeakers, smartphones, and passengers. Third, it provides an acoustic compensation system design to reduce the effects from the spectrum reduction attacks, by the audio spectrum compensation and acoustic propagation principle. Finally, the authors conclude with their research effort on defeating the malicious voice attacks and provide insights into more secure voice processing systems.This book is intended for security researchers, computer scientists, and electrical engineers who are interested in the research areas of biometrics, speech signal processing, IoT security, and audio security. Advanced-level students who are studying these topics will benefit from this book as well.
Secure Web Application Development: A Hands-On Guide with Python and Django
by Matthew BakerCyberattacks are becoming more commonplace and the Open Web Application Security Project (OWASP), estimates 94% of sites have flaws in their access control alone. Attacks evolve to work around new defenses, and defenses must evolve to remain effective. Developers need to understand the fundamentals of attacks and defenses in order to comprehend new techniques as they become available. This book teaches you how to write secure web applications.The focus is highlighting how hackers attack applications along with a broad arsenal of defenses. This will enable you to pick appropriate techniques to close vulnerabilities while still providing users with their needed functionality.Topics covered include:A framework for deciding what needs to be protected and how stronglyConfiguring services such as databases and web serversSafe use of HTTP methods such as GET, POST, etc, cookies and use of HTTPSSafe REST APIsServer-side attacks and defenses such as injection and cross-site scriptingClient-side attacks and defenses such as cross-site request forgerySecurity techniques such as CORS, CSPPassword management, authentication and authorization, including OAuth2Best practices for dangerous operations such as password change and resetUse of third-party components and supply chain security (Git, CI/CD etc)What You'll LearnReview the defenses that can used to prevent attacksModel risks to better understand what to defend and howChoose appropriate techniques to defend against attacksImplement defenses in Python/Django applicationsWho This Book Is ForDevelopers who already know how to build web applications but need to know more about securityNon-professional software engineers, such as scientists, who must develop web tools and want to make their algorithms available to a wider audience.Engineers and managers who are responsible for their product/company technical security policy
Secure Wireless Sensor Networks
by Mauro ContiThis book explores five fundamental mechanisms to build secure Wireless Sensor Networks (WSNs). It presents security issues related to a single node which deals with the authentication and communication confidentiality with other nodes. It also focuses on network security, providing solutions for the node capture attack and the clone attack. It examines a number of areas and problems to which WSNs are applied continuously, including: supporting rescue operations, building surveillance, fire prevention, battlefield monitoring and more. However, known and unknown threats still affect WSNs and in many applications of this new technology the security of the network is a fundamental issue for confidentiality, integrity, authenticity and availability. The last section of the book addresses security for a common WSN service. Case studies are provided throughout. Secure Wireless Sensor Networks: Threats and Solutions targets advanced-level students and researchers in computer science and electrical engineering as a secondary text book. Professionals working in the wireless sensor networks field will also find this book useful as a reference.
Secure Your Node.js Web Application: Keep Attackers Out and Users Happy
by Karl DuunaCyber-criminals have your web applications in their crosshairs. They search for and exploit common security mistakes in your web application to steal user data. Learn how you can secure your Node.js applications, database and web server to avoid these security holes. Discover the primary attack vectors against web applications, and implement security best practices and effective countermeasures. Coding securely will make you a stronger web developer and analyst, and you'll protect your users.Bake security into your code from the start. See how to protect your Node.js applications at every point in the software development life cycle, from setting up the application environment to configuring the database and adding new functionality. You'll follow application security best practices and analyze common coding errors in applications as you work through the real-world scenarios in this book.Protect your database calls from database injection attacks and learn how to securely handle user authentication within your application. Configure your servers securely and build in proper access controls to protect both the web application and all the users using the service. Defend your application from denial of service attacks. Understand how malicious actors target coding flaws and lapses in programming logic to break in to web applications to steal information and disrupt operations. Work through examples illustrating security methods in Node.js. Learn defenses to protect user data flowing in and out of the application.By the end of the book, you'll understand the world of web application security, how to avoid building web applications that attackers consider an easy target, and how to increase your value as a programmer.What You Need:In this book we will be using mainly Node.js. The book covers the basics of JavaScript and Node.js. Since most Web applications have some kind of a database backend, examples in this book work with some of the more popular databases, including MySQL, MongoDB, and Redis.
Secure and Privacy-Preserving Data Communication in Internet of Things
by Liehuang Zhu Zijian Zhang Chang XuThis book mainly concentrates on protecting data security and privacy when participants communicate with each other in the Internet of Things (IoT). Technically, this book categorizes and introduces a collection of secure and privacy-preserving data communication schemes/protocols in three traditional scenarios of IoT: wireless sensor networks, smart grid and vehicular ad-hoc networks recently. This book presents three advantages which will appeal to readers. Firstly, it broadens reader's horizon in IoT by touching on three interesting and complementary topics: data aggregation, privacy protection, and key agreement and management. Secondly, various cryptographic schemes/protocols used to protect data confidentiality and integrity is presented. Finally, this book will illustrate how to design practical systems to implement the algorithms in the context of IoT communication. In summary, readers can simply learn and directly apply the new technologies to communicate data in IoT after reading this book.
Secure and Resilient Digital Transformation of Healthcare: First Workshop, SUNRISE 2023, Stavanger, Norway, November 30, 2023, Proceedings (Communications in Computer and Information Science #1884)
by Sokratis Katsikas Habtamu Abie Sandeep Pirbhulal Vasileios GkioulosThis CCIS post conference volume constitutes the proceedings of First Workshop, SUNRISE 2023, in Stavanger, Norway, in November 2023. The 4 full papers together in this volume were carefully reviewed and selected from 9 submissions. The workshop offers a wide range of techniques addressing cybersecurity skills, access control, privacy risks, and resilience in healthcare systems.
Secure and Resilient Digital Transformation of Healthcare: Second International Workshop, SUNRISE 2024, Bergen, Norway, November 25, 2024, Proceedings (Communications in Computer and Information Science #2404)
by Sokratis Katsikas Habtamu Abie Sandeep Pirbhulal Vasileios GkioulosThis CCIS post conference volume constitutes the proceedings of the Second International Workshop on Secure and Resilient Digital Transformation of Healthcare, SUNRISE 2024, in Bergen, Norway, during November 25, 2024. The 6 full papers presented in this volume were carefully reviewed and selected from 9 submissions. They are grouped into the following topics: Resilience and Dynamic Risk Assessment in Healthcare; Cybersecurity Adaptive and Continuous Authentication in Healthcare; Invited Paper from Keynotes.