User passwords are the keys to the network kingdom, yet most users choose overly simplistic passwords (like password) that anyone could guess, while system administrators demand impossible to remember passwords littered with obscure characters and random numerals.
Every computer user must face the problems of password security. According to a recent British study, passwords are usually obvious: around 50 percent of computer users select passwords based on names of a family member, spouse, partner, or a pet. Many users face the problem of selecting strong passwords that meet corporate security requirements. Too often, systems reject user-selected passwords because they are not long enough or otherwise do not meet complexity requirements. This book teaches users how to select passwords that always meet complexity requirements.
A typical computer user must remember dozens of passwords and they are told to make them all unique and never write them down. For most users, the solution is easy passwords that follow simple patterns. This book teaches users how to select strong passwords they can easily remember.
* Examines the password problem from the perspective of the administrator trying to secure their network
* Author Mark Burnett has accumulated and analyzed over 1,000,000 user passwords and through his research has discovered what works, what doesn't work, and how many people probably have dogs named Spot
* Throughout the book, Burnett sprinkles interesting and humorous password ranging from the Top 20 dog names to the number of references to the King James Bible in passwords

Lattices are geometric objects that can be pictorially described as the set of intersection points of an infinite, regular n-dimensional grid. De spite their apparent simplicity, lattices hide a rich combinatorial struc ture, which has attracted the attention of great mathematicians over the last two centuries. Not surprisingly, lattices have found numerous ap plications in mathematics and computer science, ranging from number theory and Diophantine approximation, to combinatorial optimization and cryptography. The study of lattices, specifically from a computational point of view, was marked by two major breakthroughs: the development of the LLL lattice reduction algorithm by Lenstra, Lenstra and Lovasz in the early 80's, and Ajtai's discovery of a connection between the worst-case and average-case hardness of certain lattice problems in the late 90's. The LLL algorithm, despite the relatively poor quality of the solution it gives in the worst case, allowed to devise polynomial time solutions to many classical problems in computer science. These include, solving integer programs in a fixed number of variables, factoring polynomials over the rationals, breaking knapsack based cryptosystems, and finding solutions to many other Diophantine and cryptanalysis problems."

In System-on-Chip Architectures and Implementations for Private-Key Data Encryption, new generic silicon architectures for the DES and Rijndael symmetric key encryption algorithms are presented. The generic architectures can be utilised to rapidly and effortlessly generate system-on-chip cores, which support numerous application requirements, most importantly, different modes of operation and encryption and decryption capabilities. In addition, efficient silicon SHA-1, SHA-2 and HMAC hash algorithm architectures are described. A single-chip Internet Protocol Security (IPSec) architecture is also presented that comprises a generic Rijndael design and a highly efficient HMAC-SHA-1 implementation.

In the opinion of the authors, highly efficient hardware implementations of cryptographic algorithms are provided in this book. However, these are not hard-fast solutions. The aim of the book is to provide an excellent guide to the design and development process involved in the translation from encryption algorithm to silicon chip implementation.

Today's information technology and security networks demand increasingly complex algorithms and cryptographic systems. Individuals implementing security policies for their companies must utilize technical skill and information technology knowledge to implement these security mechanisms. Cryptography & Security Devices: Mechanisms & Applications addresses cryptography from the perspective of the security services and mechanisms available to implement these services: discussing issues such as e-mail security, public-key architecture, virtual private networks, Web services security, wireless security, and the confidentiality and integrity of security services. This book provides scholars and practitioners in the field of information assurance working knowledge of fundamental encryption algorithms and systems supported in information technology and secure communication networks.

