This brief considers the various stakeholders in today's mobile device ecosystem, and analyzes why widely-deployed hardware security primitives on mobile device platforms are inaccessible to application developers and end-users. Existing proposals are also evaluated for leveraging such primitives, and proves that they can indeed strengthen the security properties available to applications and users, without reducing the properties currently enjoyed by OEMs and network carriers. Finally, this brief makes recommendations for future research that may yield practical and deployable results.

Cryptographic access control (CAC) is an approach to securing data by encrypting it with a key, so that only the users in possession of the correct key are able to decrypt the data and/or perform further encryptions. Applications of cryptographic access control will benefit companies, governments and the military where structured access to information is essential. The purpose of this book is to highlight the need for adaptability in cryptographic access control schemes that are geared for dynamic environments, such as the Internet. Adaptive Cryptographic Access Control presents the challenges of designing hierarchical cryptographic key management algorithms to implement Adaptive Access Control in dynamic environments and suggest solutions that will overcome these challenges. Adaptive Cryptographic Access Control is a cutting-edge book focusing specifically on this topic in relation to security and cryptographic access control. Both the theoretical and practical aspects and approaches of cryptographic access control are introduced in this book. Case studies and examples are provided throughout this book.

This book constitutes the proceedings of the 9th Workshop on RFID Security and Privacy, RFIDsec 2013, held in Graz, Austria, in July 2013. The 11 papers presented in this volume were carefully reviewed and selected from 23 submissions. RFIDsec deals with topics of importance to improving the security and privacy of RFID, NFC, contactless technologies, and the Internet of Things. RFIDsec bridges the gap between cryptographic researchers and RFID developers.

"Mobile Authentication: Problems and Solutions" looks at human-to-machine authentication, with a keen focus on the mobile scenario. Human-to-machine authentication is a startlingly complex issue. In the old days of computer security-before 2000, the human component was all but disregarded. It was either assumed that people should and would be able to follow instructions, or that end users were hopeless and would always make mistakes. The truth, of course, is somewhere in between, which is exactly what makes this topic so enticing. We cannot make progress with human-to-machine authentication without understanding both humans and machines. Mobile security is not simply security ported to a handset. Handsets have different constraints than traditional computers, and are used in a different way. Text entry is more frustrating, and therefore, it is tempting to use shorter and less complex passwords. It is also harder to detect spoofing. We need to design with this in mind. We also need to determine how exactly to integrate biometric readers to reap the maximum benefits from them. This book addresses all of these issues, and more.

This book constitutes the thoroughly refereed conference proceedings of the 14th International Conference on Information Security and Cryptology, held in Seoul, Korea, in November/December 2011. The 32 revised full papers presented were carefully selected from 126 submissions during two rounds of reviewing. The conference provides a forum for the presentation of new results in research, development, and applications in the field of information security and cryptology. The papers are organized in topical sections on hash function, side channel analysis, public key cryptography, network and mobile security, digital signature, cryptanalysis, efficient implementation, cryptographic application, and cryptographic protocol.

This book constitutes the refereed proceedings of the 6th International Conference on the Theory and Application of Cryptographic Techniques in Africa, AFRICACRYPT 2013, held in Cairo, Egypt, in June 2013. The 26 papers presented were carefully reviewed and selected from 77 submissions. They cover the following topics: secret-key and public-key cryptography and cryptanalysis, efficient implementation, cryptographic protocols, design of cryptographic schemes, security proofs, foundations and complexity theory, information theory, multi-party computation, elliptic curves, and lattices.

This book constitutes the refereed proceedings of the 32nd Annual International Cryptology Conference, CRYPTO 2012, held in Santa Barbara, CA, USA, in August 2012. The 48 revised full papers presented were carefully reviewed and selected from 225 submissions. The volume also contains the abstracts of two invited talks. The papers are organized in topical sections on symmetric cryptosystems, secure computation, attribute-based and functional encryption, proofs systems, protocols, hash functions, composable security, privacy, leakage and side-channels, signatures, implementation analysis, black-box separation, cryptanalysis, quantum cryptography, and key encapsulation and one-way functions.

Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.

This book constitutes the refereed proceedings of the 6th International Symposium on Trustworthy Global Computing, TGC 2011, held in Aachen, Germany, in June 2011. The 14 revised full papers presented were carefully reviewed and selected from 25 submissions. The papers are organized in topical sections on modeling formalisms for concurrent systems; model checking and quantitative extensions thereof; semantics and analysis of modern programming languages; probabilistic models for concurrency; and testing and run-time verification.

