Digital forensics has been a discipline of Information Security for decades now. Its principles, methodologies, and techniques have remained consistent despite the evolution of technology, and, ultimately, it and can be applied to any form of digital data. However, within a corporate environment, digital forensic professionals are particularly challenged. They must maintain the legal admissibility and forensic viability of digital evidence in support of a broad range of different business functions that include incident response, electronic discovery (ediscovery), and ensuring the controls and accountability of such information across networks. Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise provides the methodologies and strategies necessary for these key business functions to seamlessly integrate digital forensic capabilities to guarantee the admissibility and integrity of digital evidence. In many books, the focus on digital evidence is primarily in the technical, software, and investigative elements, of which there are numerous publications. What tends to get overlooked are the people and process elements within the organization. Taking a step back, the book outlines the importance of integrating and accounting for the people, process, and technology components of digital forensics. In essence, to establish a holistic paradigm-and best-practice procedure and policy approach-to defending the enterprise. This book serves as a roadmap for professionals to successfully integrate an organization's people, process, and technology with other key business functions in an enterprise's digital forensic capabilities.

This book provides the state-of-the-art development on security and privacy for fog/edge computing, together with their system architectural support and applications. This book is organized into five parts with a total of 15 chapters. Each area corresponds to an important snapshot. The first part of this book presents an overview of fog/edge computing, focusing on its relationship with cloud technology and the future with the use of 5G communication. Several applications of edge computing are discussed. The second part of this book considers several security issues in fog/edge computing, including the secure storage and search services, collaborative intrusion detection method on IoT-fog computing, and the feasibility of deploying Byzantine agreement protocols in untrusted environments. The third part of this book studies the privacy issues in fog/edge computing. It first investigates the unique privacy challenges in fog/edge computing, and then discusses a privacy-preserving framework for the edge-based video analysis, a popular machine learning application on fog/edge. This book also covers the security architectural design of fog/edge computing, including a comprehensive overview of vulnerabilities in fog/edge computing within multiple architectural levels, the security and intelligent management, the implementation of network-function-virtualization-enabled multicasting in part four. It explains how to use the blockchain to realize security services. The last part of this book surveys applications of fog/edge computing, including the fog/edge computing in Industrial IoT, edge-based augmented reality, data streaming in fog/edge computing, and the blockchain-based application for edge-IoT. This book is designed for academics, researchers and government officials, working in the field of fog/edge computing and cloud computing. Practitioners, and business organizations (e.g., executives, system designers, and marketing professionals), who conduct teaching, research, decision making, and designing fog/edge technology will also benefit from this book The content of this book will be particularly useful for advanced-level students studying computer science, computer technology, and information systems, but also applies to students in business, education, and economics, who would benefit from the information, models, and case studies therein.

There is an intrinsic conflict between creating secure systems and usable systems. But usability and security can be made synergistic by providing requirements and design tools with specific usable security principles earlier in the requirements and design phase. In certain situations, it is possible to increase usability and security by revisiting design decisions made in the past; in others, to align security and usability by changing the regulatory environment in which the computers operate. This book addresses creation of a usable security protocol for user authentication as a natural outcome of the requirements and design phase of the authentication method development life cycle.

This book consolidates several key aspects from the state-of-the-art research in symmetric key cryptography, which is among the cornerstones of digital security. It presents the content in an informative yet beginner-friendly, accompanied with toy examples and comprehensible graphics. In particular, it highlights the recent developments in tool-assisted analysis of ciphers. Furthermore, promising device-dependent attacks, such as fault attack and side channel attacks on symmetric key ciphers, are discussed in detail. One salient feature of this book is to present a detailed analysis of various fault countermeasures. The coverage of our book is quite diverse-it ranges from prerequisite information, latest research contribution as well as future research directions. It caters to students and researchers working in the field of cryptography.

