FastSoftwareEncryption2009wasthe16thin a seriesofworkshopsonsymm- ric key cryptography. Starting from 2002, it is sponsored by the International Association for Cryptologic Research (IACR). FSE 2009 was held in Leuven, Belgium, after previous venues held in Cambridge, UK (1993, 1996), Leuven, Belgium (1994, 2002), Haifa, Israel (1997), Paris, France (1998, 2005), Rome, Italy (1999), New York, USA (2000), Yokohama, Japan (2001), Lund, Sweden (2003), New Delhi, India (2004), Graz, Austria (2006), Luxembourg, Lux- bourg (2007), and Lausanne, Switzerland (2008). The workshop's main topic is symmetric key cryptography, including the designoffast andsecuresymmetrickeyprimitives,suchas block ciphers,stream ciphers, hash functions, message authentication codes, modes of operation and iteration, as well as the theoretical foundations of these primitives. This year, 76 papers were submitted to FSE including a large portion of papers on hash functions, following the NIST SHA-3 competition, whose wo- shop was held just after FSE in the same location. From the 76 papers, 24 were accepted for presentation. It is my pleasure to thank all the authors of all s- missions for the high-quality research, which is the base for the scienti?c value of the workshop. The review process was thorough (each submission received the attention of at least three reviewers), and at the end, besides the accepted papers, the Committee decided that the merits of the paper "Blockcipher-Based Hashing Revisited" entitled the authors to receive the best paper award. I wish to thank all Committee members and the referees for their hard and dedicated work.

As e-learning increases in popularity and reach, more people are taking online courses and need to understand the relevant security issues. This book discusses typical threats to e-learning projects, introducing how they have been and should be addressed.

This book provides a good introduction to the classical elementary number theory and the modern algorithmic number theory, and their applications in computing and information technology, including computer systems design, cryptography and network security. In this second edition proofs of many theorems have been provided, further additions and corrections were made.

As cyberspace continues to rapidly expand, its infrastructure is now an in- gral part of the world's economy and social structure. Given this increasing int- connectivity and interdependence, what progress has been made in developing an ecosystem of safety and security? This study is the second phase of an initial - tempt to survey and catalog the multitude of emerging organizations promoting global initiatives to secure cyberspace. The authors provide a breakdown and analysis of organizations by type, - cluding international, regional, private-public, and non-governmental organi- tions. Concluding with a discussion of the progress made in recent years, the study explores current trends regarding the effectiveness and scope of coverage provided by these organizations and addresses several questions concerning the overall state of international cyber security. The authors would like to thank Mr. Anthony Rutkowski for generously p- viding his time, guidance, and support. The authors would also like to thank the International Telecommunication Union (ITU) Telecommunication Development Sector (ITU-D) and the United States National Science Foundation (NSF Grant R3772) for partially supporting the research conducted in this study. In addition, the authors would like to thank the Georgia Institute of Technology's Center for International Strategy, Technology, and Policy (CISTP) for assistance in hosting the Cyber Security Organization Catalog, and the Georgia Tech Information Se- rity Center (GTISC) for cooperation and promotion of this study. Table of Contents 1 The International Landscape of Cyber Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 A Brief History of Global Responses to Cyber Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Computer security - the protection of data and computer systems from intentional, malicious intervention - is attracting increasing attention. Much work has gone into development of tools to detect ongoing or already perpetrated attacks, but a key shortfall in current intrusion detection systems is the high number of false alarms they produce. This book analyzes the false alarm problem, then applies results from the field of information visualization to the problem of intrusion detection. Four different visualization approaches are presented, mainly applied to data from web server access logs.

The theory of algebraic function fields over finite fields has its origins in number theory. However, after Goppas discovery of algebraic geometry codes around 1980, many applications of function fields were found in different areas of mathematics and information theory. This book presents survey articles on some of these new developments. The topics focus on material which has not yet been presented in other books or survey articles.

Critical Infrastructure Protection II describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated solutions that will help secure information, computer and network assets in the various critical infrastructure sectors.

This book is the second volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twenty edited papers from the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection held at George Mason University, Arlington, Virginia, USA in the spring of 2008.

