Search:

Applied Cryptography in . NET and Azure Key Vault : A Practical Guide to Encryption in . NET and . NET Core. by Haunts, Stephen.;
Intro -- Table of Contents -- About the Author -- About the Technical Reviewer -- Foreword -- Introduction -- Chapter 1: What Are Data Breaches? -- Types of Data in a Breach and Their Consequences -- The Impact on a Company -- Financial Loss -- Legal Action -- Regulatory Impact -- Loss of Reputation -- Why Network Protection Isn't Enough -- How Can Developers Help? -- What Can You Expect from This Book? -- What You Will Learn -- .NET Standard and .NET Core -- Code Samples in This Book -- Chapter 2: A Brief History of Cryptography -- Ancient Times -- Increasing Cipher Complexity -- Enigma and Mechanical Ciphers -- Modern Cryptography -- Symmetric Encryption -- Public and Private Key Cryptography -- Why Is Cryptography Important? -- Examples of Modern Cryptography -- The Four Pillars of Modern Cryptography -- Confidentiality -- Integrity -- Authentication -- Non-Repudiation -- Summary -- Chapter 3: The Importance of Random Numbers -- Generating Deterministic Random Numbers -- Generating Secure Random Numbers -- Summary -- Chapter 4: Hashing and Hashed Message Authentication Codes -- Hashing and Integrity -- MD5 -- Secure Hash Algorithm (SHA) Family -- Authenticated Hashing -- Summary -- Chapter 5: Safely Storing Passwords -- Storing Passwords in the Clear -- Encrypting Passwords -- Using Hashes to Store Passwords -- Using Password Based Key Derivation Functions -- Summary -- Chapter 6: Symmetric Encryption -- Symmetric Encryption -- Advantage: Very Secure -- Advantage: Fast -- Disadvantage: Sharing Keys Is Hard -- Disadvantage: Dangerous If Compromised -- History of DES and Triple DES -- How DES and Triple DES Works -- History of AES -- How AES Works -- How Secure Is AES Against Brute-Force Attacks? -- API Commonality in the .NET Framework -- Encryption Mode -- Padding -- Key -- Initialization Vector (IV) -- AesManaged and AesCryptoServiceProvider.Performing Symmetric Encryption with .NET -- Summary -- Chapter 7: Asymmetric Encryption -- Advantage: Very Secure -- Advantage: Fast -- Disadvantage: Sharing Keys Is Hard -- Disadvantage: Dangerous If Compromised -- What Is Asymmetric Encryption? -- The History of RSA -- How Does RSA Work? -- Key Derivation -- Encryption and Decryption -- RSA in .NET -- In-Memory Keys -- XML-Based Keys -- Cryptographic Service Provider -- Encryption and Decryption -- Summary -- Chapter 8: Digital Signatures -- High-Level Look at Digital Signatures -- Digital Signatures in .NET -- Summary -- Chapter 9: Hybrid Encryption -- Combining Symmetric and Asymmetric -- Adding Integrity Checks -- Securely Comparing Byte Arrays -- Extending with Digital Signatures -- Summary -- Chapter 10: Key Storage and Azure Key Vault -- Exploring Key Management Options -- Introducing Azure Key Vault -- Azure Key Vault Hardware Mode -- Azure Key Vault Software Mode -- Keys vs. Secrets -- Azure Key Vault Example Costs -- Setting up Azure Key Vault -- Creating a Key Vault -- Registering Your Application with Azure Active Directory -- Authorize Your Application to Use Keys and Secrets -- Manually Creating Keys and Secrets -- Add a Software Protected Key -- Add a Hardware-Protected Key -- Add a Key from a PFX Certificate File -- Add a Secret -- Azure Key Vault "Hello World" Application -- Summary -- Chapter 11: Azure Key Vault Usage Patterns -- Multiple Environments -- Configuration as Secrets -- Local Key Wrapping -- Exploring Key Wrapping Further -- Key Rotation and Versioning -- Password Protection -- Varying the Iterations over Time -- Digital Signing -- Upgrading the Hybrid Encryption Example -- Summary -- Chapter 12: Final Summary -- Cryptography Summary -- Random Numbers -- Hashing and Authentication -- Authenticated Hashing -- Storing Passwords -- Symmetric Encryption.Advantage: Very Secure -- Advantage: Fast -- Disadvantage: Sharing Keys Is Hard -- Disadvantage: Dangerous If Compromised -- Asymmetric Encryption -- Digital Signatures -- Hybrid Encryption -- Azure Key Vault -- Multiple Environments -- Configuration as Secrets -- Local Key Wrapping -- Password Protection -- Digital Signing -- Don't Forget the Perimeter -- Next Steps -- Index.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Cloud computing-Security measures.;
On-line resources: CGCC online access;
unAPI

Security for Cloud Storage Systems [electronic resource]. by Yang, Kan.; Jia, Xiaohua.;
Preface; Contents; 1 Introduction; 1.1 Brief Introduction to Cloud Storage Systems; 1.1.1 Cloud Computing; 1.1.2 Cloud Storage as a Service; 1.2 Data Security for Cloud Storage Systems; 1.2.1 Storage Auditing as a Service; 1.2.2 Access Control as a Service; References; 2 TSAS: Third-Party Storage Auditing Service; 2.1 Introduction; 2.2 Preliminaries and Definitions; 2.2.1 Bilinear Pairing; 2.2.2 Computational Bilinear Diffie-Hellman Assumption; 2.2.3 Definition of System Model; 2.2.4 Definition of Security Model; 2.3 An Efficient and Privacy-Preserving Auditing Protocol; 2.3.1 Overview2.3.2 Algorithms for Auditing Protocol2.3.3 Construction of the Privacy-Preserving Auditing Protocol; 2.3.4 Correctness Proof; 2.4 Secure Dynamic Auditing; 2.4.1 Solution of Dynamic Auditing; 2.4.2 Algorithms and Constructions for Dynamic Auditing; 2.5 Batch Auditing for Multi-Owner and Multi-Cloud; 2.5.1 Algorithms for Batch Auditing for Multi-Owner and Multi-Cloud; 2.5.2 Correctness Proof; 2.6 Security Analysis; 2.6.1 Provably Secure Under the Security Model; 2.6.2 Privacy-Preserving Guarantee; 2.6.3 Proof of the Interactive Proof System; 2.7 Performance Analysis; 2.7.1 Storage Overhead2.7.2 Communication Cost2.7.3 Computation Complexity; 2.7.4 Computation Cost of the Owner; 2.8 Related Work; 2.9 Conclusion; References; 3 ABAC: Attribute-Based Access Control; 3.1 Introduction; 3.2 Preliminary; 3.2.1 Access Structures; 3.2.2 Linear Secret Sharing Schemes; 3.2.3 Bilinear Pairing; 3.2.4 q-Parallel BDHE Assumption; 3.3 System and Security Model; 3.3.1 System Model; 3.3.2 Framework; 3.3.3 Security Model; 3.4 ABAC: Attribute-Based Access Control with Efficient Revocation; 3.4.1 Overview; 3.4.2 Construction of ABAC; 3.4.3 Attribute Revocation Method; 3.5 Analysis of ABAC3.5.1 Security Analysis3.5.2 Performance Analysis; 3.6 Related Work; 3.7 Conclusion; References; 4 DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems; 4.1 Introduction; 4.2 System Model and Security Model; 4.2.1 System Model; 4.2.2 DAC-MACS Framework; 4.2.3 Security Model; 4.3 DAC-MACS: Data Access Control for Multi-Authority Cloud Storage; 4.3.1 Overview; 4.3.2 Construction of DAC-MACS; 4.3.3 Efficient Attribute Revocation for DAC-MACS; 4.4 Analysis of DAC-MACS; 4.4.1 Comprehensive Analysis; 4.4.2 Security Analysis; 4.4.3 Performance Analysis4.5 Related Work4.6 Conclusion; ReferencesCloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers
Subjects: Electronic books.; Cloud computing -- Security measures.; Cloud computing; Computer networks -- Security measures.; Computer networks;
© 2014., Springer,
On-line resources: Click here to view book;
unAPI

(ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests. by Malisow, Ben.;
