Since its first volume in 1960, Advances in Computers has presented detailed coverage of innovations in computer hardware, software, theory, design, and applications. It has also provided contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of sugnificant, lasting value in this rapidly expanding field.
In-depth surveys and tutorials on new computer technologyWell-known authors and researchers in the fieldExtensive bibliographies with most chaptersMany of the volumes are devoted to single themes or subfields of computer science

Blockchain technology is an emerging distributed, decentralized architecture and computing paradigm, which has accelerated the development and application of cloud, fog and edge computing; artificial intelligence; cyber physical systems; social networking; crowdsourcing and crowdsensing; 5g; trust management and finance; and other many useful sectors. Nowadays, the primary blockchain technology uses are in information systems to keep information secure and private. However, many threats and vulnerabilities are facing blockchain in the past decade such 51% attacks, double spending attacks, etc. The popularity and rapid development of blockchain brings many technical and regulatory challenges for research and academic communities. The main goal of this book is to encourage both researchers and practitioners of Blockchain technology to share and exchange their experiences and recent studies between academia and industry. The reader will be provided with the most up-to-date knowledge of blockchain in mainstream areas of security and privacy in the decentralized domain, which is timely and essential (this is due to the fact that the distributed and p2p applications are increasing day-by-day, and the attackers adopt new mechanisms to threaten the security and privacy of the users in those environments). This book provides a detailed explanation of security and privacy with respect to blockchain for information systems, and will be an essential resource for students, researchers and scientists studying blockchain uses in information systems and those wanting to explore the current state of play.

From early prototypes and proposed applications, this book surveys the longer history of amplifying small amounts of hardware security into broader system security

Including real case study experience with security architecture and applications on multiple types of platforms.

Examines the theory, design, implementation of the IBM 4758 secure coprocessor platform and discusses real case study applications that exploit the unique capabilities of this platform.

Examines more recent cutting-edge experimental work in this area.

Written for security architects, application designers, and the general computer scientist interested in the evolution and use of this emerging technology.

The proposed title intends to provide a comprehensive view of emerging paradigms of computer science. The initial chapters will introduce various emerging paradigms and discuss research challenges related to them. Then some of the chapters will focus on the research solutions to address the identified challenges. The last few chapters will provide a discussion on future research directions.

Advances in technology have provided numerous innovations that make people's daily lives easier and more convenient. However, as technology becomes more ubiquitous, corresponding risks also increase. The field of cryptography has become a solution to this ever-increasing problem. Applying strategic algorithms to cryptic issues can help save time and energy in solving the expanding problems within this field. Cryptography: Breakthroughs in Research and Practice examines novel designs and recent developments in cryptographic security control procedures to improve the efficiency of existing security mechanisms that can help in securing sensors, devices, networks, communication, and data. Highlighting a range of topics such as cyber security, threat detection, and encryption, this publication is an ideal reference source for academicians, graduate students, engineers, IT specialists, software engineers, security analysts, industry professionals, and researchers interested in expanding their knowledge of current trends and techniques within the cryptology field.

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license.

The book presents selected papers from the 17th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, in conjunction with the 14th International Conference on Frontiers of Information Technology, Applications and Tools, held on October 29 - 31, 2021, in Kaohsiung, Taiwan. It is divided into two volumes and discusses latest research outcomes in the field of information technology (IT) including but not limited to information hiding, multimedia signal processing, big data, data mining, bioinformatics, database, industrial and Internet of things, and their applications.

