Negli ultimi decenni il rapido sviluppo delle tecnologie IT ha influito in maniera determinante nella vita dell uomo, trasformando, spesso inconsapevolmente il suo lavoro, le sue abitudini, il suo modo di interagire con il mondo che lo circonda. Il fenomeno della "globalizzazione" dei mercati e solo una delle trasformazioni che l intero pianeta sta attraversando. Anche se i vantaggi derivanti dall utilizzo delle moderne tecnologie di comunicazione ci facilitano nel lavoro e nella attivita ludiche e personali, molte sono le perplessita e i dubbi che attanagliano tutti coloro che le utilizzano. Se l Information Technology rappresenta il "combustibile" indispensabile per la sopravvivenza delle aziende e delle attivita dell uomo, nel contempo puo generare problematicita di grande rilievo. Il testo tratta alcune delle problematiche che destano preoccupazioni rilevanti nel mondo intero come il consumo energetico dei sistemi informatici (incontrollabili e inquinanti), il problema della garanzia della privacy e dell integrita dei dati su Internet, l utilizzo della rete Internet come strumento di controllo delle masse, la possibile sparizione degli attuali sistemi operativi che potranno essere sostituiti dal sistema operativo Web Operating System.

This book constitutes the proceedings of the 3rd International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2014, held in Florianopolis, Brazil, in September 2014. The 19 papers presented together with four invited talks were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on cryptographic engineering, side-channel attacks and countermeasures, privacy, crypto analysis and cryptographic protocols.

This book constitutes the thoroughly refereed post-conference proceedings of the 10th International Conference on Information Security and Cryptology, Inscrypt 2014, held in Beijing, China, in December 2014. The 29 revised full papers presented were carefully reviewed and selected from 93 submissions. The papers are organized in topical sections on privacy and anonymity, multiparty and outsource computation, signature and security protocols, lattice and public key cryptography, block cipher and hash function, authentication and encryption, elliptic curve, and cryptographic primitive and application.

This book constitutes the thoroughly refereed post-conference proceedings of the 17th International Conference on Information Security and Cryptology, ICISC 2014, held in Seoul, South Korea in December 2014. The 27 revised full papers presented were carefully selected from 91 submissions during two rounds of reviewing. The papers provide the latest results in research, development and applications in the field of information security and cryptology. They are organized in topical sections on RSA security, digital signature, public key cryptography, block ciphers, network security, mobile security, hash functions, information hiding and efficiency, cryptographic protocol, and side-channel attacks.

SECURITY TECHNOLOGIES AND SOCIAL IMPLICATIONS Explains how the latest technologies can advance policing and security, identify threats, and defend citizens from crime and terrorism Security Technologies and Social Implications focuses on the development and application of new technologies that police and homeland security officers can leverage as a tool for both predictive and intelligence-led investigations. The book recommends the best practices for incorporation of these technologies into day-to-day activities by law enforcement agencies and counter-terrorism units. Practically, it addresses legal, technological, and organizational challenges (e.g. resource limitation and privacy concerns) combined with challenges related to the adoption of innovative technologies. In contrast to classic tools, modern policing and security requires the development and implementation of new technologies using AI, machine learning, social media tracking, drones, robots, GIS, computer vision, and more. As crime (and cybercrime in particular) becomes more and more sophisticated, security requires a complex mix of social measures, including prevention, detection, investigation, and prosecution. Key topics related to these developments and their implementations covered in Security Technologies and Social Implications include: New security technologies and how these technologies can be implemented in practice, plus associated social, ethical or policy issues Expertise and commentary from individuals developing and testing new technologies and individuals using the technologies within their everyday roles The latest advancements in commercial and professional law enforcement technologies and platforms Commentary on how technologies can advance humanity by making policing and security more efficient and keeping citizens safe Security Technologies and Social Implications serves as a comprehensive resource for defense personnel and law enforcement staff, practical security engineers, and trainee staff in security and police colleges to understand the latest security technologies, with a critical look at their uses and limitations regarding potential ethical, regulatory, or legal issues.

