This two-volume set LNICST 398 and 399 constitutes the post-conference proceedings of the 17th International Conference on Security and Privacy in Communication Networks, SecureComm 2021, held in September 2021. Due to COVID-19 pandemic the conference was held virtually. The 56 full papers were carefully reviewed and selected from 143 submissions. The papers focus on the latest scientific research results in security and privacy in wired, mobile, hybrid and ad hoc networks, in IoT technologies, in cyber-physical systems, in next-generation communication systems in web and systems security and in pervasive and ubiquitous computing.

Device-independent quantum cryptography is a method for exchanging secret messages over potentially insecure quantum communication channels, such as optical fibers. In contrast to conventional quantum cryptography, security is guaranteed even if the devices used by the communication partners, such as photon sources and detectors, deviate from their theoretical specifications. This is of high practical relevance, for attacks to current implementations of quantum cryptography exploit exactly such deviations. Device-independent cryptography is however technologically so demanding that it looked as if experimental realizations are out of reach. In her thesis, Rotem Arnon-Friedman presents powerful information-theoretic methods to prove the security of device-independent quantum cryptography. Based on them, she is able to establish security in a parameter regime that may be experimentally achievable in the near future. Rotem Arnon-Friedman's thesis thus provides the theoretical foundations for an experimental demonstration of device-independent quantum cryptography.

This book revises the strategic objectives of Information Warfare, interpreting them according to the modern canons of information age, focusing on the fabric of society, the economy, and critical Infrastructures. The authors build plausible detailed real-world scenarios for each entity, showing the related possible threats from the Information Warfare point of view. In addition, the authors dive into the description of the still open problems, especially when it comes to critical infrastructures, and the countermeasures that can be implemented, possibly inspiring further research in the domain. This book intends to provide a conceptual framework and a methodological guide, enriched with vivid and compelling use cases for the readers (e.g. technologists, academicians, military, government) interested in what Information Warfare really means, when its lenses are applied to current technology. Without sacrificing accuracy, rigor and, most importantly, the big picture of Information Warfare, this book dives into several relevant and up-to-date critical domains. The authors illustrate how finance (an always green target of Information Warfare) is intertwined with Social Media, and how an opponent could exploit these latter ones to reach its objectives. Also, how cryptocurrencies are going to reshape the economy, and the risks involved by this paradigm shift. Even more compelling is how the very fabric of society is going to be reshaped by technology, for instance how our democratic elections are exposed to risks that are even greater than what appears in the current public discussions. Not to mention how our Critical Infrastructure is becoming exposed to a series of novel threats, ranging from state-supported malware to drones. A detailed discussion of possible countermeasures and what the open issues are for each of the highlighted threats complete this book. This book targets a widespread audience that includes researchers and advanced level students studying and working in computer science with a focus on security. Military officers, government officials and professionals working in this field will also find this book useful as a reference.

This two-volume set LNICST 398 and 399 constitutes the post-conference proceedings of the 17th International Conference on Security and Privacy in Communication Networks, SecureComm 2021, held in September 2021. Due to COVID-19 pandemic the conference was held virtually. The 56 full papers were carefully reviewed and selected from 143 submissions. The papers focus on the latest scientific research results in security and privacy in wired, mobile, hybrid and ad hoc networks, in IoT technologies, in cyber-physical systems, in next-generation communication systems in web and systems security and in pervasive and ubiquitous computing.

This volume explores from a legal perspective, how blockchain works. Perhaps more than ever before, this new technology requires us to take a multidisciplinary approach. The contributing authors, which include distinguished academics, public officials from important national authorities, and market operators, discuss and demonstrate how this technology can be a driver of innovation and yield positive effects in our societies, legal systems and economic/financial system. In particular, they present critical analyses of the potential benefits and legal risks of distributed ledger technology, while also assessing the opportunities offered by blockchain, and possible modes of regulating it. Accordingly, the discussions chiefly focus on the law and governance of blockchain, and thus on the paradigm shift that this technology can bring about.

