Foreword by Lars Knudsen
"Practical Intranet Security" focuses on the various ways in which an intranet can be violated and gives a thorough review of the technologies that can be used by an organization to secure its intranet. This includes, for example, the new security architecture SESAME, which builds on the Kerberos authentication system, adding to it both public-key technology and a role-based access control service. Other technologies are also included such as a description of how to program with the GSS-API, and modern security technologies such as PGP, S/MIME, SSH, SSL IPSEC and CDSA. The book concludes with a comparison of the technologies.
This book is different from other network security books in that its aim is to identify how to secure an organization's intranet. Previously books have concentrated on the Internet, often neglecting issues relating to securing intranets. However the potential risk to business and the ease by which intranets can be violated is often far greater than via the Internet.
The aim is that network administrators and managers can get the information that they require to make informed choices on strategy and solutions for securing their own intranets.
The book is an invaluable reference for network managers and network administrators whose responsibility it is to ensure the security of an organization's intranet. The book also contains background reading on networking, network security and cryptography which makes it an excellent research reference and undergraduate/postgraduate text book.

Synchronizing E-Security is a critical investigation and empirical analysis of studies conducted among companies that support electronic commerce transactions in both advanced and developing economies. This book presents insights into the validity and credibility of current risk assessment methods that support electronic transactions in the global economy. Synchronizing E-Security focuses on a number of case studies of IT companies, within selected countries in West Africa, Europe, Asia and the United States. The foundation of this work is based on previous studies by Williams G., Avudzivi P.V (Hawaii 2002) on the retrospective view of information security management and the impact of tele-banking on the end-user.

Cryptography, secret writing, is enjoying a scientific renaissance following the seminal discovery in 1977 of public-key cryptography and applications in computers and communications. This book gives a broad overview of public-key cryptography - its essence and advantages, various public-key cryptosystems, and protocols - as well as a comprehensive introduction to classical cryptography and cryptoanalysis. The second edition has been revised and enlarged especially in its treatment of cryptographic protocols. From a review of the first edition: "This is a comprehensive review ... there can be no doubt that this will be accepted as a standard text. At the same time, it is clearly and entertainingly written ... and can certainly stand alone." Alex M. Andrew, Kybernetes, March 1992

Key to our culture is that we can disseminate information, and then maintain and access it over time. While we are rapidly advancing from vulnerable physical solutions to superior, digital media, preserving and using data over the long term involves complicated research challenges and organization efforts.

Uwe Borghoff and his coauthors address the problem of storing, reading, and using digital data for periods longer than 50 years. They briefly describe several markup and document description languages like TIFF, PDF, HTML, and XML, explain the most important techniques such as migration and emulation, and present the OAIS (Open Archival Information System) Reference Model. To complement this background information on the technology issues the authors present the most relevant international preservation projects, such as the Dublin Core Metadata Initiative, and experiences from sample projects run by the Cornell University Library and the National Library of the Netherlands. A rated survey list of available systems and tools completes the book.

With this broad overview, the authors address librarians who preserve our digital heritage, computer scientists who develop technologies that access data, and information managers engaged with the social and methodological requirements of long-term information access.

This book provides a comprehensive introduction to advanced topics in the computational and algorithmic aspects of number theory, focusing on applications in cryptography. Readers will learn to develop fast algorithms, including quantum algorithms, to solve various classic and modern number theoretic problems. Key problems include prime number generation, primality testing, integer factorization, discrete logarithms, elliptic curve arithmetic, conjecture and numerical verification. The author discusses quantum algorithms for solving the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP), and the Elliptic Curve Discrete Logarithm Problem (ECDLP) and for attacking IFP, DLP and ECDLP based cryptographic systems. Chapters also cover various other quantum algorithms for Pell's equation, principal ideal, unit group, class group, Gauss sums, prime counting function, Riemann's hypothesis and the BSD conjecture. Quantum Computational Number Theory is self-contained and intended to be used either as a graduate text in computing, communications and mathematics, or as a basic reference in the related fields. Number theorists, cryptographers and professionals working in quantum computing, cryptography and network security will find this book a valuable asset.