This is the first joint working conference between the IFIP Working Groups 11. 1 and 11. 5. We hope this joint conference will promote collaboration among researchers who focus on the security management issues and those who are interested in integrity and control of information systems. Indeed, as management at any level may be increasingly held answerable for the reliable and secure operation of the information systems and services in their respective organizations in the same manner as they are for financial aspects of the enterprise, there is an increasing need for ensuring proper standards of integrity and control in information systems in order to ensure that data, software and, ultimately, the business processes are complete, adequate and valid for intended functionality and expectations of the owner (i. e. the user organization). As organizers, we would like to thank the members of the international program committee for their review work during the paper selection process. We would also like to thank the authors of the invited papers, who added valuable contribution to this first joint working conference. Paul Dowland X. Sean Wang December 2005 Contents Preface vii Session 1 - Security Standards Information Security Standards: Adoption Drivers (Invited Paper) 1 JEAN-NOEL EZINGEARD AND DAVID BIRCHALL Data Quality Dimensions for Information Systems Security: A Theorectical Exposition (Invited Paper) 21 GURVIRENDER TEJAY, GURPREET DHILLON, AND AMITA GOYAL CHIN From XML to RDF: Syntax, Semantics, Security, and Integrity (Invited Paper) 41 C. FARKAS, V. GowADiA, A. JAIN, AND D.

This book gathers concepts of information across diverse fields -physics, electrical engineering and computational science - surveying current theories, discussing underlying notions of symmetry, and showing how the capacity of a system to distinguish itself relates to information. The author develops a formal methodology using group theory, leading to the application of Burnside's Lemma to count distinguishable states. This provides a tool to quantify complexity and information capacity in any physical system.

The development of net-centric approaches for intelligence and national security applications has become a major concern in many areas such as defense, intelligence and national and international law enforcement agencies. In this volume we consider the web architectures and recent developments that make n- centric approaches for intelligence and national security possible. These include developments in information integration and recent advances in web services including the concept of the semantic web. Discovery, analysis and management of web-available data pose a number of interesting challenges for research in w- based management systems. Intelligent agents and data mining are some of the techniques that can be employed. A number of specific systems that are net-centric based in various areas of military applications, intelligence and law enforcement are presented that utilize one or more of such techniques The opening chapter overviews the concepts related to ontologies which now form much of the basis of the possibility of sharing of information in the Semantic Web. In the next chapter an overview of Web Services and examples of the use of Web Services for net-centric operations as applied to meteorological and oceanographic (MetOc) data is presented and issues related to the Navy's use of MetOc Web Services are discussed. The third chapter focuses on metadata as conceived to support the concepts of a service-oriented architecture and, in particular, as it relates to the DoD Net-Centric Data Strategy and the NCES core services.

Effective response to misuse or abusive activity in IT systems requires the capability to detect and understand improper activity. Intrusion Detection Systems observe IT activity, record these observations in audit data, and analyze the collected audit data to detect misuse. Privacy-Respecting Intrusion Detection introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection. Also, it limits the recovery of personal data to pseudonyms involved in a detected misuse scenario. The book includes case studies demonstrating this theory, and solutions that are constructively validated by providing algorithms.

To defend against computer and network attacks, multiple, complementary security devices such as intrusion detection systems (IDSs), and firewalls are widely deployed to monitor networks and hosts. These various IDSs will flag alerts when suspicious events are observed. This book is an edited volume by world class leaders within computer network and information security presented in an easy-to-follow style. It introduces defense alert systems against computer and network attacks. It also covers integrating intrusion alerts within security policy framework for intrusion response, related case studies and much more.

The Annual (ICGS) International Conference is an established platform in which se- rity, safety and sustainability issues can be examined from several global perspectives through dialogue between academics, students, government representatives, chief executives, security professionals, and research scientists from the United Kingdom and from around the globe. The 2009 two-day conference focused on the challenges of complexity, rapid pace of change and risk/opportunity issues associated with modern products, systems, s- cial events and infrastructures. The importance of adopting systematic and systemic approaches to the assurance of these systems was emphasized within a special stream focused on strategic frameworks, architectures and human factors. The conference provided an opportunity for systems scientists, assurance researchers, owners, ope- tors and maintainers of large, complex and advanced systems and infrastructures to update their knowledge with the state of best practice in these challenging domains while networking with the leading researchers and solution providers. ICGS3 2009 received paper submissions from more than 20 different countries around the world. Only 28 papers were selected and were presented as full papers. The program also included three keynote lectures by leading researchers, security professionals and government representatives. June 2009 Hamid Jahankhani Ali Hessami Feng Hsu

Over the last decade a number of research areas have contributed to the concept of advanced intelligent environments, these include ubiquitous computing, pervasive computing, embedded intelligence, intelligent user interfaces, human factors, intelligent buildings, mobile communications, domestic robots, intelligent sensors, artistic and architectural design and ambient intelligence. Undeniably, multimodal spoken language dialogue interaction is a key factor in ensuring natural interaction and therefore of particular interest for advanced intelligent environments. It will therefore represent one focus of the proposed book. The book will cover all key topics in the field of intelligent environments from a variety of leading researchers. It will bring together several perspectives in research and development in the area.