Understand the CCPA (California Consumer Privacy Act) and how to implement strategies to comply with this privacy regulation. Established in June 2018, the CCPA was created to remedy the lack of comprehensive privacy regulation in the state of California. When it comes into effect on January 1, 2020, the CCPA will give California residents the right to: Learn what personal data a business has collected about them Understand who this data has been disclosed to Find out whether their personal data has been sold to third parties, and who these third parties are Opt-out of such data transactions, or request that the data be deleted. Many organizations that do business in the state of California must align to the provisions of the CCPA. Much like the EU's GDPR (General Data Protection Regulation), businesses that fail to comply with the CCPA will face economic penalties. Prepare your business for CCPA compliance with our implementation guide that: Provides the reader with a comprehensive understanding of the legislation by explaining key terms Explains how a business can implement strategies to comply with the CCPA Discusses potential developments of the CCPA to further aid compliance Your guide to understanding the CCPA and how you can implement a strategy to comply with this legislation - buy this book today to get the guidance you need! About the author Preston Bukaty is an attorney and consultant. He specializes in data privacy GRC projects, from data inventory audits to gap analyses, contract management, and remediation planning. His compliance background and experience operationalizing compliance in a variety of industries give him a strong understanding of the legal issues presented by international regulatory frameworks. Having conducted more than 3,000 data mapping audits, he also understands the practical realities of project management in operationalizing compliance initiatives. Preston's legal experience and enthusiasm for technology make him uniquely suited to understanding the business impact of privacy regulations such as the GDPR and the CCPA. He has advised more than 250 organizations engaged in businesses as varied as SaaS platforms, mobile geolocation applications, GNSS/telematics tools, financial institutions, fleet management software, architectural/engineering design systems, and web hosting. He also teaches certification courses on GDPR compliance and ISO 27001 implementation, and writes on data privacy law topics. Preston lives in Denver, Colorado. Prior to working as a data privacy consultant, he worked for an international GPS software company, advising business areas on compliance issues across 140 countries. Preston holds a juris doctorate from the University of Kansas School of Law, along with a basketball signed by Hall of Fame coach Bill Self.

This book is for cybersecurity leaders across all industries and organizations. It is intended to bridge the gap between the data center and the board room. This book examines the multitude of communication challenges that CISOs are faced with every day and provides practical tools to identify your audience, tailor your message and master the art of communicating. Poor communication is one of the top reasons that CISOs fail in their roles. By taking the step to work on your communication and soft skills (the two go hand-in-hand), you will hopefully never join their ranks. This is not a "communication theory" book. It provides just enough practical skills and techniques for security leaders to get the job done. Learn fundamental communication skills and how to apply them to day-to-day challenges like communicating with your peers, your team, business leaders and the board of directors. Learn how to produce meaningful metrics and communicate before, during and after an incident. Regardless of your role in Tech, you will find something of value somewhere along the way in this book.

As we entered the 21st century, the rapid growth of information technology has changed our lives more conveniently than we have ever speculated. Recently in all fields of the industry, heterogeneous technologies have converged with information technology resulting in a new paradigm, information technology convergence. In the process of information technology convergence, the latest issues in the structure of data, system, network, and infrastructure have become the most challenging task. Proceedings of the International Conference on IT Convergence and Security 2011 approaches the subject matter with problems in technical convergence and convergences of security technology by looking at new issues that arise from techniques converging. The general scope is convergence security and the latest information technology with the following most important features and benefits: 1. Introduction of the most recent information technology and its related ideas 2. Applications and problems related to technology convergence, and its case studies 3. Introduction of converging existing security techniques through convergence security Overall, after reading Proceedings of the International Conference on IT Convergence and Security 2011, readers will understand the most state of the art information strategies and technologies of convergence security.

