The Third International Conference On Information Security Infosecu04

This book constitutes the refereed proceedings of the Third International Conference on Autonomic and Trusted Computing, ATC 2006, held in Wuhan, China in September 2006. The 57 revised full papers presented together with two keynotes were carefully reviewed and selected from 208 submissions. The papers are organized in topical sections.

Organizations are increasingly relying on electronic information to conduct business, which has caused the amount of personal information to grow exponentially. Threats, Countermeasures, and Advances in Applied Information Security addresses the fact that managing information security program while effectively managing risks has never been so critical. This book contains 24 chapters on the most relevant and important issues and advances in applied information security management. The chapters are authored by leading researchers and practitioners in the field of information security from across the globe. The chapters represent emerging threats and countermeasures for effective management of information security at organizations.

There are many applications that require parallel and distributed processing to allow complicated engineering, business and research problems to be solved in a reasonable time. Parallel and distributed processing is able to improve company profit, lower costs of design, production, and deployment of new technologies, and create better business environments. The major lesson learned by car and aircraft engineers, drug manufacturers, genome researchers and other specialist is that a computer system is a very powerful tool that is able to help them solving even more complicated problems. That has led computing specialists to new computer system architecture and exploiting parallel computers, clusters of clusters, and distributed systems in the form of grids. There are also institutions that do not have so complicated problems but would like to improve profit, lower costs of design and production by using parallel and distributed processing on clusters. In general to achieve these goals, parallel and distributed processing must become the computing mainstream. This implies a need for new architectures of parallel and distributed systems, new system management facilities, and new application algorithms. This also implies a need for better understanding of grids and clusters, and in particular their operating systems, scheduling algorithms, load balancing, heterogeneity, transparency, application deployment, which is of the most critical importance for their development and taking them by industry and business.

ICICS 2001, the Third International Conference on Information and Commu- cations Security, was held in Xi’an, China, 13-16 November 2001. Among the preceding conferences, ICICS’97 was held in Beijing, China, 11-14 November 1997 and ICICS’99 in Sydney, Australia, 9-11 November 1999. The ICICS’97 and ICICS’99 proceedings were released as volumes 1334 and 1726 of Springer- Verlag’s Lecture Notes in Computer Science series. ICICS 2001 was sponsored by the Chinese Academy of Sciences (CAS), the - tional Natural Science Foundation of China, and the China Computer Fe- ration. The conference was organized by the Engineering Research Center for Information Security Technology of the Chinese Academy of Sciences (ERCIST, CAS) in co-operation with the International Association for Cryptologic Re- arch (IACR), the International Communications and Information Security - sociation (ICISA), and the Asiacrypt Steering Committee. The format of ICICS 2001 was selected to cover the complete spectrum of - formation and communications security, and to promote participant interaction. The sessions were designed to promote interaction between the major topics of the conference: theoretical foundations of security, secret sharing, network - curity, authentication and identi?cation, boolean functions and stream ciphers, security evaluation, signatures, block ciphers and public-key systems, infor- tion hiding, protocols and their analysis, and cryptanalysis. The 29-member Program Committee considered 134 submissions from 23 di- rent countries and regions, among them 56 papers were accepted for presentation.

This book is a select collection of edited papers from the International Conference on Security of Information and Networks (SIN 2007) on the main theme of Information Assurance, Security, and Public Policy. SIN 2007 was hosted by the Eastern Mediterranean University in Gazimagusa, North Cyprus and co-organized by the Istanbul Technical University, Turkey. While SIN 2007 covered all areas of information and network security, the papers included here focused on the following topics: - cryptology: design and analysis of cryptographic algorithms, hardware and software implementations of cryptographic algorithms, and steganography; - network security: authentication, authorization and access control, privacy, intrusion detection, grid security, and mobile and personal area networks; - IT governance: information security management systems, risk and threat analysis, and information security policies. They represent an interesting mix of innovative academic research and experience reports from practitioners. This is further complemented by a number of invited papers providing excellent overviews: - Elisabeth Oswald, University of Bristol, Bristol, UK: Power Analysis Attack: A Very Brief Introduction; - Marc Joye, Thomson R&D, France: On White-Box Cryptography; - Bart Preneel, Katholieke Universiteit Leuven, Leuven, Belgium: Research Challenges in Cryptology; - Mehmet Ufuk Caglayan, Bogazici University, Turkey: Secure Routing in Ad Hoc Networks and Model Checking. The papers are organized in a logical sequence covering Ciphers; Mobile Agents & Networks; Access Control and Security Assurance; Attacks, Intrusion Detection, and Security Recommendations; and, Security Software, Performance, and Experience.