Intro -- (ISC)2 CCSP Certified Cloud Security Professional: Official Practice Tests -- Acknowledgments -- About the Author -- About the Technical Editor -- Contents -- Introduction -- How This Book Is Organized -- Who Should Read This Book -- Tools You Will Need -- CCSP Certified Cloud Security Professional Objective Map -- Online Test Bank -- Chapter 1 Domain 1: Cloud Concepts, Architecture, and Design -- Chapter 2 Domain 2: Cloud Data Security -- Chapter 3 Domain 3: Cloud Platform and Infrastructure Security -- Chapter 4 Domain 4: Cloud Application Security -- Chapter 5 Domain 5: Cloud Security Operations -- Chapter 6 Domain 6: Legal, Risk, and Compliance -- Chapter 7 Practice Exam 1 -- Chapter 8 Practice Exam 2 -- Appendix Answers to Review Questions -- Chapter 1: Domain 1: Cloud Concepts, Architecture, and Design -- Chapter 2: Domain 2: Cloud Data Security -- Chapter 3: Domain 3: Cloud Platform and Infrastructure Security -- Chapter 4: Domain 4: Cloud Application Security -- Chapter 5: Domain 5: Cloud Security Operations -- Chapter 6: Domain 6: Legal, Risk, and Compliance -- Chapter 7: Practice Exam 1 -- Chapter 8: Practice Exam 2 -- Index -- Advert -- EULA.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Cloud computing-Security measures-Examinations-Study guides.;
On-line resources: CGCC online access;
unAPI

Secure Data Management : 10th VLDB Workshop, SDM 2013, Trento, Italy, August 30, 2013, Proceedings. by Jonker, Willem.; Petkovic, Milan.;
Intro -- Preface -- Organization -- Contents -- Key Note -- To Cloud Or Not To? Musings on Clouds, Security and Big Data -- 1 Overview -- 2 Conclusion -- Reference -- Vision Papers -- Data Security -- Challenges and Research Opportunities -- Abstract -- 1 Introduction -- 2 Access Control and Protection from Insider Threat -- 3 Data Trustworthiness -- 4 Reconciling Data Security and Privacy -- Acknowledgments -- References -- Research Challenges to Secure the Future Internet -- 1 A New World is Shaping -- 2 Information Security Research Challenges -- 3 Getting Security and Privacy-Protecting Technologies Used -- 4 Conclusion -- Security and Privacy of Data in a Cloud -- 1 Introduction -- 2 Data Confidentiality -- 3 Efficient Query Evaluation -- 4 Access Control Enforcement -- 5 Data Integrity -- 6 Completeness, Freshness, and Correctness of Query Results -- 7 Cheap and Lazy Cloud Providers and Side Channels -- References -- The Future of Information Security Research: Cryptology and Beyond -- Where Security Research Should Go in the Next Decade -- Abstract -- 1 Goals -- 1.1 Multilateral Security -- 1.2 Privacy Compatibility of ICT Security Measures -- 2 Technical and Other Trends -- 3 Instruments -- 3.1 Data Thriftiness -- 3.2 Stability of Services and Reliability with Regard to Planning of Changes -- 3.3 Trustworthy Mobile Platforms and App-Ecosystems -- 3.4 Strong Sovereign Assurance Tokens and Wallets -- 3.5 Trustworthy and Transparent ICT Infrastructures in General -- Acknowledgement -- References -- ''Technology Should Be Smarter Than This!'': A Vision for Overcoming the Great Authentication Fatigue -- Abstract -- References -- Data Security and Privacy in 2025? -- Abstract -- 1 Data Security and Privacy in 2025 -- 2 Emergency Research Challenges -- 2.1 Sensing, Computing, and Actuators Everywhere.2.2 End-to-End Data Confidentiality and Privacy -- 2.3 Failure-Resistant Design -- 3 Conclusion -- Acknowledgements -- References -- Towards a Risk-Based Approach to Achieving Data Confidentiality in Cloud Computing -- Abstract -- 1 Introduction -- 2 Challenges and Opportunities Beyond DAS -- 3 Risk Aware Data Processing in Clouds -- 4 Challenges that Lie Ahead -- 5 Concluding Remarks -- References -- Internet of Things -- 1 Introduction -- 2 Operational Security in Internet of Things -- 3 Security for Constrained Devices -- 4 Sharing Data in a Privacy-Preserving Way -- 5 Conclusions -- References -- Security, Privacy and Trust: From Innovation Blocker to Innovation Enabler -- Abstract -- 1 Introduction -- 2 Key ICT Drivers to Invade Privacy -- 3 Social, Economic, and Legal Aspects -- 4 Key Technologies Addressing Security, Privacy and Trust -- 5 Conclusion -- Acknowledgments -- References -- Workshop Papers -- Secure Similar Document Detection with Simhash -- 1 Introduction -- 2 Background -- 2.1 Cryptographic Primitives -- 2.2 Simhash -- 2.3 Related Work -- 3 Problem Definition -- 4 Basic Protocol -- 4.1 The Simhash Protocol -- 4.2 Security -- 5 Enhanced Protocol -- 6 Experimental Evaluation -- 6.1 Setup -- 6.2 Results -- 7 Conclusions -- References -- Big Security for Big Data: Addressing Security Challenges for the Big Data Infrastructure -- Abstract -- 1 Introduction -- 2 Big Data Definition and Security Properties -- 2.1 Big Data Nature in e-Science, Industry and Business -- 2.2 5 Vs of Big Data and Data Veracity -- 3 Related Research and Developments -- 3.1 CSA Top Ten -- 3.2 Related Security Research -- 4 Paradigm Shift and New Challenges -- 4.1 Paradigm Shift to Data Centric Security -- 4.2 Trusted Virtualisation Platforms -- 4.3 Data Ownership -- 4.4 Personal Information, Privacy and Opacity -- 5 Security Infrastructure for Big Data.5.1 Scientific Data Lifecycle Management (SDLM) -- 5.2 Security and Trust in Cloud Based Infrastructure -- 5.3 General Requirements to Security Infrastructure -- 6 SDI/BDI Security Infrastructure Components -- 6.1 Federated Access and Delivery Infrastructure (FADI) -- 6.2 Data Centric Access Control -- 6.3 Trusted Infrastructure Bootstrapping Protocol -- 7 Future Research and Development -- References -- Query Log Attack on Encrypted Databases -- 1 Introduction -- 2 Preliminaries -- 2.1 Client-Server Architecture -- 2.2 Attacks on Ciphers -- 3 New Definitions -- 4 Adversary Models -- 4.1 Query-Only Attack -- 4.2 Known-Query Attack -- 4.3 Chosen-Query Attack -- 5 Conclusion -- References -- A Multi-Party Protocol for Privacy-Preserving Range Queries -- 1 Introduction -- 2 Related Work -- 3 Preliminaries -- 3.1 Basic Scenario -- 3.2 Set Intersection Protocol -- 3.3 Bucketized-Secure Multi-party Equality Test Queries (B-SMEQ) -- 4 Range Query in Secure Multi-party Paradigm -- 4.1 Protocol 1 -- 4.2 Protocol 2 -- 4.3 A Worked-Out Example -- 4.4 False Positive Analysis -- 4.5 Privacy Issues -- 5 Time Complexity Analysis -- 6 Conclusions and Future Work -- A Finding Optimal Number of Buckets -- References -- Privacy Implications of Privacy Settings and Tagging in Facebook -- 1 Introduction -- 2 Privacy Issues in Social Networks -- 3 Facebook Profile Model -- 4 Application of Privacy Settings -- 4.1 Scenario 1 -- 4.2 Scenario 2 -- 4.3 Scenario 3 -- 4.4 Discussion -- 5 Visibility Visualization Tool -- 5.1 Formal Representation of Privacy Settings -- 5.2 Proof-of-Concept -- 6 Related Work -- 7 Conclusions -- References -- Author Index.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Cloud computing.;
On-line resources: CGCC online access;
unAPI

Secure IT Systems : 18th Nordic Conference, NordSec 2013, Ilulissat, Greenland, October 18-21, 2013, Proceedings. by Riis Nielsen, Hanne.; Gollmann, Dieter.(SAGE)1798860;
Intro -- Preface -- Organization -- Table of Contents -- Cyber-Physical Systems -- Detecting and Preventing Beacon Replay Attacks in Receiver-Initiated MAC Protocols for Energy Efficient WSNs -- 1 Introduction -- 2 Attack Definition and Related Work -- 2.1 Receiver-Initiated MAC Protocols -- 2.2 Related Work: Mitigating Replay Attacks in WSNs -- 2.3 Beacon Replay Attack in the Receiver-Initiated Paradigm -- 3 Receiver Authentication Protocol (RAP) -- 3.1 Detection Mode (RAP-D) -- 3.2 Prevention Mode (RAP-P) -- 3.3 Transition Policies -- 4 Verification and Analysis -- 4.1 Verification with OFMC and ProVerif -- 4.2 Space Exhaustion Analysis -- 4.3 Energy Consumption Analysis -- 5 Conclusion -- References -- Security Games for Cyber-Physical Systems -- 1 Introduction -- 2 Modelling Security Games -- 2.1 Stochastic Games -- 2.2 Attacker-Defender Games -- 3 Motivating Examples -- 4 Analysing Security Games -- 5 Solving Min-Max Equation Systems -- 6 Conclusion -- References -- Prevent Session Hijacking by Binding the Session to the Cryptographic Network Credentials -- 1 Introduction -- 2 Session Stealing and Prevention -- 2.1 Stealing the Session -- 2.2 Strengths and