This comprehensive text/reference presents an in-depth review of the state of the art of automotive connectivity and cybersecurity with regard to trends, technologies, innovations, and applications. The text describes the challenges of the global automotive market, clearly showing where the multitude of innovative activities fit within the overall effort of cutting-edge automotive innovations, and provides an ideal framework for understanding the complexity of automotive connectivity and cybersecurity. Topics and features: discusses the automotive market, automotive research and development, and automotive electrical/electronic and software technology; examines connected cars and autonomous vehicles, and methodological approaches to cybersecurity to avoid cyber-attacks against vehicles; provides an overview on the automotive industry that introduces the trends driving the automotive industry towards smart mobility and autonomous driving; reviews automotive research and development, offering background on the complexity involved in developing new vehicle models; describes the technologies essential for the evolution of connected cars, such as cyber-physical systems and the Internet of Things; presents case studies on Car2Go and car sharing, car hailing and ridesharing, connected parking, and advanced driver assistance systems; includes review questions and exercises at the end of each chapter. The insights offered by this practical guide will be of great value to graduate students, academic researchers and professionals in industry seeking to learn about the advanced methodologies in automotive connectivity and cybersecurity.

The 3-volume-set LNCS 12696 - 12698 constitutes the refereed proceedings of the 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Eurocrypt 2021, which was held in Zagreb, Croatia, during October 17-21, 2021.The 78 full papers included in these proceedings were accepted from a total of 400 submissions. They were organized in topical sections as follows: Part I: Best papers; public-key cryptography; isogenies; post-quantum cryptography; lattices; homomorphic encryption; symmetric cryptanalysis; Part II: Symmetric designs; real-world cryptanalysis; implementation issues; masking and secret-sharing; leakage, faults and tampering; quantum constructions and proofs; multiparty computation; Part III: Garbled circuits; indistinguishability obfuscation; non-malleable commitments; zero-knowledge proofs; property-preserving hash functions and ORAM; blockchain; privacy and law enforcement.

The emergence of a new type of threat to computer security--the computer virus--has attracted much attention from the media, researchers, and software producers. Such viruses create sets of frequently destructive instructions that propagate automatically throughout entire computer networks. The effects can range from temporary disruption to wholesale havoc involving huge losses of data. The problem has been exacerbated more recently by a deluge of superficial media comment that has sensationalized the topic while offering little in the way of concrete facts or knowledgeable guidance. This book is intended to help managers of today's complex information systems respond to the genuine threat posed by computer viruses in an informed and efficient manner. It presents a concise overview of the problem and a detailed strategy for minimizing the potential risk. It provides a nontechnical explanation of computer viruses based on a conceptual framework adaptable to the constant emergence of new kinds of viruses and their antidotes. The book suggests practical management approaches that are workable within large-scale, integrated systems including those with ongoing security and control devices. There are a number of useful technical appendices, however the book is written to be read and used by those who may not have a technical background, including information systems managers, security consultants, and teachers and advanced students of management interested in information systems.

The 1980's saw the advent of widespread (and potentially damaging) computer virus infection of both personal computer and mainframe systems. The computer security field has been comparatively slow to react to this emerging situation. It is only over the last two years that a significant body of knowledge on the operation, likely evolution and prevention of computer viruses has developed. A Pathology of Computer Viruses gives a detailed overview of the history of the computer virus and an in-depth technical review of the principles of computer virus and worm operation under DOS, Mac, UNIX and DEC operating systems. David Ferbrache considers the possible extension of the threat to the mainframe systems environment and suggests how the threat can be effectively combatted using an antiviral management plan. The author addresses the latest developments in "stealth" virus operations, specifically the trend for virus authors to adopt extensive camouflage and concealment techniques, which allow viruses to evade both existing anti-viral software and to avoid detection by direct observation of machine behaviour. A Pathology of Computer Viruses addresses a distinct need - that of the computer specialist and professional who needs a source reference work detailing all aspects of the computer virus threat.

This book constitutes the refereed proceedings of the 20th International Conference on Cryptology and Network Security, CANS 2021, which was held during December 13-15, 2021. The conference was originally planned to take place in Vienna, Austria, and changed to an online event due to the COVID-19 pandemic.The 25 full and 3 short papers presented in these proceedings were carefully reviewed and selected from 85 submissions. They were organized in topical sections as follows: Encryption; signatures; cryptographic schemes and protocols; attacks and counter-measures; and attestation and verification.

