This book collects survey papers in the fields of entropy, search and complexity, summarizing the latest developments in their respective areas. More than half of the papers belong to search theory which lies on the borderline of mathematics and computer science, information theory and combinatorics, respectively. The book will be useful to experienced researchers as well as young scientists and students both in mathematics and computer science.

Company network administrators are compelled today to aggressively pursue a robust network security regime. Network Security Policies and Procedures gives the reader a strong, multi-disciplinary understanding of how to pursue this goal.

This professional volume introduces the technical issues surrounding security as well as how security policies are formulated at the executive level and communicated throughout the organization. Readers will gain a better understanding of how their colleagues on "the other side of the fence" view an organization s security and will thus be better equipped to act in a way that forwards an organization s goals.

Network Security Policies and Procedures is intended for both technical and management professionals interested in learning how security manifests itself throughout all levels of an organization. This book is also suitable for advanced-level students in computer science and electrical engineering."

Since the advent of optical communications, a greattechnological effort has been devoted to the exploitation of the huge bandwidth of optical fibers. Sta- ing from a few Mb/s single channel systems, a fast and constant technological development has led to the actual 10 Gb/s per channel dense wavelength - vision multiplexing (DWDM) systems, with dozens of channels on a single fiber. Transmitters and receivers are now ready for 40 Gb/s, whereas hundreds of channels can be simultaneously amplified by optical amplifiers. Nevertheless, despite such a pace in technological progress, optical c- munications are still in a primitive stage if compared, for instance, to radio communications: the widely spread on-off keying (OOK) modulation format is equivalent to the rough amplitude modulation (AM) format, whereas the DWDM technique is nothing more than the optical version of the frequency - vision multiplexing (FDM) technique. Moreover, adaptive equalization, ch- nel coding or maximum likelihood detection are still considered something "exotic" in the optical world. This is mainly due to the favourable char- teristics of the fiber optic channel (large bandwidth, low attenuation, channel stability, ...), which so far allowed us to use very simple transmission and detection techniques.

Computer Security in the 21st Century shares some of the emerging important research trends reflected in recent advances in computer security, including: security protocol design, secure peer-to-peer and ad hoc networks, multimedia security, and intrusion detection, defense and measurement.

Highlights include presentations of:

- Fundamental new security

- Cryptographic protocols and design,

- A new way of measuring network vulnerability: attack surfaces,

- Network vulnerability and building impenetrable systems,

- Multimedia content protection including a new standard for photographic images, JPEG2000.

Researchers and computer security developers will find in this book interesting and useful insights into building computer systems that protect against computer worms, computer viruses, and other related concerns.

RFID Security: Techniques, Protocols and System-On-Chip Design is an edited book covering fundamentals, security theories and protocols, and hardware implementations for cryptography algorithms and security techniques in RFID. The volume is structured in three parts. Part 1 deals with RFID fundamentals, including system architectures and applications. Part 2 addresses RFID security protocols and techniques with a comprehensive collection of the recent state-of-art protocols and techniques to secure RFID avoiding all potential security forces and cracks. Finally, the book discusses hardware implementation of security algorithms. This section deals with the hardware implementations of cryptography algorithms and protocols dedicated to RFID platforms and chips.

This book constitutes the thoroughly refereed joint post proceedings of two international workshops, the 5th International Workshop on Data Privacy Management, DPM 2010, and the 3rd International Workshop on Autonomous and Spontaneous Security, SETOP 2010, collocated with the ESORICS 2010 symposium in Athens, Greece, in September 2010. The 9 revised full papers for DPM 2010 presented together with two keynote talks are accompanied by 7 revised full papers of SETOP 2010; all papers were carefully reviewed and selected for inclusion in the book. The DPM 2010 papers cover topics such as how to translate the high-level business goals into system-level privacy policies, administration of privacy-sensitive data, privacy data integration and engineering, privacy access control mechanisms, information-oriented security, and query execution on privacy-sensitive data for partial answers. The SETOP 2010 papers address several specific aspects of the previously cited topics, as for instance the autonomic administration of security policies, secure P2P storage, RFID authentication, anonymity in reputation systems, etc.