Weaknesses of http-only Cookies -- 2.3 Session Stealing Prevention -- 3 Session Securing by Proxying -- 3.1 Session Binding Proxy -- 3.2 Session Management -- 3.3 Session Management -- 3.4 Prototype -- 3.5 Attacking the SBP -- 4 Validating SBP -- 4.1 Session Stealing in -- 4.2 Applying the SBP Prototype -- 4.3 Validation Evaluation -- 4.4 General Applicability of SBP -- 5 Related Work -- 5.1 Session Hijacking Prevention -- 5.2 Related Attack Setups -- 6 Conclusions -- References -- Security Policies -- Inferring Required Permissions for Statically Composed Programs -- 1 Introduction -- 1.1 Contributions -- 2 Permission-Based Security Models in SmartphoneOperating Systems.3 The Magnolia Programming Language -- 4 Language Support for Permissions -- 5 Experience with Application Integration -- 6 Problematic Permission Requirements -- 7 Related Work -- 8 Conclusion -- References -- SAFESCRIPT: JavaScript Transformation for Policy Enforcement -- 1 Introduction -- 2 Approach -- 2.1 Architecture -- 2.2 Technical Approach -- 2.3 Scope -- 3 Implementation -- 3.1 Namespaces -- 3.2 Execution Contexts -- 3.3 Syntax-Based Transformation -- 3.4 Scripts Generated at Runtime -- 3.5 Transformation Optimizations -- 4 Evaluation -- 4.1 Security Analysis -- 4.2 Micro-benchmarks -- 4.3 Compatibility and Render Overhead -- 5 Related Work -- 6 Conclusion -- References -- Information Flow -- A Logic for Information Flow Analysis of Distributed Programs -- 1 Introduction -- 2 Security Model -- 3 Policies via Examples -- 4 Equivalences -- 5 A Logic for Information Flow -- 5.1 Knowledge in Multi-agent Systems -- 5.2 Temporal Epistemic Logic with Past -- 6 Related Work and Conclusions -- References -- Dynamics and Secure Information Flow for a Higher-Order Pi-Calculus -- 1 Introduction -- 2 Syntax and Operational Semantics -- 2.1 Description -- 2.2 Example from the Introduction -- 3 Type System -- 4 Non-interference -- 5 More Examples -- 6 Related Work -- 7 Conclusions -- References -- Lazy Programs Leak Secrets -- 1 Introduction -- 2 LIO: A Concurrent IFC System for Haskell -- 3 A Lazy Attack for LIO -- 4 Restricting Sharing -- 5 Conclusions -- References -- Security Experiences -- High-Performance Qualified Digital Signatures for X-Road -- 1 Introduction -- 2 X-Road -- 2.1 X-Road Message Signature Validation Workflow -- 3 Batch Signatures and Timestamps -- 3.1 Fiat's Batch RSA -- 3.2 Simple Batching with Hash Lists -- 3.3 Signatures with Batch Residue -- 4 Discussion -- 5 Conclusions and Further Work -- References.Identification and Evaluation of Security Activities in Agile Projects -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Research Design and Validity Threats -- 5 Results and Analysis -- 5.1 Demographic Data -- 5.2 Statistical Test -- 5.3 Security Activities Evaluation Results -- 5.4 Waterfall SE Processes Evaluation -- 5.5 Agile Compatible Security Activities -- 6 Discussion -- 7 Conclusion and Future Work -- References -- PeerShare: A System Secure Distribution of Sensitive Data among Social Contacts -- 1 Motivation -- 2 Usage Scenarios -- 3 SystemRequirements -- 4 System Design -- 4.1 PeerShare Service -- 4.2 PeerShare Server -- 4.3 PeerShare Protocol -- 4.4 Implementation -- 4.5 Performance Considerations -- 5 Security Considerations -- 5.1 Channel Protection -- 5.2 User and Application Authentication -- 5.3 Minimizing the Need to Trust PeerShare Server -- 6 Related Work -- 7 Status and Future Work -- References -- Cyber-Physical Systems -- Resilience of Process Control Systems to Cyber-Physical Attacks -- 1 Introduction -- 2 Preliminaries -- 2.1 Process control Fundamentals -- 2.2 Secure Control -- 3 Approach -- 3.1 Process Modeling -- 3.2 Attack Modeling -- 4 Experimental Results -- 4.1 Integrity Attacks -- 4.2 DoS Attacks -- 4.3 Application of the Results -- 5 Attacks on Situational Awareness -- 6 Final Remarks and Future Work -- References -- Femtocell Security in Theory and Practice -- 1 Introduction -- 2 Femtocell Overview -- 3 The Security Model -- 3.1 The Femtocell Security Model -- 3.2 Attack Vectors -- 4 Theoretical Security Analysis of Femtocells without Local Break-Out -- 5 Practical Security Analysis of the Vodafone Plug&Play Femtocell -- 6 Future Work -- 7 Conclusion -- References -- Security Analysis of Building Automation Networks -- 1 Introduction -- 2 Preliminaries -- 2.1 BAS Network Analysis -- 2.2 ThreatModel.2.3 Security Desiderata -- 3 Secure BAN Protocol -- 3.1 Multiparty Key Agreement Scheme -- 4 Feasibility Evaluation -- 5 Related Work -- 6 Concluding Remarks -- References -- Web Security -- Controlling Data Flow with a Policy-Based Programming Language for the Web -- 1 Introduction -- 2 The Base Language -- 3 Motivations and Approach -- 4 Modeling Data Flow -- 5 The Policy Language -- 6 Policy Examples -- 7 Language Semantics -- 7.1 Static Semantics -- 7.2 Dynamic Semantics and Meta-Theory -- 8 Related Work -- 9 Conclusions and Future Work -- References -- A Survey on Control-Flow Integrity Means in Web Application Frameworks -- 1 Introduction -- 2 Exploring Control Flow in Web Applications -- 2.1 Technical Background -- 2.2 Root Causes for Weaknesses -- 2.3 Examples -- 3 Probed Web Application Frameworks -- 3.1 Enforcing Sequences of Actions -- 3.2 Race Condition Protection -- 3.3 Parameter Enforcement -- 3.4 Summary -- 4 Related Work -- 4.1 Navigation Restriction Means -- 4.2 State Violation Detection -- 4.3 Client-Side Manipulation Detection -- 4.4 Race Conditions -- 5 Conclusion -- References -- Security Policies -- Incremental Hyperproperty Model Checking via Games -- 1 Introduction -- 2 Background -- 2.1 Properties vs. Hyperproperties -- 2.2 Models of Systems -- 2.3 Auxiliary Definitions -- 2.4 Incremental Hyperproperties as Coinductive Predicates [14] -- 2.5 The Polyadic Modal mu-Calculus Interpreted over Trees [13] -- 3 Incremental Hyperproperty Checking Games -- 3.1 A New Logic for Incremental Hyperproperties -- 3.2 Incremental Hyperproperty Checking Games (IHP Games) -- 3.3 From IHP Games to Parity Games -- 4 Model Checking the Polyadic Modal mu-Calculus -- 4.1 Traditional Model Checking of Lkμ -- 4.2 Model Checking IHP Games -- 4.3 Model Checking without Going through IHP Games -- 4.4 Experiments.5 Advantages of Model Checking via Games -- 6 Discussion and Related Work -- 7 Conclusion -- References -- Graph k-Anonymity through k-Means and as Modular Decomposition -- 1 Introduction -- 2 Preliminaries -- 2.1 k-Anonymity for Graphs -- 2.2 The k-Means Algorithm -- 2.3 Message Passing Algorithms -- 2.4 Modular Decomposition of Graphs -- 3 k-Anonymous Graphs in Terms of Modular Decomposition -- 4 Algorithms for Clustering of Graphs with Respect to Open Neighborhoods -- 4.1 A k-Means Algorithm for Graphs -- 4.2 A Distributed k-Means Algorithm -- 5 Experiments -- 5.1 The k-Means Algorithm on Graphs -- 5.2 Constructing k-Anonymous Graphs -- 6 Conclusions -- References -- Network Security -- Domain-Based Storage Protection (DBSP) in Public Infrastructure Clouds -- 1 Introduction -- 2 SystemModel -- 3 Building Blocks -- 3.1 Trusted Platform Module -- 3.2 Trusted Third Party -- 3.3 Secure Component -- 4 Design Principles -- 4.1 VM Instance Launch -- 4.2 Initialization and First Time Data Writes -- 4.3 Subsequent Data Reads and Writes -- 5 Security Evaluation -- 5.1 Protocol Verification with ProVerif -- 6 Related Work -- 7 Conclusion -- References -- An Adaptive Mitigation Framework for Handling Suspicious Network Flows via MPLS Policies -- 1 Introduction -- 2 Background -- 2.1 HADEGA -- 2.2 Policy-BasedManagement -- 2.3 OrBAC -- 2.4 MPLS Reaction Policies Using OrBAC -- 3 Network Adaptation Policy -- 3.1 Concrete Entities -- 3.2 Abstract Entities -- 3.3 Performance Contexts -- 3.4 Generation of Network Adaptation Rules -- 4 Flow Admission Policy -- 4.1 Concrete Entities -- 4.2 Abstract Entities -- 4.3 Threat Contexts -- 4.4 Generation of Flow Admission Rules -- 5 Implementation -- 5.1 Policy Instantiation via Mapping of Alerts and Policies -- 5.2 From Inferred Rules to MPLS Configurations -- 6 Discussion and Related Work -- 7 Conclusion -- References.Keyless Signatures' Infrastructure: How to Build Global Distributed Hash-Trees.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Computer security-Congresses..; Computer networks-Security measures-Congresses.;