This volume constitutes the proceedings of the 19th International Workshop on Digital Forensics and Watermarking, IWDW 2020, held in Melbourne, VIC, Australia, in November 2020.The 20 full papers in this volume were carefully reviewed and selected from 43 submissions. They cover topics such as: novel research, development and application of digital watermarking and forensics techniques for multimedia security.

The three-volume set LNCS 13042, LNCS 13043 and LNCS 13044 constitutes the refereed proceedings of the 19th International Conference on Theory of Cryptography, TCC 2021, held in Raleigh, NC, USA, in November 2021. The total of 66 full papers presented in this three-volume set was carefully reviewed and selected from 161 submissions. They cover topics on proof systems, attribute-based and functional encryption, obfuscation, key management and secure communication.

Master the latest technology and developments from the field with the book specifically oriented to the needs of information systems students like you -- PRINCIPLES OF INFORMATION SECURITY, 6E. Taking a managerial approach, this bestseller emphasizes all aspects of information security, rather than just a technical control perspective. You receive a broad overview of the entire field of information security and related elements with the detail to ensure understanding. You review terms used in the field and a history of the discipline as you learn how to manage an information security program. Current and relevant, this edition highlights the latest practices with fresh examples that explore the impact of emerging technologies, such as the Internet of Things, Cloud Computing, and DevOps. Updates address technical security controls, emerging legislative issues, digital forensics, and ethical issues in IS security, making this the ideal IS resource for business decision makers.

This book constitutes the proceedings of the 7th International Conference on Cryptology and Information Security in Latin America, LATIN 2021, which was held in October 2021. The conference was originally planned to take place in Bogota, Colombia, but changed to a virtual event due to the COVID-19 pandemic. The 22 full papers included in this volume were carefully reviewed and selected from 47 submissions. They were organized in topical sections as follows: quantum cryptography; post-quantum cryptography; asymmetric cryptanalysis; cryptanalysis and side-channel analysis; distributed cryptographic protocols; and multiparty computation.

Defending the Digital Frontier

Second Edition

"The book recognizes, and correctly characterizes, digital security according to one of the fundamental tenets of IT governance: security, like IT governance, is a management issue, not a technical one. This book takes a very practical approach to a critical issue, and provides executive management with sound, cost-effective techniques grounded in business realities. Management and the C-suite will do well to keep these techniques in mind when formulating IT strategies that are aligned with and support business goals."
--Marios Damianides
CISA, CISM, CPA, CA, International President, Information Systems Audit and Control Association and IT Governance Institute

"Ernst & Young has done a superb job in demonstrating why the integrity of Digital Information Systems is fundamental to success. The authors show that protecting computers from attack is only a small part of this task. This book focuses on handling systemic risk and complexity--the inevitable problems that arise when you integrate computerized information systems with human activity systems: namely the company itself, customers, suppliers, competitors, as well as the broader political and regulatory environment. I can recommend it as essential reading to all senior executives."
--Ian Angell
Professor of Information Systems, London School of Economics

"The CBI considers security of information to be a major issue for individuals and businesses in the growing digital world. This book makes clear, that the key to success in this new environment is in using technology effectively--technology cannot make a badly organised business good, but it can make agood business better. Ernst & Young has identified critical organisational and management processes that global companies need to implement to ensure that technology effectively secures information assets that are at the heart of today's economy."
--Digby Jones
Director General, CBI

This book constitutes the refereed proceedings of four workshops held at the 25th International Conference on Financial Cryptography and Data Security, FC 2021, held virtually, in March 2021.The workshops are as follows: CoDecFin: The Second Workshop on Coordination of Decentralized Finance DeFi 2021 : First Workshop on Decentralized Finance VOTING 2021: Sixth Workshop on Advances in Secure Electronic Voting WTSC 2021: Fifth Workshop on Trusted Smart Contracts

This book constitutes the refereed proceedings of the 14th International Conference on Provable Security, ProvSec 2020, held in Singapore, in November 2020. The 20 full papers presented were carefully reviewed and selected from 59 submissions. The papers focus on provable security as an essential tool for analyzing security of modern cryptographic primitives. They are divided in the following topical sections: signature schemes, encryption schemes and NIZKS, secure machine learning and multiparty computation, secret sharing schemes, and security analyses.* The conference was held virtually due to the COVID-19 pandemic.