This book discusses understand cybersecurity management in decentralized finance (DeFi). It commences with introducing fundamentals of DeFi and cybersecurity to readers. It emphasizes on the importance of cybersecurity for decentralized finance by illustrating recent cyber breaches, attacks, and financial losses. The book delves into understanding cyber threats and adversaries who can exploit those threats. It advances with cybersecurity threat, vulnerability, and risk management in DeFi. The book helps readers understand cyber threat landscape comprising different threat categories for that can exploit different types of vulnerabilities identified in DeFi. It puts forward prominent threat modelling strategies by focusing on attackers, assets, and software. The book includes the popular blockchains that support DeFi include Ethereum, Binance Smart Chain, Solana, Cardano, Avalanche, Polygon, among others. With so much monetary value associated with all these technologies, the perpetrators are always lured to breach security by exploiting the vulnerabilities that exist in these technologies. For simplicity and clarity, all vulnerabilities are classified into different categories: arithmetic bugs, re-Entrancy attack, race conditions, exception handling, using a weak random generator, timestamp dependency, transaction-ordering dependence and front running, vulnerable libraries, wrong initial assumptions, denial of service, flash loan attacks, and vampire Since decentralized finance infrastructures are the worst affected by cyber-attacks, it is imperative to understand various security issues in different components of DeFi infrastructures and proposes measures to secure all components of DeFi infrastructures. It brings the detailed cybersecurity policies and strategies that can be used to secure financial institutions. Finally, the book provides recommendations to secure DeFi infrastructures from cyber-attacks.

Threat actors, be they cyber criminals, terrorists, hacktivists or disgruntled employees, are employing sophisticated attack techniques and anti-forensics tools to cover their attacks and breach attempts. As emerging and hybrid technologies continue to influence daily business decisions, the proactive use of cyber forensics to better assess the risks that the exploitation of these technologies pose to enterprise-wide operations is rapidly becoming a strategic business objective. This book moves beyond the typical, technical approach to discussing cyber forensics processes and procedures. Instead, the authors examine how cyber forensics can be applied to identifying, collecting, and examining evidential data from emerging and hybrid technologies, while taking steps to proactively manage the influence and impact, as well as the policy and governance aspects of these technologies and their effect on business operations. A world-class team of cyber forensics researchers, investigators, practitioners and law enforcement professionals have come together to provide the reader with insights and recommendations into the proactive application of cyber forensic methodologies and procedures to both protect data and to identify digital evidence related to the misuse of these data. This book is an essential guide for both the technical and non-technical executive, manager, attorney, auditor, and general practitioner who is seeking an authoritative source on how cyber forensics may be applied to both evidential data collection and to proactively managing today's and tomorrow's emerging and hybrid technologies. The book will also serve as a primary or supplemental text in both under- and post-graduate academic programs addressing information, operational and emerging technologies, cyber forensics, networks, cloud computing and cybersecurity.

This book examines different aspects of network security metrics and their application to enterprise networks. One of the most pertinent issues in securing mission-critical computing networks is the lack of effective security metrics which this book discusses in detail. Since "you cannot improve what you cannot measure", a network security metric is essential to evaluating the relative effectiveness of potential network security solutions. The authors start by examining the limitations of existing solutions and standards on security metrics, such as CVSS and attack surface, which typically focus on known vulnerabilities in individual software products or systems. The first few chapters of this book describe different approaches to fusing individual metric values obtained from CVSS scores into an overall measure of network security using attack graphs. Since CVSS scores are only available for previously known vulnerabilities, such approaches do not consider the threat of unknown attacks exploiting the so-called zero day vulnerabilities. Therefore, several chapters of this book are dedicated to develop network security metrics especially designed for dealing with zero day attacks where the challenge is that little or no prior knowledge is available about the exploited vulnerabilities, and thus most existing methodologies for designing security metrics are no longer effective. Finally, the authors examine several issues on the application of network security metrics at the enterprise level. Specifically, a chapter presents a suite of security metrics organized along several dimensions for measuring and visualizing different aspects of the enterprise cyber security risk, and the last chapter presents a novel metric for measuring the operational effectiveness of the cyber security operations center (CSOC). Security researchers who work on network security or security analytics related areas seeking new research topics, as well as security practitioners including network administrators and security architects who are looking for state of the art approaches to hardening their networks, will find this book helpful as a reference. Advanced-level students studying computer science and engineering will find this book useful as a secondary text.

Advances in technology are causing new privacy concerns as an increasing number of citizens are engaging in online activities. ""Techniques and Applications for Advanced Information Privacy and Security: Emerging Organizational, Ethical, and Human Issues"" provides a thorough understanding of issues and concerns in information technology security. An advanced reference source covering topics such as security management, privacy preservation, and authentication, this book outlines the field and provides a basic understanding of the most salient issues in privacy concerns for researchers and practitioners.