Additive noise is ubiquitous in acoustics environments and can affect the intelligibility and quality of speech signals. Therefore, a so-called noise reduction algorithm is required to mitigate the effect of the noise that is picked up by the microphones. This work proposes a general framework in the time domain for the single and multiple microphone cases, from which it is very convenient to derive, study, and analyze all kind of optimal noise reduction filters. Not only that all known algorithms can be deduced from this approach, shedding more light on how they function, but new ones can be discovered as well.

Nowadays it is hard to find an electronic device which does not use codes: for example, we listen to music via heavily encoded audio CD's and we watch movies via encoded DVD's. There is at least one area where the use of encoding/decoding is not so developed, yet: Flash non-volatile memories. Flash memory high-density, low power, cost effectiveness, and scalable design make it an ideal choice to fuel the explosion of multimedia products, like USB keys, MP3 players, digital cameras and solid-state disk.

In ECC for Non-Volatile Memories the authors expose the basics of coding theory needed to understand the application to memories, as well as the relevant design topics, with reference to both NOR and NAND Flash architectures. A collection of software routines is also included for better understanding.

The authors form a research group (now at Qimonda) which is the typical example of a fruitful collaboration between mathematicians and engineers.

Noisy data appear very naturally in applications where the authentication is based on physical identifiers. This book provides a self-contained overview of the techniques and applications of security based on noisy data. It provides a comprehensive overview of the theory of extracting cryptographic keys from noisy data, and describes applications in the field of biometrics, secure key storage, and anti-counterfeiting.

This book constitutes the thoroughly refereed proceedings of the 8th Theory of Cryptography Conference, TCC 2011, held in Providence, Rhode Island, USA, in March 2011. The 35 revised full papers are presented together with 2 invited talks and were carefully reviewed and selected from 108 submissions. The papers are organized in topical sections on hardness amplification, leakage resilience, tamper resilience, encryption, composable security, secure computation, privacy, coin tossing and pseudorandomness, black-box constructions and separations, and black box separations.

The 8th International Conference on Cryptology and Network Security (CANS 2009) was held at the Ishikawa Prefectural Museum of Art in Kanazawa, Japan, during December 12-14, 2009. The conference was jointly co-organized by the NationalInstituteofAdvancedIndustrialScienceandTechnology(AIST), Japan, and the Japan Advanced Institute of Science and Technology (JAIST). In ad- tion, the event was supported by the Special Interest Group on Computer Se- rity (CSEC), IPSJ, Japan, the Japan Technical Group on Information Security (ISEC), IEICE, the Japan Technical Committee on Information and Com- nication System Security(ICSS), IEICE, and the Society of Information Theory and its Applications (SITA), Japan, and co-sponsored by the National Ins- tute of Information and Communications Technology, Japan, ComWorth Co., LTD, Japan, Hitachi, Ltd., Hokuriku Telecommunication Network Co., Inc., and Internet Initiative Japan Inc. The conference received 109 submissions from 24 countries, out of which 32 were accepted for publication in these proceedings. At least three Program Committee (PC) members reviewed each submitted paper, while submissions co-authored by a PC member were submitted to the more stringent evaluation of ?ve PC members. In addition to the PC members, many external reviewers joinedthereviewprocessintheirparticularareasofexpertise. Wewerefortunate to have this energetic team of experts, and are deeply grateful to all of them for their hard work, which included a very active discussion phase-almost as long as the initial individual reviewing period. The paper submission, review and discussion processes were e?ectively and e?ciently made possible by the Web-based system iChair.

In 1974, the British government admitted that its WWII secret intelligence organization had read Germany's ciphers on a massive scale. The intelligence from these decrypts influenced the Atlantic, the Eastern Front and Normandy. Why did the Germans never realize the Allies had so thoroughly penetrated their communications? As German intelligence experts conducted numerous internal investigations that all certified their ciphers' security, the Allies continued to break more ciphers and plugged their own communication leaks. How were the Allies able to so thoroughly exploit Germany's secret messages? How did they keep their tremendous success a secret? What flaws in Germany's organization allowed this counterintelligence failure and how can today's organizations learn to avoid similar disasters? This book, the first comparative study of WWII SIGINT (Signals Intelligence), analyzes the characteristics that allowed the Allies SIGINT success and that fostered the German blindness to Enigma's compromise.

