This multi-authored textbook addresses graduate students with a background in physics, mathematics or computer science. No research experience is necessary. Consequently, rather than comprehensively reviewing the vast body of knowledge and literature gathered in the past twenty years, this book concentrates on a number of carefully selected aspects of quantum information theory and technology. Given the highly interdisciplinary nature of the subject, the multi-authored approach brings together different points of view from various renowned experts, providing a coherent picture of the subject matter. The book consists of ten chapters and includes examples, problems, and exercises. The first five present the mathematical tools required for a full comprehension of various aspects of quantum mechanics, classical information, and coding theory. Chapter 6 deals with the manipulation and transmission of information in the quantum realm. Chapters 7 and 8 discuss experimental implementations of quantum information ideas using photons and atoms. Finally, chapters 9 and 10 address ground-breaking applications in cryptography and computation.

This book constitutes the revised selected papers of the 20th International Workshop on Combinatorial Algorithms, held in June/July 2009 in the castle of Hradec nad Moravici, Czech Republic.

The 41 papers included in this volume together with 5 invited papers were carefully reviewed and selected from over 100 submissions. The topics dealt with are algorithms and data structures, applications, combinatorial enumeration, combinatorial optimization, complexity theory, computational biology, databases, decompositions and combinatorial designs, discrete and computational geometry, including graph drawing, and graph theory and combinatorics.

As future generation information technology (FGIT) becomes specialized and fr- mented, it is easy to lose sight that many topics in FGIT have common threads and, because of this, advances in one discipline may be transmitted to others. Presentation of recent results obtained in different disciplines encourages this interchange for the advancement of FGIT as a whole. Of particular interest are hybrid solutions that c- bine ideas taken from multiple disciplines in order to achieve something more signi- cant than the sum of the individual parts. Through such hybrid philosophy, a new principle can be discovered, which has the propensity to propagate throughout mul- faceted disciplines. FGIT 2009 was the first mega-conference that attempted to follow the above idea of hybridization in FGIT in a form of multiple events related to particular disciplines of IT, conducted by separate scientific committees, but coordinated in order to expose the most important contributions. It included the following international conferences: Advanced Software Engineering and Its Applications (ASEA), Bio-Science and Bio-Technology (BSBT), Control and Automation (CA), Database Theory and Application (DTA), D- aster Recovery and Business Continuity (DRBC; published independently), Future G- eration Communication and Networking (FGCN) that was combined with Advanced Communication and Networking (ACN), Grid and Distributed Computing (GDC), M- timedia, Computer Graphics and Broadcasting (MulGraB), Security Technology (SecTech), Signal Processing, Image Processing and Pattern Recognition (SIP), and- and e-Service, Science and Technology (UNESST).

This book constitutes the thoroughly refereed post-conference proceedings of the Second International Conference on Information Theoretic Security, ICITS 2007, held in Madrid, Spain, in May 2007.

The 13 revised full papers presented in this volume were carefully reviewed and selected from 26 submissions. There were one invited keynote speech and 3 invited talks to the conference. The topics covered are authentication, group cryptography, private and reliable message transmission, secret sharing, and applications of information theory.

This book constitutes the thoroughly refereed post-conference proceedings of the 5th International ICST Conference, SecureComm 2009, held in September 2009 in Athens, Greece.

The 19 revised full papers and 7 revised short papers were carefully reviewed and selected from 76 submissions.

The papers cover various topics such as wireless network security, network intrusion detection, security and privacy for the general internet, malware and misbehavior, sensor networks, key management, credentials and authentications, as well as secure multicast and emerging technologies.

This book constitutes the refereed proceedings of the 12th International Conference on Information Security Conference, ISC 2009, held in Pisa, Italy, September 7-9, 2009.

The 29 revised full papers and 9 revised short papers presented were carefully reviewed and selected from 105 submissions. The papers are organized in topical sections on analysis techniques, hash functions, database security and biometrics, algebraic attacks and proxy re-encryption, distributed system security, identity management and authentication, applied cryptography, access control, MAC and nonces, and P2P and Web services.

This book constitutes the refereed proceedings of the 9th International Conference on Next Generation Teletraffic and Wired/Wireless Advanced Networking, NEW2AN 2009, held in conjunction with the Second Conference on Smart Spaces, ruSMART 2009 in St. Petersburg, Russia, in September 2009.