On-line resources: CGCC online access;
unAPI

CCSP for Dummies with Online Practice. by Deane, Arthur J.;
Intro -- Title Page -- Copyright Page -- Table of Contents -- Introduction -- About this Book -- Foolish Assumptions -- Icons Used in This Book -- Beyond the Book -- Where to Go from Here -- Part 1 Starting Your CCSP Journey -- Chapter 1 Familiarizing Yourself with (ISC)2 and the CCSP Certification -- Appreciating (ISC)2 and the CCSP Certification -- Knowing Why You Need to Get Certified -- Studying the Prerequisites for the CCSP -- Understanding the CCSP Domains -- Domain 1: Cloud Concepts, Architecture and Design -- Domain 2: Cloud Data Security -- Domain 3: Cloud Platform and Infrastructure Security -- Domain 4: Cloud Application Security -- Domain 5: Cloud Security Operations -- Domain 6: Legal, Risk and Compliance -- Preparing for the Exam -- Studying on your own -- Learning by doing -- Getting official (ISC)2 CCSP training -- Attending other training courses -- Practice, practice, practice -- Ensuring you're ready for the exam -- Registering for the Exam -- Taking the Exam -- Identifying What to Do After the Exam -- Chapter 2 Identifying Information Security Fundamentals -- Exploring the Pillars of Information Security -- Confidentiality -- Integrity -- Availability -- Threats, Vulnerabilities, and Risks . . . Oh My! -- Threats -- Vulnerabilities -- Risks -- Securing Information with Access Control -- Deciphering Cryptography -- Encryption and decryption -- Types of encryption -- Common uses of encryption -- Grasping Physical Security -- Realizing the Importance of Business Continuity and Disaster Recovery -- Implementing Incident Handling -- Preparing for incidents -- Detecting incidents -- Containing incidents -- Eradicating incidents -- Recovering from incidents -- Conducting a Post-Mortem -- Utilizing Defense-in-Depth -- Part 2 Exploring the CCSP Certification Domains -- Chapter 3 Domain 1: Cloud Concepts, Architecture and Design.Knowing Cloud Computing Concepts -- Defining cloud computing terms -- Identifying cloud computing roles -- Recognizing key cloud computing characteristics -- Building block technologies -- Describing Cloud Reference Architecture -- Cloud computing activities -- Cloud service capabilities -- Cloud service categories -- Cloud deployment models -- Cloud shared considerations -- Impact of related technologies -- Identifying Security Concepts Relevant to Cloud Computing -- Cryptography and key management -- Access control -- Data and media sanitization -- Network security -- Virtualization security -- Common threats -- Comprehending Design Principles of Secure Cloud Computing -- Cloud Secure Data Lifecycle -- Cloud based disaster recovery (DR) and business continuity (BC) planning -- Cost benefit analysis -- Security considerations for different cloud categories -- Evaluating Cloud Service Providers -- Verifying against certification criteria -- Meeting system/subsystem product certifications -- Chapter 4 Domain 2: Cloud Data Security -- Describing Cloud Data Concepts -- Cloud data lifecycle phases -- Data dispersion -- Designing and Implementing Cloud Data Storage Architectures -- Storage types -- Threats to storage types -- Designing and Implementing Data Security Technologies and Strategies -- Encryption and key management -- Hashing -- Data loss prevention (DLP) -- Data de-identification -- Implementing Data Discovery -- Structured data -- Unstructured data -- Implementing Data Classification -- Mapping -- Labeling -- Sensitive data -- Designing and Implementing Information Rights Management (IRM) -- Objectives -- Appropriate tools -- Planning and Implementing Data Retention, Deletion, and Archiving Policies -- Data retention policies -- Data deletion procedures and mechanisms -- Data archiving procedures and mechanisms -- Legal hold.Designing and Implementing Auditability, Traceability and Accountability of Data Events -- Defining event sources and requirements of identity attribution -- Logging, storing, and analyzing data events -- Chain of custody and nonrepudiation -- Chapter 5 Domain 3: Cloud Platform and Infrastructure Security -- Comprehending Cloud Infrastructure Components -- Physical environment -- Network and communications -- Compute -- Virtualization -- Storage -- Management plane -- Designing a Secure Data Center -- Logical design -- Physical design -- Environmental design -- Analyzing Risks Associated with Cloud Infrastructure -- Risk assessment and analysis -- Cloud vulnerabilities, threats, and attacks -- Virtualization risks -- Countermeasure strategies -- Designing and Planning Security Controls -- Physical and environmental protection -- System and communication protection -- Virtualization systems protection -- Identification, authentication, and authorization in cloud infrastructure -- Audit mechanisms -- Planning Business Continuity (BC) and Disaster Recovery (DR) -- Risks related to the cloud environment -- Business requirements -- Business continuity/disaster recovery strategy -- Chapter 6 Domain 4: Cloud Application Security -- Advocating Training and Awareness for Application Security -- Cloud development basics -- Common pitfalls -- Common cloud vulnerabilities -- Describing the Secure Software Development Lifecycle (SDLC) Process -- Business requirements -- Phases -- Methodologies -- Applying the SDLC Process -- Common vulnerabilities during development -- Cloud-specific risks -- Quality Assurance (QA) -- Threat modeling -- Software configuration management and versioning -- Applying Cloud Software Assurance and Validation -- Functional testing -- Security testing methodologies -- Using Verified Secure Software.Approved Application Programming Interfaces (API) -- Supply-chain management -- Third-party software management -- Validated open source software -- Comprehending the Specifics of Cloud Application Architecture -- Supplemental security components -- Cryptography -- Sandboxing -- Application virtualization and orchestration -- Designing Appropriate Identity and Access Management (IAM) Solutions -- Federated identity -- Identity providers -- Single sign-on (SSO) -- Multifactor authentication -- Cloud access security broker (CASB) -- Chapter 7 Domain 5: Cloud Security Operations -- Implementing and Building a Physical and Logical Infrastructure for Cloud Environment -- Hardware specific security configuration requirements -- Installing and configuring virtualization management tools -- Virtual hardware specific security configuration requirements -- Installing guest operating system virtualization toolsets -- Operating Physical and Logical Infrastructure for a Cloud Environment -- Configuring access control for local and remote access -- Secure network configuration -- Hardening the operating system through the application of baselines -- Availability of standalone hosts -- Availability of clustered hosts -- Availability of guest operating system -- Managing Physical and Logical Infrastructure for a Cloud Environment -- Access controls for remote access -- Operating system baseline compliance monitoring and remediation -- Patch management -- Performance and capacity monitoring -- Hardware monitoring -- Configuring host and guest operating system backup and restore functions -- Network security controls -- Management plane -- Implementing Operational Controls and Standards -- Change management -- Continuity management -- Information security management -- Continual service improvement management -- Incident management -- Problem management.Release and deployment management -- Configuration management -- Service level management -- Availability management -- Capacity management -- Supporting Digital Forensics -- Collecting, acquiring, and preserving digital evidence -- Evidence management -- Managing Communication with Relevant Parties -- Customers -- Vendors -- Partners -- Regulators -- Other stakeholders -- Managing Security Operations -- Security operations center (SOC) -- Monitoring of security controls -- Chapter 8 Domain 6: Legal, Risk and Compliance -- Articulating Legal Requirements and Unique Risks within the Cloud Environment -- Conflicting international legislation -- Evaluating legal risks specific to cloud computing -- Legal framework and guidelines -- e-Discovery -- Forensics requirements -- Understanding Privacy Issues -- Difference between contractual and regulated private data -- Country-specific legislation related to private data -- Jurisdictional differences in data privacy -- Standard privacy requirements -- Understanding Audit Process, Methodologies, and Required Adaptations for a Cloud Environment -- Internal and external audit controls -- Impact of audit requirements -- Identifying assurance challenges of virtualization and cloud -- Types of audit reports -- Restrictions of audit scope statements -- Gap analysis -- Audit planning -- Internal information security management system (ISMS) -- Internal information security controls system -- Policies -- Identification and involvement of relevant stakeholders -- Specialized compliance requirements for highly regulated industries -- Impact of distributed Information Technology (IT) model -- Understanding the Implications of Cloud to Enterprise Risk Management -- Assessing providers' risk management programs -- Difference between data owner/controller versus data custodian/processor.Regulatory transparency requirements.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Computer networks-Security measures.;
On-line resources: CGCC online access;
unAPI

Pro Oracle Identity and Access Management Suite. by Ramey, Kenneth.;
Contents at a Glance -- Contents -- About the Author -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Chapter 1: Oracle Identity and Access Management Suite Overview -- WebLogic Server -- Oracle Directory Services -- Oracle Internet Directory -- Oracle Unified Directory -- Oracle Virtual Directory -- Oracle Identity and Access Management -- Oracle Access Manager -- Oracle Adaptive Access Management -- Identity Federation -- Mobile and Social Access -- API and Web Service Security -- Cloud Access Portal -- Oracle Identity Manager -- Self-Service -- Workflows -- Delegated Administration -- Auditing -- Putting It All Together -- Summary -- Chapter 2: Preinstallation Considerations and Prerequisites -- Capacity Planning -- Fusion Middleware -- Assessing Capacity Requirements -- Hardware -- Memory -- Storage -- Networking -- Clustering -- Enterprise Deployment Topologies -- Single Node -- Local High Availability -- Disaster Recovery and Maximum Availability -- Topology Implementations -- Oracle Directory Services -- Oracle Access Manager -- Oracle Identity Manager -- Prerequisites -- Operating Systems -- Fusion Middleware Hardware Requirements -- WebLogic Server -- Oracle Directory Services -- Oracle Identity and Access Manager -- Clustering Considerations -- Host Configurations -- Network Planning -- Summary -- Chapter 3: User and Policy Stores -- User and Policy Store Overview -- Oracle Internet Directory -- Security and Data Privacy -- Usability and Administration -- Directory Synchronization -- Oracle Unified Directory -- Architecture -- Scalability -- Replication -- Usability and Manageability -- Oracle Virtual Directory -- Architecture -- Aggregation -- Access Management -- Summary -- Chapter 4: Oracle Directory Services Installation and Configuration -- Preinstallation Tasks -- Operating System Users.Operating System Configuration -- Operating System Packages -- Database Preparation -- Fusion Middleware WebLogic Server -- Oracle Internet Directory Installation -- Oracle Internet Directory Configuration -- Configuration Type -- Verifying the Installation -- Summary -- Chapter 5: Directory Synchronization and Virtualization -- The Directory Integration Platform -- Creating a Synchronization Profile -- Summary -- Chapter 6: Oracle Access Manager Installation -- Preinstallation Tasks -- Operating System Users -- Operating System Configuration -- Operating System Packages -- Database Preparation -- Access Manager Software Installation -- Creating the Access Manager Domain -- Summary -- Chapter 7: Identity Manager Installation -- Preinstallation Tasks -- Operating System Users -- Operating System Configuration -- Operating System Packages -- Database Preparation -- Identity Manager Software Installation -- Service-Oriented Architecture Installation -- Identity Manager Installation -- Configure Identity Manager Domain -- Summary -- Chapter 8: Oracle HTTP Server and WebGate Installation and Configuration -- Preinstallation Tasks -- Operating System Users -- Operating System Configuration -- Operating System Packages -- Oracle HTTP Server Software Installation and Configuration -- Oracle Access Manager WebGate Installation and Configuration -- Configure and Deploy Oracle WebGate -- Summary -- Chapter 9: Configuring Oracle Access Manager -- Preparing Access Manager to Use Oracle Internet Directory -- Preconfiguring OID for Oracle Access Manager -- Configuring Oracle Access Manager Identity Store -- Summary -- Chapter 10: Oracle Identity Management Configuration -- Preconfiguration Steps -- Configure the Database Security Store -- Preconfigure OID Identity Store for OIM -- Configure Oracle Identity Manager Server -- Complete LDAP Postinstallation -- Summary.Chapter 11: Oracle Identity and Access Manager Integration -- IdmConfigTool -- Configure Oracle Access Manager -- Configure Oracle Identity Manager -- Integrate OIM and OAM -- Configure Oracle HTTP Server WebGate -- Summary -- Chapter 12: Oracle Identity Management and Identity Stores -- Use Cases -- Topologies -- Split Profiles -- Distinct User and Group Populations -- Identity Stores and Oracle Access Manager -- Summary -- Chapter 13: Identity Manager Policy Administration -- Access Policies -- Sample Access Policy Configuration -- Password Policies -- Summary -- Chapter 14: Oracle Identity Manager Forms and Customization -- Basic Customization -- User Interface Customizations -- Summary -- Chapter 15: Integrating Access Manager with E-Business Suite -- Architecture -- Prepare EBS AccessGate Files -- Create EBS AccessGate Installation Directory -- Prepare EBS and OID -- Register EBS Home with OAM -- Register EBS with OID -- Create EBS Connection User -- Configure EBS AccessGate -- Create Managed Servers for AccessGate -- Copy Artifact Files -- Generate DBC File in EBS -- Add EBS AccessGate Host to List of External Tables -- Use txkEBSAuth.xml to Deploy AccessGate -- Validate the AccessGate Application Deployment -- Configure Resources in Oracle Access Manager -- Redirect HTTP Server to WebLogic Server for EBS AccessGate -- Configure Centralized Logout -- Configure the Cleanup File for Logout -- Configure Additional Logout Callbacks -- EBS Profile Configuration -- Test E-Business Suite Single Sign-On -- Summary -- Chapter 16: Troubleshooting and Common Issues -- Installation Problems -- Common Configuration Issues -- Oracle Internet Directory -- Oracle Access Manager -- Oracle Identity Manager -- Summary -- Index.Description based on publisher supplied metadata and other sources.Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Subjects: Electronic books.; Computer networks--Security measures.;