This open access book presents selected papers from International Symposium on Mathematics, Quantum Theory, and Cryptography (MQC), which was held on September 25-27, 2019 in Fukuoka, Japan. The international symposium MQC addresses the mathematics and quantum theory underlying secure modeling of the post quantum cryptography including e.g. mathematical study of the light-matter interaction models as well as quantum computing. The security of the most widely used RSA cryptosystem is based on the difficulty of factoring large integers. However, in 1994 Shor proposed a quantum polynomial time algorithm for factoring integers, and the RSA cryptosystem is no longer secure in the quantum computing model. This vulnerability has prompted research into post-quantum cryptography using alternative mathematical problems that are secure in the era of quantum computers. In this regard, the National Institute of Standards and Technology (NIST) began to standardize post-quantum cryptography in 2016. This book is suitable for postgraduate students in mathematics and computer science, as well as for experts in industry working on post-quantum cryptography.

This book provides modern technical answers to the legal requirements of pseudonymisation as recommended by privacy legislation. It covers topics such as modern regulatory frameworks for sharing and linking sensitive information, concepts and algorithms for privacy-preserving record linkage and their computational aspects, practical considerations such as dealing with dirty and missing data, as well as privacy, risk, and performance assessment measures. Existing techniques for privacy-preserving record linkage are evaluated empirically and real-world application examples that scale to population sizes are described. The book also includes pointers to freely available software tools, benchmark data sets, and tools to generate synthetic data that can be used to test and evaluate linkage techniques. This book consists of fourteen chapters grouped into four parts, and two appendices. The first part introduces the reader to the topic of linking sensitive data, the second part covers methods and techniques to link such data, the third part discusses aspects of practical importance, and the fourth part provides an outlook of future challenges and open research problems relevant to linking sensitive databases. The appendices provide pointers and describe freely available, open-source software systems that allow the linkage of sensitive data, and provide further details about the evaluations presented. A companion Web site at https://dmm.anu.edu.au/lsdbook2020 provides additional material and Python programs used in the book. This book is mainly written for applied scientists, researchers, and advanced practitioners in governments, industry, and universities who are concerned with developing, implementing, and deploying systems and tools to share sensitive information in administrative, commercial, or medical databases. The Book describes how linkage methods work and how to evaluate their performance. It covers all the major concepts and methods and also discusses practical matters such as computational efficiency, which are critical if the methods are to be used in practice - and it does all this in a highly accessible way!David J. Hand, Imperial College, London

Biometric recognition, or simply biometrics, is the science of establishing the identity of a person based on physical or behavioral attributes. It is a rapidly evolving field with applications ranging from securely accessing one's computer to gaining entry into a country. While the deployment of large-scale biometric systems in both commercial and government applications has increased the public awareness of this technology, "Introduction to Biometrics" is the first textbook to introduce the fundamentals of Biometrics to undergraduate/graduate students. The three commonly used modalities in the biometrics field, namely, fingerprint, face, and iris are covered in detail in this book. Few other modalities like hand geometry, ear, and gait are also discussed briefly along with advanced topics such as multibiometric systems and security of biometric systems. Exercises for each chapter will be available on the book website to help students gain a better understanding of the topics and obtain practical experience in designing computer programs for biometric applications. These can be found at: http://www.csee.wvu.edu/~ross/BiometricsTextBook/. Designed for undergraduate and graduate students in computer science and electrical engineering, "Introduction to Biometrics" is also suitable for researchers and biometric and computer security professionals.