Conventional wisdom of the "software stack" approach to building applications may no longer be relevant. Enterprises are pursuing new ways of organizing systems and processes to become service oriented and event-driven. Leveraging existing infrastructural investments is a critical aspect to the success of companies both large and small. Enterprises have to adapt their systems to support frequent technological changes, mergers and acquisitions. Furthermore, in a growing global market, these systems are being called upon to be used by external business partners. Technology is often difficult, costly and complex and without modern approaches can prevent the enterprise from becoming agile. Enterprise Service Oriented Architectures helps readers solve this challenge in making different applications communicate in a loosely coupled manner. This classic handbook leverages the experiences of thought leaders functioning in multiple industry verticals and provides a wealth of knowledge for creating the agile enterprise. In this book, you will learn: • How to balance the delivery of immediate business value while creating long-term strategic capability • Fundamental principles of a service-oriented architecture (find, bind and execute) • The four aspects of SOA (Production, Consumption, Management and Provisioning) • How to recognize critical success factors to implementing enterprise SOAs • Architectural importance of service registries, interfaces and contracts • Why improper service decomposition can hurt you later rather than sooner • How application design and integration practices change as architects seek to implement the "agile" enterprise About the Authors James McGovern is an enterprise architect for The Hartford. He is an industry thought leader and co-author of the bestselling book: A Practical Guide to Enterprise Architecture. Oliver Sims is a recognized leader in the architecture, design and implementation of service-oriented and component-based enterprise systems. He was a founding member of the OMG Architecture Board. He was co-author of the groundbreaking book: Business Component Factory. Ashish Jain is a Principal Architect with Ping Identity Corporation, a leading provider of solutions for identity federation. Prior to joining Ping Identity, he worked with BEA Systems where his role was to assist BEA customers in designing and implementing their e-business strategies using solutions based on J2EE. He holds several industry certifications from SUN and BEA and is also a board member for the Denver BEA User group. Mark Little is Director of Standards and SOA Manager for JBoss Inc. Prior to this, he was Chief Architect for Arjuna Technologies Ltd and a Distinguished Engineer at Hewlett-Packard. As well as being an active member of the OMG, JCP, OASIS and W3C, he is an author on many SOA and Web Services standards. He also led the development of the world's first standards-compliant Web Services Transaction product.

This volume contains the refereed proceedings of the Workshop on Cryptography and Computational Number Theory, CCNT'99, which has been held in Singapore during the week of November 22-26, 1999. The workshop was organized by the Centre for Systems Security of the Na tional University of Singapore. We gratefully acknowledge the financial support from the Singapore National Science and Technology Board under the grant num ber RP960668/M. The idea for this workshop grew out of the recognition of the recent, rapid development in various areas of cryptography and computational number the ory. The event followed the concept of the research programs at such well-known research institutions as the Newton Institute (UK), Oberwolfach and Dagstuhl (Germany), and Luminy (France). Accordingly, there were only invited lectures at the workshop with plenty of time for informal discussions. It was hoped and successfully achieved that the meeting would encourage and stimulate further research in information and computer security as well as in the design and implementation of number theoretic cryptosystems and other related areas. Another goal of the meeting was to stimulate collaboration and more active interaction between mathematicians, computer scientists, practical cryptographers and engineers in academia, industry and government.

This book provides IT professionals, educators, researchers, and students a compendium of knowledge on smart sensors and devices, types of sensors, data analysis and monitoring with the help of smart sensors, decision making, impact of machine learning algorithms, and artificial intelligence-related methodologies for data analysis and understanding of smart applications in networks. Smart sensor networks play an important role in the establishment of network devices which can easily interact with physical world through plethora of variety of sensors for collecting and monitoring the surrounding context and allowing environment information. Apart from military applications, smart sensor networks are used in many civilian applications nowadays and there is a need to manage high volume of demands in related applications. This book comprises of 9 chapters and presents a valuable insight on the original research and review articles on the latest achievements that contributes to the field of smart sensor networks and their usage in real-life applications like smart city, smart home, e-healthcare, smart social sensing networks, etc. Chapters illustrate technological advances and trends, examine research opportunities, highlight best practices and standards, and discuss applications and adoption. Some chapters also provide holistic and multiple perspectives while examining the impact of smart sensor networks and the role of data analytics, data sharing, and its control along with future prospects.

Cryptography is concerned with the conceptualization, definition and construction of computing systems that address security concerns. The design of cryptographic systems must be based on firm foundations. Foundations of Cryptography presents a rigorous and systematic treatment of foundational issues, defining cryptographic tasks and solving cryptographic problems. The emphasis is on the clarification of fundamental concepts and on demonstrating the feasibility of solving several central cryptographic problems, as opposed to describing ad-hoc approaches. This second volume contains a thorough treatment of three basic applications: Encryption, Signatures, and General Cryptographic Protocols. It builds on the previous volume, which provided a treatment of one-way functions, pseudorandomness, and zero-knowledge proofs. It is suitable for use in a graduate course on cryptography and as a reference book for experts. The author assumes basic familiarity with the design and analysis of algorithms; some knowledge of complexity theory and probability is also useful.