- Table View
- List View
Security and Trust Issues in Internet of Things: Blockchain to the Rescue (Internet of Everything (IoE))
by Sudhir Kumar Sharma, Bharat Bhushan, and Bhuvan UnhelkarThe purpose of this edited book is to present and showcase the basic fundamentals, applications, and integration of both IoT and Blockchain. The trend of applying Blockchain to IoT is rapidly growing because it helps to overcome various challenges faced by IoT, from smart manufacturing to unmanned aerial vehicles. Thise book aims to showcase the basics of both IoT and Blockchain as well as the integration and challenges for existing practitioners. Thise book initiates conversations among technologists, engineers, scientists, and clinicians to synergize their efforts in producing low-cost, high-performance, highly efficient, deployable IoT systems. Thise book is theory-based and is useful for engineers from various disciplines, including industrial engineering, computer science, electronics, telecommunications, electrical, agricultural, and cybersecurity, along with researchers, professionals, and students.
Security and Trust Management
by Pierangela Samarati Gilles Barthe Evangelos MarkatosThis book constitutes the thoroughly refereed post-conference proceedings of the 6th International Workshop on Security and Trust Management, STM 2010, held in Athens, Greece, in September 2010. The 17 revised full papers presented were carefully reviewed and selected from 40 submissions. Focusing on high-quality original unpublished research, case studies, and implementation experiences, STM 2010 encouraged submissions discussing the application and deployment of security technologies in practice.
Security and Trust Management
by Sara ForestiThis book constitutes the refereed proceedings of the 11th International Workshop on Security and Trust Management, STM 2015, held in Vienna, Austria, in September 2015, in conjunction with the 20th European Symposium Research in Computer Security, ESORICS 2015. The 15 revised full papers were carefully reviewed and selected from 38 submissions. They are organized in topical sections as security metrics and classification; data protection; intrusion detection and software vulnerabilities; cryptographic protocols; controlling data release; and security analysis, risk management and usability.
Security and Trust Management: 15th International Workshop, STM 2019, Luxembourg City, Luxembourg, September 26–27, 2019, Proceedings (Lecture Notes in Computer Science #11738)
by Sjouke Mauw Mauro ContiThis book constitutes the proceedings of the 15th International Workshop on Security and Trust Management, STM 2019, held in Luxembourg City, Luxembourg, in September 2019, and co-located with the 24th European Symposium Research in Computer Security, ESORICS 2019. The 9 full papers and 1 short paper were carefully reviewed and selected from 23 submissions. The papers present novel research on all theoretical and practical aspects of security and trust in ICTs.
Security and Trust Management: 16th International Workshop, STM 2020, Guildford, UK, September 17–18, 2020, Proceedings (Lecture Notes in Computer Science #12386)
by Kostantinos Markantonakis Marinella PetrocchiThis book constitutes the proceedings of the 16th International Workshop on Security and Trust Management, STM 2020, co-located with the 25th European Symposium on Research in Computer Security, ESORICS 2020. The conference was planned to take place in Guildford, UK, but had to be moved to an online format due to the COVID-19 pandemic. The workshop took place during September 17-18, 2020. The 8 papers presented in this volume were carefully reviewed and selected from 20 submissions. They were organized in topical sections on security properties and attacks; confidentiality schema and security processes.
Security and Trust Management: 17th International Workshop, STM 2021, Darmstadt, Germany, October 8, 2021, Proceedings (Lecture Notes in Computer Science #13075)
by Rodrigo Roman Jianying ZhouThis book constitutes the proceedings of the 17th International Workshop on Security and Trust Management, STM 2021, co-located with the 26th European Symposium on Research in Computer Security, ESORICS 2021. The conference was planned to take place in Darmstadt, Germany. It was held online on October 8, 2021, due to the COVID-19 pandemic.The 10 papers presented in this volume were carefully reviewed and selected from 26 submissions. They were organized in topical sections on applied cryptography; privacy; formal methods for security and trust; and systems security.
Security and Trust Management: 18th International Workshop, STM 2022, Copenhagen, Denmark, September 29, 2022, Proceedings (Lecture Notes in Computer Science #13867)
by Weizhi Meng Gabriele LenziniThis book constitutes the post proceedings of the 18th International Workshop on Security and Trust Management, STM 2022, co-located with the 27th European Symposium on Research in Computer Security, ESORICS 2022, which took place in Copenhagen, Denmark, in September 2022.The 7 full papers together with 4 short papers included in this volume were carefully reviewed and selected from 18 submissions. The workshop presents papers with topics such as security and trust access control, cryptographic protocols, identity management, security metrics, and privacy.