The 32 revised full papers presented were carefully reviewed and selected from a total of 82 submissions. The NEW2AN papers are organized in topical sections on teletraffic issues; traffic measurements, modeling, and control; peer-to-peer systems; security issues; wireless networks: ad hoc and mesh; and wireless networks: capacity and mobility. The ruSMART papers start with an invited talk followed by 10 papers on smart spaces.

In 1974, the British government admitted that its WWII secret intelligence organization had read Germany's ciphers on a massive scale. The intelligence from these decrypts influenced the Atlantic, the Eastern Front and Normandy. Why did the Germans never realize the Allies had so thoroughly penetrated their communications? As German intelligence experts conducted numerous internal investigations that all certified their ciphers' security, the Allies continued to break more ciphers and plugged their own communication leaks. How were the Allies able to so thoroughly exploit Germany's secret messages? How did they keep their tremendous success a secret? What flaws in Germany's organization allowed this counterintelligence failure and how can today's organizations learn to avoid similar disasters? This book, the first comparative study of WWII SIGINT (Signals Intelligence), analyzes the characteristics that allowed the Allies SIGINT success and that fostered the German blindness to Enigma's compromise.

Biometrics is a rapidly evolving field with applications ranging from accessing one 's computer to gaining entry into a country. The deployment of large-scale biometric systems in both commercial and government applications has increased public awareness of this technology. Recent years have seen significant growth in biometric research resulting in the development of innovative sensors, new algorithms, enhanced test methodologies and novel applications. This book addresses this void by inviting some of the prominent researchers in Biometrics to contribute chapters describing the fundamentals as well as the latest innovations in their respective areas of expertise.

Privacy, Security and Trust within the Context of Pervasive Computing is an edited volume based on a post workshop at the second international conference on Pervasive Computing. The workshop was held April18-23, 2004, in Vienna, Austria.

The goal of the workshop was not to focus on specific, even novel mechanisms, but rather on the interfaces between mechanisms in different technical and social problem spaces. An investigation of the interfaces between the notions of context, privacy, security, and trust will result in a deeper understanding of the "atomic" problems, leading to a more complete understanding of the social and technical issues in pervasive computing.

The NordSec workshops were started in 1996 with the aim of bringing together - searchers and practitioners within computer security in the Nordic countries - thereby establishing a forum for discussions and co-operation between universities, industry and computer societies. Since then, the workshop has developed into a fully fledged inter- tional information security conference, held in the Nordic countries on a round robin basis. The 14th Nordic Conference on Secure IT Systems was held in Oslo on 14-16 October 2009. Under the theme Identity and Privacy in the Internet Age, this year's conference explored policies, strategies and technologies for protecting identities and the growing flow of personal information passing through the Internet and mobile n- works under an increasingly serious threat picture. Among the contemporary security issues discussed were security services modeling, Petri nets, attack graphs, electronic voting schemes, anonymous payment schemes, mobile ID-protocols, SIM cards, n- work embedded systems, trust, wireless sensor networks, privacy, privacy disclosure regulations, financial cryptography, PIN verification, temporal access control, random number generators, and some more. As a pre-cursor to the conference proper, the Nordic Security Day on Wednesday 14 October hosted talks by leading representatives from industry, academia and the g- ernment sector, and a press conference was given.

In recent years there has been growing scientific interest in the triangular relationship between knowledge. complexity and innovation systems. The concept of'innovation systems' carries the idea that innovations do not originate as isolated discrete phenomena, but are generated through the interaction of a number of actors or agents. This set of actors and interactions possess certain specific characteristics that tend to remain over time. Such characteristics are also shared by national, regional, sectoral and technological interaction systems. They can all be represented as sets of institutional] actors and interactions, whose ultimate goal is the production and diffusion of knowledge. The major theoretical and policy problem posed by these systems is that knowledge is generated not only by individuals and organisations, but also by the often complex pattern of interaction between them. To understand how organisations create new products, new production techniques and new organisational forms is important. An even more fundamental need is to understand how organisations create new knowledge if this knowledge creation lies in the mobilisation and conversion of tacit knowledge. Although much has been written about the importance of knowledge in management, little attention has been paid to how knowledge is created and how the knowledge creation process is managed. The third component of the research triangle concerns complexity."