This book provides a comprehensive analysis of Brooks-Iyengar Distributed Sensing Algorithm, which brings together the power of Byzantine Agreement and sensor fusion in building a fault-tolerant distributed sensor network. The authors analyze its long-term impacts, advances, and future prospects. The book starts by discussing the Brooks-Iyengar algorithm, which has made significant impact since its initial publication in 1996. The authors show how the technique has been applied in many domains such as software reliability, distributed systems and OS development, etc. The book exemplifies how the algorithm has enhanced new real-time features by adding fault-tolerant capabilities for many applications. The authors posit that the Brooks-Iyengar Algorithm will to continue to be used where fault-tolerant solutions are needed in redundancy system scenarios. This book celebrates S.S. Iyengar's accomplishments that led to his 2019 Institute of Electrical and Electronics Engineers' (IEEE) Cybermatics Congress "Test of Time Award" for his work on creating Brooks-Iyengar Algorithm and its impact in advancing modern computing.

This book is a collection of best selected research papers presented at 7th International Conference on Computing in Engineering and Technology (ICCET 2022), organized by Dr. Babasaheb Ambedkar Technological University, Lonere, India, during February 12 - 13, 2022. Focusing on frontier topics and next-generation technologies, it presents original and innovative research from academics, scientists, students, and engineers alike. The theme of the conference is Applied Information Processing System.

This textbook introduces new business concepts on cloud environments such as secure, scalable anonymity and practical payment protocols for the Internet of things and Blockchain technology. The protocol uses electronic cash for payment transactions. In this new protocol, from the viewpoint of banks, consumers can improve anonymity if they are worried about disclosure of their identities in the cloud. Currently, there is not a book available that has reported the techniques covering the protocols with anonymizations and Blockchain technology. Thus this will be a useful book for universities to purchase. This textbook provides new direction for access control management and online business, with new challenges within Blockchain technology that may arise in cloud environments. One is related to the authorization granting process. For example, when a role is granted to a user, this role may conflict with other roles of the user or together with this role; the user may have or derive a high level of authority. Another is related to authorization revocation. For instance, when a role is revoked from a user, the user may still have the role. Experts will get benefits from these challenges through the developed methodology for authorization granting algorithm, and weak revocation and strong revocation algorithms.

Deploying the scientific method in cybersecurity today is a common-sense approach that is a tough topic in the field of cybersecurity. While most publications in the field emphasize that scientific principles are necessary, there are very few, if any, guides that uncover these principles.This book will give readers practical tools for cybersecurity. It examines the path of developing cybersecurity foundations while taking into account uncertain data. Extensive examples demonstrate how to deploy cybersecurity to sort our day-to-day problems. Using Science in Cybersecurity is intended for advanced undergraduate and graduate students, researchers and practitioners in the fields of cybersecurity, information security, and science of cybersecurity.

Information Security and Optimization maintains a practical perspective while offering theoretical explanations. The book explores concepts that are essential for academics as well as organizations. It discusses aspects of techniques and tools-definitions, usage, and analysis-that are invaluable for scholars ranging from those just beginning in the field to established experts. What are the policy standards? What are vulnerabilities and how can one patch them? How can data be transmitted securely? How can data in the cloud or cryptocurrency in the blockchain be secured? How can algorithms be optimized? These are some of the possible queries that are answered here effectively using examples from real life and case studies. Features: A wide range of case studies and examples derived from real-life scenarios that map theoretical explanations with real incidents. Descriptions of security tools related to digital forensics with their unique features, and the working steps for acquiring hands-on experience. Novel contributions in designing organization security policies and lightweight cryptography. Presentation of real-world use of blockchain technology and biometrics in cryptocurrency and personalized authentication systems. Discussion and analysis of security in the cloud that is important because of extensive use of cloud services to meet organizational and research demands such as data storage and computing requirements. Information Security and Optimization is equally helpful for undergraduate and postgraduate students as well as for researchers working in the domain. It can be recommended as a reference or textbook for courses related to cybersecurity.

This book covers the full life cycle of conducting a mobile and computer digital forensic examination, including planning and performing an investigation as well as report writing and testifying. Case reviews in corporate, civil, and criminal situations are also described from both prosecution and defense perspectives. Digital Forensics Explained, Second Edition draws from years of experience in local, state, federal, and international environments and highlights the challenges inherent in deficient cyber security practices. Topics include the importance of following the scientific method and verification, legal and ethical issues, planning an investigation (including tools and techniques), incident response, case project management and authorization, social media and internet, cloud, anti-forensics, link and visual analysis, and psychological considerations. The book is a valuable resource for the academic environment, law enforcement, those in the legal profession, and those working in the cyber security field. Case reviews include cyber security breaches, anti-forensic challenges, child exploitation, and social media investigations. Greg Gogolin, PhD, CISSP, is a Professor of Information Security and Intelligence at Ferris State University and a licensed Professional Investigator. He has worked more than 100 cases in criminal, civil, and corporate environments.