This book provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial.
IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference, to which this book is linked, has increased in size by almost 50% in its second year; another example of the rapid growth in the digital forensics world.
The TechnoSecurity Guide to Digital Forensics and E-Discovery features:
* Internationally known experts in computer forensics share their years of experience at the forefront of digital forensics
* Bonus chapters on how to build your own Forensics Lab
* 50% discount to the upcoming Techno Forensics conference for everyone
who purchases a book

This book contains a selection of the best papers given at an international conference on advanced computer systems. The Advanced Computer Systems Conference was held in October 2006, in Miedzyzdroje, Poland. The book is organized into four topical areas: Artificial Intelligence; Computer Security and Safety; Image Analysis, Graphics and Biometrics; and Computer Simulation and Data Analysis.

Computer technology evolves at a rate that challenges companies to maintain appropriate security for their enterprises. With the rapid growth in Internet and www facilities, database and information systems security remains a key topic in businesses and in the public sector, with implications for the whole of society. Research Advances in Database and Information Systems Security covers issues related to security and privacy of information in a wide range of applications, including: Critical Infrastructure Protection; Electronic Commerce; Information Assurance; Intrusion Detection; Workflow; Policy Modeling; Multilevel Security; Role-Based Access Control; Data Mining; Data Warehouses; Temporal Authorization Models; Object-Oriented Databases. This book contains papers and panel discussions from the Thirteenth Annual Working Conference on Database Security, organized by the International Federation for Information Processing (IFIP) and held July 25-28, 1999, in Seattle, Washington, USA. Research Advances in Database and Information Systems Security provides invaluable reading for faculty and advanced students as well as for industrial researchers and practitioners engaged in database security research and development.

Research Directions in Data and Applications Security describes original research results and innovative practical developments, all focused on maintaining security and privacy in database systems and applications that pervade cyberspace. The areas of coverage include:

-Role-Based Access Control;
-Database Security;
-XML Security;
-Data Mining and Inference;
-Multimedia System Security;
-Network Security;
-Public Key Infrastructure;
-Formal Methods and Protocols;
-Security and Privacy.

Biometric Solutions for Authentication in an E-World provides a collection of sixteen chapters containing tutorial articles and new material in a unified manner. This includes the basic concepts, theories, and characteristic features of integrating/formulating different facets of biometric solutions for authentication, with recent developments and significant applications in an E-world. This book provides the reader with a basic concept of biometrics, an in-depth discussion exploring biometric technologies in various applications in an E-world. It also includes a detailed description of typical biometric-based security systems and up-to-date coverage of how these issues are developed. Experts from all over the world demonstrate the various ways this integration can be made to efficiently design methodologies, algorithms, architectures, and implementations for biometric-based applications in an E-world.

Blockchain technology (BT) is quietly transforming the world, from financial infrastructure, to the internet-of-things, to healthcare applications. With increasing penetration of BT into various areas of our daily lives, the need arises for better awareness and greater knowledge about the capabilities, benefits, risks, and alternatives to distributed ledger applications. It is hoped that current book will be one of the pioneering collections focusing on blockchain implementations in the area of healthcare, with specific aim to present content in an easy-to-understand and readily accessible way for typical end-users of blockchain-based applications. There are important areas within the fabric of modern healthcare that stand to benefit from implementations of BT. These areas include electronic medical records, quality control, patient safety, finance, device tracking, biostamping/biocertification, redundant storage of critical data, health and liability insurance, medication utilization tracking (including opioid and antibiotic misuse), financial transactions, academics/education, asset tokenization, public health and pandemics, healthcare provider credentialing, and many other potential applications. The ultimate goal of the proposed book would be to provide an integrative, easy-to-understand, and comprehensive picture of the current state of blockchain use in healthcare while actively engaging the reader in a forward-looking, exploratory approach toward future developments in this space. To accomplish this goal, an expert panel of contributors has been assembled, featuring scholars from top global universities and think-tanks.

Database and Application Security XV provides a forum for original research results, practical experiences, and innovative ideas in database and application security. With the rapid growth of large databases and the application systems that manage them, security issues have become a primary concern in business, industry, government and society. These concerns are compounded by the expanding use of the Internet and wireless communication technologies.