Security and Trust Management: 19th International Workshop, STM 2023, The Hague, The Netherlands, September 28, 2023, Proceedings (Lecture Notes in Computer Science #14336)
by Joachim Posegga Ruben RiosThis book constitutes the proceedings of the 19th International Workshop on Security and Trust Management, STM 2023, co-located with the 28th European Symposium on Research in Computer Security, ESORICS 2023, held in The Hague, The Netherlands, during September 28th, 2023 The 5 full papers together with 4 short papers included in this volume were carefully reviewed and selected from 15 submissions. The workshop presents papers with topics such as security and privacy, trust models, security services, authentication, identity management, systems security, distributed systems security, privacy-preserving protocols.
Security and Trust Management: 20th International Workshop, STM 2024, Bydgoszcz, Poland, September 19–20, 2024, Proceedings (Lecture Notes in Computer Science #15235)
by Fabio Martinelli Ruben RiosThis book constitutes the refereed proceedings of the 20th International Workshop on Security and Trust Management (ERCIM STM 2024), held in Bydgoszcz, Poland, during September 19–20, 2024 and co-located with ESORICS 2024 conference. The 6 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 22 submissions. They were organized in topical sections as follows: Trust, Anonymity and Identity; Cryptography, Secure Computation and Formal Methods; Operating Systems and Application Security.
Security and Usability
by Simson Garfinkel Lorrie CranorHuman factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them. But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users. Still, many people believe there is an inherent trade-off between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless. There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security and Usability is the first book-length work describing the current state of the art in this emerging field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson Garfinkel, and authored by cutting-edge security and human-computer interaction (HCI) researchers world-wide, this volume is expected to become both a classic reference and an inspiration for future research. Security and Usability groups 34 essays into six parts: Realigning Usability and Security-- with careful attention to user-centered design principles, security and usability can be synergistic. Authentication Mechanisms-- techniques for identifying and authenticating computer users. Secure Systems-- how system software can deliver or destroy a secure user experience. Privacy and Anonymity Systems-- methods for allowing people to control the release of personal information. Commercializing Usability: The Vendor Perspective-- specific experiences of security and software vendors (e.g., IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability. The Classics-- groundbreaking papers that sparked the field of security and usability. This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field.
Security and Usability: Designing Secure Systems that People Can Use
by Simson Garfinkel Lorrie Faith CranorHuman factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues--both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them.But there is a growing recognition that today's security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world's future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users.Still, many people believe there is an inherent tradeoff between computer security and usability. It's true that a computer without passwords is usable, but not very secure. A computer that makes you authenticate every five minutes with a password and a fresh drop of blood might be very secure, but nobody would use it. Clearly, people need computers, and if they can't use one that's secure, they'll use one that isn't. Unfortunately, unsecured systems aren't usable for long, either. They get hacked, compromised, and otherwise rendered useless.There is increasing agreement that we need to design secure systems that people can actually use, but less agreement about how to reach this goal. Security & Usability is the first book-length work describing the current state of the art in this emerging field. Edited by security experts Dr. Lorrie Faith Cranor and Dr. Simson Garfinkel, and authored by cutting-edge security and human-computerinteraction (HCI) researchers world-wide, this volume is expected to become both a classic reference and an inspiration for future research.Security & Usability groups 34 essays into six parts:Realigning Usability and Security---with careful attention to user-centered design principles, security and usability can be synergistic.Authentication Mechanisms-- techniques for identifying and authenticating computer users.Secure Systems--how system software can deliver or destroy a secure user experience.Privacy and Anonymity Systems--methods for allowing people to control the release of personal information.Commercializing Usability: The Vendor Perspective--specific experiences of security and software vendors (e.g.,IBM, Microsoft, Lotus, Firefox, and Zone Labs) in addressing usability.The Classics--groundbreaking papers that sparked the field of security and usability.This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field.
Security and its Challenges in the 21st Century
by Claudine GuerrierBy the year 2000, a balance was sought between security requirements and a respect for privacy, as well as for individual and collective freedoms. As we progress further into the 21st century, however, security is taking precedence within an increasingly controlled society.This shift is due to advances in innovative technologies and the investments made by commercial companies to drive constant technological progress. Despite the implementation of the General Data Protection Regulation (GDPR) within the EU in 2018 or 2020’s California Consumer Privacy Act (CCPA), regulatory bodies do not have the ability to fully manage the consequences presented by emerging technologies. Security and Its Challenges in the 21st Century provides students and researchers with an international legal and geopolitical analysis; it is also intended for those interested in societal development, artificial intelligence, smart cities and quantum cryptology.
