Eugene Spafford (Author), Leigh Metcalf (Author), Josiah Dykstra (Author)
2023, Addison-Wesley Professional;Cybersecurity is fraught with hidden and unsuspected dangers and difficulties. Despite our best intentions, there are common and avoidable mistakes that arise from folk wisdom, faulty assumptions about the world, and our own human biases. Cybersecurity implementations, investigations, and research all suffer as a result. Many of the bad practices sound logical, especially to people new to the field of cybersecurity, and that means they get adopted and repeated despite not being correct. For instance, why isn’t the user the weakest link?
2014, Amer Mathematical SocietyThis book is about the theory and practice of integer factorization presented in a historic perspective. It describes about twenty algorithms for factoring and a dozen other number theory algorithms that support the factoring algorithms. Most algorithms are described both in words and in pseudocode to satisfy both number theorists and computer scientists. Each of the ten chapters begins with a concise summary of its contents.
2011, Shaker VerlagThis work addresses the difficulty to identify space objects in geostationary (GEO) and high eccentricity orbits (HEO) regimes by means of ground based optical observations. The identification is understood here in the widest sense, the aim is to collect information related to an object by investigating all data, which is available via optical observations, including orbit and object properties. Single observation frames are investigated, which contain, apart from the unresolved imaged of space debris objects, stars, hot pixels and so-called cosmic ray events. Cosmic filters operating on the single observation frames are introduced and tested. A new algorithm is introduced and tested to link the possibly many unresolved single object images of unknown newly detected objects in an observation series without apriori information. The accuracy of the Two Une Element (TLE) catalog provided by the US Strategic Command are investigated in GEO and HEO by means of high accuracy optical observations. A new algorithm for catalog correlation has been developed, powerful enough to even correlate observations of GEO objects in clusters. Orbit determination using only very sparse optical observations have been investigated and the prediction accuracy of such orbits are evaluated. The orbital evolution of objects with high area-to-mass ratio has been investigated using a normalized orbit determination setup. Variations in the area-to-mass ratio can be observed. The possibilities for supplementing an orbital element catalogue with light curve measurements are investigated and the light curves of objects with high and low area-to-mass ratio are compared. All algorithms are tested with observations of the ESA Space Debris Telescope (ESASDT), located on Tenerife, Spain, and the Zimmerwald Laser and Astrometry Telescope (ZIMLAT) located close to Bern, Switzerland.
2011, CRC PressCultural factors, in both the narrow sense of different national, racial, and ethnic groups, and in the broader sense of different groups of any type, play major roles in individual and group decisions. Written by an international, interdisciplinary group of experts, Cultural Factors in Systems Design: Decision Making and Action explores innovations in the understanding of how cultural differences influence decision making and action. Reflecting the diverse interests and viewpoints that characterize the current state of decision making and cultural research, the chapter authors represent a variety of disciplines and specialize in areas ranging from basic decision processes of individuals, to decisions made in teams and large organizations, to cultural influences on behavior.
Sorin Adam Matei, Brian Britt
2011, CreateSpaceHow do virtual communities come together? What makes them strong? What social theories can be used for explaining them? What rules and policies can be used to make virtual communities last? The book is the product of the Online Interaction Seminar, Purdue University. It includes 2d codes, which facilitate connecting the print version of the book to online resources.
Srikanth Hariharan, Ness B. Shroff, Saurabh Bagchi
2011, LAP LAMBERT Academic PublishingWireless ad-hoc networks, especially sensor networks, are increasingly being used for data monitoring in commercial, industrial, and military applications. Security is of great concern from many different viewpoints: ensuring that sensitive data does not fall into wrong hands; ensuring that the received data has not been doctored; and ensuring that the network is resilient to denial of service attacks. This book studies the fundamental problem of secure neighbor discovery, which is critical to protecting the network against a number of different forms of attacks. In wireless ad-hoc and sensor networks, neighbor discovery is one of the first steps performed by a node upon deployment and disrupting it adversely affects a number of routing, MAC, topology discovery and intrusion detection protocols. It is especially harmful when an adversary can convince nodes that it is a legitimate neighbor, which it can do easily and without the use of cryptographic primitives. This book discusses a secure neighbor discovery protocol, SEDINE, for static multihop wireless networks, and extensively analyze its performance.