'The best book on codebreaking I have read', SIR DERMOT TURING 'Brings back the joy I felt when I first read about these things as a kid', PHIL ZIMMERMANN 'This is at last the single book on codebreaking that you must have. If you are not yet addicted to cryptography, this book will get you addicted. Read, enjoy, and test yourself on history's great still-unbroken messages!' JARED DIAMOND is the Pulitzer Prize-winning author of Guns, Germs, and Steel; Collapse; and other international bestsellers 'This is THE book about codebreaking. Very concise, very inclusive and easy to read', ED SCHEIDT 'Riveting', MIKE GODWIN 'Approachable and compelling', GLEN MIRANKER This practical guide to breaking codes and solving cryptograms by two world experts, Elonka Dunin and Klaus Schmeh, describes the most common encryption techniques along with methods to detect and break them. It fills a gap left by outdated or very basic-level books. This guide also covers many unsolved messages. The Zodiac Killer sent four encrypted messages to the police. One was solved; the other three were not. Beatrix Potter's diary and the Voynich Manuscript were both encrypted - to date, only one of the two has been deciphered. The breaking of the so-called Zimmerman Telegram during the First World War changed the course of history. Several encrypted wartime military messages remain unsolved to this day. Tens of thousands of other encrypted messages, ranging from simple notes created by children to encrypted postcards and diaries in people's attics, are known to exist. Breaking these cryptograms fascinates people all over the world, and often gives people insight into the lives of their ancestors. Geocachers, computer gamers and puzzle fans also require codebreaking skills. This is a book both for the growing number of enthusiasts obsessed with real-world mysteries, and also fans of more challenging puzzle books. Many people are obsessed with trying to solve famous crypto mysteries, including members of the Kryptos community (led by Elonka Dunin) trying to solve a decades-old cryptogram on a sculpture at the centre of CIA Headquarters; readers of the novels of Dan Brown as well as Elonka Dunin's The Mammoth Book of Secret Code Puzzles (UK)/The Mammoth Book of Secret Codes and Cryptograms (US); historians who regularly encounter encrypted documents; perplexed family members who discover an encrypted postcard or diary in an ancestor's effects; law-enforcement agents who are confronted by encrypted messages, which also happens more often than might be supposed; members of the American Cryptogram Association (ACA); geocachers (many caches involve a crypto puzzle); puzzle fans; and computer gamers (many games feature encryption puzzles). The book's focus is very much on breaking pencil-and-paper, or manual, encryption methods. Its focus is also largely on historical encryption. Although manual encryption has lost much of its importance due to computer technology, many people are still interested in deciphering messages of this kind.

Die Kryptologie, eine jahrtausendealte "Geheimwissenschaft," gewinnt zusehends praktische Bedeutung in Verbindung mit dem Schutz von Kommunikationswegen, Datenbanken und Software. Neben ihrer Nutzung in rechnergestutzten offentlichen Nachrichtensystemen ("offentliche Schlussel") treten zusehends rechnerinterne Anwendungen, die sich auch auf Zugriffsberechtigungen und den Quellenschutz von Software erstrecken.
Der erste Teil des Buches handelt in elf Kapiteln von den Geheimschriften und ihrem Gebrauch - von der Kryptographie. Im zweiten Teil wird in elf weiteren Kapiteln das Vorgehen zum unbefugten Entziffern einer Geheimschrift - die Kryptanalyse - besprochen, wobei sich insbesondere Hinweise fur die Verfahrensbeurteilung ergeben.
Das Buch setzt nur elementare mathematische Kenntnisse voraus. Mit einer Fulle spannender, lustiger und bisweilen anzuglicher Geschichten aus der historischen Kryptologie gewurzt, ist es auch fur den Laien reizvoll zu lesen."