FastSoftwareEncryption2009wasthe16thin a seriesofworkshopsonsymm- ric key cryptography. Starting from 2002, it is sponsored by the International Association for Cryptologic Research (IACR). FSE 2009 was held in Leuven, Belgium, after previous venues held in Cambridge, UK (1993, 1996), Leuven, Belgium (1994, 2002), Haifa, Israel (1997), Paris, France (1998, 2005), Rome, Italy (1999), New York, USA (2000), Yokohama, Japan (2001), Lund, Sweden (2003), New Delhi, India (2004), Graz, Austria (2006), Luxembourg, Lux- bourg (2007), and Lausanne, Switzerland (2008). The workshop's main topic is symmetric key cryptography, including the designoffast andsecuresymmetrickeyprimitives,suchas block ciphers,stream ciphers, hash functions, message authentication codes, modes of operation and iteration, as well as the theoretical foundations of these primitives. This year, 76 papers were submitted to FSE including a large portion of papers on hash functions, following the NIST SHA-3 competition, whose wo- shop was held just after FSE in the same location. From the 76 papers, 24 were accepted for presentation. It is my pleasure to thank all the authors of all s- missions for the high-quality research, which is the base for the scienti?c value of the workshop. The review process was thorough (each submission received the attention of at least three reviewers), and at the end, besides the accepted papers, the Committee decided that the merits of the paper "Blockcipher-Based Hashing Revisited" entitled the authors to receive the best paper award. I wish to thank all Committee members and the referees for their hard and dedicated work.

As e-learning increases in popularity and reach, more people are taking online courses and need to understand the relevant security issues. This book discusses typical threats to e-learning projects, introducing how they have been and should be addressed.

This book provides a good introduction to the classical elementary number theory and the modern algorithmic number theory, and their applications in computing and information technology, including computer systems design, cryptography and network security. In this second edition proofs of many theorems have been provided, further additions and corrections were made.

As cyberspace continues to rapidly expand, its infrastructure is now an in- gral part of the world's economy and social structure. Given this increasing int- connectivity and interdependence, what progress has been made in developing an ecosystem of safety and security? This study is the second phase of an initial - tempt to survey and catalog the multitude of emerging organizations promoting global initiatives to secure cyberspace. The authors provide a breakdown and analysis of organizations by type, - cluding international, regional, private-public, and non-governmental organi- tions. Concluding with a discussion of the progress made in recent years, the study explores current trends regarding the effectiveness and scope of coverage provided by these organizations and addresses several questions concerning the overall state of international cyber security. The authors would like to thank Mr. Anthony Rutkowski for generously p- viding his time, guidance, and support. The authors would also like to thank the International Telecommunication Union (ITU) Telecommunication Development Sector (ITU-D) and the United States National Science Foundation (NSF Grant R3772) for partially supporting the research conducted in this study. In addition, the authors would like to thank the Georgia Institute of Technology's Center for International Strategy, Technology, and Policy (CISTP) for assistance in hosting the Cyber Security Organization Catalog, and the Georgia Tech Information Se- rity Center (GTISC) for cooperation and promotion of this study. Table of Contents 1 The International Landscape of Cyber Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 A Brief History of Global Responses to Cyber Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Computer security - the protection of data and computer systems from intentional, malicious intervention - is attracting increasing attention. Much work has gone into development of tools to detect ongoing or already perpetrated attacks, but a key shortfall in current intrusion detection systems is the high number of false alarms they produce. This book analyzes the false alarm problem, then applies results from the field of information visualization to the problem of intrusion detection. Four different visualization approaches are presented, mainly applied to data from web server access logs.

The theory of algebraic function fields over finite fields has its origins in number theory. However, after Goppas discovery of algebraic geometry codes around 1980, many applications of function fields were found in different areas of mathematics and information theory. This book presents survey articles on some of these new developments. The topics focus on material which has not yet been presented in other books or survey articles.

Critical Infrastructure Protection II describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated solutions that will help secure information, computer and network assets in the various critical infrastructure sectors.

This book is the second volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of twenty edited papers from the Second Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection held at George Mason University, Arlington, Virginia, USA in the spring of 2008.