This book aims to provide the latest research developments and results in the domain of AI techniques for smart cyber ecosystems. It presents a holistic insight into AI-enabled theoretic approaches and methodology in IoT networking, security analytics using AI tools and network automation, which ultimately enable intelligent cyber space. This book will be a valuable resource for students, researchers, engineers and policy makers working in various areas related to cybersecurity and privacy for Smart Cities. This book includes chapters titled "An Overview of the Artificial Intelligence Evolution and Its Fundamental Concepts, and Their Relationship with IoT Security", "Smart City: Evolution and Fundamental Concepts", "Advances in AI-Based Security for Internet of Things in Wireless Virtualization Environment", "A Conceptual Model for Optimal Resource Sharing of Networked Microgrids Focusing Uncertainty: Paving Path to Eco-friendly Smart Cities", "A Novel Framework for a Cyber Secure Smart City", "Contemplating Security Challenges and Threats for Smart Cities", "Self-Monitoring Obfuscated IoT Network", "Introduction to Side Channel Attacks and Investigation of Power Analysis and Fault Injection Attack Techniques", "Collaborative Digital Forensic Investigations Model for Law Enforcement: Oman as a Case Study", "Understanding Security Requirements and Challenges in the Industrial Internet of Things: A Review", "5G Security and the Internet of Things", "The Problem of Deepfake Videos and How to Counteract Them in Smart Cities", "The Rise of Ransomware Aided by Vulnerable IoT Devices", "Security Issues in Self-Driving Cars within Smart Cities", and "Trust-Aware Crowd Associated Network-Based Approach for Optimal Waste Management in Smart Cities". This book provides state-of-the-art research results and discusses current issues, challenges, solutions and recent trends related to security and organization within IoT and Smart Cities. We expect this book to be of significant importance not only to researchers and practitioners in academia, government agencies and industries, but also for policy makers and system managers. We anticipate this book to be a valuable resource for all those working in this new and exciting area, and a "must have" for all university libraries.

This book explores fundamental scientific problems essential for autonomous cyber defense. Specific areas include: Game and control theory-based moving target defenses (MTDs) and adaptive cyber defenses (ACDs) for fully autonomous cyber operations; The extent to which autonomous cyber systems can be designed and operated in a framework that is significantly different from the human-based systems we now operate; On-line learning algorithms, including deep recurrent networks and reinforcement learning, for the kinds of situation awareness and decisions that autonomous cyber systems will require; Human understanding and control of highly distributed autonomous cyber defenses; Quantitative performance metrics for the above so that autonomous cyber defensive agents can reason about the situation and appropriate responses as well as allowing humans to assess and improve the autonomous system. This book establishes scientific foundations for adaptive autonomous cyber systems and ultimately brings about a more secure and reliable Internet. The recent advances in adaptive cyber defense (ACD) have developed a range of new ACD techniques and methodologies for reasoning in an adaptive environment. Autonomy in physical and cyber systems promises to revolutionize cyber operations. The ability of autonomous systems to execute at scales, scopes, and tempos exceeding those of humans and human-controlled systems will introduce entirely new types of cyber defense strategies and tactics, especially in highly contested physical and cyber environments. The development and automation of cyber strategies that are responsive to autonomous adversaries pose basic new technical challenges for cyber-security. This book targets cyber-security professionals and researchers (industry, governments, and military). Advanced-level students in computer science and information systems will also find this book useful as a secondary textbook.

Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that organizations collect from their processes and tools, and from the opinions of the experts who practice these processes and methods. This book introduces the reader to the fundamentals of empirical research methods, and demonstrates how these methods can be used to hone a secure software development lifecycle based on empirical data and published best practices.