This book describes the efficient implementation of public-key cryptography (PKC) to address the security challenges of massive amounts of information generated by the vast network of connected devices, ranging from tiny Radio Frequency Identification (RFID) tags to powerful desktop computers. It investigates implementation aspects of post quantum PKC and homomorphic encryption schemes whose security is based on the hardness of the ring-learning with error (LWE) problem. The work includes designing an FPGA-based accelerator to speed up computation on encrypted data in the cloud computer. It also proposes a more practical scheme that uses a special module called recryption box to assist homomorphic function evaluation, roughly 20 times faster than the implementation without this module.

The 3-volume-set LNCS 12696 - 12698 constitutes the refereed proceedings of the 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Eurocrypt 2021, which was held in Zagreb, Croatia, during October 17-21, 2021.The 78 full papers included in these proceedings were accepted from a total of 400 submissions. They were organized in topical sections as follows: Part I: Best papers; public-key cryptography; isogenies; post-quantum cryptography; lattices; homomorphic encryption; symmetric cryptanalysis; Part II: Symmetric designs; real-world cryptanalysis; implementation issues; masking and secret-sharing; leakage, faults and tampering; quantum constructions and proofs; multiparty computation; Part III: Garbled circuits; indistinguishability obfuscation; non-malleable commitments; zero-knowledge proofs; property-preserving hash functions and ORAM; blockchain; privacy and law enforcement.

This book constitutes the proceedings of the 5th International Conference on Electronic Voting, E-Vote-ID 2020, held online -due to COVID -19- in Bregenz, Austria, in October 2020. The 14 full papers presented were carefully reviewed and selected from 55 submissions.The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social or political aspects, amongst others; turning out to be an important global referent in relation to this issue.

This book constitutes the proceedings of the Workshops held in conjunction with SAFECOMP 2020, 39th International Conference on Computer Safety, Reliability and Security, Lisbon, Portugal, September 2020. The 26 regular papers included in this volume were carefully reviewed and selected from 45 submissions; the book also contains one invited paper. The workshops included in this volume are: DECSoS 2020: 15th Workshop on Dependable Smart Embedded and Cyber-Physical Systems and Systems-of-Systems. DepDevOps 2020: First International Workshop on Dependable Development-Operation Continuum Methods for Dependable Cyber-Physical Systems. USDAI 2020: First International Workshop on Underpinnings for Safe Distributed AI. WAISE 2020: Third International Workshop on Artificial Intelligence Safety Engineering. The workshops were held virtually due to the COVID-19 pandemic.

This book provides a comprehensive introduction to blockchain and distributed ledger technology. Intended as an applied guide for hands-on practitioners, the book includes detailed examples and in-depth explanations of how to build and run a blockchain from scratch. Through its conceptual background and hands-on exercises, this book allows students, teachers and crypto enthusiasts to launch their first blockchain while assuming prior knowledge of the underlying technology. How do I build a blockchain? How do I mint a cryptocurrency? How do I write a smart contract? How do I launch an initial coin offering (ICO)? These are some of questions this book answers. Starting by outlining the beginnings and development of early cryptocurrencies, it provides the conceptual foundations required to engineer secure software that interacts with both public and private ledgers. The topics covered include consensus algorithms, mining and decentralization, and many more. "This is a one-of-a-kind book on Blockchain technology. The authors achieved the perfect balance between the breadth of topics and the depth of technical discussion. But the real gem is the set of carefully curated hands-on exercises that guide the reader through the process of building a Blockchain right from Chapter 1." Volodymyr Babich, Professor of Operations and Information Management, McDonough School of Business, Georgetown University "An excellent introduction of DLT technology for a non-technical audience. The book is replete with examples and exercises, which greatly facilitate the learning of the underlying processes of blockchain technology for all, from students to entrepreneurs." Serguei Netessine, Dhirubhai Ambani Professor of Innovation and Entrepreneurship, The Wharton School, University of Pennsylvania "Whether you want to start from scratch or deepen your blockchain knowledge about the latest developments, this book is an essential reference. Through clear explanations and practical code examples, the authors take you on a progressive journey to discover the technology foundations and build your own blockchain. From an operations perspective, you can learn the principles behind the distributed ledger technology relevant for transitioning towards blockchain-enabled supply chains. Reading this book, you'll get inspired, be able to assess the applicability of blockchain to supply chain operations, and learn from best practices recognized in real-world examples." Ralf W. Seifert, Professor of Technology and Operations Management at EPFL and Professor of Operations Management at IMD

