Proceedings of the IFIP TC 11 23rd International Information Security Conference


Book Description

These proceedings contain the papers selected for presentation at the 23rd Inter- tional Information Security Conference (SEC 2008), co-located with IFIP World Computer Congress (WCC 2008), September 8–10, 2008 in Milan, Italy. In - sponse to the call for papers, 143 papers were submitted to the conference. All - pers were evaluated on the basis of their signi?cance, novelty,and technical quality, and reviewed by at least three members of the program committee. Reviewing was blind meaning that the authors were not told which committee members reviewed which papers. The program committee meeting was held electronically, holding - tensive discussion over a period of three weeks. Of the papers submitted, 42 full papers and 11 short papers were selected for presentation at the conference. A conference like this just does not happen; it depends on the volunteer efforts of a host of individuals. There is a long list of people who volunteered their time and energy to put together the conference and who deserve acknowledgment. We thank all members of the program committee and the external reviewers for their hard work in the paper evaluation. Due to the large number of submissions, p- gram committee members were required to complete their reviews in a short time frame. We are especially thankful to them for the commitment they showed with their active participation in the electronic discussion.




Role Mining in Business


Book Description

With continuous growth in the number of information objects and the users that can access these objects, ensuring that access is compliant with company policies has become a big challenge. Role-based Access Control (RBAC) OCo a policy-neutral access control model that serves as a bridge between academia and industry OCo is probably the most suitable security model for commercial applications. Interestingly, role design determines RBAC''s cost. When there are hundreds or thousands of users within an organization, with individual functions and responsibilities to be accurately reflected in terms of access permissions, only a well-defined role engineering process allows for significant savings of time and money while protecting data and systems. Among role engineering approaches, searching through access control systems to find de facto roles embedded in existing permissions is attracting increasing interest. The focus falls on role mining, which is applied data mining techniques to automate OCo to the extent possible OCo the role design task. This book explores existing role mining algorithms and offers insights into the automated role design approaches proposed in the literature. Alongside theory, this book acts as a practical guide for using role mining tools when implementing RBAC. Besides a comprehensive survey of role mining techniques deeply rooted in academic research, this book also provides a summary of the role-based approach, access control concepts and describes a typical role engineering process. Among the pioneering works on role mining, this book blends business elements with data mining theory, and thus further extends the applications of role mining into business practice. This makes it a useful guide for all academics, IT and business professionals.




Open Source Software for Digital Forensics


Book Description

Open Source Software for Digital Forensics is the first book dedicated to the use of FLOSS (Free Libre Open Source Software) in computer forensics. It presents the motivations for using FLOSS applications as tools for collection, preservation and analysis of digital evidence in computer and network forensics. It also covers extensively several forensic FLOSS tools, their origins and evolution. Open Source Software for Digital Forensics is based on the OSSCoNF workshop, which was held in Milan, Italy, September 2008 at the World Computing Congress, co-located with OSS 2008. This edited volume is a collection of contributions from researchers and practitioners world wide. Open Source Software for Digital Forensics is designed for advanced level students and researchers in computer science as a secondary text and reference book. Computer programmers, software developers, and digital forensics professionals will also find this book to be a valuable asset.




ITNG 2021 18th International Conference on Information Technology-New Generations


Book Description

This volume represents the 18th International Conference on Information Technology - New Generations (ITNG), 2021. ITNG is an annual event focusing on state of the art technologies pertaining to digital information and communications. The applications of advanced information technology to such domains as astronomy, biology, education, geosciences, security, and health care are the among topics of relevance to ITNG. Visionary ideas, theoretical and experimental results, as well as prototypes, designs, and tools that help the information readily flow to the user are of special interest. Machine Learning, Robotics, High Performance Computing, and Innovative Methods of Computing are examples of related topics. The conference features keynote speakers, a best student award, poster award, service award, a technical open panel, and workshops/exhibits from industry, government and academia. This publication is unique as it captures modern trends in IT with a balance of theoretical and experimental work. Most other work focus either on theoretical or experimental, but not both. Accordingly, we do not know of any competitive literature.