Would your company be prepared in the event of:
* Computer-driven espionage
* A devastating virus attack
* A hacker's unauthorized access
* A breach of data security?
As the sophistication of computer technology has grown, so has the rate of computer-related criminal activity. Subsequently, American corporations now lose billions of dollars a year to hacking, identity theft, and other computer attacks. More than ever, businesses and professionals responsible for the critical data of countless customers and employees need to anticipate and safeguard against computer intruders and attacks.
The first book to successfully speak to the nontechnical professional in the fields of business and law on the topic of computer crime, Computer Forensics: An Essential Guide for Accountants, Lawyers, and Managers provides valuable advice on the hidden difficulties that can blindside companies and result in damaging costs.
Written by industry expert Michael Sheetz, this important book provides readers with an honest look at the computer crimes that can annoy, interrupt--and devastate--a business. Readers are equipped not only with a solid understanding of how computers facilitate fraud and financial crime, but also how computers can be used to investigate, prosecute, and prevent these crimes.
If you want to know how to protect your company from computer crimes but have a limited technical background, this book is for you. Get Computer Forensics: An Essential Guide for Accountants, Lawyers, and Managers and get prepared.

Know-how zur Abwehr von Hacker-Angriffen
Mehr Sicherheit fur Netze, Systeme und Anwendungen
Praxis-Leitfaden mit konzeptionellem Ansatz
Anschaulich durch zeitlose Beispiele

Ein Wettbewerb der Hacker? Wer knackt am schnellsten das Sicherheitssystem?
Die andere Seite - die Sicherheitsexperten - mussen in der Lage sein, Rechnernetze, Systeme und Anwendungen aus der Sicht eines Angreifers zu verstehen, um Sicherheitslucken erkennen und effizient schliessen zu konnen. Dabei unterstutzt sie das Buch.
Das Thema Sicherheit wird hier pragmatisch betrachtet. Die Sicherheit einer Komponente hangt meist direkt von einer oder mehreren anderen Komponenten ab, wobei diese Abhangigkeiten komplex und schwer erfassbar sind.
Auf Basis der Erfahrungen, die im Rahmen des "Hacker Contest" gesammelt wurden, vermittelt das Buch praxisnah die Grundsatze des Hackens bzw. Crackens und prinzipieller Angriffskonzepte.
Die Autoren sind kontiunierlich an der Konzeption und Durchfuhrung des Hacker Contest beteiligt. Sie haben bereits im Informatik-Spektrum einen Artikel zum Thema veroffentlich, der auf grosse Resonanz stiess."

There is no such thing as "perfect security" when it comes to keeping all systems intact and functioning properly. Good penetration (pen) testing creates a balance that allows a system to be secure while simultaneously being fully functional. With this book, you'll learn how to become an effective penetrator (i.e., a white hat or ethical hacker) in order to circumvent the security features of a Web application so that those features can be accurately evaluated and adequate security precautions can be put in place.
After a review of the basics of web applications, you'll be introduced to web application hacking concepts and techniques such as vulnerability analysis, attack simulation, results analysis, manuals, source code, and circuit diagrams. These web application hacking concepts and techniques will prove useful information for ultimately securing the resources that need your protection.
What you will learn from this book
* Surveillance techniques that an attacker uses when targeting a system for a strike
* Various types of issues that exist within the modern day web application space
* How to audit web services in order to assess areas of risk and exposure
* How to analyze your results and translate them into documentation that is useful for remediation
* Techniques for pen-testing trials to practice before a live project
Who this book is for
This book is for programmers, developers, and information security professionals who want to become familiar with web application security and how to audit it.
Wrox Professional guides are planned and written by working programmers to meet the real-world needs of programmers, developers, and IT professionals. Focused and relevant, they address the issues technology professionals face every day. They provide examples, practical solutions, and expert education in new technologies, all designed to help programmers do a better job.