The 16th Workshop on Selected Areas in Cryptography (SAC 2009) was held at the University of Calgary,in Calgary, Alberta, Canada, during August 13-14, 2009. There were 74 participants from 19 countries. Previous workshops in this series were held at Queens University in Kingston (1994, 1996, 1998, 1999, and 2005), Carleton University in Ottawa (1995, 1997, and 2003), University of - terloo (2000 and 2004), Fields Institute in Toronto (2001), Memorial University of Newfoundland in St. Johns (2002), Concordia University in Montreal (2006), University of Ottawa (2007), and Mount Allison University in Sackville (2008). The themes for SAC 2009 were: 1. Design and analysis of symmetric key primitives and cryptosystems, incl- ing block and stream ciphers, hash functions, and MAC algorithms 2. E?cient implementations of symmetric and public key algorithms 3. Mathematical and algorithmic aspects of applied cryptology 4. Privacy enhancing cryptographic systems This included the traditional themes (the ?rst three) together with a special theme for 2009 workshop (fourth theme).

The Second Annual Workshop on Privacy and Security, organized by the Center for Interdisciplinary Studies in Information Privacy and Security of the School of C- munication and Information at Rutgers University, was held on May 12, 2008 at the Hyatt Regency, New Brunswick, New Jersey, USA. A few of the papers in this volume were produced through a multi-step process. First, we recorded the talk given by each author at the workshop in May 2008. Next, we transcribed the recording. The authors then produced a draft of their paper from these transcriptions, refining each draft until the final version. Although the papers are not verbatim transcriptions of the talks given, some do retain the informal and conv- sational quality of the presentations. In one instance we have included some material from the question-and-answer period after the talk, since the material covered proved to be relevant and interesting. The majority of authors, however, preferred to include a more formal paper based on the material presented at the workshop.

As intelligent autonomous agents and multiagent system applications become more pervasive, it becomes increasingly important to understand the risks associated with using these systems. Incorrect or inappropriate agent behavior can have harmful - fects, including financial cost, loss of data, and injury to humans or systems. For - ample, NASA has proposed missions where multiagent systems, working in space or on other planets, will need to do their own reasoning about safety issues that concern not only themselves but also that of their mission. Likewise, industry is interested in agent systems that can search for new supply opportunities and engage in (semi-) automated negotiations over new supply contracts. These systems should be able to securely negotiate such arrangements and decide which credentials can be requested and which credentials may be disclosed. Such systems may encounter environments that are only partially understood and where they must learn for themselves which aspects of their environment are safe and which are dangerous. Thus, security and safety are two central issues when developing and deploying such systems. We refer to a multiagent system's security as the ability of the system to deal with threats that are intentionally caused by other intelligent agents and/or s- tems, and the system's safety as its ability to deal with any other threats to its goals.

th It is our great pleasure to present in this volume the proceedings of the 7 Inter- tional Workshop on Digital Watermarking (IWDW) which was held in Busan, Korea, during November 10-12, 2008. The workshop was hosted by the by Korea Institute of Information Security and Cryptology (KIISC) and sponsored by MarkAny, BK21 CIST (Korea University), ETRI. Since its birth in the early 1990s, digital watermarking has become a mature e- bling technology for solving security problems associated with multimedia distri- tion schemes. Digital watermarks are now used in applications like broadcast mo- toring, movie fingerprinting, digital rights management, and document authentication, to name but a few. Still, many research challenges remain open, among them security and robustness issues, reversibility, and authentication. Continuing the tradition of previous workshops, IWDW 2008 also featured besides papers dealing with digital watermarking contributions from other related fields, such as steganography, ste- nalysis, and digital forensics. The selection of the program was a challenging task. From more than 62 subm- sions (received from authors in 15 different countries) the Program Committee - lected 36 as regular papers. At this point we would like to thank all the authors who submitted their latest research results to IWDW 2008 and all members of the Program Committee who put significant effort into the review process, assuring a balanced program. In addition to the contributed papers, the workshop featured three invited lectures delivered by Y. Q. Shi, C. -C."