Ocean covers 70.8% of the Earth's surface, and it plays an important role in supporting all life on Earth. Nonetheless, more than 80% of the ocean's volume remains unmapped, unobserved and unexplored. In this regard, Underwater Sensor Networks (USNs), which offer ubiquitous computation, efficient communication and reliable control, are emerging as a promising solution to understand and explore the ocean. In order to support the application of USNs, accurate position information from sensor nodes is required to correctly analyze and interpret the data sampled. However, the openness and weak communication characteristics of USNs make underwater localization much more challenging in comparison to terrestrial sensor networks. In this book, we focus on the localization problem in USNs, taking into account the unique characteristics of the underwater environment. This problem is of considerable importance, since fundamental guidance on the design and analysis of USN localization is very limited at present. To this end, we first introduce the network architecture of USNs and briefly review previous approaches to the localization of USNs. Then, the asynchronous clock, node mobility, stratification effect, privacy preserving and attack detection are considered respectively and corresponding localization schemes are developed. Lastly, the book's rich implications provide guidance on the design of future USN localization schemes. The results in this book reveal from a system perspective that underwater localization accuracy is closely related to the communication protocol and optimization estimator. Researchers, scientists and engineers in the field of USNs can benefit greatly from this book, which provides a wealth of information, useful methods and practical algorithms to help understand and explore the ocean.

What is IPSec? What's a VPN? Why do the need each other? Virtual Private Network (VPN) has become one of the most recognized terms in our industry, yet there continuously seems to be different impressions of what VPNs really are and can become.
A Technical Guide to IPSec Virtual Private Networks provides a single point of information that represents hundreds or resources and years of experience with IPSec VPN solutions. It cuts through the complexity surrounding IPSec and the idiosyncrasies of design, implementation, operations, and security.
Starting with a primer on the IP protocol suite, the book travels layer by layer through the protocols and the technologies that make VPNs possible. It includes security theory, cryptography, RAS, authentication, IKE, IPSec, encapsulation, keys, and policies.
After explaining the technologies and their interrelationships, the book provides sections on implementation and product evaluation. A Technical Guide to IPSec Virtual Private Networks arms information security, network, and system engineers and administrators with the knowledge and the methodologies to design and deploy VPNs in the real world for real companies.

Addresses one of the hottest issues facing all businesses today, and one that can destroy companies overnight - cybersecurity. Identifies how to implement cybersecurity strategy and practices in a straightforward way. Demystifies a crucial topic for executives, taking it away from an information technology issue and making it understandable for business leaders and board members with governance oversight. Ideal reading for executives, and also students on the growing number of courses on this topic.

This book presents a unique, step-by-step approach for monitoring, detecting, analyzing and mitigating complex network cyber threats. It includes updated processes in response to asymmetric threats, as well as descriptions of the current tools to mitigate cyber threats. Featuring comprehensive computer science material relating to a complete network baseline with the characterization hardware and software configuration, the book also identifies potential emerging cyber threats and the vulnerabilities of the network architecture to provide students with a guide to responding to threats. The book is intended for undergraduate and graduate college students who are unfamiliar with the cyber paradigm and processes in responding to attacks.

This book constitutes the refereed proceedings of the 14th IFIP TC 9 International Conference on Human Choice and Computers, HCC14 2020, which was supposed take place in Tokyo, Japan, in September 2020, but the conference was cancelled due to the COVID-19 crisis.The 31 revised full papers presented were carefully reviewed and selected from 55 submissions. The papers deal with the constantly evolving intimate relationship between humans and technology. They are organized in the following sections: ethical and legal considerations in a data-driven society; the data-driven society; peace and war; our digital lives; individuals in data-driven society; and gender, diversity and ICT.

This book constitutes the thoroughly refereed post-conference proceedings of the 14th International Conference on Mobile Multimedia Communications, Mobimedia 2021, held in July 2021. Due to COVID-19 pandemic the conference was held virtually. The 66 revised full papers presented were carefully selected from 166 submissions. The papers are organized in topical sections as follows: Internet of Things and Wireless Communications Communication; Strategy Optimization and Task Scheduling Oral Presentations; Privacy Computing Technology; Cyberspace Security and Access control; Neural Networks and Feature Learning Task Classification and Prediction; Object Recognition and Detection.

This two-volume set, CCIS 1453 and CCIS 1454, constitutes refereed proceedings of the 6th International Conference on Data Mining and Big Data, DMBD 2021, held in Guangzhou, China, in October 2021. The 57 full papers and 28 short papers presented in this two-volume set were carefully reviewed and selected from 258 submissions. The papers present the latest research on advantages in theories, technologies, and applications in data mining and big data. The volume covers many aspects of data mining and big data as well as intelligent computing methods applied to all fields of computer science, machine learning, data mining and knowledge discovery, data science, etc.