Die Herausforderungen des Data Warehousing liegen langst jenseits von Grundkonzeption und Architektur, die weitestgehend gefestigt sind. Ein ganzheitliches proaktives Datenqualitatsmanagement und integriertes Metadatenmanagement sind fur ein effektives Data-Warehouse-System heute ebenso elementare Voraussetzung wie Datenschutz und Datensicherheit, die im Data-Warehouse-Umfeld neue Bedeutung erlangt haben. Zahlreiche Uberschneidungen und daher Synergiepotenziale bestehen mit Customer Relationship Management, Enterprise Application Integration und Knowledge Management.

Die Autoren zeigen zu diesem Zweck fundierte Konzepte und praktikable Losungen auf, die speziell im zweiten Teil anhand realer Umsetzungen mit bedeutenden europaischen Unternehmen (UBS, Credit Suisse, Swiss Re u. a.) verdeutlicht werden. "

This textbook is a concise introduction to the basic toolbox of structures that allow efficient organization and retrieval of data, key algorithms for problems on graphs, and generic techniques for modeling, understanding, and solving algorithmic problems. The authors aim for a balance between simplicity and efficiency, between theory and practice, and between classical results and the forefront of research. Individual chapters cover arrays and linked lists, hash tables and associative arrays, sorting and selection, priority queues, sorted sequences, graph representation, graph traversal, shortest paths, minimum spanning trees, optimization, collective communication and computation, and load balancing. The authors also discuss important issues such as algorithm engineering, memory hierarchies, algorithm libraries, and certifying algorithms. Moving beyond the sequential algorithms and data structures of the earlier related title, this book takes into account the paradigm shift towards the parallel processing required to solve modern performance-critical applications and how this impacts on the teaching of algorithms. The book is suitable for undergraduate and graduate students and professionals familiar with programming and basic mathematical language. Most chapters have the same basic structure: the authors discuss a problem as it occurs in a real-life situation, they illustrate the most important applications, and then they introduce simple solutions as informally as possible and as formally as necessary so the reader really understands the issues at hand. As they move to more advanced and optional issues, their approach gradually leads to a more mathematical treatment, including theorems and proofs. The book includes many examples, pictures, informal explanations, and exercises, and the implementation notes introduce clean, efficient implementations in languages such as C++ and Java.

A cryptographic security architecture is the collection of hardware and software that protects and controls the use of encryption keys and similar cryptovariables. It is the foundation for enforcing computer security policies and controls and preempting system misuse.

This book provides a comprehensive design for a portable, flexible high-security cryptographic architecture, with particular emphasis on incorporating rigorous security models and practices. "Cryptographic Security Architecture" unveils an alternative means of building a trustworthy system based on concepts from established software engineering principles and cognitive psychology. Its novel security-kernel design implements a reference monitor that controls access to security-relevant objects and attributes based on a configurable security policy.

Topics and features:

* Builds a concise architectural design that can be easily extended in the future

* Develops an application-specific security kernel that enforces a fully customizable, rule-based security policy

* Presents a new verification technique that allows verification from the high-level specification down to the running code

* Describes effective security assurance in random number generation, and the pitfalls associated therewith

* Examines the generation and protection of cryptovariables, as well as application of the architectural design to cryptographic hardware

The work provides an in-depth presentation of a flexible, platform-independent cryptographic security architecture suited to software, hardware, and hybrid implementations. Security design practitioners, professionals, researchers, and advanced students will find the work an essential resource.

Public key cryptography is a major interdisciplinary subject with many real-world applications, such as digital signatures. A strong background in the mathematics underlying public key cryptography is essential for a deep understanding of the subject, and this book provides exactly that for students and researchers in mathematics, computer science and electrical engineering. Carefully written to communicate the major ideas and techniques of public key cryptography to a wide readership, this text is enlivened throughout with historical remarks and insightful perspectives on the development of the subject. Numerous examples, proofs and exercises make it suitable as a textbook for an advanced course, as well as for self-study. For more experienced researchers it serves as a convenient reference for many important topics: the Pollard algorithms, Maurer reduction, isogenies, algebraic tori, hyperelliptic curves and many more.