Since the early eighties IFIP/Sec has been an important rendezvous for Information Technology researchers and specialists involved in all aspects of IT security. The explosive growth of the Web is now faced with the formidable challenge of providing trusted information. IFIP/Sec'01 is the first of this decade (and century) and it will be devoted to "Trusted Information - the New Decade Challenge" This proceedings are divided in eleven parts related to the conference program. Session are dedicated to technologies: Security Protocols, Smart Card, Network Security and Intrusion Detection, Trusted Platforms. Others sessions are devoted to application like eSociety, TTP Management and PKI, Secure Workflow Environment, Secure Group Communications, and on the deployment of applications: Risk Management, Security Policies andTrusted System Design and Management. The year 2001 is a double anniversary. First, fifteen years ago, the first IFIP/Sec was held in France (IFIP/Sec'86, Monte-Carlo) and 2001 is also the anniversary of smart card technology. Smart cards emerged some twenty years ago as an innovation and have now become pervasive information devices used for highly distributed secure applications. These cards let millions of people carry a highly secure device that can represent them on a variety of networks. To conclude, we hope that the rich "menu" of conference papers for this IFIP/Sec conference will provide valuable insights and encourage specialists to pursue their work in trusted information.

In our world of ever-increasing Internet connectivity, there is an on-going threat of intrusion, denial of service attacks, or countless other abuses of computer and network resources. In particular, these threats continue to persist due to the flaws of current commercial intrusion detection systems (IDSs). Intrusion Detection Systems is an edited volume by world class leaders in this field. This edited volume sheds new light on defense alert systems against computer and network intrusions. It also covers integrating intrusion alerts within security policy framework for intrusion response, related case studies and much more. This volume is presented in an easy-to-follow style while including a rigorous treatment of the issues, solutions, and technologies tied to the field. Intrusion Detection Systems is designed for a professional audience composed of researchers and practitioners within the computer network and information security industry. It is also suitable as a reference or secondary textbook for advanced-level students in computer science.

Since their invention in the late seventies, public key cryptosystems have become an indispensable asset in establishing private and secure electronic communication, and this need, given the tremendous growth of the Internet, is likely to continue growing. Elliptic curve cryptosystems represent the state of the art for such systems. Elliptic Curves and Their Applications to Cryptography: An Introduction provides a comprehensive and self-contained introduction to elliptic curves and how they are employed to secure public key cryptosystems. Even though the elegant mathematical theory underlying cryptosystems is considerably more involved than for other systems, this text requires the reader to have only an elementary knowledge of basic algebra. The text nevertheless leads to problems at the forefront of current research, featuring chapters on point counting algorithms and security issues. The Adopted unifying approach treats with equal care elliptic curves over fields of even characteristic, which are especially suited for hardware implementations, and curves over fields of odd characteristic, which have traditionally received more attention. Elliptic Curves and Their Applications: An Introduction has been used successfully for teaching advanced undergraduate courses. It will be of greatest interest to mathematicians, computer scientists, and engineers who are curious about elliptic curve cryptography in practice, without losing the beauty of the underlying mathematics.

Security Education and Critical Infrastructures presents the most recent developments in research and practice on teaching information security, and covers topics including:

-Curriculum design;
-Laboratory systems and exercises;
-Security education program assessment;
-Distance learning and web-based teaching of security;
-Teaching computer forensics;
-Laboratory-based system defense games;
-Security education tools;
-Education in security policies, management and system certification;
-Case studies.

The International Federation for Information Processing (IFIP) series publishes state-of-the-art results in the sciences and technologies of information and communication. The IFIP series encourages education and the dissemination and exchange of information on all aspects of computing. This particular volume presents the most up-to-date research findings from leading experts from around the world on information security education.

Database Recovery presents an in-depth discussion on all aspects of database recovery. Firstly, it introduces the topic informally to set the intuitive understanding, and then presents a formal treatment of recovery mechanism. In the past, recovery has been treated merely as a mechanism which is implemented on an ad-hoc basis. This book elevates the recovery from a mechanism to a concept, and presents its essential properties. A book on recovery is incomplete if it does not present how recovery is practiced in commercial systems. This book, therefore, presents a detailed description of recovery mechanisms as implemented on Informix, OpenIngres, Oracle, and Sybase commercial database systems. Database Recovery is suitable as a textbook for a graduate-level course on database recovery, as a secondary text for a graduate-level course on database systems, and as a reference for researchers and practitioners in industry.