This is the first joint working conference between the IFIP Working Groups 11. 1 and 11. 5. We hope this joint conference will promote collaboration among researchers who focus on the security management issues and those who are interested in integrity and control of information systems. Indeed, as management at any level may be increasingly held answerable for the reliable and secure operation of the information systems and services in their respective organizations in the same manner as they are for financial aspects of the enterprise, there is an increasing need for ensuring proper standards of integrity and control in information systems in order to ensure that data, software and, ultimately, the business processes are complete, adequate and valid for intended functionality and expectations of the owner (i. e. the user organization). As organizers, we would like to thank the members of the international program committee for their review work during the paper selection process. We would also like to thank the authors of the invited papers, who added valuable contribution to this first joint working conference. Paul Dowland X. Sean Wang December 2005 Contents Preface vii Session 1 - Security Standards Information Security Standards: Adoption Drivers (Invited Paper) 1 JEAN-NOEL EZINGEARD AND DAVID BIRCHALL Data Quality Dimensions for Information Systems Security: A Theorectical Exposition (Invited Paper) 21 GURVIRENDER TEJAY, GURPREET DHILLON, AND AMITA GOYAL CHIN From XML to RDF: Syntax, Semantics, Security, and Integrity (Invited Paper) 41 C. FARKAS, V. GowADiA, A. JAIN, AND D.

This book gathers concepts of information across diverse fields -physics, electrical engineering and computational science - surveying current theories, discussing underlying notions of symmetry, and showing how the capacity of a system to distinguish itself relates to information. The author develops a formal methodology using group theory, leading to the application of Burnside's Lemma to count distinguishable states. This provides a tool to quantify complexity and information capacity in any physical system.

The development of net-centric approaches for intelligence and national security applications has become a major concern in many areas such as defense, intelligence and national and international law enforcement agencies. In this volume we consider the web architectures and recent developments that make n- centric approaches for intelligence and national security possible. These include developments in information integration and recent advances in web services including the concept of the semantic web. Discovery, analysis and management of web-available data pose a number of interesting challenges for research in w- based management systems. Intelligent agents and data mining are some of the techniques that can be employed. A number of specific systems that are net-centric based in various areas of military applications, intelligence and law enforcement are presented that utilize one or more of such techniques The opening chapter overviews the concepts related to ontologies which now form much of the basis of the possibility of sharing of information in the Semantic Web. In the next chapter an overview of Web Services and examples of the use of Web Services for net-centric operations as applied to meteorological and oceanographic (MetOc) data is presented and issues related to the Navy's use of MetOc Web Services are discussed. The third chapter focuses on metadata as conceived to support the concepts of a service-oriented architecture and, in particular, as it relates to the DoD Net-Centric Data Strategy and the NCES core services.

Effective response to misuse or abusive activity in IT systems requires the capability to detect and understand improper activity. Intrusion Detection Systems observe IT activity, record these observations in audit data, and analyze the collected audit data to detect misuse. Privacy-Respecting Intrusion Detection introduces the concept of technical purpose binding, which restricts the linkability of pseudonyms in audit data to the amount necessary for misuse detection. Also, it limits the recovery of personal data to pseudonyms involved in a detected misuse scenario. The book includes case studies demonstrating this theory, and solutions that are constructively validated by providing algorithms.

To defend against computer and network attacks, multiple, complementary security devices such as intrusion detection systems (IDSs), and firewalls are widely deployed to monitor networks and hosts. These various IDSs will flag alerts when suspicious events are observed. This book is an edited volume by world class leaders within computer network and information security presented in an easy-to-follow style. It introduces defense alert systems against computer and network attacks. It also covers integrating intrusion alerts within security policy framework for intrusion response, related case studies and much more.

The Annual (ICGS) International Conference is an established platform in which se- rity, safety and sustainability issues can be examined from several global perspectives through dialogue between academics, students, government representatives, chief executives, security professionals, and research scientists from the United Kingdom and from around the globe. The 2009 two-day conference focused on the challenges of complexity, rapid pace of change and risk/opportunity issues associated with modern products, systems, s- cial events and infrastructures. The importance of adopting systematic and systemic approaches to the assurance of these systems was emphasized within a special stream focused on strategic frameworks, architectures and human factors. The conference provided an opportunity for systems scientists, assurance researchers, owners, ope- tors and maintainers of large, complex and advanced systems and infrastructures to update their knowledge with the state of best practice in these challenging domains while networking with the leading researchers and solution providers. ICGS3 2009 received paper submissions from more than 20 different countries around the world. Only 28 papers were selected and were presented as full papers. The program also included three keynote lectures by leading researchers, security professionals and government representatives. June 2009 Hamid Jahankhani Ali Hessami Feng Hsu