Cryptography is an area that traditionally focused on secure communication, authentication and integrity. In recent times though, there is a wealth of novel fine-tuned cryptographic techniques that sprung up as cryptographers focused on the specialised problems that arise in digital content distribution. These include fingerprinting codes, traitor tracing, broadcast encryption and others. This book is an introduction to this new generation of cryptographic mechanisms as well as an attempt to provide a cohesive presentation of these techniques.

"Encryption for Digital Content" details the subset cover framework (currently used in the AACS encryption of Blu-Ray disks), fingerprinting codes, traitor tracing schemes as well as related security models and attacks. It provides an extensive treatment of the complexity of the revocation problem for multi-receiver (subscriber) encryption mechanisms, as well as the complexity of the traceability problem. Pirate evolution type of attacks are covered in depth. This volume also illustrates the manner that attacks affect parameter selection, and how this impacts implementations. The authors gratefully acknowledge the support of the National Science Foundation under Grant No. 0447808.

"

Ubiquitous computing (ubicomp) is about networked microprocessors embedded in everyday objects: not just cellphones and home appliances but also books, bookshelves, bus stops and bathtubs. This future is closer than you might imagine.

The insecurity of networked PCs is notorious. If we deployed ubicomp systems as vulnerable as PCs, the risks for society would be catastrophic. How can we do better, and what are the new problems? In a very accessible style, this book provides a coherent framework to make sense of the many issues at stake.

Features include:

• An introduction to the state of the art in ubicomp research.
• A readable primer on security and cryptology.
• An up-to-date technical treatment of ubicomp security, including a sceptical look at Bluetooth and 802.11.
• "Peer-to-peer" and ad-hoc networking.
• An in-depth discussion of specific, cutting-edge solutions.
• An extensively annotated bibliography.

Kryptografie hat sich in jungster Zeit als eine Wissenschaft gezeigt, bei der mathematische Methoden mit besonderem Erfolg eingesetzt werden konnen. Das Buch stellt die gesamte Kryptografie unter diesem Aspekt vor: Grundlagen und Anwendungen, Verschlusselung und Authentifikation, symmetrische Algorithmen und Public-Key-Verfahren werden entsprechend ihrer Wichtigkeit prasentiert. Das Buch hat den Umfang einer 2-semestrigen Vorlesung, aufgrund seiner klaren Darstellung eignet es sich aber auch hervorragend zum Selbststudium. Zahlreiche Ubungsaufgaben von unterschiedlichem Schwierigkeitsgrad dienen zur Kontrolle des Verstandnisses."

Negli ultimi decenni il rapido sviluppo delle tecnologie IT ha influito in maniera determinante nella vita dell'uomo, trasformando, spesso inconsapevolmente il suo lavoro, le sue abitudini, il suo modo di interagire con il mondo che lo circonda. Il fenomeno della "globalizzazione" dei mercati e solo una delle trasformazioni che l'intero pianeta sta attraversando. Anche se i vantaggi derivanti dall'utilizzo delle moderne tecnologie di comunicazione ci facilitano nel lavoro e nella attivita ludiche e personali, molte sono le perplessita e i dubbi che attanagliano tutti coloro che le utilizzano. Se l'Information Technology rappresenta il "combustibile" indispensabile per la sopravvivenza delle aziende e delle attivita dell'uomo, nel contempo puo generare problematicita di grande rilievo. Il testo tratta alcune delle problematiche che destano preoccupazioni rilevanti nel mondo intero come il consumo energetico dei sistemi informatici (incontrollabili e inquinanti), il problema della garanzia della privacy e dell'integrita dei dati su Internet, l'utilizzo della rete Internet come strumento di controllo delle masse, la possibile sparizione degli attuali sistemi operativi che potranno essere sostituiti dal sistema operativo Web Operating System."