Reinforcement Learning for Cyber-Physical Systems: with Cybersecurity Case Studies was inspired by recent developments in the fields of reinforcement learning (RL) and cyber-physical systems (CPSs). Rooted in behavioral psychology, RL is one of the primary strands of machine learning. Different from other machine learning algorithms, such as supervised learning and unsupervised learning, the key feature of RL is its unique learning paradigm, i.e., trial-and-error. Combined with the deep neural networks, deep RL become so powerful that many complicated systems can be automatically managed by AI agents at a superhuman level. On the other hand, CPSs are envisioned to revolutionize our society in the near future. Such examples include the emerging smart buildings, intelligent transportation, and electric grids. However, the conventional hand-programming controller in CPSs could neither handle the increasing complexity of the system, nor automatically adapt itself to new situations that it has never encountered before. The problem of how to apply the existing deep RL algorithms, or develop new RL algorithms to enable the real-time adaptive CPSs, remains open. This book aims to establish a linkage between the two domains by systematically introducing RL foundations and algorithms, each supported by one or a few state-of-the-art CPS examples to help readers understand the intuition and usefulness of RL techniques. Features Introduces reinforcement learning, including advanced topics in RL Applies reinforcement learning to cyber-physical systems and cybersecurity Contains state-of-the-art examples and exercises in each chapter Provides two cybersecurity case studies Reinforcement Learning for Cyber-Physical Systems with Cybersecurity Case Studies is an ideal text for graduate students or junior/senior undergraduates in the fields of science, engineering, computer science, or applied mathematics. It would also prove useful to researchers and engineers interested in cybersecurity, RL, and CPS. The only background knowledge required to appreciate the book is a basic knowledge of calculus and probability theory.

Cryptographic applications, such as RSA algorithm, ElGamal cryptography, elliptic curve cryptography, Rabin cryptosystem, Diffie -Hellmann key exchange algorithm, and the Digital Signature Standard, use modular exponentiation extensively. The performance of all these applications strongly depends on the efficient implementation of modular exponentiation and modular multiplication. Since 1984, when Montgomery first introduced a method to evaluate modular multiplications, many algorithmic modifications have been done for improving the efficiency of modular multiplication, but very less work has been done on the modular exponentiation to improve the efficiency. This research monograph addresses the question- how can the performance of modular exponentiation, which is the crucial operation of many public-key cryptographic techniques, be improved? The book focuses on Energy Efficient Modular Exponentiations for Cryptographic hardware. Spread across five chapters, this well-researched text focuses in detail on the Bit Forwarding Techniques and the corresponding hardware realizations. Readers will also discover advanced performance improvement techniques based on high radix multiplication and Cryptographic hardware based on multi-core architectures.

The Internet of Things (IoT) has attracted strong interest from both academia and industry. Unfortunately, it has also attracted the attention of hackers. Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations brings together some of the top IoT security experts from around the world who contribute their knowledge regarding different IoT security aspects. It answers the question "How do we use efficient algorithms, models, and implementations to cover the four important aspects of IoT security, i.e., confidentiality, authentication, integrity, and availability?" The book consists of five parts covering attacks and threats, privacy preservation, trust and authentication, IoT data security, and social awareness. The first part introduces all types of IoT attacks and threats and demonstrates the principle of countermeasures against those attacks. It provides detailed introductions to specific attacks such as malware propagation and Sybil attacks. The second part addresses privacy-preservation issues related to the collection and distribution of data, including medical records. The author uses smart buildings as an example to discuss privacy-protection solutions. The third part describes different types of trust models in the IoT infrastructure, discusses access control to IoT data, and provides a survey of IoT authentication issues. The fourth part emphasizes security issues during IoT data computation. It introduces computational security issues in IoT data processing, security design in time series data aggregation, key generation for data transmission, and concrete security protocols during data access. The fifth and final part considers policy and human behavioral features and covers social-context-based privacy and trust design in IoT platforms as well as policy-based informed consent in the IoT.