This book discusses the current research concerning public key cryptosystems. It begins with an introduction to the basic concepts of multivariate cryptography and the history of this field. The authors provide a detailed description and security analysis of the most important multivariate public key schemes, including the four multivariate signature schemes participating as second round candidates in the NIST standardization process for post-quantum cryptosystems. Furthermore, this book covers the Simple Matrix encryption scheme, which is currently the most promising multivariate public key encryption scheme. This book also covers the current state of security analysis methods for Multivariate Public Key Cryptosystems including the algorithms and theory of solving systems of multivariate polynomial equations over finite fields. Through the book's website, interested readers can find source code to the algorithms handled in this book. In 1994, Dr. Peter Shor from Bell Laboratories proposed a quantum algorithm solving the Integer Factorization and the Discrete Logarithm problem in polynomial time, thus making all of the currently used public key cryptosystems, such as RSA and ECC insecure. Therefore, there is an urgent need for alternative public key schemes which are resistant against quantum computer attacks. Researchers worldwide, as well as companies and governmental organizations have put a tremendous effort into the development of post-quantum public key cryptosystems to meet this challenge. One of the most promising candidates for this are Multivariate Public Key Cryptosystems (MPKCs). The public key of an MPKC is a set of multivariate polynomials over a small finite field. Especially for digital signatures, numerous well-studied multivariate schemes offering very short signatures and high efficiency exist. The fact that these schemes work over small finite fields, makes them suitable not only for interconnected computer systems, but also for small devices with limited resources, which are used in ubiquitous computing. This book gives a systematic introduction into the field of Multivariate Public Key Cryptosystems (MPKC), and presents the most promising multivariate schemes for digital signatures and encryption. Although, this book was written more from a computational perspective, the authors try to provide the necessary mathematical background. Therefore, this book is suitable for a broad audience. This would include researchers working in either computer science or mathematics interested in this exciting new field, or as a secondary textbook for a course in MPKC suitable for beginning graduate students in mathematics or computer science. Information security experts in industry, computer scientists and mathematicians would also find this book valuable as a guide for understanding the basic mathematical structures necessary to implement multivariate cryptosystems for practical applications.

This pocket guide is a primer for any DSPs (digital service providers) that needs to comply with the NIS Regulations, and explores who they are, and why the NIS Regulations are different for them. An introduction to the new NIS Regulations 2018 that bring the EU's NIS Directive and Implementing Regulation into UK law. This guide outlines the key requirements, details exactly which digital service providers are within scope, and explains how the security objectives from ENISA's Technical Guidelines and international standards can help DSPs achieve compliance. This guide will help you: Clarify how to identify if you are within the scope of the NIS Regulations Gain an insight into the NIS Directive Unravel the key definitions, authorities and points of contact Understand the benefits of a good cyber resilience plan Your essential guide to understanding the NIS Regulations - buy this book today and get the help and guidance you need

This pocket guide is a primer for any OES (operators of essential services) that needs to comply with the NIS Regulations, and explores who they are, and why the NIS Regulations are different for them. An introduction to the new NIS Regulations 2018 that bring the EU's NIS Directive and Implementing Regulation into UK law. This guide outlines the requirements for operators of essential services based on the Cyber Assessment Framework established by the National Cyber Security Centre (NCSC), including an explanation of the objectives, principles and indicators of good practice, and offers implementation guidance. This guide will help you: Understand how to comply with NIS Regulations, and avoid penalties associated with non-compliance Unravel the key definitions, authorities and points of contact Learn the benefits of a good Cyber Resilience plan Interpret and ensure compliance with the Cyber Assessment Framework Establish the NCSC's cyber security objectives, principles and indicators of good practice Your essential guide to understanding the NIS Regulations - buy this book today and get the help and guidance you need.