During the past two decades, many communication techniques have been developed to achieve various goals such as higher data rate, more robust link quality, andmoreusercapacityinmorerigorouschannelconditions.Themost well known are, for instance, CDMA, OFDM, MIMO, multiuser OFDM, and UWB systems.All these systems havetheir ownunique superioritywhile they also induce other drawbacks that limit the system performance. Conventional way to overcome the drawback is to impose most of the computational e?ort in the receiver side and let the transmitter design much simpler than receiver. The fact is that, however, by leveraging reasonable computational e?ort to the transmitter, the receiver design can be greatly simpli?ed. For instance, multiaccess interference (MAI) has long been considered to limit the perf- mance of multiuser systems. Popular solutions to mitigate MAI issue include multiuser detection (MUD) or sophisticated signal processing for interference cancellation such as PIC or SIC. However, those solutions impose great b- den in the receiver. In this case, precoding o?er good solutions to achieve simple transceiver designs as we will mention later in this book. This book is intended to provide a comprehensive review of precoding techniques for digital communications systems from a signal processing p- spective. The variety of selected precoding techniques and their applications makes this book quite di?erent from other texts about precoding techniques in digital communication engineering

A Classical Introduction to Cryptography: Applications for Communications Security introduces fundamentals of information and communication security by providing appropriate mathematical concepts to prove or break the security of cryptographic schemes.

This advanced-level textbook covers conventional cryptographic primitives and cryptanalysis of these primitives; basic algebra and number theory for cryptologists; public key cryptography and cryptanalysis of these schemes; and other cryptographic protocols, e.g. secret sharing, zero-knowledge proofs and undeniable signature schemes.

A Classical Introduction to Cryptography: Applications for Communications Security is designed for upper-level undergraduate and graduate-level students in computer science. This book is also suitable for researchers and practitioners in industry. A separate exercise/solution booklet is available as well, please go to www.springeronline.com under author: Vaudenay for additional details on how to purchase this booklet.

This essential resource for professionals and advanced students in security programming and system design introduces the foundations of programming systems security and the theory behind access control models, and addresses emerging access control mechanisms.

Information and Its Role in Nature presents an in-depth interdisciplinary discussion of the concept of information and its role in the control of natural processes. After a brief review of classical and quantum information theory, the author addresses numerous central questions, including: Is information reducible to the laws of physics and chemistry? Does the Universe, in its evolution, constantly generate new information? Or are information and information-processing exclusive attributes of living systems, related to the very definition of life? If so, what is the role of information in classical and quantum physics? In what ways does information-processing in the human brain bring about self-consciousness? Accessible to graduate students and professionals from all scientific disciplines, this stimulating book will help to shed light on many controversial issues at the heart of modern science.

Rapid formation and development of new theories of systems science have become an important part of modern science and technology. For - ample, since the 1940s, there have appeared systems theory, information theory, fuzzy mathematics, cybernetics, dissipative structures, synergetics, catastrophe theory, chaos theory, bifurcations, ultra circulations, dynamics, and many other systems theories. Grey systems theory is also one of such systems theories that appeared initially in the 1980s. When the research of systems science and the method and technology of systems engineering are applied in various traditional disciplines, such as management science, decision science, and various scienti?c disciplines, a whole new group of new results and breakthroughs are obtained. Such a historical background has provided the environment and soil for grey systems theory to form and to develop rapidly in the past 20-plus years. More speci?cally, in 1982, Professor Deng Ju-Long published the ?rst research paper in the area of grey systems in the international journal entitled Systems and Control Letters, published by North-Holland Co. His paper was titled "Control Problems of Grey Systems. " The publication of this paper signalled the birth of grey systems theory after many years of e ective research of the founding father. This new theory soon caught the attention of the international academic community and practitioners of science. Many well-known scholars, such as Chinese academicians Qian Xueshen, Song Jian, and Zhang Zhongjun. Professor Roger W.