Web applications occupy a large space within the IT infrastructure of a business or a corporation. They simply just don't touch a front end or a back end; today's web apps impact just about every corner of it. Today's web apps have become complex, which has made them a prime target for sophisticated cyberattacks. As a result, web apps must be literally tested from the inside and out in terms of security before they can be deployed and launched to the public for business transactions to occur. The primary objective of this book is to address those specific areas that require testing before a web app can be considered to be completely secure. The book specifically examines five key areas: Network security: This encompasses the various network components that are involved in order for the end user to access the particular web app from the server where it is stored at to where it is being transmitted to, whether it is a physical computer itself or a wireless device (such as a smartphone). Cryptography: This area includes not only securing the lines of network communications between the server upon which the web app is stored at and from where it is accessed from but also ensuring that all personally identifiable information (PII) that is stored remains in a ciphertext format and that its integrity remains intact while in transmission. Penetration testing: This involves literally breaking apart a Web app from the external environment and going inside of it, in order to discover all weaknesses and vulnerabilities and making sure that they are patched before the actual Web app is launched into a production state of operation. Threat hunting: This uses both skilled analysts and tools on the Web app and supporting infrastructure to continuously monitor the environment to find all security holes and gaps. The Dark Web: This is that part of the Internet that is not openly visible to the public. As its name implies, this is the "sinister" part of the Internet, and in fact, where much of the PII that is hijacked from a web app cyberattack is sold to other cyberattackers in order to launch more covert and damaging threats to a potential victim. Testing and Securing Web Applications breaks down the complexity of web application security testing so this critical part of IT and corporate infrastructure remains safe and in operation.

Biometrics in a Data Driven World: Trends, Technologies, and Challenges aims to inform readers about the modern applications of biometrics in the context of a data-driven society, to familiarize them with the rich history of biometrics, and to provide them with a glimpse into the future of biometrics. The first section of the book discusses the fundamentals of biometrics and provides an overview of common biometric modalities, namely face, fingerprints, iris, and voice. It also discusses the history of the field, and provides an overview of emerging trends and opportunities. The second section of the book introduces readers to a wide range of biometric applications. The next part of the book is dedicated to the discussion of case studies of biometric modalities currently used on mobile applications. As smartphones and tablet computers are rapidly becoming the dominant consumer computer platforms, biometrics-based authentication is emerging as an integral part of protecting mobile devices against unauthorized access, while enabling new and highly popular applications, such as secure online payment authorization. The book concludes with a discussion of future trends and opportunities in the field of biometrics, which will pave the way for advancing research in the area of biometrics, and for the deployment of biometric technologies in real-world applications. The book is designed for individuals interested in exploring the contemporary applications of biometrics, from students to researchers and practitioners working in this field. Both undergraduate and graduate students enrolled in college-level security courses will also find this book to be an especially useful companion.

The idea behind this book is to simplify the journey of aspiring readers and researchers to understand Big Data, IoT and Machine Learning. It also includes various real-time/offline applications and case studies in the fields of engineering, computer science, information security and cloud computing using modern tools. This book consists of two sections: Section I contains the topics related to Applications of Machine Learning, and Section II addresses issues about Big Data, the Cloud and the Internet of Things. This brings all the related technologies into a single source so that undergraduate and postgraduate students, researchers, academicians and people in industry can easily understand them. Features Addresses the complete data science technologies workflow Explores basic and high-level concepts and services as a manual for those in the industry and at the same time can help beginners to understand both basic and advanced aspects of machine learning Covers data processing and security solutions in IoT and Big Data applications Offers adaptive, robust, scalable and reliable applications to develop solutions for day-to-day problems Presents security issues and data migration techniques of NoSQL databases

Cyberspace has become a critical part of our lives and as a result is an important academic research topic. It is a multifaceted and dynamic domain that is largely driven by the business-civilian sector, with influential impacts on national security. This book presents current and diverse matters related to regulation and jurisdictive activity within the cybersecurity context. Each section includes a collection of scholarly articles providing an analysis of questions, research directions, and methods within the field.The interdisciplinary book is an authoritative and comprehensive reference to the overall discipline of cybersecurity. The coverage of the book will reflect the most advanced discourse on related issues.

Information professionals have been paying more attention and putting a greater focus on privacy over cybersecurity. However, the number of both cybersecurity and privacy breach incidents are soaring, which indicates that cybersecurity risks are high and growing. Utilizing cybersecurity awareness training in organizations has been an effective tool to promote a cybersecurity-conscious culture, making individuals more cybersecurity-conscious as well. However, it is unknown if employees' security behavior at work can be extended to their security behavior at home and personal life. On the one hand, information professionals need to inherit their role as data and information gatekeepers to safeguard data and information assets. On the other hand, information professionals can aid in enabling effective information access and dissemination of cybersecurity knowledge to make users conscious about the cybersecurity and privacy risks that are often hidden in the cyber universe. Cybersecurity for Information Professionals: Concepts and Applications introduces fundamental concepts in cybersecurity and addresses some of the challenges faced by information professionals, librarians, archivists, record managers, students, and professionals in related disciplines. This book is written especially for educators preparing courses in information security, cybersecurity, and the integration of privacy and cybersecurity. The chapters contained in this book present multiple and diverse perspectives from professionals in the field of cybersecurity. They cover such topics as: Information governance and cybersecurity User privacy and security online and the role of information professionals Cybersecurity and social media Healthcare regulations, threats, and their impact on cybersecurity A socio-technical perspective on mobile cybersecurity Cybersecurity in the software development life cycle Data security and privacy Above all, the book addresses the ongoing challenges of cybersecurity. In particular, it explains how information professionals can contribute to long-term workforce development by designing and leading cybersecurity awareness campaigns or cybersecurity hygiene programs to change people's security behavior.

