The book is compilation of technical papers presented at International Research Symposium on Computing and Network Sustainability (IRSCNS 2016) held in Goa, India on 1st and 2nd July 2016. The areas covered in the book are sustainable computing and security, sustainable systems and technologies, sustainable methodologies and applications, sustainable networks applications and solutions, user-centered services and systems and mobile data management. The novel and recent technologies presented in the book are going to be helpful for researchers and industries in their advanced works.

Cyberspace in increasingly important to people in their everyday lives for purchasing goods on the Internet, to energy supply increasingly managed remotely using Internet protocols. Unfortunately, this dependence makes us susceptible to attacks from nation states, terrorists, criminals and hactivists. Therefore, we need a better understanding of cyberspace, for which patterns, which are predictable regularities, may help to detect, understand and respond to incidents better. The inspiration for the workshop came from the existing work on formalising design patterns applied to cybersecurity, but we also need to understand the many other types of patterns that arise in cyberspace.

Privacy requirements have an increasing impact on the realization of modern applications. Commercial and legal regulations demand that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. Current approaches encrypt sensitive data, thus reducing query execution efficiency and preventing selective information release.

Preserving Privacy in Data Outsourcing presents a comprehensive approach for protecting highly sensitive information when it is stored on systems that are not under the data owner's control. The approach illustrated combines access control and encryption, enforcing access control via structured encryption. This solution, coupled with efficient algorithms for key derivation and distribution, provides efficient and secure authorization management on outsourced data, allowing the data owner to outsource not only the data but the security policy itself. To reduce the amount of data to be encrypted the book also investigates data fragmentation as a possible way to protect privacy of data associations and provide fragmentation as a complementary means for protecting privacy: associations broken by fragmentation will be visible only to users authorized (by knowing the proper key) to join fragments. The book finally investigates the problem of executing queries over possible data distributed at different servers and which must be controlled to ensure sensitive information and sensitive associations be visible only to parties authorized for that. Case Studies are provided throughout the book.

Privacy, data mining, data protection, data outsourcing, electronic commerce, machine learning professionals and others working in these related fields will find this book a valuable asset, as well as primary associations such as ACM, IEEE and Management Science. This book is also suitable for advanced level students and researchers concentrating on computer science as a secondary text or reference book.

As the IoT market is booming, several issues are delaying the full realization of the technology. IoT devices, in cybersecurity terms, greatly increase security risk. This means that any scientific work that offers cybersecurity strategies will excite security experts who will be glad to expand their knowledge base on IoT cybersecurity. As a result of the booming of the IoT market, business competitors are jockeying for a piece of the market. This means that solutions from researchers that address compatibility issues will be greatly welcomed by IoT technology developers. Connectivity providers are likely to embrace solutions to challenges of bandwidth since a growing IoT market must be followed up by bandwidth-intensive IoT applications which tend to jostle for space on the current client-server model. Overpromising followed by underdelivering, has been the current approach by many innovators and the mismatch results in losses in production, orphaned technologies accompanied by frequent system failures. Solutions that address IoT performance issues are likely to excite many start-ups. Solutions to challenges of fragmentation presented by thousands of devices from different manufacturers operating on proprietary ecosystems are likely to be warmly embraced by many IoT brands developers. As such, a publication that specifically addresses the challenges faced in the rolling out of IoT technologies is sorely needed.

A comprehensive survey of computer network security concepts, methods, and practices. This authoritative volume provides an optimal description of the principles and applications of computer network security in particular, and cyberspace security in general. The book is thematically divided into three segments: Part I describes the operation and security conditions surrounding computer networks; Part II builds from there and exposes readers to the prevailing security situation based on a constant security threat; and Part III - the core - presents readers with most of the best practices and solutions currently in use. It is intended as both a teaching tool and reference. This broad-ranging text/reference comprehensively surveys computer network security concepts, methods, and practices and covers network security tools, policies, and administrative goals in an integrated manner. It is an essential security resource for undergraduate or graduate study, practitioners in networks, and professionals who develop and maintain secure computer network systems.

While women benefit from using new digital and Internet technologies for self-expression, networking, and professional activities, cyber victimization remains an underexplored barrier to their participation. Women often outnumber men in surveys on cyber victimization. Cyber Crime and the Victimization of Women: Laws, Rights and Regulations is a unique and important contribution to the literature on cyber crime. It explores gendered dimensions of cyber crimes like adult bullying, cyber stalking, hacking, defamation, morphed pornographic images, and electronic blackmailing. These and other tactics designed to inflict intimidation, control, and other harms are frequently committed by perpetrators who, for many reasons, are unlikely to be identified or punished. Scholars, researchers, law makers, and ordinary women and their supporters will gain a better understanding of cyber victimization and discover how to improve responses to cyber crimes against women.