The current IT environment deals with novel, complex approaches such as information privacy, trust, digital forensics, management, and human aspects. This volume includes papers offering research contributions that focus both on access control in complex environments as well as other aspects of computer security and privacy.

Botnets have become the platform of choice for launching attacks and committing fraud on the Internet. A better understanding of Botnets will help to coordinate and develop new technologies to counter this serious security threat. Botnet Detection: Countering the Largest Security Threat consists of chapters contributed by world-class leaders in this field, from the June 2006 ARO workshop on Botnets. This edited volume represents the state-of-the-art in research on Botnets.

The book introduces new techniques which imply rigorous lower bounds on the complexity of some number theoretic and cryptographic problems. These methods and techniques are based on bounds of character sums and numbers of solutions of some polynomial equations over finite fields and residue rings. It also contains a number of open problems and proposals for further research. We obtain several lower bounds, exponential in terms of logp, on the de grees and orders of * polynomials; * algebraic functions; * Boolean functions; * linear recurring sequences; coinciding with values of the discrete logarithm modulo a prime p at suf ficiently many points (the number of points can be as small as pI/He). These functions are considered over the residue ring modulo p and over the residue ring modulo an arbitrary divisor d of p - 1. The case of d = 2 is of special interest since it corresponds to the representation of the right most bit of the discrete logarithm and defines whether the argument is a quadratic residue. We also obtain non-trivial upper bounds on the de gree, sensitivity and Fourier coefficients of Boolean functions on bits of x deciding whether x is a quadratic residue. These results are used to obtain lower bounds on the parallel arithmetic and Boolean complexity of computing the discrete logarithm. For example, we prove that any unbounded fan-in Boolean circuit. of sublogarithmic depth computing the discrete logarithm modulo p must be of superpolynomial size.

New technology is always evolving and companies must have appropriate security for their business to be able to keep up-to-date with the changes. With the rapid growth in internet and www facilities, database security will always be a key topic in business and in the public sector and has implications for the whole of society. Database Security Volume XII covers issues related to security and privacy of information in a wide range of applications, including: Electronic Commerce Informational Assurances Workflow Privacy Policy Modeling Mediation Information Warfare Defense Multilevel Security Role-based Access Controls Mobile Databases Inference Data Warehouses and Data Mining. This book contains papers and panel discussions from the Twelfth Annual Working Conference on Database Security, organized by the International Federation for Information Processing (IFIP) and held July 15-17, 1998 in Chalkidiki, Greece. Database Security Volume XII will prove invaluable reading for faculty and advanced students as well as for industrial researchers and practitioners working in the area of database security research and development.

Safety-critical systems are found in almost every sector of industry. Faults in these systems will result in a breach of safe operating conditions and exposure to the possible risk of major loss of life or catastrophic damage to plant, equipment or the environment. An understanding of the basis for the functioning of these systems is therefore vital to all involved in their operation. In particular, the interaction of the disciplines of software engineering, safety engineering, human factors and safety management is a total process whose entirety is not widely understood by those working in any of the individual fields. This book will redress that problem by providing an introduction to each constituent part with a cohesive structure and overview of the whole subject. It will be of interest to engineers, managers, students and anyone with responsibilities in these areas.

Security is the science and technology of secure communications and resource protection from security violation such as unauthorized access and modification. Putting proper security in place gives us many advantages. It lets us exchange confidential information and keep it confidential. We can be sure that a piece of information received has not been changed. Nobody can deny sending or receiving a piece of information. We can control which piece of information can be accessed, and by whom. We can know when a piece of information was accessed, and by whom. Networks and databases are guarded against unauthorized access. We have seen the rapid development of the Internet and also increasing security requirements in information networks, databases, systems, and other information resources. This comprehensive book responds to increasing security needs in the marketplace, and covers networking security and standards. There are three types of readers who are interested in security: non-technical readers, general technical readers who do not implement security, and technical readers who actually implement security. This book serves all three by providing a comprehensive explanation of fundamental issues of networking security, concept and principle of security standards, and a description of some emerging security technologies. The approach is to answer the following questions: 1. What are common security problems and how can we address them? 2. What are the algorithms, standards, and technologies that can solve common security problems? 3.