Statistical Methods in Computer Security summarizes discussions held at the recent Joint Statistical Meeting to provide a clear layout of current applications in the field. This blue-ribbon reference discusses the most influential advancements in computer security policy, firewalls, and security issues related to passwords. It addresses crime and misconduct on the Internet, considers the development of infrastructures that may prevent breaches of security and law, and illustrates the vulnerability of networked computers to new virus attacks despite widespread deployment of antivirus software, firewalls, and other network security equipment.

On March 15, 2002 we held a workshop on network interdiction and the more general problem of stochastic mixed integer programming at the University of California, Davis. Jesus De Loera and I co-chaired the event, which included presentations of on-going research and discussion. At the workshop, we decided to produce a volume of timely work on the topics. This volume is the result. Each chapter represents state-of-the-art research and all of them were refereed by leading investigators in the respective fields. Problems - sociated with protecting and attacking computer, transportation, and social networks gain importance as the world becomes more dep- dent on interconnected systems. Optimization models that address the stochastic nature of these problems are an important part of the research agenda. This work relies on recent efforts to provide methods for - dressing stochastic mixed integer programs. The book is organized with interdiction papers first and the stochastic programming papers in the second part. A nice overview of the papers is provided in the Foreward written by Roger Wets."

This book provides a comprehensive overview of the research on anomaly detection with respect to context and situational awareness that aim to get a better understanding of how context information influences anomaly detection. In each chapter, it identifies advanced anomaly detection and key assumptions, which are used by the model to differentiate between normal and anomalous behavior. When applying a given model to a particular application, the assumptions can be used as guidelines to assess the effectiveness of the model in that domain. Each chapter provides an advanced deep content understanding and anomaly detection algorithm, and then shows how the proposed approach is deviating of the basic techniques. Further, for each chapter, it describes the advantages and disadvantages of the algorithm. The final chapters provide a discussion on the computational complexity of the models and graph computational frameworks such as Google Tensorflow and H2O because it is an important issue in real application domains. This book provides a better understanding of the different directions in which research has been done on deep semantic analysis and situational assessment using deep learning for anomalous detection, and how methods developed in one area can be applied in applications in other domains. This book seeks to provide both cyber analytics practitioners and researchers an up-to-date and advanced knowledge in cloud based frameworks for deep semantic analysis and advanced anomaly detection using cognitive and artificial intelligence (AI) models.

Enterprise servers play a mission-critical role in modern computing environments, especially from a business continuity perspective. Several models of IT capability have been introduced over the last two decades. Enhancing Business Continuity and IT Capability: System Administration and Server Operating Platforms proposes a new model of IT capability. It presents a framework that establishes the relationship between downtime on one side and business continuity and IT capability on the other side, as well as how system administration and modern server operating platforms can help in improving business continuity and IT capability. This book begins by defining business continuity and IT capability and their importance in modern business, as well as by giving an overview of business continuity, disaster recovery planning, contingency planning, and business continuity maturity models. It then explores modern server environments and the role of system administration in ensuring higher levels of system availability, system scalability, and business continuity. Techniques for enhancing availability and business continuity also include Business impact analysis Assessing the downtime impact Designing an optimal business continuity solution IT auditing as a process of gathering data and evidence to evaluate whether the company's information systems infrastructure is efficient and effective and whether it meets business goals The book concludes with frameworks and guidelines on how to measure and assess IT capability and how IT capability affects a firm's performances. Cases and white papers describe real-world scenarios illustrating the concepts and techniques presented in the book.