The 7th Annual Working Conference of ISMSSS (lnformation Security Management and Small Systems Security), jointly presented by WG 11.1 and WG 11.2 of the International Federation for Information Processing {IFIP), focuses on various state-of-art concepts in the two relevant fields. The conference focuses on technical, functional as well as managerial issues. This working conference brings together researchers and practitioners of different disciplines, organisations, and countries, to discuss the latest developments in (amongst others) secure techniques for smart card technology, information security management issues, risk analysis, intranets, electronic commerce protocols, certification and accreditation and biometrics authentication. W e are fortunate to have attracted at least six highly acclaimed international speakers to present invited lectures, which will set the platform for the reviewed papers. Invited speakers will talk on a broad spectrum of issues, all related to information security management and small system security issues. These talks cover new perspectives on secure smart card systems, the role of BS7799 in certification, electronic commerce and smart cards, iris biometrics and many more. AH papers presented at this conference were reviewed by a minimum of two international reviewers. W e wish to express our gratitude to all authors of papers and the international referee board. W e would also like to express our appreciation to the organising committee, chaired by Leon Strous, for aU their inputs and arrangements.

This sixth volume in the series Integrity and Internal Control in Information Systems is a state-of-the-art collection of papers in the area of integrity within information systems and the relationship between integrity in information systems and the overall internal control systems that are established in organizations to support corporate governance codes. Integrity and Internal Control in Information Systems VI represents a continuation of the dialogue between information security specialists, internal control specialists and the business community. The objectives of this dialogue are: To present methods and techniques that will help business achieve the desired level of integrity in information systems and data; To present the results of research that may in future be used to increase the level of integrity or help management maintain the desired level of integrity; To investigate the shortcomings in the technologies presently in use, shortcomings that require attention in order to protect the integrity of systems in general.The book contains a collection of papers from the Sixth International Working Conference on Integrity and Internal Control in Information Systems (IICIS), sponsored by the International Federation for Information Processing (IFIP) and held in Lausanne, Switzerland in November 2003. It will be essential reading for academics and practitioners in computer science, information technology, business informatics, accountancy and IT-auditing.

This book constitutes the thoroughly refereed post-worksop proceedings of the 8th International Workshop Radio Frequency Identification: Security and Privacy Issues, RFIDSec 2012, held in Nijmegen, The Netherlands, in July 2012. The 12 revised full papers presented were carefully reviewed and selected from 29 submissions for inclusion in the book. The papers focus on approaches to solve security and data protection issues in advanced contactless technologies.

This volume is dedicated to the memory of Rudolf Ahlswede, who passed away in December 2010. The Festschrift contains 36 thoroughly refereed research papers from a memorial symposium, which took place in July 2011.

Thefour macro-topics of this workshop: theory of games and strategic planning; combinatorial group testing and database mining; computational biology and string matching; information coding and spreading and patrolling on networks; provide a comprehensive picture of the vision Rudolf Ahlswede put forward of a broad and systematic theory of search.

(Preliminary): The Orthogonal Frequency Division Multiplexing (OFDM) digital transmission technique has several advantages in broadcast and mobile communications applications. The main objective of this book is to give a good insight into these efforts, and provide the reader with a comprehensive overview of the scientific progress which was achieved in the last decade. Besides topics of the physical layer, such as coding, modulation and non-linearities, a special emphasis is put on system aspects and concepts, in particular regarding cellular networks and using multiple antenna techniques. The work extensively addresses challenges of link adaptation, adaptive resource allocation and interference mitigation in such systems. Moreover, the domain of cross-layer design, i.e. the combination of physical layer aspects and issues of higher layers, are considered in detail. These results will facilitate and stimulate further innovation and development in the design of modern communication systems, based on the powerful OFDM transmission technique.