This book covers the basic statistical and analytical techniques of computer intrusion detection. It is aimed at both statisticians looking to become involved in the data analysis aspects of computer security and computer scientists looking to expand their toolbox of techniques for detecting intruders. The book is self-contained, assumng no expertise in either computer security or statistics. It begins with a description of the basics of TCP/IP, followed by chapters dealing with network traffic analysis, network monitoring for intrusion detection, host based intrusion detection, and computer viruses and other malicious code. Each section develops the necessary tools as needed. There is an extensive discussion of visualization as it relates to network data and intrusion detection. The book also contains a large bibliography covering the statistical, machine learning, and pattern recognition literature related to network monitoring and intrusion detection. David Marchette is a scientist at the Naval Surface Warfacre Center in Dalhgren, Virginia. He has worked at Navy labs for 15 years, doing research in pattern recognition, computational statistics, and image analysis. He has been a fellow by courtesy in the mathematical sciences department of the Johns Hopkins University since 2000. He has been working in conputer intrusion detection for several years, focusing on statistical methods for anomaly detection and visualization. Dr. Marchette received a Masters in Mathematics from the University of California, San Diego in 1982 and a Ph.D. in Computational Sciences and Informatics from George Mason University in 1996.

Security and privacy are paramount concerns in information processing systems, which are vital to business, government and military operations and, indeed, society itself. Meanwhile, the expansion of the Internet and its convergence with telecommunication networks are providing incredible connectivity, myriad applications and, of course, new threats.

Data and Applications Security XVII: Status and Prospects describes original research results, practical experiences and innovative ideas, all focused on maintaining security and privacy in information processing systems and applications that pervade cyberspace. The areas of coverage include:
-Information Warfare,
-Information Assurance,
-Security and Privacy,
-Authorization and Access Control in Distributed Systems,
-Security Technologies for the Internet,
-Access Control Models and Technologies,
-Digital Forensics.

This book is the seventeenth volume in the series produced by the International Federation for Information Processing (IFIP) Working Group 11.3 on Data and Applications Security. It presents a selection of twenty-six updated and edited papers from the Seventeenth Annual IFIP TC11 / WG11.3 Working Conference on Data and Applications Security held at Estes Park, Colorado, USA in August 2003, together with a report on the conference keynote speech and a summary of the conference panel. The contents demonstrate the richness and vitality of the discipline, and other directions for future research in data and applications security.

Data and Applications Security XVII: Status and Prospects is an invaluable resource for information assurance researchers, faculty members and graduate students, as well as for individuals engaged in research and development in the information technology sector.

Information security concerns the confidentiality, integrity, and availability of information processed by a computer system. With an emphasis on prevention, traditional information security research has focused little on the ability to survive successful attacks, which can seriously impair the integrity and availability of a system. Trusted Recovery And Defensive Information Warfare uses database trusted recovery, as an example, to illustrate the principles of trusted recovery in defensive information warfare. Traditional database recovery mechanisms do not address trusted recovery, except for complete rollbacks, which undo the work of benign transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. Database trusted recovery faces a set of unique challenges. In particular, trusted database recovery is complicated mainly by (a) the presence of benign transactions that depend, directly or indirectly on malicious transactions; and (b) the requirement by many mission-critical database applications that trusted recovery should be done on-the-fly without blocking the execution of new user transactions. Trusted Recovery And Defensive Information Warfare proposes a new model and a set of innovative algorithms for database trusted recovery. Both read-write dependency based and semantics based trusted recovery algorithms are proposed. Both static and dynamic database trusted recovery algorithms are proposed. These algorithms can typically save a lot of work by innocent users and can satisfy a variety of attack recovery requirements of real world database applications. Trusted Recovery And Defensive Information Warfare is suitable as a secondary text for a graduate level course in computer science, and as a reference for researchers and practitioners in information security.