Information Systems Security and Privacy


Book Description

This book constitutes revised selected papers from the First International Conference on Information Systems Security and Privacy, ICISSP 2015, held in Angers, France, in February 2015. The 12 papers presented in this volume were carefully reviewed and selection from a total of 56 submissions. They were organized in topical sections named: data and software security; privacy and confidentiality; mobile systems security; and biometric authentication. The book also contains two invited papers.




Diagnosability, Security and Safety of Hybrid Dynamic and Cyber-Physical Systems


Book Description

Cyber-physical systems (CPS) are characterized as a combination of physical (physical plant, process, network) and cyber (software, algorithm, computation) components whose operations are monitored, controlled, coordinated, and integrated by a computing and communicating core. The interaction between both physical and cyber components requires tools allowing analyzing and modeling both the discrete and continuous dynamics. Therefore, many CPS can be modeled as hybrid dynamic systems in order to take into account both discrete and continuous behaviors as well as the interactions between them. Guaranteeing the security and safety of CPS is a challenging task because of the inherent interconnected and heterogeneous combination of behaviors (cyber/physical, discrete/continuous) in these systems. This book presents recent and advanced approaches and tech-niques that address the complex problem of analyzing the diagnosability property of cyber physical systems and ensuring their security and safety against faults and attacks. The CPS are modeled as hybrid dynamic systems using different model-based and data-driven approaches in different application domains (electric transmission networks, wireless communication networks, intrusions in industrial control systems, intrusions in production systems, wind farms etc.). These approaches handle the problem of ensuring the security of CPS in presence of attacks and verifying their diagnosability in presence of different kinds of uncertainty (uncertainty related to the event occurrences, to their order of occurrence, to their value etc.).




Wireless Sensor Networks


Book Description

Wireless sensor networks (WSNs) utilize fast, cheap, and effective applications to imitate the human intelligence capability of sensing on a wider distributed scale. But acquiring data from the deployment area of a WSN is not always easy and multiple issues arise, including the limited resources of sensor devices run with one-time batteries. Additi




Digital Identity and Access Management: Technologies and Frameworks


Book Description

"This book explores important and emerging advancements in digital identity and access management systems, providing innovative answers to an assortment of problems as system managers are faced with major organizational, economic and market changes"--Provided by publisher.




The Practice of Enterprise Modeling


Book Description

This volume constitutes the proceedings of the 8th IFIP WG 8.1 Conference on the Practice of Enterprise Modeling held in November 2015 in Valencia, Spain. The PoEM conference series started in 2008 and aims to provide a forum sharing knowledge and experiences between the academic community and practitioners from industry and the public sector. The 23 short papers accepted were carefully reviewed and selected from 72 submissions and are organized in eight sections on Evolving Enterprises, Securing Enterprises, Making Empirical Studies, Investigating Enterprise Methods, Acquiring User Information, Managing Risks and Threats, Engineering Methods, and Making Decisions in Enterprises.




Trustworthy Computing and Services


Book Description

This book constitutes the refereed proceedings of the International Standard Conference on Trustworthy Distributed Computing and Services, ISCTCS 2012, held in Beijing, China, in May/June 2012. The 92 revised full papers presented were carefully reviewed and selected from 278 papers. The topics covered are architecture for trusted computing systems, trusted computing platform, trusted systems build, network and protocol security, mobile network security, network survivability and other critical theories and standard systems, credible assessment, credible measurement and metrics, trusted systems, trusted networks, trusted mobile network, trusted routing, trusted software, trusted operating systems, trusted storage, fault-tolerant computing and other key technologies, trusted e-commerce and e-government, trusted logistics, trusted internet of things, trusted cloud and other trusted services and applications.