This book constitutes the thoroughly refereed post-conference proceedings of the 8th European Workshop on Public Key Infrastructures, Services and Applications, EuroPKI 2011, held in Leuven, Belgium in September 2011 - co-located with the 16th European Symposium on Research in Computer Security, ESORICS 2011. The 10 revised full papers presented together with 3 invited talks were carefully reviewed and selected from 27 submissions. The papers are organized in topical sections on authentication mechanisms, privacy preserving techniques, PKI and secure applications.

This book constitutes the thoroughly refereed post-conference proceedings of the 9th International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness, QShine 2013, which was held in National Capital Region (NCR) of India during January 2013. The 87 revised full papers were carefully selected from 169 submissions and present the recent technological developments in broadband high-speed networks, peer-to-peer networks, and wireless and mobile networks.

This book contains the revised selected papers of the Second Workshop on Real-Life Cryptographic Protocols and Standardization, RLCPS 2011, and the Second Workshop on Ethics in Computer Security Research, WECSR 2011, held in conjunction with the 15th International Conference on Financial Cryptography and Data Security, FC 2010, in Rodney Bay, St. Lucia, in February/March 2011. The 16 revised papers presented were carefully reviewed and selected from numerous submissions. The papers cover topics ranging from anonymity and privacy, authentication and identification, biometrics, commercial cryptographic, digital cash and payment systems, infrastructure design, management and operations, to security economics and trust management.

Using the quantum properties of single photons to exchange binary keys between two partners for subsequent encryption of secret data is an absolutely novel technology. Only a few years ago quantum cryptography or better: quantum key distribution (QKD) was the domain of basic research laboratories at universities. But during the last few years things changed. QKD left the laboratories and was picked up by more practical oriented teams that worked hard to develop a practically applicable technology out of the astonishing results of basic research.

One major milestone towards a QKD technology was a large research and development project funded by the European Commission that aimed at combining quantum physics with complementary technologies that are necessary to create a technical solution: electronics, software, and network components were added within the project SECOQC (Development of a Global Network for Secure Communication based on Quantum Cryptography) that teamed up all expertise on European level to get a technology for future encryption.

The practical application of QKD in a standard optical fibre network was demonstrated October 2008 in Vienna, giving a glimpse of the future of secure communication. Although many steps have still to be done in order to achieve a real mature technology, the corner stone for future secure communication is already laid.

QKD will not be the Holy Grail of security, it will not be able to solve all problems for evermore. But QKD has the potential to replace one of the weakest parts of symmetric encryption: the exchange of the key. It can be proven that the key exchange process cannot be corrupted and that keys that are generated and exchanged quantum cryptographically will be secure for ever (as long as some additional conditions are kept).

This book will show the state of the art of Quantum Cryptography and it will sketch how it can be implemented in standard communication infrastructure. The growing vulnerability of sensitive data requires new concepts and QKD will be a possible solution to overcome some of today s limitations."

This book constitutes the thoroughly refereed post-conference proceedings of the 11th International Conference on Smart Card Research and Advanced Applications, CARDIS 2012, held in Graz, Austria, in November 2012. The 18 revised full papers presented together with an invited talk were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on Java card security, protocols, side-channel attacks, implementations, and implementations for resource-constrained devices.

This book constitutes the refereed proceedings of three workshops colocated with NETWORKING 2012, held in Prague, Czech Republic, in May 2012: the Workshop on Economics and Technologies for Inter-Carrier Services (ETICS 2012), the Workshop on Future Heterogeneous Network (HetsNets 2012), and the Workshop on Computing in Networks (CompNets 2012). The 21 revised full papers presented were carefully reviewed and selected from numerous submissions. The papers cover a wide range of topics addressing the main research efforts in the fields of network management, quality of services, heterogeneous networks, and analysis or modeling of networks.

The two-volume set LNCS 7289 and 7290 constitutes the refereed proceedings of the 11th International IFIP TC 6 Networking Conference held in Prague, Czech Republic, in May 2012. The 64 revised full papers presented were carefully reviewed and selected from a total of 225 submissions. The papers feature innovative research in the areas of network architecture, applications and services, next generation Internet, wireless and sensor networks, and network science. The first volume includes 32 papers and is organized in topical sections on content-centric networking, social networks, reliability and resilience, virtualization and cloud services, IP routing, network measurement, network mapping, and LISP and multi-domain routing.

Cloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers for access control. To protect the data integrity in the cloud, an efficient and secure dynamic auditing protocol is introduced, which can support dynamic auditing and batch auditing. To ensure the data security in the cloud, two efficient and secure data access control schemes are introduced in this brief: ABAC for Single-authority Systems and DAC-MACS for Multi-authority Systems. While Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data, the existing schemes cannot be directly applied to data access control for cloud storage systems because of the attribute revocation problem. To solve the attribute revocation problem, new Revocable CP-ABE methods are proposed in both ABAC and DAC-MACS.