In this book the authors first describe the background of trusted platforms and trusted computing and speculate about the future. They then describe the technical features and architectures of trusted platforms from several different perspectives, finally explaining second-generation TPMs, including a technical description intended to supplement the Trusted Computing Group's TPM2 specifications. The intended audience is IT managers and engineers and graduate students in information security.

These proceedings contain the papers of IFIP/SEC 2010. It was a special honour and privilege to chair the Program Committee and prepare the proceedings for this conf- ence, which is the 25th in a series of well-established international conferences on security and privacy organized annually by Technical Committee 11 (TC-11) of IFIP. Moreover, in 2010 it is part of the IFIP World Computer Congress 2010 celebrating both the Golden Jubilee of IFIP (founded in 1960) and the Silver Jubilee of the SEC conference in the exciting city of Brisbane, Australia, during September 20-23. The call for papers went out with the challenging motto of "Security & Privacy Silver Linings in the Cloud" building a bridge between the long standing issues of security and privacy and the most recent developments in information and commu- cation technology. It attracted 102 submissions. All of them were evaluated on the basis of their significance, novelty, and technical quality by at least five member of the Program Committee. The Program Committee meeting was held electronically over a period of a week. Of the papers submitted, 25 were selected for presentation at the conference; the acceptance rate was therefore as low as 24. 5% making SEC 2010 a highly competitive forum. One of those 25 submissions could unfortunately not be included in the proceedings, as none of its authors registered in time to present the paper at the conference.

Networks and Network Analysis for Defence and Security discusses relevant theoretical frameworks and applications of network analysis in support of the defence and security domains. This book details real world applications of network analysis to support defence and security. Shocks to regional, national and global systems stemming from natural hazards, acts of armed violence, terrorism and serious and organized crime have significant defence and security implications. Today, nations face an uncertain and complex security landscape in which threats impact/target the physical, social, economic and cyber domains. Threats to national security, such as that against critical infrastructures not only stem from man-made acts but also from natural hazards. Katrina (2005), Fukushima (2011) and Hurricane Sandy (2012) are examples highlighting the vulnerability of critical infrastructures to natural hazards and the crippling effect they have on the social and economic well-being of a community and a nation. With this dynamic and complex threat landscape, network analysis has emerged as a key enabler in supporting defence and security. With the advent of big data and increasing processing power, network analysis can reveal insights with regards to structural and dynamic properties thereby facilitating greater understanding of complex networks, their entities, interdependencies, vulnerabilities to produce insights for creative solutions. This book will be well positioned to inform defence, security and intelligence professionals and researchers with regards to leading methodologies and approaches."

As the diffusion and use of technology applications have accelerated in organizational and societal domains, behavioral and social dynamics have inevitably created the potential for negative as well as positive consequences and events associated with technology. A pressing need within organizations and societies has therefore emerged for robust, proactive information security measures that can prevent as well as ameliorate breaches, attacks, and abuses.""The Handbook of Research on Social and Organizational Liabilities in Information Security"" offers a critical mass of insightful, authoritative articles on the most salient contemporary issues of managing social and human aspects of information security. Aimed at providing immense scholarly value to researchers, academicians, and practitioners in the area of information technology and security, this landmark reference collection provides estimable coverage of pertinent issues such as employee surveillance, information security policies, and password authentication.

User authentication is the process of verifying whether the identity of a user is genuine prior to granting him or her access to resources or services in a secured environment. Traditionally, user authentication is performed statically at the point of entry of the system; however, continuous authentication (CA) seeks to address the shortcomings of this method by providing increased session security and combating insider threat. Continuous Authentication Using Biometrics: Data, Models, and Metrics presents chapters on continuous authentication using biometrics that have been contributed by the leading experts in this recent, fast growing research area. These chapters collectively provide a thorough and concise introduction to the field of biometric-based continuous authentication. The book covers the conceptual framework underlying continuous authentication and presents detailed processing models for various types of practical continuous authentication applications.

The information infrastructure - comprising computers, embedded devices, networks and software systems - is vital to day-to-day operations in every sector: information and telecommunications, banking and finance, energy, chemicals and hazardous materials, agriculture, food, water, public health, emergency services, transportation, postal and shipping, government and defense. Global business and industry, governments, indeed society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. Critical Infrastructure Protection describes original research results and innovative applications in the interdisciplinary field of critical infrastructure protection. Also, it highlights the importance of weaving science, technology and policy in crafting sophisticated, yet practical, solutions that will help secure information, computer and network assets in the various critical infrastructure sectors. Areas of coverage include: themes and issues; control systems security; infrastructure modeling and simulation; risk and impact assessment. This book is the tenth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.10 on Critical Infrastructure Protection, an international community of scientists, engineers, practitioners and policy makers dedicated to advancing research, development and implementation efforts focused on infrastructure protection. The book contains a selection of fourteen edited papers from the Tenth Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, held at SRI International, Arlington, Virginia, USA in the spring of 2016. Critical Infrastructure Protection is an important resource for researchers, faculty members and graduate students, as well as for policy makers, practitioners and other individuals with interests in homeland security.