This book constitutes the thoroughly refereed post-conference proceedings of the Second International Conference on Information Theoretic Security, ICITS 2007, held in Madrid, Spain, in May 2007.

The 13 revised full papers presented in this volume were carefully reviewed and selected from 26 submissions. There were one invited keynote speech and 3 invited talks to the conference. The topics covered are authentication, group cryptography, private and reliable message transmission, secret sharing, and applications of information theory.

On behalf of the Program Committee, it is our pleasure to present the p- ceedings of the 12th International Symposium on Recent Advances in Intrusion Detection systems (RAID 2009),which took place in Saint-Malo,France, during September 23-25. As in the past, the symposium brought together leading - searchers and practitioners from academia, government, and industry to discuss intrusion detection research and practice. There were six main sessions prese- ingfullresearchpapersonanomalyandspeci?cation-basedapproaches,malware detection and prevention, network and host intrusion detection and prevention, intrusion detection for mobile devices, and high-performance intrusion det- tion. Furthermore, there was a poster session on emerging research areas and case studies. The RAID 2009ProgramCommittee received59 full paper submissionsfrom all over the world. All submissions were carefully reviewed by independent - viewers on the basis of space, topic, technical assessment, and overall balance. The ?nal selection took place at the Program Committee meeting on May 21 in Oakland, California. In all, 17 papers were selected for presentation and p- lication in the conference proceedings. As a continued feature, the symposium accepted submissions for poster presentations which have been published as - tended abstracts, reporting early-stage research, demonstration of applications, or case studies. Thirty posters were submitted for a numerical review by an independent, three-person sub-committee of the Program Committee based on novelty, description, and evaluation. The sub-committee recommended the - ceptance of 16 of these posters for presentation and publication. The success of RAID 2009 depended on the joint e?ort of many people.

This book constitutes the refereed proceedings of the 12th International Conference on Information Security Conference, ISC 2009, held in Pisa, Italy, September 7-9, 2009.

The 29 revised full papers and 9 revised short papers presented were carefully reviewed and selected from 105 submissions. The papers are organized in topical sections on analysis techniques, hash functions, database security and biometrics, algebraic attacks and proxy re-encryption, distributed system security, identity management and authentication, applied cryptography, access control, MAC and nonces, and P2P and Web services.

These proceedings contain the papers presented at VoteID 2009, the Second - ternationalConferenceonE-votingandIdentity.TheconferencewasheldinL- embourgduring September 7-8,2009, hostedbythe Universityof Luxembourg. VoteID 2009 built on the success of the 2007 edition held in Bochum. Events have moved on dramatically in the intervening two years: at the time of writing, people are in the streets of Tehran protesting against the claimed outcome of the June12thpresidentialelectionin Iran.Banners bearingthe words"Whereis my vote?" bear testimony to the strength of feeling and the need for elections to be trusted. These events show that the search for high-assurance voting is not a purely academic pursuit but one of very real importance. We hope that VoteID 2009 will help contribute to our understanding of the foundations of democracy. TheProgramCommitteeselected11papersforpresentationattheconference out of a total of 24 submissions. Each submission was reviewed by at least four Program Committee members. The EasyChair conference management system proved instrumental in the reviewing process as well as in the preparation of these proceedings. The selected papers cover a wide range of aspects of voting: proposals for high-assurancevotingsystems, evaluationofexistingsystems, assessmentofp- lic response to electronic voting and legal aspects. The program also included a keynote by Mark Ryan.