This volume covers a wide variety of topics related to security and privacy of information in systems and applications, including:

• Access control models;
• Role and constraint-based access control;
• Distributed systems;
• Information warfare and intrusion detection;
• Relational databases;
• Implementation issues;
• Multilevel systems;
• New application areas including XML.

Database and Application Security XV contains papers, keynote addresses, and panel discussions from the Fifteenth Annual Working Conference on Database and Application Security, organized by the International Federation for Information Processing (IFIP) Working Group 11.3 and held July 15-18, 2001 in Niagara on the Lake, Ontario, Canada.

Using the quantum properties of single photons to exchange binary keys between two partners for subsequent encryption of secret data is an absolutely novel technology. Only a few years ago quantum cryptography or better: quantum key distribution (QKD) was the domain of basic research laboratories at universities. But during the last few years things changed. QKD left the laboratories and was picked up by more practical oriented teams that worked hard to develop a practically applicable technology out of the astonishing results of basic research.

One major milestone towards a QKD technology was a large research and development project funded by the European Commission that aimed at combining quantum physics with complementary technologies that are necessary to create a technical solution: electronics, software, and network components were added within the project SECOQC (Development of a Global Network for Secure Communication based on Quantum Cryptography) that teamed up all expertise on European level to get a technology for future encryption.

The practical application of QKD in a standard optical fibre network was demonstrated October 2008 in Vienna, giving a glimpse of the future of secure communication. Although many steps have still to be done in order to achieve a real mature technology, the corner stone for future secure communication is already laid.

QKD will not be the Holy Grail of security, it will not be able to solve all problems for evermore. But QKD has the potential to replace one of the weakest parts of symmetric encryption: the exchange of the key. It can be proven that the key exchange process cannot be corrupted and that keys that are generated and exchanged quantum cryptographically will be secure for ever (as long as some additional conditions are kept).

This book will show the state of the art of Quantum Cryptography and it will sketch how it can be implemented in standard communication infrastructure. The growing vulnerability of sensitive data requires new concepts and QKD will be a possible solution to overcome some of today s limitations."

Handbook of Database Security: Applications and Trends provides an up-to-date overview of data security models, techniques, and architectures in a variety of data management applications and settings. In addition to providing an overview of data security in different application settings, this book includes an outline for future research directions within the field. The book is designed for industry practitioners and researchers, and is also suitable for advanced-level students in computer science.

The volume provides state-of-the-art in non-repudiation protocols and gives insight of its applicability to e-commerce applications. This professional book organizes the existing scant literature regarding non-repudiation protocols with multiple entities participation. It provides the reader with sufficient grounds to understand the non-repudiation property and its applicability to real applications. This book is essential for professional audiences with in-depth knowledge of information security and a basic knowledge of applied cryptography. The book is also suitable as an advanced-level text or reference book for students in computer science.

This book presents the most recent achievements in some rapidly developing fields within Computer Science. This includes the very latest research in biometrics and computer security systems, and descriptions of the latest inroads in artificial intelligence applications. The book contains over 30 articles by well-known scientists and engineers. The articles are extended versions of works introduced at the ACS-CISIM 2005 conference.

Tribal Knowledge from the Best in Cybersecurity Leadership The Tribe of Hackers series continues, sharing what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure. Dozens of experts and influential security specialists reveal their best strategies for building, leading, and managing information security within organizations. Tribe of Hackers Security Leaders follows the same bestselling format as the original Tribe of Hackers, but with a detailed focus on how information security leaders impact organizational security. Information security is becoming more important and more valuable all the time. Security breaches can be costly, even shutting businessesand governments down, so security leadership is a high-stakes game. Leading teams of hackers is not always easy, but the future of your organization may depend on it. In this book, the world's top security experts answer the questions that Chief Information Security Officers and other security leaders are asking, including: What's the most important decision you've made or action you've taken to enable a business risk? How do you lead your team to execute and get results? Do you have a workforce philosophy or unique approach to talent acquisition? Have you created a cohesive strategy for your information security program or business unit? Anyone in or aspiring to an information security leadership role, whether at a team level or organization-wide, needs to read this book. Tribe of Hackers Security Leaders has the real-world advice and practical guidance you need to advance your cybersecurity leadership career.