This book features a collection of high-quality research papers presented at the International Conference on Intelligent and Cloud Computing (ICICC 2019), held at Siksha 'O' Anusandhan (Deemed to be University), Bhubaneswar, India, on December 20, 2019. Including contributions on system and network design that can support existing and future applications and services, it covers topics such as cloud computing system and network design, optimization for cloud computing, networking, and applications, green cloud system design, cloud storage design and networking, storage security, cloud system models, big data storage, intra-cloud computing, mobile cloud system design, real-time resource reporting and monitoring for cloud management, machine learning, data mining for cloud computing, data-driven methodology and architecture, and networking for machine learning systems.

This book constitutes the refereed proceedings of the 13th IFIP WG 11.8 World Conference on Information Security Education, WISE 13, held in Maribor, Slovenia, in September 2020. The conference was held virtually due to the COVID-19 pandemic. The 13 full papers presented were carefully reviewed and selected from 28 submissions. The papers are organized in the following topical sections: teaching methods and tools; cybersecurity knowledge within the organization; and teaching of detection and forensics.

This book features research papers presented at the International Conference on Emerging Technologies in Data Mining and Information Security (IEMIS 2020) held at the University of Engineering & Management, Kolkata, India, during July 2020. The book is organized in three volumes and includes high-quality research work by academicians and industrial experts in the field of computing and communication, including full-length papers, research-in-progress papers and case studies related to all the areas of data mining, machine learning, Internet of things (IoT) and information security.

Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Computer networks, cloud computing, smartphones, embedded devices and the Internet of Things have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence in legal proceedings. Digital forensics also has myriad intelligence applications; furthermore, it has a vital role in cyber security -- investigations of security breaches yield valuable information that can be used to design more secure and resilient systems. Advances in Digital Forensics XVI describes original research results and innovative applications in the discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include: themes and issues, forensic techniques, filesystem forensics, cloud forensics, social media forensics, multimedia forensics, and novel applications. This book is the sixteenth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of sixteen edited papers from the Sixteenth Annual IFIP WG 11.9 International Conference on Digital Forensics, held in New Delhi, India, in the winter of 2020. Advances in Digital Forensics XVI is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.

This book constitutes the refereed proceedings of the 35th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2020, held in Maribor, Slovenia, in September 2020. The conference was held virtually due to the COVID-19 pandemic. The 29 full papers presented were carefully reviewed and selected from 149 submissions. The papers present novel research on theoretical and practical aspects of security and privacy protection in ICT systems. They are organized in topical sections on channel attacks; connection security; human aspects of security and privacy; detecting malware and software weaknesses; system security; network security and privacy; access control and authentication; crypto currencies; privacy and security management; and machine learning and security.

In today's workplace, computer and cybersecurity professionals must understand both hardware and software to deploy effective security solutions. This book introduces readers to the fundamentals of computer architecture and organization for security, and provides them with both theoretical and practical solutions to design and implement secure computer systems. Offering an in-depth and innovative introduction to modern computer systems and patent-pending technologies in computer security, the text integrates design considerations with hands-on lessons learned to help practitioners design computer systems that are immune from attacks. Studying computer architecture and organization from a security perspective is a new area. There are many books on computer architectures and many others on computer security. However, books introducing computer architecture and organization with security as the main focus are still rare. This book addresses not only how to secure computer components (CPU, Memory, I/O, and network) but also how to secure data and the computer system as a whole. It also incorporates experiences from the author's recent award-winning teaching and research. The book also introduces the latest technologies, such as trusted computing, RISC-V, QEMU, cache security, virtualization, cloud computing, IoT, and quantum computing, as well as other advanced computing topics into the classroom in order to close the gap in workforce development. The book is chiefly intended for undergraduate and graduate students in computer architecture and computer organization, as well as engineers, researchers, cybersecurity professionals, and middleware designers.