On-line resources: CGCC online access;
unAPI

Monitoring and Securing Virtualized Networks and Services : 8th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2014, Brno, Czech Republic, June 30 â€" July 3, 2014. Proceedings. by Hutchison, David.(SAGE)2024176; Kanade, Takeo.; Kittler, Josef.; Charalambides, Marinos.; Stiller, Burkhard.;
Intro -- Preface -- Organization -- Keynote - Modern Security Analytics: Finding a Needle in the Hay Blower -- Finding a Needle in the Hay Blower -- Educational Session - Where to Publish? -- Lab Session 1 - Fast Network Simulation Setup -- Lab Session 2 - Deploying OpenFlow Experiments on the Virtual Wall Test-bed -- Lab Session 3 - Cybernetic Proving Ground: A Cloud-Based Security Research Test-bed -- Table of Contents -- Emerging Infrastructures for Networks and Services -- Trade-off-based Adoption Methodology for Cloud-Based Infrastructures and Services -- 1 Introduction -- 2 Terminology and Related Work -- 3 The Development of TrAdeCIS -- 3.1 Business Layer -- 3.2 TOPSIS -- 3.3 Evaluation of Alternatives Based on Business Performance Metrics -- 3.4 Trade-off-based Decision Using ANP -- 4 Illustration of the Method Based on Survey Results -- 4.1 Business Layer -- 4.2 Ranking the Alternative Solutions Using TOPSIS -- 4.3 Evaluation of Alternatives Based on Business Performance Metrics -- 4.4 Illustrating Trade-off-based Decision Using ANP -- 5 Summary, Conclusions, and Future Work -- References -- ESPRESSO: An Encryption as a Service for Cloud Storage Systems -- 1 Introduction -- 2 Problem Statement -- 2.1 The System and Threat Model -- 2.2 Design Goals -- 3 System Architecture of ESPRESSO -- 3.1 Architecture of ESPRESSO -- 3.2 Handling the Flexibility and Multi-user Scheme -- 4 Implementation of ESPRESSO -- 5 Integration of ESPRESSO -- 5.1 Integration of ESPRESSO into Swift -- 5.2 Integration of ESPRESSO into Cumulus -- 6 Experiments and Performance Evaluation -- 6.1 Experiment Setup -- 6.2 Performance Analysis -- 7 Related Work -- 8 Conclusion and Future Work -- References -- Adaptive CUSUM Algorithm to Detect Malicious Behaviors in Wireless Mesh Networks -- 1 Introduction -- 2 Related Works -- 3 Packet Rate Not Overheard.4 Our Intrusion Detection System -- 5 The Reputation Computation -- 6 Evaluation of our Intrusion Detection System -- 7 Conclusion -- References -- Ph.D. Student Workshop - Management of Virtualized Network Resources and Functions -- Efficient Management of Virtualized Information-Centric Networks -- 1 Introduction -- 2 Virtualized ICN Networks -- 2.1 Static Resource-Allocation and Content Placement -- 2.2 Elastic Resource-Allocation and Content Placement -- 3 Conclusion -- References -- Contributions to Efficient Resource Management in Virtual Networks -- 1 Introduction -- 2 Proposed Approaches: PaGe-VNE and RL-DRA -- 2.1 Path Generation-Based VNE (PaGe-VNE) -- 2.2 Reinforcement Learning-Based DRA (RL-DRA) -- 2.3 Obtained Results -- 3 Conclusion and Future Work -- References -- Management and Orchestration of Virtualized Network Functions -- 1 Introduction -- 2 Concepts and Technical Challenges -- 3 Architecture and Experimental Results -- 4 Conclusion and Prespectives -- References -- Ph.D. Student Workshop - Security Management -- Towards Incentivizing ISPs to Mitigate Botnets -- 1 Introduction -- 2 Research Problem -- 3 Approach -- 4 Final Considerations -- References -- Enhancing Network Security: Host Trus tworthiness Estimation -- 1 Introduction -- 2 Problem Disscussion -- 3 Research Questions and Proposed Approach -- 4 Conclusion -- References -- Outsourcing Mobile Security in the Cloud -- 1 Introduction -- 2 Related Work -- 3 Mobile Security as a Service -- 4 Preliminary Results -- 5 Conclusions and Perspectives -- References -- Characterizing and Mitigating the DDoS-as-a-Service Phenomenon -- 1 Introduction -- 2 Goal, Research Questions, and Approach -- 2.1 Characterization Steps -- 2.2 Mitigation Steps -- 3 Early Results and Final Considerations -- References -- Experimental Studies for Security Management.Characterisation of the Kelihos.B Botnet -- 1 Introduction -- 2 Background -- 3 Dataset and Analysis Methodology -- 4 Analysis Results -- 4.1 Overall analysis -- 4.2 Temporal Analysis -- 5 Conclusions -- References -- A Study of RPL DODAG Version Attacks -- 1 Introduction -- 2 Related Work -- 3 The RPL Protocol -- 4 Version Number Attack -- 5 Experimental Setup -- 6 Results -- 7 Conclusions -- References -- Toward a Source Detection of Botclouds: A PCA-Based Approach -- 1 Introduction -- 2 Related Works -- 2.1 Host Based IDS -- 2.2 Collaborative IDS -- 2.3 Source-Based IDS -- 2.4 Our Previous Work -- 3 A Source Approach Based on a PCA -- 3.1 Principal Component Analysis -- 3.2 Problem Modeling and Detection Algorithm -- 4 Evaluation and Discussion -- 4.1 Evaluation Framework -- 4.2 Evaluation Results -- 5 Conclusion and Future Work -- References -- Ph.D. Student Workshop - SDN and Content Delivery -- Software Defined Networking to Improve Mobility Management Performance -- 1 Introduction -- 2 The Objective, Research Questions and Approaches -- 3 Evaluation and Validation -- 4 Final Considerations -- References -- Future of DDoS Attacks Mitigation in Software Defined Networks -- 1 Introduction -- 2 Software Defined Networking -- 3 Hypothesis and Research Questions -- 4 Scientific Approach -- 5 Summary -- References -- Towards Decentralized, Energyand Privacy-Aware Device-to-Device Content Delivery -- 1 Introduction -- 2 Energy- and Privacy-Aware Content Discovery -- 3 Related Work -- 4 Summary and Future Work -- References -- Monitoring Methods for Quality-of-Service and Security -- Goal-Oriented Monitoring Adaptation: Methodology and Patterns -- 1 Introduction -- 2 Related Work -- 3 The Enriched Adaptive Monitoring Framework -- 4 A Goal-Oriented Methodology for Adaptive Quality-Oriented Monitoring -- 5 Dimensions and Patterns.5.1 Exchange Dimension Pattern -- 5.2 Metric Dimension Pattern -- 5.3 Spatial Dimension Pattern -- 5.4 Temporal Dimension Pattern -- 6 Case-Study -- 7 Conclusion and Perspectives -- References -- Detection of Network Flow Timestamp Reliability -- 1 Introduction -- 2 Related Work -- 2.1 Timestamp Failures -- 2.2 Timestamp Analysis -- 3 Timestamp Reliability Algorithm -- 4 Biflow Orientation Algorithm -- 5 Evaluation -- 5.1 Data Sets -- 5.2 Experimental Results -- 6 Conclusion -- References -- Enhancing Network Intrusion Detectionby Correlation of Modularly Hashed Sketches -- 1 Introduction -- 2 Background -- 2.1 Base-rate Fallacy -- 2.2 Statistic Correlation of Events with the Same Dimensions -- 2.3 Sketches -- 3 Correlation of Modularly Hashed Sketches -- 3.1 Modular Hashing -- 3.2 Correlation -- 4 Method Evaluation -- 4.1 Particular Detection Methods -- 4.2 Experiment -- 4.3 Discussion -- 5 Conclusion -- References -- Ph.D. Student Workshop - Monitoring and Information Sharing -- Next Generation Application-Aware Flow Monitoring -- 1 Introduction -- 2 Motivation -- 3 Proposed Research and Approach -- 4 Conclusions -- References -- A Modular Architecture for Deploying Self-adaptive Traffic Sampling -- 1 Introduction -- 2 Measurement Architecture -- 3 Ongoing Works and Results -- References -- Cross-Layer Optimization with Real-Time Adaptive Dynamic Spectrum Management for Fourth Generation Broadband Access Networks -- 1 Introduction -- 2 Approach -- 3 Current State -- 4 Related Work -- 5 Preliminary Conclusions and Future Work -- References -- Author Index.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.;