The NordSec workshops were started in 1996 with the aim of bringing together - searchers and practitioners within computer security in the Nordic countries - thereby establishing a forum for discussions and co-operation between universities, industry and computer societies. Since then, the workshop has developed into a fully fledged inter- tional information security conference, held in the Nordic countries on a round robin basis. The 14th Nordic Conference on Secure IT Systems was held in Oslo on 14-16 October 2009. Under the theme Identity and Privacy in the Internet Age, this year's conference explored policies, strategies and technologies for protecting identities and the growing flow of personal information passing through the Internet and mobile n- works under an increasingly serious threat picture. Among the contemporary security issues discussed were security services modeling, Petri nets, attack graphs, electronic voting schemes, anonymous payment schemes, mobile ID-protocols, SIM cards, n- work embedded systems, trust, wireless sensor networks, privacy, privacy disclosure regulations, financial cryptography, PIN verification, temporal access control, random number generators, and some more. As a pre-cursor to the conference proper, the Nordic Security Day on Wednesday 14 October hosted talks by leading representatives from industry, academia and the g- ernment sector, and a press conference was given.

Privacy, Security and Trust within the Context of Pervasive Computing is an edited volume based on a post workshop at the second international conference on Pervasive Computing. The workshop was held April18-23, 2004, in Vienna, Austria.

The goal of the workshop was not to focus on specific, even novel mechanisms, but rather on the interfaces between mechanisms in different technical and social problem spaces. An investigation of the interfaces between the notions of context, privacy, security, and trust will result in a deeper understanding of the "atomic" problems, leading to a more complete understanding of the social and technical issues in pervasive computing.

Introduction The goal of this book is to introduce XML to a bioinformatics audience. It does so by introducing the fundamentals of XML, Document Type De?nitions (DTDs), XML Namespaces, XML Schema, and XML parsing, and illustrating these concepts with speci?c bioinformatics case studies. The book does not assume any previous knowledge of XML and is geared toward those who want a solid introduction to fundamental XML concepts. The book is divided into nine chapters: Chapter 1: Introduction to XML for Bioinformatics. This chapter provides an introduction to XML and describes the use of XML in biological data exchange. A bird's-eye view of our ?rst case study, the Distributed Annotation System (DAS), is provided and we examine a sample DAS XML document. The chapter concludes with a discussion of the pros and cons of using XML in bioinformatic applications. Chapter 2: Fundamentals of XML and BSML. This chapter introduces the fundamental concepts of XML and the Bioinformatic Sequence Markup Language (BSML). We explore the origins of XML, de?ne basic rules for XML document structure, and introduce XML Na- spaces. We also explore several sample BSML documents and visualize these documents in the TM Rescentris Genomic Workspace Viewer.

Reflects recent developments in its emphasis on randomized and approximation algorithms and communication models

All topics are considered from an algorithmic point of view stressing the implications for algorithm design

FastSoftwareEncryption2009wasthe16thin a seriesofworkshopsonsymm- ric key cryptography. Starting from 2002, it is sponsored by the International Association for Cryptologic Research (IACR). FSE 2009 was held in Leuven, Belgium, after previous venues held in Cambridge, UK (1993, 1996), Leuven, Belgium (1994, 2002), Haifa, Israel (1997), Paris, France (1998, 2005), Rome, Italy (1999), New York, USA (2000), Yokohama, Japan (2001), Lund, Sweden (2003), New Delhi, India (2004), Graz, Austria (2006), Luxembourg, Lux- bourg (2007), and Lausanne, Switzerland (2008). The workshop's main topic is symmetric key cryptography, including the designoffast andsecuresymmetrickeyprimitives,suchas block ciphers,stream ciphers, hash functions, message authentication codes, modes of operation and iteration, as well as the theoretical foundations of these primitives. This year, 76 papers were submitted to FSE including a large portion of papers on hash functions, following the NIST SHA-3 competition, whose wo- shop was held just after FSE in the same location. From the 76 papers, 24 were accepted for presentation. It is my pleasure to thank all the authors of all s- missions for the high-quality research, which is the base for the scienti?c value of the workshop. The review process was thorough (each submission received the attention of at least three reviewers), and at the end, besides the accepted papers, the Committee decided that the merits of the paper "Blockcipher-Based Hashing Revisited" entitled the authors to receive the best paper award. I wish to thank all Committee members and the referees for their hard and dedicated work.