E. Bertino, G. Ghinita, A. Kamra
2011, Now PublishersToday’s organizations rely on database systems as the key data management technology for a large variety of tasks, ranging from day-to-day operations to critical decision making. Such widespread use of database systems make them the main target of many security attacks aimed at corrupting or exfiltrating data outside the organization. On the other hand, data cannot be strictly segregated and need to be readily available for users who have legitimate authorizations to use them. Access Control for Databases - Concepts and Systems provides a comprehensive survey of the foundational models and recent research trends in access control models and mechanisms for database management systems. In addition to surveying the foundational work in the area, it presents extensive case studies covering advanced features of current database management systems, such as the support for fine-grained and context-based access control, the support for mandatory access control, and approaches for protecting the data from insider threats. It also covers novel approaches, based on cryptographic techniques, to enforce access control and surveys access control models for object-databases and XML data. For the reader not familiar with basic notions concerning access control and cryptography, it includes a tutorial presentation on these notions. The discussion is complemented by an analysis of access control functions provided by selected commercial products. It concludes with a discussion on current challenges for database access control and security, and preliminary approaches addressing some of these challenges.
2010, IGI Global
The problems encountered in ensuring that modern computing systems are used appropriately cannot be solved with technology alone, nor can they be addressed independent of the underlying computational fabric. Instead, they require an informed, multidisciplinary approach, especially when considering issues of security, privacy, assurance, and crime.
Information Assurance and Security Ethics in Complex Systems: Interdisciplinary Perspectives offers insight into social and ethical challenges presented by modern technology. Aimed at students and practitioners in the rapidly growing field of information assurance and security, this book address issues of privacy, access, safety, liability and reliability in a manner that asks readers to think about how the social context is shaping technology and how technology is shaping social context and, in so doing, to rethink conceptual boundaries.
E. Bertino, K. Takahashi
2010, Artech HouseDigital identity can be defined as the digital representation of the information known about a specific individual or organization. Digital identity management technology is an essential function in customizing and enhancing the network user experience, protecting privacy, underpinning accountability in transactions and interactions, and complying with regulatory controls. This practical resource offers an in-depth understanding of how to design, deploy and assess identity management solutions. It provides a comprehensive overview of current trends and future directions in identity management, including best practices, the standardization landscape, and the latest research finding.
Rebecca Herold, Marcus K. Rogers
2010, Auerbach Publications
Charged with ensuring the confidentiality, integrity, availability, and delivery of all forms of an entity’s information, Information Assurance (IA) professionals require a fundamental understanding of a wide range of specializations, including digital forensics, fraud examination, systems engineering, security risk management, privacy, and compliance. Establishing this understanding and keeping it up to date requires a resource with coverage as diverse as the field it covers.
Filling this need, the Encyclopedia of Information Assurance presents an up-to-date collection of peer-reviewed articles and references written by authorities in their fields. From risk management and privacy to auditing and compliance, the encyclopedia’s four volumes provide comprehensive coverage of the key topics related to information assurance. This complete IA resource:
Placing the wisdom of leading researchers and practitioners at your fingertips, this authoritative reference provides the knowledge and insight needed to avoid common pitfalls and stay one step ahead of evolving threats.
E. Bertino, L.Martino, A. Squicciarini, F. Paci
2009, SpringerWeb services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms. Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability.