Mobile devices, such as smart phones, have achieved computing and networking capabilities comparable to traditional personal computers. Their successful consumerization has also become a source of pain for adopting users and organizations. In particular, the widespread presence of information-stealing applications and other types of mobile malware raises substantial security and privacy concerns. Android Malware presents a systematic view on state-of-the-art mobile malware that targets the popular Android mobile platform. Covering key topics like the Android malware history, malware behavior and classification, as well as, possible defense techniques.

This book constitutes the refereed proceedings of the 11th International Conference on Applied Cryptography and Network Security, ACNS 2013, held in Banff, Canada, in June 2013. The 33 revised full papers included in this volume were carefully reviewed and selected from 192 submissions. They are organized in topical sections on Cloud Cryptography; Secure Computation; Hash Function and Block Cipher; Signature; System Attack; Secure Implementation - Hardware; Secure Implementation - Software; Group-oriented Systems; Key Exchange and Leakage Resilience; Cryptographic Proof; Cryptosystems.

This book constitutes the refereed proceedings of the 6th International Conference on Trust and Trustworthy Computing, TRUST 2013, held in London, UK, in June 2013. There is a technical and a socio-economic track. The full papers presented, 14 and 5 respectively, were carefully reviewed from 39 in the technical track and 14 in the socio-economic track. Also included are 5 abstracts describing ongoing research. On the technical track the papers deal with issues such as key management, hypervisor usage, information flow analysis, trust in network measurement, random number generators, case studies that evaluate trust-based methods in practice, simulation environments for trusted platform modules, trust in applications running on mobile devices, trust across platform. Papers on the socio-economic track investigated, how trust is managed and perceived in online environments, and how the disclosure of personal data is perceived; and some papers probed trust issues across generations of users and for groups with special needs.

This book constitutes the refereed proceedings of the 5th International Workshop on Post-Quantum Cryptography, PQCrypto 2013, held in Limoges, France, in June 2013. The 17 revised full papers presented were carefully reviewed and selected from 24 submissions. The papers cover all technical aspects of cryptographic research related to the future world with large quantum computers such as code-based cryptography, lattice-based cryptography, multivariate cryptography, cryptanalysis or implementations.

Network Intrusion Detection and Prevention: Concepts and Techniques provides detailed and concise information on different types of attacks, theoretical foundation of attack detection approaches, implementation, data collection, evaluation, and intrusion response. Additionally, it provides an overview of some of the commercially/publicly available intrusion detection and response systems. On the topic of intrusion detection system it is impossible to include everything there is to say on all subjects. However, we have tried to cover the most important and common ones.

Network Intrusion Detection and Prevention: Concepts and Techniques is designed for researchers and practitioners in industry. This book is suitable for advanced-level students in computer science as a reference book as well.

This book constitutes the thoroughly refereed post-conference proceedings of the 8th International Conference on Information Security and Cryptology, Inscrypt 2012, held in Beijing, China, in November 2012. The 23 revised full papers presented were carefully reviewed and selected from 71 submissions. The papers cover the topics of side channel attacks, extractor and secret sharing, public key cryptography, block ciphers, stream ciphers, new constructions and protocols.

This book constitutes the thoroughly refereed post-conference proceedings of the Joint Meeting of the 2nd Luxembourg-Polish Symposium on Security and Trust and the 19th International Conference Intelligent Information Systems, held as International Joint Confererence on Security and Intelligent Information Systems, SIIS 2011, in Warsaw, Poland, in June 2011. The 29 revised full papers presented together with 2 invited lectures were carefully reviewed and selected from 60 initial submissions during two rounds of selection and improvement. The papers are organized in the following three thematic tracks: security and trust, data mining and machine learning, and natural language processing.

Motivation for the Book This book seeks to establish the state of the art in the cyber situational awareness area and to set the course for future research. A multidisciplinary group of leading researchers from cyber security, cognitive science, and decision science areas elab orate on the fundamental challenges facing the research community and identify promising solution paths. Today, when a security incident occurs, the top three questions security admin istrators would ask are in essence: What has happened? Why did it happen? What should I do? Answers to the ?rst two questions form the core of Cyber Situational Awareness. Whether the last question can be satisfactorily answered is greatly de pendent upon the cyber situational awareness capability of an enterprise. A variety of computer and network security research topics (especially some sys tems security topics) belong to or touch the scope of Cyber Situational Awareness. However, the Cyber Situational Awareness capability of an enterprise is still very limited for several reasons: * Inaccurate and incomplete vulnerability analysis, intrusion detection, and foren sics. * Lack of capability to monitor certain microscopic system/attack behavior. * Limited capability to transform/fuse/distill information into cyber intelligence. * Limited capability to handle uncertainty. * Existing system designs are not very "friendly" to Cyber Situational Awareness.