Security and the Networked Society
by Mark A. Gregory David GlanceThis book examines technological and social events during 2011 and 2012, a period that saw the rise of the hacktivist, the move to mobile platforms, and the ubiquity of social networks. It covers key technological issues such as hacking, cyber-crime, cyber-security and cyber-warfare, the internet, smart phones, electronic security, and information privacy. This book traces the rise into prominence of these issues while also exploring the resulting cultural reaction. The authors' analysis forms the basis of a discussion on future technological directions and their potential impact on society. The book includes forewords by Professor Margaret Gardner AO, Vice-Chancellor and President of RMIT University, and by Professor Robyn Owens, Deputy Vice-Chancellor (Research) at the University of Western Australia. Security and the Networked Society provides a reference for professionals and industry analysts studying digital technologies. Advanced-level students in computer science and electrical engineering will also find this book useful as a thought-provoking resource.
Security as Code: DevSecOps Patterns with AWS
by Bk Sarthak Das Virginia ChuDevOps engineers, developers, and security engineers have ever-changing roles to play in today's cloud native world. In order to build secure and resilient applications, you have to be equipped with security knowledge. Enter security as code.In this book, authors BK Sarthak Das and Virginia Chu demonstrate how to use this methodology to secure any application and infrastructure you want to deploy. With Security as Code, you'll learn how to create a secure containerized application with Kubernetes using CI/CD tooling from AWS and open source providers.This practical book also provides common patterns and methods to securely develop infrastructure for resilient and highly available backups that you can restore with just minimal manual intervention.Learn the tools of the trade, using Kubernetes and the AWS Code SuiteSet up infrastructure as code and run scans to detect misconfigured resources in your codeCreate secure logging patterns with CloudWatch and other toolsRestrict system access to authorized users with role-based access control (RBAC)Inject faults to test the resiliency of your application with AWS Fault Injector or open source toolingLearn how to pull everything together into one deployment
Security by Design: Innovative Perspectives on Complex Problems (Advanced Sciences and Technologies for Security Applications)
by Anthony J. MasysThis edited book captures salient global security challenges and presents ‘design’ solutions in dealing with wicked problems. Through case studies and applied research this book reveals the many perspectives, tools and approaches to support security design. Security design thereby can support risk and threat analysis, risk communication, problem framing and development of interventions strategies. From the refugee crisis to economic slowdowns in emerging markets, from ever-rising numbers of terrorist and cyberattacks to global water shortages, to the proliferation of the Internet of Things and its impact on the security of our homes, cities and critical infrastructure, the current security landscape is diverse and complex. These global risks have been in the headlines in the last year (Global Risks Report) and pose significant security challenges both nationally and globally. In fact, national security is no longer just national. Non-state actors, cyber NGO, rising powers, and hybrid wars and crimes in strategic areas pose complex challenges to global security. In the words of Horst Rittel (1968):"Design is an activity, which aims at the production of a plan, which plan -if implemented- is intended to bring about a situation with specific desired characteristics without creating unforeseen and undesired side and after effects."
Security for Cloud Storage Systems
by Xiaohua Jia Kan YangCloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers for access control. To protect the data integrity in the cloud, an efficient and secure dynamic auditing protocol is introduced, which can support dynamic auditing and batch auditing. To ensure the data security in the cloud, two efficient and secure data access control schemes are introduced in this brief: ABAC for Single-authority Systems and DAC-MACS for Multi-authority Systems. While Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data, the existing schemes cannot be directly applied to data access control for cloud storage systems because of the attribute revocation problem. To solve the attribute revocation problem, new Revocable CP-ABE methods are proposed in both ABAC and DAC-MACS.
Security for Microsoft® Visual Basic® .NET
by Ed Robinson Michael James BondLearn the techniques that every developer who works with Visual Basic .NET should know about designing, developing, and developing security-enhanced applications for Microsoft Windows® and the Web. Visual Basic .NET experts Ed Robinson and Mike Bond introduce critical security concepts using straightforward language and step-by-step examples. You get clear, end-to-end guidance--covering application design, coding techniques, testing methods, and deployment strategies, along with direction on how to help secure the operating system and related infrastructure and services. Discover how to: Design a security-enhanced architecture Understand the most common vulnerabilities and how to write code to prevent them Implement authentication and authorization techniques in your applications Learn techniques for encryption, input validation, and exception handling Add Windows, Forms, and Passport authentication to Web applications Perform a security threat analysis and implement countermeasures Think like a hacker--and uncover security holes Create a setup for your application that implements security during installation Lock down the Windows operating system, Microsoft IIS, Microsoft SQL Server®, and Microsoft Access® databases
Security for Multi-hop Wireless Networks
by Xuemin Sherman Shen Mohamed M. E. A. MahmoudThis Springer Brief discusses efficient security protocols and schemes for multi-hop wireless networks. It presents an overview of security requirements for these networks, explores challenges in securing networks and presents system models. The authors introduce mechanisms to reduce the overhead and identify malicious nodes that drop packets intentionally. Also included is a new, efficient cooperation incentive scheme to stimulate the selfish nodes to relay information packets and enforce fairness. Many examples are provided, along with predictions for future directions of the field. Security for Multi-hop Wireless Networks demonstrates recent research that enhances the efficiency and safety of these key networks. Concise and practical, it is a useful tool for researchers and professionals working in network security. It is also a valuable resource for advanced-level students interested in wireless communications and networking.