The ubiquitous nature of the Internet is enabling a new generation of - pUcations to support collaborative work among geographically distant users. Security in such an environment is of utmost importance to safeguard the pri vacy of the communication and to ensure the integrity of the applications. 'Secure group communications' (SGC) refers to a scenario in which a group of participants can receive and send messages to group members, in a way that outsiders are unable to glean any information even when they are able to intercept the messages. SGC is becoming extremely important for researchers and practitioners because many applications that require SGC are now widely used, such as teleconferencing, tele-medicine, real-time information services, distributed interactive simulations, collaborative work, grid computing, and the deployment of VPN (Virtual Private Networks). Even though considerable research accomplishments have been achieved in SGC, few books exist on this very important topic. The purpose of this book is to provide a comprehensive survey of principles and state-of-the-art techniques for secure group communications over data net works. The book is targeted towards practitioners, researchers and students in the fields of networking, security, and software applications development. The book consists of 7 chapters, which are listed and described as follows."

 Chapter 1:  Introduction and Overview

Cybersecurity for medical devices is no longer optional. We must not allow sensationalism or headlines to drive the discussion... Nevertheless, we must proceed with urgency. In the end, this is about preventing patient harm and preserving patient trust. A comprehensive guide to medical device secure lifecycle management, this is a book for engineers, managers, and regulatory specialists. Readers gain insight into the security aspects of every phase of the product lifecycle, including concept, design, implementation, supply chain, manufacturing, postmarket surveillance, maintenance, updates, and end of life. Learn how to mitigate or completely avoid common cybersecurity vulnerabilities introduced during development and production. Grow your awareness of cybersecurity development topics ranging from high-level concepts to practical solutions and tools. Get insight into emerging regulatory and customer expectations. Uncover how to minimize schedule impacts and accelerate time-to-market while still accomplishing the main goal: reducing patient and business exposure to cybersecurity risks. Medical Device Cybersecurity for Engineers and Manufacturers is designed to help all stakeholders lead the charge to a better medical device security posture and improve the resilience of our medical device ecosystem.

Three important technology issues face professionals in today's business, education, and government world. In "Privacy, Identity, and Cloud Computing, " author and computer expert Dr. Harry Katzan Jr. addresses the subjects of privacy and identity as they relate to the new discipline of cloud computing, a model for providing on-demand access to computing service via the Internet. A compendium of eight far-reaching papers, "Privacy, Identity, and Cloud Computing" thoroughly dissects and discusses the following: The privacy of cloud computing Identity as a service Identity analytics and belief structures Compatibility relations in identity analysis Conspectus of cloud computing Cloud computing economics: Democratization and monetization of services Ontological view of cloud computing Privacy as a service Katzan provides not only a wealth of information, but gives exposure to these topics facing today's computer users. Ultimately, these are important facets of modern computing, and all their implications must be considered thoroughly in anticipation of future developments.

Video monitoring has become a vital aspect within the global society as it helps prevent crime, promote safety, and track daily activities such as traffic. As technology in the area continues to improve, it is necessary to evaluate how video is being processed to improve the quality of images. Applied Video Processing in Surveillance and Monitoring Systems investigates emergent techniques in video and image processing by evaluating such topics as segmentation, noise elimination, encryption, and classification. Featuring real-time applications, empirical research, and vital frameworks within the field, this publication is a critical reference source for researchers, professionals, engineers, academicians, advanced-level students, and technology developers.

This book is centered on Smart grids and micro-grids, as a cost-effective method of ensuring fair and equitable access to power in urban areas. It also considers scenarios where deploying smart grids can be both cost-prohibitively expensive and logistically challenging. Deploying smart microgrids instead, offers a reliable power solution but, as is the case in smart grids, a key issue is guaranteeing usability, trust, and reliability while protecting against energy theft. This book considers aspects such as state estimation, capacity planning, demand forecasting, price signals, and demand management with respect to energy theft. Straight-forward approaches to provoking energy theft on smart grids and micro-grids include mis-recordings power consumption/generation information and exposures of personally identifiable information or sensitive information. Attack models based on mis-recorded generation and/or consumption data and exposure of personally identifiable information, are also studied. In each case, countermeasures are proposed to circumvent the power theft attacks raised. Researchers in Smart Micro-grids security, cyber-physical systems, and critical infrastructure will want to purchase this book as a reference. Professionals, Researchers, Academics and students working in security general and Security of Critical Infrastructure, Privacy, and Data Sharing will also want to purchase this book as a reference.