Xukai Zou, Yuan-Shun Dai, and Yi Pan
2008, World ScientificComputer networks are compromised by various unpredictable factors, such as hackers, viruses, spam, faults, and system failures, hindering the full utilization of computer systems for collaborative computing — one of the objectives for the next generation of the Internet. It includes the functions of data communication, resource sharing, group cooperation, and task allocation. One popular example of collaborative computing is grid computing. This monograph considers the latest efforts to develop a trusted environment with the high security and reliability needed for collaborative computing. The important modules treated include secure group communication, access control, dependability, grid computing, key management, intrusion detection, and trace back. In addition, a real project for developing a nationwide medical information system with high dependability and security is described.
Xukai Zou, Byrav Ramamurthy, and Spyros S. Magliveras
2005, SpringerThis book provides a concise survey of principles and state-of-the-art techniques for secure group communications (SGC) over data networks. It offers an overview of secure algorithms and protocols for group communication linking areas such as applied cryptography and computer networking. Also included is a coverage of challenges in deploying secure group communication-based applications over wireless networks. These challenges include the limited computational power of mobile devices, susceptibility of wireless networks to intrusion and unauthorized access and mobility of nodes in a wireless ad-hoc network environment. Secure Group Communications Over Data Networks provides a wealth of information for network architects, IT Professionals, computer scientists, and advanced students of computer science and computer engineering in the fields of networking, computer security and software applications development.
Simson Garfinkel, Gene Spafford, Alan Schwartz
2003, O’Reilly MediaThis edition of Practical Unix and Internet Security provides detailed coverage of today’s increasingly important security and networking issues. Focusing on the four most popular Unix variants today—Solaris, Mac OS X, Linux, and FreeBSD—this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more.
Jaideep Vaidya, Christopher W. Clifton, Yu Michael Zhu
2002, SpringerData mining has emerged as a significant technology for gaining knowledge from vast quantities of data. However, concerns are growing that use of this technology can violate individual privacy. These concerns have led to a backlash against the technology, for example, a “Data-Mining Moratorium Act” introduced in the U.S. Senate that would have banned all data-mining programs (including research and development) by the U.S. Department of Defense. Privacy Preserving Data Mining provides a comprehensive overview of available approaches, techniques and open problems in privacy preserving data mining. This book demonstrates how these approaches can achieve data mining, while operating within legal and commercial restrictions that forbid release of data. Furthermore, this research crystallizes much of the underlying foundation, and inspires further research in the area.
James G. Anderson and Kenneth Goodman
2002, Springer VerlagThis book presents 130 case studies illustrating ethical and social issues that arise from the increasing use of computers in medicine, nursing, psychology, pharmacy, and the allied health professions. The rapid development of health informatics offers a rich array of issues and challenges to academics, clinicians, and system developers. These issues involve threats to privacy and confidentiality, misuse of clinical and genetic information, risks to patients of bias and discrimination, erosion of the practitioner-patient relationship, threats to the autonomy of the health professional, and compromises to the quality of care provided. The use of case studies is well known in medicine, nursing, public health, epidemiology, and other health education programs. This book presents selected cases with annotation and commentaries that illustrate ethical concerns and social problems in the use of computers in medicine.
2002, Chapman&Hall/CRCAt the heart of modern cryptographic algorithms lies computational number theory. Whether you’re encrypting or decrypting ciphers, a solid background in number theory is essential for success. Written by a number theorist and practicing cryptographer, Cryptanalysis of Number Theoretic Ciphers takes you from basic number theory, through the inner workings of ciphers and protocols, to their strengths and weaknesses.
Simson Garfinkel, Gene Spafford
2001, O’Reilly MediaThis much expanded new edition explores web security risks and how to minimize them. Aimed at web users, administrators, and content providers, Web Security, Privacy & Commerce covers cryptography, SSL, the Public Key Infrastructure, digital signatures, digital certificates, privacy threats (cookies, log files, web logs, web bugs), hostile mobile code, and web publishing (intellectual property, P3P, digital payments, client-side digital signatures, code signing, PICS).