On-line resources: CGCC online access;
unAPI

Trust, Privacy, and Security in Digital Business : 10th International Conference, TrustBus 2013, Prague, Czech Republic, August 28-29, 2013. Proceedings. by Furnell, Steven.; Lambrinoudakis, Costas.; López, Javier.(SAGE)1921009;
Intro -- Preface -- Organization -- Table of Contents -- Session 1: Access Control and Authentication -- Improving Kerberos Ticket Acquisition during Application Service Access Control -- 1 Introduction -- 2 Kerberos Authentication Protocol: General Overview -- 3 Ticket Pre-distribution in Kerberos -- 3.1 Design -- 3.2 Modes of Operation -- 3.3 Example of Use Case: Network Access Service -- 4 PerformanceResults -- 5 Conclusions and Future Work -- References -- A Better Time Approximation Scheme for e-Passports -- 1 Introduction -- 2 Related Work -- 3 Proposed Scheme -- 3.1 Proxy Signatures -- 3.2 E-passports -- 3.3 CVCA -- 3.4 ISU -- 3.5 UEAC -- 4 Evaluation -- 5 Conclusions -- References -- Session 2: Identity and Trust Management -- Trust Evaluation of a System for an Activity -- 1 Introduction -- 2 OverviewofSOCIOPATH -- 3 Inferring the Trust Value of a System for an Activity -- 3.1 A SOCIOPATH Model as aWeighted Directed Acyclic Graph -- 3.2 SOCIOTRUST: A Probabilistic Approach to Infer the System Trust Value -- 4 Experimental Evaluations -- 4.1 Influence of the System Architecture on the Trust Value -- 4.2 Influence of the Path Length and the Number of Paths on the Trust Value -- 4.3 Social Evaluation: A Real Case -- 5 Related Work -- 6 Conclusion and Perspectives -- References -- Defining a Trust Framework Design Process -- 1 Introduction -- 2 State of the Art -- 3 User-Centered Design Steps and Identified Needs -- 3.1 Involving Users -- 3.2 Identified Needs -- 4 Defined Trust Framework Design Process -- 4.1 Attributing the Elements -- 4.2 Exclusion of Colliding Attributes -- 4.3 Selecting the Specific Implementation -- 5 Interaction and Graphical User Interface -- 6 Conclusions -- References -- Executable Model-Based Risk Analysis Method for Identity Management Systems: Using Hierarchical Colored Petri Nets -- 1 Introduction.2 Related Work -- 3 Risk Analysis Model -- 4 Case Study and Application -- 4.1 Privacy and Security Risks Analysis -- 5 Conclusion -- References -- Session 3: Pivacy and Confidentiality Management -- Preserving the User's Privacy in Social Networking Sites -- 1 Introduction -- 1.1 Contribution and Plan of This Paper -- 2 Previous Work -- 3 SystemModel -- 3.1 Target SNS -- 3.2 System Requirements -- 3.3 Our Scheme in a Nutshell -- 3.4 Proposed Architecture -- 4 Our Scheme in Detail -- 4.1 Proposed Algorithms -- 4.2 Hiding Information from the SNS -- 4.3 Access Control and Key Management -- 4.4 Deployability Issues -- 5 Evaluation -- 6 Concluding Remarks -- References -- A Classification of Factors Influencing Low Adoption of PETs Among SNS Users -- 1 Introduction -- 2 Background: Privacy Enhancing Technologies and Social Networks -- 3 Key Factors Affecting PETs Adoption by SNS Users -- 3.1 Awareness of Privacy Risks and PETs -- 3.2 Requirements for Special IT Skills -- 3.3 Complexity and Diversity -- 3.4 Direct and Indirect Cost -- 3.5 Low Visibility of Effectiveness and Inadequate Feedback -- 3.6 Privacy Requirements are Partially Addressed -- 3.7 The Role of the SNS Platform -- 3.8 Responsibility Misconceptions -- 3.9 Culture -- 4 Conclusions and Further Research -- References -- Towards Privacy-by-Design Peer-to-Peer Cloud Computing -- 1 Introduction -- 2 Security Objectives -- 3 A New Approach -- 3.1 System Overview -- 3.2 Orchestration -- 4 Operations -- 4.1 Account Creation -- 5 Preliminary Evaluation -- 6 Related Work -- 7 Conclusion and Future Work -- References -- Preservation of Utility through Hybrid k-Anonymization -- 1 Introduction -- 2 Background and Related Work -- 3 HybridAnonymizations -- 3.1 Classical Adversaries -- 3.2 Statistical Adversaries -- 4 Hybrid Anonymization Algorithms -- 5 Experiments -- 6 Future Work -- References.Session 4: Information Systems Security -- The Security of Information Systems in Greek Hospitals -- 1 Introduction -- 2 The Survey Process and Questionnaire -- 2.1 Response Rates and Profile of Respondents -- 2.2 Information Systems' Configuration -- 3 Security of Information Systems -- 3.1 Risk Assessment and Treatment -- 3.2 Security Policy -- 3.3 Organization of Information Security -- 3.4 Asset Management -- 3.5 Human Resources Security -- 3.6 Physical and Environmental Security -- 3.7 Communications and Operations Management -- 3.8 Access Control -- 3.9 Information Systems Acquisition, Development and Maintenance -- 3.10 Information Security Incident Management -- 3.11 Business Continuity Management -- 3.12 Compliance -- 4 Conclusions -- References -- Risk Acceptance and Rejection for Threat and Opportunity Risks in Conflicting Incentives Risk Analysis -- 1 Introduction -- 2 Related Work -- 3 Overview of CIRA -- 4 Explaining Risk in the Context of CIRA -- 4.1 Risk Visualization -- 4.2 The Threat Risk -- 4.3 The Opportunity Risk -- 5 Computing Risk Acceptance and Rejection Bounds -- 6 Risk Treatment (Response) Measures for Threat (Opportunity) Risks -- 7 Future Work -- 8 Conclusion -- References -- Session 5: Security Policies/Legal Issues -- ProCAVE: Privacy-Preserving Collection and Authenticity Validation of Online Evidence -- 1 Introduction -- 2 Current Status and Motivation -- 3 Solution Overview -- 3.1 Web Proxy -- 3.2 Collection and Validation of Authenticity (CVA) -- 3.3 Multiple Requests -- 3.4 Putting It All Together -- 4 Implementation and Experimental Evaluation -- 4.1 Implementation -- 4.2 Results -- 5 Anti-forensics and other Considerations -- 6 Conclusions and Future Work -- References -- Assessing the Feasibility of Security Metrics -- 1 Introduction -- 2 Possibilities to Describe an ISMS -- 3 Metrics Catalogue.4 Self-assessment Framework -- 5 Assessment Results -- 6 Software Prototype -- 7 External Evaluation and Discussion -- 8 Conclusion and Future Work -- References -- Session 6: Trust and Privacy in Mobile and Pervasive Environments -- The Influence of Social Media Use on Willingness to Share Location Information -- 1 Introduction -- 2 Background -- 3 Research Problem and Method -- 4 Survey Analysis -- 4.1 Willingness to Share Information -- 4.2 Willingness to Share Location Information -- 4.3 Sharing Location for Services -- 4.4 Opinions about Recipients' Use of Location Information -- 5 The Foursquare Experiment -- 6 Discussion -- 7 Conclusion -- References -- A Qualitative Metrics Vector for the Awareness of Smartphone Security Users -- 1 Introduction and problem definition -- 2 Related Work -- 3 Methodology -- 3.1 Data Collection and Demographics -- 3.2 Data Analysis -- 4 Findings -- 4.1 Response Diversity -- 4.2 Correlation Diversity -- 5 Limitations -- 6 Discussion and Conclusions -- References -- Trustworthy Selection of Cloud Providers Based on Security and Privacy Requirements: Justifying Trust Assumptions -- 1 Introduction -- 2 Background Information on the Framework -- 3 Framework Extension -- 3.1 Language Extension -- 3.2 Process Extension -- 3.3 Tool Extension -- 4 Case Study -- 5 Related Work -- 6 Conclusion -- References -- Author Index.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Electronic commerce-Security measures-Congresses.;
On-line resources: CGCC online access;
unAPI

Decision and Game Theory for Security : 4th International Conference, GameSec 2013, Fort Worth, TX, USA, November 11-12, 2013. Proceedings. by Hutchison, David.(SAGE)2024176; Kanade, Takeo.; Kittler, Josef.;