Recent Advances in RSA Cryptography surveys the most important achievements of the last 22 years of research in RSA cryptography. Special emphasis is laid on the description and analysis of proposed attacks against the RSA cryptosystem. The first chapters introduce the necessary background information on number theory, complexity and public key cryptography. Subsequent chapters review factorization algorithms and specific properties that make RSA attractive for cryptographers. Most recent attacks against RSA are discussed in the third part of the book (among them attacks against low-exponent RSA, Hastad's broadcast attack, and Franklin-Reiter attacks). Finally, the last chapter reviews the use of the RSA function in signature schemes. Recent Advances in RSA Cryptography is of interest to graduate level students and researchers who will gain an insight into current research topics in the field and an overview of recent results in a unified way. Recent Advances in RSA Cryptography is suitable as a secondary text for a graduate level course, and as a reference for researchers and practitioners in industry.

Considered the gold-standard reference on information security, the Information Security Management Handbook provides an authoritative compilation of the fundamental knowledge, skills, techniques, and tools required of today's IT security professional. Now in its sixth edition, this 3200 page, 4 volume stand-alone reference is organized under the CISSP Common Body of Knowledge domains and has been updated yearly. Each annual update, the latest is Volume 6, reflects the changes to the CBK in response to new laws and evolving technology.

YOU HAVE TO OWN THIS BOOK!

"Software Exorcism: A Handbook for Debugging and Optimizing Legacy Code" takes an unflinching, no bulls$&# look at behavioral problems in the software engineering industry, shedding much-needed light on the social forces that make it difficult for programmers to do their job. Do you have a co-worker who perpetually writes bad code that "you" are forced to clean up? This is your book. While there are plenty of books on the market that cover debugging and short-term workarounds for bad code, Reverend Bill Blunden takes a revolutionary step beyond them by bringing our attention to the underlying illnesses that plague the software industry as a whole.

Further, "Software Exorcism" discusses tools and techniques for effective and aggressive debugging, gives optimization strategies that appeal to all levels of programmers, and presents in-depth treatments of technical issues with honest assessments that are not biased toward proprietary solutions.

The IT Security Governance Guidebook with Security Program Metrics provides clear and concise explanations of key issues in information protection, describing the basic structure of information protection and enterprise protection programs. Including graphics to support the information in the text, this book includes both an overview of material as well as detailed explanations of specific issues. The accompanying downloadable resources offers a collection of metrics, formed from repeatable and comparable measurement, that are designed to correspond to the enterprise security governance model provided in the text, allowing an enterprise to measure its overall information protection program.

Wilson/Simpson/Antill's HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE, 4th edition, equips you with the knowledge and skills to protect networks using the tools and techniques of an ethical hacker. The authors explore the concept of ethical hacking and its practitioners -- explaining their importance in protecting corporate and government data -- and then deliver an in-depth guide to performing security testing. Thoroughly updated, the text covers new security resources, emerging vulnerabilities and innovative methods to protect networks, mobile security considerations, computer crime laws and penalties for illegal computer hacking. A final project brings concepts together in a penetration testing exercise and report, while virtual machine labs, auto-graded quizzes and interactive activities in the online learning platform help further prepare you for your role as a network security professional.

"Machine Learning and Data Mining for Computer Security" provides an overview of the current state of research in machine learning and data mining as it applies to problems in computer security. This book has a strong focus on information processing and combines and extends results from computer security.

The first part of the book surveys the data sources, the learning and mining methods, evaluation methodologies, and past work relevant for computer security. The second part of the book consists of articles written by the top researchers working in this area. These articles deals with topics of host-based intrusion detection through the analysis of audit trails, of command sequences and of system calls as well as network intrusion detection through the analysis of TCP packets and the detection of malicious executables.

This book fills the great need for a book that collects and frames work on developing and applying methods from machine learning and data mining to problems in computer security.

This monograph gives a thorough treatment of the celebrated compositions of signature and encryption that allow for verifiability, that is, to efficiently prove properties about the encrypted data. This study is provided in the context of two cryptographic primitives: (1) designated confirmer signatures, an opaque signature which was introduced to control the proliferation of certified copies of documents, and (2) signcryption, a primitive that offers privacy and authenticity at once in an efficient way. This book is a useful resource to researchers in cryptology and information security, graduate and PhD students, and security professionals.