Cryptography in Chinese consists of two characters meaning "secret coded". Thanks to Ch'in Chiu-Shao and his successors, the Chinese Remainder Theorem became a cornerstone of public key cryptography. Today, as we observe the constant usage of high-speed computers interconnected via the Internet, we realize that cryptography and its related applications have developed far beyond "secret coding". China, which is rapidly developing in all areas of technology, is also writing a new page of history in cryptography. As more and more Chinese become recognized as leading researchers in a variety of topics in cryptography, it is not surprising that many of them are Professor Xiao's former students. Progress on Cryptography: 25 Years of Cryptography in China is a compilation of papers presented at an international workshop in conjunction with the ChinaCrypt, 2004. After 20 years, the research interests of the group have extended to a variety of areas in cryptography. This edited volume includes 32 contributed chapters. The material will cover a range of topics, from mathematical results of cryptography to practical applications. This book also includes a sample of research, conducted by Professor Xiao's former and current students. Progress on Cryptography: 25 Years of Cryptography in China is designed for a professional audience, composed of researchers and practitioners in industry. This book is also suitable as a secondary text for graduate-level students in computer science, mathematics and engineering.

This book constitutes the thoroughly refereed post-conference proceedings of the 15th International Conference on Information Security and Cryptology, ICISC 2012, held in Seoul, Korea, in November 2012. The 32 revised full papers presented together with 3 invited talks were carefully selected from 120 submissions during two rounds of reviewing. The papers provide the latest results in research, development, and applications in the field of information security and cryptology. They are organized in topical sections on attack and defense, software and Web security, cryptanalysis, cryptographic protocol, identity-based encryption, efficient implementation, cloud computing security, side channel analysis, digital signature, and privacy enhancement.

Security and Privacy in the Age of Uncertainty covers issues related to security and privacy of information in a wide range of applications including: *Secure Networks and Distributed Systems; *Secure Multicast Communication and Secure Mobile Networks; *Intrusion Prevention and Detection; *Access Control Policies and Models; *Security Protocols; *Security and Control of IT in Society. This volume contains the papers selected for presentation at the 18th International Conference on Information Security (SEC2003) and at the associated workshops. The conference and workshops were sponsored by the International Federation for Information Processing (IFIP) and held in Athens, Greece in May 2003.

This brief focuses on radio resource allocation in a heterogeneous wireless medium. It presents radio resource allocation algorithms with decentralized implementation, which support both single-network and multi-homing services. The brief provides a set of cooperative networking algorithms, which rely on the concepts of short-term call traffic load prediction, network cooperation, convex optimization, and decomposition theory. In the proposed solutions, mobile terminals play an active role in the resource allocation operation, instead of their traditional role as passive service recipients in the networking environment.

This book constitutes the refereed proceedings of the International Conference on Information and Communication Technology, ICT-EurAsia 2013, and the collocation of AsiaARES 2013 as a special track on Availability, Reliability, and Security, held in Yogyakarta, Indonesia, in March 2013. The 62 revised full papers presented were carefully reviewed and selected from a numerous submissions. The papers are organized in topical sections on e-society, software engineering, security and privacy, cloud and internet computing, knowledge management, dependable systems and applications, cryptography, privacy and trust management, network analysis and security, and multimedia security.

In the treatment of chronic diseases, wireless Implantable Medical Devices (IMDs) are commonly used to communicate with an outside programmer (reader). Such communication raises serious security concerns, such as the ability for hackers to gain access to a patient's medical records. This brief provides an overview of such attacks and the new security challenges, defenses, design issues, modeling and performance evaluation in wireless IMDs. While studying the vulnerabilities of IMDs and corresponding security defenses, the reader will also learn the methodologies and tools for designing security schemes, modeling, security analysis, and performance evaluation, thus keeping pace with quickly-evolving wireless security research.

This book constitutes the refereed proceedings of the Second International Conference on Principles of Security and Trust, POST 2013, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2013, in Rome, Italy, in March 2013. The 14 papers included in this volume were carefully reviewed and selected from 59 submissions. They deal with the theoretical and foundational aspects of security and trust such as new theoretical results, practical applications of existing foundational ideas, and innovative theoretical approaches stimulated by pressing practical problems.

This book contains the thoroughly refereed post-conference proceedings of the 14th Information Hiding Conference, IH 2012, held in Berkeley, CA, USA, in May 2012. The 18 revised full papers presented were carefully reviewed and selected from numerous submissions. The papers are organized in topical sections on multimedia forensics and counter-forensics, steganalysis, data hiding in unusual content, steganography, covert channels, anonymity and privacy, watermarking, and fingerprinting.