Did you know that the most common cloud security threats happen because of cloud service misconfigurations, not outside attacks? If you did not, you are not alone. In the on-premises world, cybersecurity risks were limited to the organization's network, but in the era of cloud computing, both the impact and likelihood of potential risks are significantly higher. With the corresponding advent of DevOps methodology, security is now the responsibility of everyone who is part of the application development life cycle, not just the security specialists. Applying the clear and pragmatic recommendations given in this book, you can reduce the cloud applications security risks in your organization. This is the book that every Azure solution architect, developer, and IT professional should have on hand when they begin their journey learning about Azure security. It demystifies the multitude of security controls and offers numerous guidelines for Azure, curtailing hours of learning fatigue and confusion. Throughout the book you will learn how to secure your applications using Azure's native security controls. After reading this book, you will know which security guardrails are available, how effective they are, and what will be the cost of implementing them. The scenarios in this book are real and come from securing enterprise applications and infrastructure running on Azure. What You Will Learn Remediate security risks of Azure applications by implementing the right security controls at the right time Achieve a level of security and stay secure across your Azure environment by setting guardrails to automate secure configurations Protect the most common reference workloads according to security best practices Design secure access control solutions for your Azure administrative access, as well as Azure application access Who This Book Is For Cloud security architects, cloud application developers, and cloud solution architects who work with Azure. It is also a valuable resource for those IT professionals responsible for securing Azure workloads in the enterprise.

Uncover a digital trail of e-evidence by using the helpful, easy-to-understand information in "Computer Forensics For Dummies" Professional and armchair investigators alike can learn the basics of computer forensics, from digging out electronic evidence to solving the case. You won't need a computer science degree to master e-discovery. Find and filter data in mobile devices, e-mail, and other Web-based technologies.

You'll learn all about e-mail and Web-based forensics, mobile forensics, passwords and encryption, and other e-evidence found through VoIP, voicemail, legacy mainframes, and databases. You'll discover how to use the latest forensic software, tools, and equipment to find the answers that you're looking for in record time. When you understand how data is stored, encrypted, and recovered, you'll be able to protect your personal privacy as well. By the time you finish reading this book, you'll know how to: Prepare for and conduct computer forensics investigationsFind and filter dataProtect personal privacyTransfer evidence without contaminating itAnticipate legal loopholes and opponents' methodsHandle passwords and encrypted dataWork with the courts and win the case

Plus, "Computer Forensics for Dummies" includes lists of things that everyone interested in computer forensics should know, do, and build. Discover how to get qualified for a career in computer forensics, what to do to be a great investigator and expert witness, and how to build a forensics lab or toolkit.

Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

This handbook introduces the basic principles and fundamentals of cyber security towards establishing an understanding of how to protect computers from hackers and adversaries. The highly informative subject matter of this handbook, includes various concepts, models, and terminologies along with examples and illustrations to demonstrate substantial technical details of the field. It motivates the readers to exercise better protection and defense mechanisms to deal with attackers and mitigate the situation. This handbook also outlines some of the exciting areas of future research where the existing approaches can be implemented. Exponential increase in the use of computers as a means of storing and retrieving security-intensive information, requires placement of adequate security measures to safeguard the entire computing and communication scenario. With the advent of Internet and its underlying technologies, information security aspects are becoming a prime concern towards protecting the networks and the cyber ecosystem from variety of threats, which is illustrated in this handbook. This handbook primarily targets professionals in security, privacy and trust to use and improve the reliability of businesses in a distributed manner, as well as computer scientists and software developers, who are seeking to carry out research and develop software in information and cyber security. Researchers and advanced-level students in computer science will also benefit from this reference.

This book strives to take stock of current achievements and existing challenges in nuclear verification, identify the available information and gaps that can act as drivers for exploring new approaches to verification strategies and technologies. With the practical application of the systems concept to nuclear disarmament scenarios and other, non-nuclear verification fields, it investigates, where greater transparency and confidence could be achieved in pursuit of new national or international nonproliferation and arms reduction efforts. A final discussion looks at how, in the absence of formal government-to-government negotiations, experts can take practical steps to advance the technical development of these concepts.