The non-technical handbook for cyber security risk management Solving Cyber Risk distills a decade of research into a practical framework for cyber security. Blending statistical data and cost information with research into the culture, psychology, and business models of the hacker community, this book provides business executives, policy-makers, and individuals with a deeper understanding of existing future threats, and an action plan for safeguarding their organizations. Key Risk Indicators reveal vulnerabilities based on organization type, IT infrastructure and existing security measures, while expert discussion from leading cyber risk specialists details practical, real-world methods of risk reduction and mitigation. By the nature of the business, your organization's customer database is packed with highly sensitive information that is essentially hacker-bait, and even a minor flaw in security protocol could spell disaster. This book takes you deep into the cyber threat landscape to show you how to keep your data secure. Understand who is carrying out cyber-attacks, and why Identify your organization's risk of attack and vulnerability to damage Learn the most cost-effective risk reduction measures Adopt a new cyber risk assessment and quantification framework based on techniques used by the insurance industry By applying risk management principles to cyber security, non-technical leadership gains a greater understanding of the types of threat, level of threat, and level of investment needed to fortify the organization against attack. Just because you have not been hit does not mean your data is safe, and hackers rely on their targets' complacence to help maximize their haul. Solving Cyber Risk gives you a concrete action plan for implementing top-notch preventative measures before you're forced to implement damage control.

This book constitutes the thoroughly refereed post-conference proceedings of the 24th International Conference on Financial Cryptography and Data Security, FC 2020, held in Kota Kinabalu, Malaysia, in February 2020. The 34 revised full papers and 2 short papers were carefully selected and reviewed from 162 submissions. The papers are grouped in the following topical sections: attacks; consensus; cryptoeconomics; layer 2; secure computation; privacy; crypto foundations; empirical studies; and smart contracts.

This book constitutes the proceedings of the 13th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2011, held in Nara, Japan, from September 28 until October 1, 2011. The 32 papers presented together with 1 invited talk were carefully reviewed and selected from 119 submissions. The papers are organized in topical sections named: FPGA implementation; AES; elliptic curve cryptosystems; lattices; side channel attacks; fault attacks; lightweight symmetric algorithms, PUFs; public-key cryptosystems; and hash functions.

This book constitutes the refereed proceedings of the 31st Annual International Cryptology Conference, CRYPTO 2011, held in Santa Barbara, CA, USA in August 2011. The 42 revised full papers presented were carefully reviewed and selected from 230 submissions. The volume also contains the abstract of one invited talk. The papers are organized in topical sections on randomness and its use; computer-assisted cryptographic proofs; outsourcing and delegatin computation; symmetric cryptanalysis and constructions; secure computation: leakage and side channels; quantum cryptography; lattices and knapsacks; public-key encryption; symmetric schemes; signatures; obilvious transfer and secret sharing; and multivariate and coding-based schemes.

This book constitutes the refereed proceedings of the 34th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2020, held in Regensburg, Germany, in June 2020.* The 14 full papers and 8 short papers presented were carefully reviewed and selected from 39 submissions. The papers present high-quality original research from academia, industry, and government on theoretical and practical aspects of information security. They are organized in topical sections named network and cyber-physical systems security; information flow and access control; privacy-preserving computation; visualization and analytics for security; spatial systems and crowdsourcing security; and secure outsourcing and privacy. *The conference was held virtually due to the COVID-19 pandemic.

This book constitutes the proceedings of the 19th International Conference on Smart Card Research and Advanced Applications, CARDIS 2020, which took place during November 18-20, 2020. The conference was originally planned to take place in Lubeck, Germany, and changed to an online format due to the COVID-19 pandemic. The 12 full papers presented in this volume were carefully reviewed and selected from 26 submissions. They were organized in topical sections named: post-quantum cryptography; efficient implementations; and physical attacks.

The 22 full papers and 12 shorts papers presented in this volume were carefully reviewed and selected from 70 submissions. The contributions are covering the following topics: deep learning for multimedia security; digital forensics and anti-forensics; digital watermarking; information hiding; steganography and steganalysis; authentication and security.

This book constitutes the refereed proceedings of the Third International Conference on Security and Privacy in New Computing Environments, SPNCE 2020, held in August 2020. Due to COVID-19 pandemic the conference was held virtually. The 31 full papers were selected from 63 submissions and are grouped into topics on network security; system security; machine learning; authentication and access control; cloud security; cryptography; applied cryptography.