This book constitutes the thoroughly refereed proceedings of the 10th Theory of Cryptography Conference, TCC 2013, held in Tokyo, Japan, in March 2013. The 36 revised full papers presented were carefully reviewed and selected from 98 submissions. The papers cover topics such as study of known paradigms, approaches, and techniques, directed towards their better understanding and utilization; discovery of new paradigms, approaches and techniques that overcome limitations of the existing ones; formulation and treatment of new cryptographic problems; study of notions of security and relations among them; modeling and analysis of cryptographic algorithms; and study of the complexity assumptions used in cryptography.

This book constitutes the refereed proceedings of the 5th International Symposium on Engineering Secure Software and Systems, ESSoS 2013, held in Paris, France, in February/March 2013. The 13 revised full papers presented together with two idea papers were carefully reviewed and selected from 62 submissions. The papers are organized in topical sections on secure programming, policies, proving, formal methods, and analyzing.

The volume contains the papers presented at the fifth working conference on Communications and Multimedia Security (CMS 2001), held on May 21-22, 2001 at (and organized by) the GMD -German National Research Center for Information Technology GMD - Integrated Publication and Information Systems Institute IPSI, in Darmstadt, Germany. The conference is arranged jointly by the Technical Committees 11 and 6 of the International Federation of Information Processing (IFIP) The name "Communications and Multimedia Security" was first used in 1995, Reinhard Posch organized the first in this series of conferences in Graz, Austria, following up on the previously national (Austrian) "IT Sicherheit" conferences held in Klagenfurt (1993) and Vienna (1994). In 1996, the CMS took place in Essen, Germany; in 1997 the conference moved to Athens, Greece. The CMS 1999 was held in Leuven, Belgium. This conference provides a forum for presentations and discussions on issues which combine innovative research work with a highly promising application potential in the area of security for communication and multimedia security. State-of-the-art issues as well as practical experiences and new trends in the areas were topics of interest again, as it has already been the case at previous conferences. This year, the organizers wanted to focus the attention on watermarking and copyright protection for e commerce applications and multimedia data. We also encompass excellent work on recent advances in cryptography and their applications. In recent years, digital media data have enormously gained in importance.

This volume contains papers presented at the fourth working conference on Communications and Multimedia Security (CMS'99), held in Leuven, Belgium from September 20-21, 1999. The Conference, arrangedjointly by Technical Committees 11 and 6 of the International Federation of Information Processing (IFIP), was organized by the Department of Electrical Engineering of the Katholieke Universiteit Leuven. The name "Communications and Multimedia Security" was used for the first time in 1995, when Reinhard Posch organized the first in this series of conferences in Graz, Austria, following up on the previously national (Austrian) IT Sicherheit conferences held in Klagenfurt (1993) and Vienna (1994). In 1996, CMS took place in Essen, Germany; in 1997 the conference moved to Athens, Greece. The Conference aims to provide an international forum for presentations and discussions on protocols and techniques for providing secure information networks. The contributions in this volume review the state-of the-art in communications and multimedia security, and discuss practical of topics experiences and new developments. They cover a wide spectrum inc1uding network security, web security, protocols for entity authentication and key agreement, protocols for mobile environments, applied cryptology, watermarking, smart cards, and legal aspects of digital signatures.

This book constitutes revised selected papers from the 7th Conference on Theory of Quantum Computation, Communication, and Cryptography, TQC 2012, held in Tokyo, Japan, in May 2012. The 12 papers presented were carefully reviewed and selected for inclusion in this book. They contain original research on the rapidly growing, interdisciplinary field of quantum computation, communication and cryptography. Topics addressed are such as quantum algorithms, quantum computation models, quantum complexity theory, simulation of quantum systems, quantum programming languages, quantum cryptography, quantum communication, quantum estimation, quantum measurement, quantum tomography, completely positive maps, decoherence, quantum noise, quantum coding theory, fault-tolerant quantum computing, entanglement theory, and quantum teleportation.

This book constitutes the thoroughly refereed post-conference proceedings of the 19th International Conference on Selected Areas in Cryptography, SAC 2012, held in Windsor, Ontario, Canada, in August 2012. The 24 papers presented were carefully reviewed and selected from 87 submissions. They are organized in topical sections named: cryptanalysis, digital signatures, stream ciphers, implementations, block cipher cryptanalysis, lattices, hashfunctions, blockcipher constructions, and miscellaneous.