Modern cryptology increasingly employs mathematically rigorous concepts and methods from complexity theory. Conversely, current research topics in complexity theory are often motivated by questions and problems from cryptology. This book takes account of this situation, and therefore its subject is what may be dubbed "cryptocomplexity'', a kind of symbiosis of these two areas.

This book is written for undergraduate and graduate students of computer science, mathematics, and engineering, and can be used for courses on complexity theory and cryptology, preferably by stressing their interrelation. Moreover, it may serve as a valuable source for researchers, teachers, and practitioners working in these fields. Starting from scratch, it works its way to the frontiers of current research in these fields and provides a detailed overview of their history and their current research topics and challenges.

An Introduction to Mathematical Cryptography provides an introduction to public key cryptography and underlying mathematics that is required for the subject. Each of the eight chapters expands on a specific area of mathematical cryptography and provides an extensive list of exercises.

It is a suitable text for advanced students in pure and applied mathematics and computer science, or the book may be used as a self-study. This book also provides a self-contained treatment of mathematical cryptography for the reader with limited mathematical background.

One of the grand challenges for computational intelligence and biometrics is to understand how people process and recognize faces and to develop automated and reliable face recognition systems. Biometrics has become the major component in the complex decision making process associated with security applications. The many challenges addressed for face detection and authentication include cluttered environments, occlusion and disguise, temporal changes, and last but not least, robust training and open set testing.

Reliable Face Recognition Methods seeks to comprehensively address the face recognition problem while drawing inspiration and gaining new insights from complementary fields of endeavor such as neurosciences, statistics, signal and image processing, computer vision, and machine learning and data mining. The book examines the evolution of research surrounding the field to date, explores new directions, and offers specific guidance on the most promising venues for future R&D.

With its well-focused approach and clarity of presentation, this new text/reference is an excellent resource for computer scientists and engineers, researchers, and professionals who need to learn about face recognition. In addition, the book is ideally suited to students studying biometrics, pattern recognition, and human-computer interaction.

Coding is an highly integral component of viable and efficient computer and data communications, yet the often heavy mathematics that form the basis of coding can prevent a serious and practical understanding of this important area.

"Coding for Data and Computer Communications" eschews the complex mathematics and clearly describes the core concepts, principles, and methods of channel codes ( for error correction), source codes (for compressing data), and secure codes (for cryptography, data hiding, and privacy). Conveniently organized and segmented into three associated parts for these coding types, the book examines the most important approaches and techniques used to make the storage and transmission of information (data) fast, secure, and reliable.

Topics and features:

*Integrates the disciplines of error control, data compression, and cryptography and data hiding

*Presents material in a logical, clear, and lively way for rapid learning

*Highly inclusive, balanced coverage for specialists and nonspecialists

*Contains a chapter on the rarely covered topic of check digits

*Provides numerous examples, illustrations, and other helpful learning aids

An essential resource and monograph for all security researchers and professionals who need to understand and effectively use coding employed in computers and data communications. Anchored by a clear, nonmathematical exposition, the book presents all the major topics, principles, and methods in an accessible style suitable for professional specialists, nonspecialists, students, and individual self-study.

Noisy data appear very naturally in applications where the authentication is based on physical identifiers. This book provides a self-contained overview of the techniques and applications of security based on noisy data. It provides a comprehensive overview of the theory of extracting cryptographic keys from noisy data, and describes applications in the field of biometrics, secure key storage, and anti-counterfeiting.

Coding theory and cryptography allow secure and reliable data transmission, which is at the heart of modern communication. Nowadays, it is hard to find an electronic device without some code inside. Grobner bases have emerged as the main tool in computational algebra, permitting numerous applications, both in theoretical contexts and in practical situations.

This book is the first book ever giving a comprehensive overview on the application of commutative algebra to coding theory and cryptography. For example, all important properties of algebraic/geometric coding systems (including encoding, construction, decoding, list decoding) are individually analysed, reporting all significant approaches appeared in the literature. Also, stream ciphers, PK cryptography, symmetric cryptography and Polly Cracker systems deserve each a separate chapter, where all the relevant literature is reported and compared. While many short notes hint at new exciting directions, the reader will find that all chapters fit nicely within a unified notation."