Recently, IT has entered all important areas of society. Enterprises, individuals and civilisations all depend on functioning, safe and secure IT. Focus on IT security has previously been fractionalised, detailed and often linked to non-business applicaitons. The aim of this book is to address the current and future prospects of modern IT security, functionality in business, trade, industry, health care and government. The main topic areas covered include existing IT security tools and methodology for modern IT environments, laws, regulations and ethics in IT security environments, current and future prospects in technology, infrastructures, technique and methodology and IT security in retrospective.

The protection of sensitive information against unauthorized access or fraudulent changes has been of prime concern throughout the centuries. Modern communication techniques, using computers connected through networks, make all data even more vulnerable to these threats. In addition, new issues have surfaced that did not exist previously, e.g. adding a signature to an electronic document.Cryptology addresses the above issues - it is at the foundation of all information security. The techniques employed to this end have become increasingly mathematical in nature. Fundamentals of Cryptology serves as an introduction to modern cryptographic methods. After a brief survey of classical cryptosystems, it concentrates on three main areas. First, stream ciphers and block ciphers are discussed. These systems have extremely fast implementations, but sender and receiver must share a secret key. Second, the book presents public key cryptosystems, which make it possible to protect data without a prearranged key. Their security is based on intractable mathematical problems, such as the factorization of large numbers. The remaining chapters cover a variety of topics, including zero-knowledge proofs, secret sharing schemes and authentication codes. Two appendices explain all mathematical prerequisites in detail: one presents elementary number theory (Euclid's Algorithm, the Chinese Remainder Theorem, quadratic residues, inversion formulas, and continued fractions) and the other introduces finite fields and their algebraic structure.Fundamentals of Cryptology is an updated and improved version of An Introduction to Cryptology, originally published in 1988. Apart from a revision of the existing material, there are many new sections, and two new chapters on elliptic curves and authentication codes, respectively. In addition, the book is accompanied by a full text electronic version on CD-ROM as an interactive Mathematica manuscript.Fundamentals of Cryptology will be of interest to computer scientists, mathematicians, and researchers, students, and practitioners in the area of cryptography.

In the last few decades, the use of the Internet has grown tremendously, and the use of online communications has grown even more. The lack of security in private messages between individuals, however, allows hackers to collect loads of sensitive information. Modern security measures are required to prevent this attack on the world's communication technologies. Advanced Digital Image Steganography Using LSB, PVD, and EMD: Emerging Research and Opportunities provides evolving research exploring the theoretical and practical aspects of data encryption techniques and applications within computer science. The book provides introductory knowledge on steganography and its importance, detailed analysis of how RS and PDH are performed, discussion on pixel value differencing principles, and hybrid approaches using substitution, PVD, and EMD principles. It is ideally designed for researchers and graduate and under graduate students seeking current research on the security of data during transit.

In multimedia and communication environments all documents must be protected against attacks. The movie Forrest Gump showed how multimedia documents can be manipulated. The required security can be achieved by a number of different security measures. This book provides an overview of the current research in Multimedia and Communication Security. A broad variety of subjects are addressed including: network security; attacks; cryptographic techniques; healthcare and telemedicine; security infrastructures; payment systems; access control; models and policies; auditing and firewalls. This volume contains the selected proceedings of the joint conference on Communications and Multimedia Security; organized by the International Federation for Information processing and supported by the Austrian Computer Society, Gesellschaft fuer Informatik e.V. and TeleTrust Deutschland e.V. The conference took place in Essen, Germany, in September 1996