This book constitutes the refereed proceedings of the 5th International Conference on Pairing-Based Cryptography, Pairing 2012, held in Cologne, Germany, in May 2012.
The 17 full papers for presentation at the academic track and 3 full papers for presentation at the industrial track were carefully reviewed and selected from 49 submissions. These papers are presented together with 6 invited talks. The contributions are organized in topical sections on: algorithms for pairing computation, security models for encryption, functional encryption, implementations in hardware and software, industry track, properties of pairings, and signature schemes and applications.

Selected Areas in Cryptography brings together in one place important contributions and up-to-date research results in this fast moving area. Selected Areas in Cryptography serves as an excellent reference, providing insight into some of the most challenging research issues in the field.

Recent advances in technology and new software applications are steadily transforming human civilization into what is called the Information Society. This is manifested by the new terminology appearing in our daily activities. E-Business, E-Government, E-Learning, E-Contracting, and E-Voting are just a few of the ever-growing list of new terms that are shaping the Information Society. Nonetheless, as Information gains more prominence in our society, the task of securing it against all forms of threats becomes a vital and crucial undertaking.Addressing the various security issues confronting our new Information Society, this volume is divided into 13 parts covering the following topics: * Information Security Management; * Standards of Information Security; * Threats and Attacks to Information; * Education and Curriculum for Information Security; * Social and Ethical Aspects of Information Security; * Information Security Services; * Multilateral Security; * Applications of Information Security; * Infrastructure for Information Security * Advanced Topics in Security; * Legislation for Information Security; * Modeling and Analysis for Information Security; * Tools for Information Security. Security in the Information Society: Visions and Perspectives comprises the proceedings of the 17th International Conference on Information Security (SEC2002), which was sponsored by the International Federation for Information Processing (IFIP), and jointly organized by IFIP Technical Committee 11 and the Department of Electronics and Electrical Communications of Cairo University. The conference was held in May 2002 in Cairo, Egypt.

This book constitutes the thoroughly refereed post-proceedings of the 17th International Workshop on Security Protocols, SP 2009, held in Cambridge, UK, in April 2009. The 17 revised full papers presented together with edited transcriptions of some of the discussions following the presentations have gone through multiple rounds of reviewing, revision, and selection. The theme of this workshop was "Brief Encounters". In the old days, security protocols were typically run first as preliminaries to, and later to maintain, relatively stable continuing relationships between relatively unchanging individual entities. Pervasive computing, e-bay and second life have shifted the ground: we now frequently desire a secure commitment to a particular community of entities, but relatively transient relationships with individual members of it, and we are often more interested in validating attributes than identity. The papers and discussions in this volume examine the theme from the standpoint of various different applications and adversaries.

Foreword by Pierangela Samarati

Privacy requirements have an increasing impact on the realization of modern applications. Commercial and legal regulations demand that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. Current approaches encrypt sensitive data, thus reducing query execution efficiency and preventing selective information release.

Preserving Privacy in Data Outsourcing presents a comprehensive approach for protecting highly sensitive information when it is stored on systems that are not under the data owner's control. The approach illustrated combines access control and encryption, enforcing access control via structured encryption. This solution, coupled with efficient algorithms for key derivation and distribution, provides efficient and secure authorization management on outsourced data; it allows the data owner to outsource not only the data but the security policy itself. The last section of this book investigates the problem of executing queries over possible data distributed at different servers. Case Studies will be provided.

About this book:

Exclusively focuses on addressing protection of confidential information in the emerging data outsourcing scenarios.

Presents relevant and critical novel problems and novel techniques, a precious reference point to students, researchers, and developers in this field.

Provides a comprehensive overview of the data protection problem in outsourcing scenarios, as well as a rigorous analysis and formalization of the problem and solutions to it.

Privacy, data mining, data protection, data outsourcing, electronic commerce, machine learning professionals and others working in these related fields will find this book a valuable asset, as well as primary associations such as ACM, IEEE and Management Science. This book is also suitable for advanced level students and researchers concentrating on computer science as a secondary text or reference book.