Intro -- Preface -- Organization -- Table of Contents -- On Communication over Gaussian Sensor Networks with Adversaries: Further Results -- 1 Introduction -- 2 Problem Definition -- 3 Review of Prior Work -- 3.1 Full Coordination -- 3.2 No Coordination -- 4 MainResult -- 5 Conclusion -- References -- A True Random Generator Using Human Gameplay -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Related Work -- 2 Preliminaries -- 2.1 Expander Graphs -- 2.2 A Simple Explicit Construction for Expander Graphs -- 2.3 Game Theoretic Definitions -- 3 TRG Using Human Input in Games -- 4 Experiments -- 4.1 The Game -- 4.2 Measuring Min-Entropy -- 4.3 Measuring Statistical Property of a Source -- 4.4 Measures of Randomness for Our Game -- 5 Concluding Remarks -- References -- A Game Theoretic Analysis of Collaboration in Wikipedia -- 1 Introduction -- 2 User Contribution as a Non-cooperative Game -- 3 Empirical Validation with Data -- 3.1 Extracting Data from Wikipedia Articles -- 3.2 Numerical Verification of the Analysis -- 4 Trustworthy Collaboration and Vandalism -- 5 Conclusion -- References -- Controllability of Dynamical Systems: Threat Models and Reactive Security -- 1 Introduction -- 2 SystemModel -- 3 Control/Security Properties -- 4 Attack Model -- 4.1 Goals of an Attacker -- 4.2 Offline Information Available to the Attacker -- 4.3 Online Information (and Access) Available to the Attacker -- 5 Attacking Controllability -- 5.1 Attacking Controllability with u(t) -- 5.2 Attacking Controllability with y(t) -- 6 Reactive Security: Differential Games -- 6.1 Threat Model and Differential Games Solutions -- 7 Differential Game Example -- 7.1 Simulation Results -- 8 Heuristic Stability Game -- 8.1 Linearization and Control Design -- 8.2 Attacker Perspective -- 8.3 System Defense -- 8.4 Simulations -- 9 Future Work -- References.Adaptive Regret Minimization in Bounded-Memory Games -- 1 Introduction -- 2 Related Work -- 3 Preliminaries -- 4 Definition of Regret -- 4.1 AdversaryModel -- 4.2 k-adaptive Regret -- 5 Audit Examples -- 6 Hardness Results -- 7 Regret Minimization Algorithms -- 7.1 Reduction to Repeated Games -- 7.2 Efficient Approximate RegretMinimization Algorithms -- 8 Open Questions -- References -- The Cooperative Ballistic Missile Defence Game -- 1 Introduction -- 2 The Optimization Phase -- 2.1 Problem Setting -- 2.2 Formal Description -- 2.3 The Cost Function and Constraints -- 2.4 Computing the Optimal Assignment -- 3 The Cooperative Phase -- 3.1 The Interceptor Savings Game -- 3.2 Allocating the Savings -- 3.3 Big Boss Game -- 4 Conclusions -- References -- Security Games for Virtual Machine Allocation in Cloud Computing -- 1 Introduction -- 2 Background and Problem Statement -- 2.1 Methods to Achieve Co-residence -- 2.2 Potential Security Risks -- 2.3 Possible Countermeasures -- 2.4 Problem Statement -- 3 Proposed Game Model -- 3.1 Attack Scenarios and Metrics -- 3.2 Defence Policies -- 3.3 Game Model -- 4 Analysis of VM Allocation Policies Using the Game Model -- 4.1 Simulation Environment -- 4.2 Attack Efficiency under Different VM Allocation Policies -- 4.3 Coverage Rate under Different VM Allocation Policies -- 4.4 Power Consumption under Different VM Allocation Policies -- 4.5 Workload Balance under Different VM Allocation Policies -- 4.6 Other Criteria -- 4.7 Numerical Solutions and Discussion -- 5 Conclusion and Future Work -- References -- Monotonic Maximin: A Robust Stackelberg Solution against Boundedly Rational Followers -- 1 Introduction -- 1.1 RelatedWork -- 2 Preliminaries -- 3 Monotonic Maximin -- 3.1 Existence of Monotonic Maximin Solutions -- 3.2 Optimality against Interiority, Continuity and Responsiveness.3.3 Capturing Other Behavioral and UncertaintyModels -- 3.4 Top-MonotonicMaximin -- 4 Computation of Monotonic Maximin -- 4.1 Multiple-LP Formulation -- 4.2 MILP Formulation -- 4.3 Computing Top-Monotonic Maximin -- 5 Structure of Monotonic Maximin Solutions -- 5.1 Extreme Points of the Set of Monotonic Follower Strategies -- 5.2 Proof of Proposition 5 -- 6 Evaluation -- 6.1 Payoff Structures -- 6.2 Solution Quality againstWorst-CaseMonotonic Attackers -- 6.3 Solution Quality against Non-monotonic Attackers -- 6.4 Runtime Performance -- 7 Conclusion and Future Work -- References -- Defeating Tyranny of the Masses in Crowdsourcing: Accounting for Low-Skilled and Adversarial Workers -- 1 Introduction -- 2 Modeling Paradigm -- 3 Framework -- 3.1 Notation -- 3.2 Stochastic Generation Model -- 3.3 Worker Types -- 3.4 Incomplete, Complete and Expected Complete Data Log Likelihood -- 4 The Generalized EM (GEM) Algorithm -- 4.1 Unsupervised GEM -- 5 Experiments -- 5.1 Experiments with Synthetic Data -- 5.2 Simulating a Crowd Using an Ensemble of Classifiers -- 5.3 MTurk Experiment -- 6 Related Work -- 7 Conclusion -- References -- Quantifying Network Topology Robustness under Budget Constraints: General Model and Computational Complexity -- 1 Introduction -- 2 Unconstrained Network Blocking Games -- 2.1 Communication Models -- 2.2 Game-Theoretic Measure of Robustness -- 2.3 Equilibrium Characterization Based on Blocking Pairs of Polyhedra -- 3 Computational Complexity of the Unconstrained Game -- 4 Budget Contraints -- 4.1 Unit Usage / Protection Cost -- 4.2 Maximum Cost Budget Constraint -- 4.3 Expected Cost Budget Constraint -- 4.4 Constrained Game -- 5 NP-Hardness of the Maximum Cost Constraint -- 6 Efficient Algorithms for the Expected Cost Constraint -- 7 Application Example: Vulnerability/Budget Tradeoff -- 8 Conclusions and Future Work -- References.Mitigation of Targeted and Non-targeted Covert Attacks as a Timing Game -- 1 Introduction -- 2 Related Work -- 2.1 Games of Timing -- 2.2 FlipIt: Modeling Targeted Attacks -- 3 Model Definition -- 3.1 Types of Strategies for the Defender and the Targeted Attacker -- 3.2 Non-targeted Attacks -- 3.3 Comparison to FlipIt -- 4 Analytical Results -- 4.1 Nash Equilibrium for Targeted Attacker and Renewal Defender -- 4.2 Equilibrium for Both Targeted and Non-targeted Attackers -- 5 Numerical Illustrations -- 6 Conclusions -- References -- New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees -- 1 Introduction -- 2 Definitions and Related Work -- 2.1 Definitions -- 2.2 Related Work -- 3 TheNewModel -- 3.1 Precise Utility Computation -- 3.2 Utility Upper Bound Estimation Using Utility Propagation -- 4 Computational Complexity of the New Model -- 5 Efficient Computation of Expenses Lower Bounds -- 5.1 Expenses Propagation -- 5.2 Expenses Reduction -- 6 Interpretation of Results -- 7 Open Questions and Future Research -- References -- Optimizing Active Cyber Defense -- 1 Introduction -- 1.1 Our Contributions -- 2 Related Work -- 3 The Basic Active Cyber Defense Model -- 4 Optimal Control for Strategic Defender against Non-strategic Attacker -- 4.1 Infinite-Time Horizon Optimal Control -- 4.2 Fast Optimal Control for Strategic Defenders against Non-strategic Attackers -- 5 Nash Equilibria for Strategic Attacker and Defender -- 6 Conclusion -- References -- Equilibrium Concepts for Rational Multiparty Computation -- 1 Introduction -- 2 Related Work -- 3 Motivation -- 4 Equilibrium Concepts -- 4.1 Normal Form Games -- 4.2 Extensive Form Games -- 5 Framework -- 5.1 Privacy -- 5.2 Correctness -- 5.3 Fairness -- 6 Conclusion -- References -- Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense -- 1 Introduction.2 Related Work -- 3 System Model -- 4 Moving Target Defense -- 5 Learning Dynamics -- 6 Numerical Example -- 7 Conclusions -- References -- Author Index.Description based on publisher supplied metadata and other sources.
Subjects: Electronic books.; Computer networks-Security measures-Congresses.;
On-line resources: CGCC online access;
unAPI