Security for Multihop Wireless Networks
by Jaime Lloret Mauri Shafiullah KhanSecurity for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies
Security for Service Oriented Architectures
by Walter WilliamsThis book examines both application and security architectures and illustrates the relationship between the two. Supplying authoritative guidance through the design of distributed and resilient applications, it provides an overview of the various standards that service oriented and distributed applications leverage to provide the understanding required to make intelligent decisions regarding their design. The book reviews recent research on access control for simple and conversation-based web services, advanced digital identity management techniques, and access control for web-based workflows.
Security for Software Engineers
by James N. HelfrichSecurity for Software Engineers is designed to introduce security concepts to undergraduate software engineering students. The book is divided into four units, each targeting activities that a software engineer will likely be involved in within industry. The book explores the key areas of attack vectors, code hardening, privacy, and social engineering. Each topic is explored from a theoretical and a practical-application standpoint. Features: <P><P> Targets software engineering students - one of the only security texts to target this audience. <P><P> Focuses on the white-hat side of the security equation rather than the black-hat side. <P><P> Includes many practical and real-world examples that easily translate into the workplace. <P><P> Covers a one-semester undergraduate course. <P><P> Describes all aspects of computer security as it pertains to the job of a software engineer and presents problems similar to that which an engineer will encounter in the industry. <P><P> This text will equip students to make knowledgeable security decisions, be productive members of a security review team, and write code that protects a user’s information assets.
Security for Web Developers: Using JavaScript, HTML, and CSS
by John Paul MuellerAs a web developer, you may not want to spend time making your web app secure, but it definitely comes with the territory. This practical guide provides you with the latest information on how to thwart security threats at several levels, including new areas such as microservices. You’ll learn how to help protect your app no matter where it runs, from the latest smartphone to an older desktop, and everything in between.Author John Paul Mueller delivers specific advice as well as several security programming examples for developers with a good knowledge of CSS3, HTML5, and JavaScript. In five separate sections, this book shows you how to protect against viruses, DDoS attacks, security breaches, and other nasty intrusions.Create a security plan for your organization that takes the latest devices and user needs into accountDevelop secure interfaces, and safely incorporate third-party code from libraries, APIs, and microservicesUse sandboxing techniques, in-house and third-party testing techniques, and learn to think like a hackerImplement a maintenance cycle by determining when and how to update your application softwareLearn techniques for efficiently tracking security threats as well as training requirements that your organization can use
Security for Wireless Implantable Medical Devices
by Xiali Hei Xiaojiang DuIn the treatment of chronic diseases, wireless Implantable Medical Devices (IMDs) are commonly used to communicate with an outside programmer (reader). Such communication raises serious security concerns, such as the ability for hackers to gain access to a patient's medical records. This brief provides an overview of such attacks and the new security challenges, defenses, design issues, modeling and performance evaluation in wireless IMDs. While studying the vulnerabilities of IMDs and corresponding security defenses, the reader will also learn the methodologies and tools for designing security schemes, modeling, security analysis, and performance evaluation, thus keeping pace with quickly-evolving wireless security research.
Security for Wireless Sensor Networks using Identity-Based Cryptography
by Harsh Kupwade Patil Stephen A. SzygendaSecurity for Wireless Sensor Networks using Identity-Based Cryptography introduces identity-based cryptographic schemes for wireless sensor networks. It starts with an exhaustive survey of the existing layered approach to WSN security-detailing its pros and cons. Next, it examines new attack vectors that exploit the layered approach to security.Aft
Security in Computer and Information Sciences: First International ISCIS Security Workshop 2018, Euro-CYBERSEC 2018, London, UK, February 26-27, 2018, Revised Selected Papers (Communications in Computer and Information Science #821)
by Erol Gelenbe Sokratis K. Katsikas Tadeusz Czachórski Paolo Campegiani Ioannis Komnios Luigi Romano Dimitrios TzovarasThis open access book constitutes the thoroughly refereed proceedings of the First International ISCIS Security Workshop 2018, Euro-CYBERSEC 2018, held in London, UK, in February 2018. The 12 full papers presented together with an overview paper were carefully reviewed and selected from 31 submissions. Security of distributed interconnected systems, software systems, and the Internet of Things has become a crucial aspect of the performance of computer systems. The papers deal with these issues, with a specific focus on societally critical systems such as health informatics systems, the Internet of Things, energy systems, digital cities, digital economy, mobile networks, and the underlying physical and network infrastructures.