This pocket guide is an introduction to the EU's NIS Directive (Directive on security of network and information systems). It outlines the key requirements, details which digital service providers are within scope, and explains how the security objectives from ENISA's Technical Guidelines and international standards can help DSPs achieve compliance. This pocket guide is a primer for any DSP that needs to comply with the NIS Directive. The pocket guide helps DSPs: Gain insight into the NIS Directive and who is regulating it; Identify if they are within the scope of the Directive; Understand the key requirements; and Understand how guidance from international standards and ENISA can help them comply. Your essential guide to understanding the EU's NIS Directive - buy this book today and get the help and guidance you need.

This open access book introduces MIN, a novel networking architecture to implement the sovereign equality of all countries in the cyberspace. Combining legal theory and network technology, it first discusses the historical development of sovereignty and expounds the legal basis of cyberspace sovereignty. Then, based on the high-performance blockchain, it describes a new network architecture designed to implement co-governance at the technical level. Explaining network sovereignty and including rich illustrations and tables, the book helps readers new to the field grasp the evolution and necessity of cyberspace sovereignty, gain insights into network trends and develop a preliminary understanding of complex network technologies such as blockchain, security mechanisms and routing strategies. The MIN network implements the "four principles" of cyberspace adopted by most nations and people: respecting cyber sovereignty; maintaining peace and protection; promoting openness and cooperation; and building good order to provide network system security. There maybe three scales of application scenario for MIN, the big one is for UN of Cyberspace, the middle one is for Smart city, the small one is for enterprise group or organizations as private network, MIN-VPN. We have developed the product of MIN-VPN, you could find its message on the preface if care about the security of your network.

This book features a collection of high-quality research papers presented at the International Conference on Intelligent and Cloud Computing (ICICC 2019), held at Siksha 'O' Anusandhan (Deemed to be University), Bhubaneswar, India, on December 20, 2019. Including contributions on system and network design that can support existing and future applications and services, it covers topics such as cloud computing system and network design, optimization for cloud computing, networking, and applications, green cloud system design, cloud storage design and networking, storage security, cloud system models, big data storage, intra-cloud computing, mobile cloud system design, real-time resource reporting and monitoring for cloud management, machine learning, data mining for cloud computing, data-driven methodology and architecture, and networking for machine learning systems.

Protect your organization from scandalously easy-to-hack MFA security "solutions" Multi-Factor Authentication (MFA) is spreading like wildfire across digital environments. However, hundreds of millions of dollars have been stolen from MFA-protected online accounts. How? Most people who use multifactor authentication (MFA) have been told that it is far less hackable than other types of authentication, or even that it is unhackable. You might be shocked to learn that all MFA solutions are actually easy to hack. That's right: there is no perfectly safe MFA solution. In fact, most can be hacked at least five different ways. Hacking Multifactor Authentication will show you how MFA works behind the scenes and how poorly linked multi-step authentication steps allows MFA to be hacked and compromised. This book covers over two dozen ways that various MFA solutions can be hacked, including the methods (and defenses) common to all MFA solutions. You'll learn about the various types of MFA solutions, their strengthens and weaknesses, and how to pick the best, most defensible MFA solution for your (or your customers') needs. Finally, this book reveals a simple method for quickly evaluating your existing MFA solutions. If using or developing a secure MFA solution is important to you, you need this book. Learn how different types of multifactor authentication work behind the scenes See how easy it is to hack MFA security solutions--no matter how secure they seem Identify the strengths and weaknesses in your (or your customers') existing MFA security and how to mitigate Author Roger Grimes is an internationally known security expert whose work on hacking MFA has generated significant buzz in the security world. Read this book to learn what decisions and preparations your organization needs to take to prevent losses from MFA hacking.

This book provides a detailed "how-to" guide, addressing aspects ranging from analysis and design to the implementation of applications, which need to be integrated within legacy applications and databases. The analysis and design of the next generation of software architectures must address the new requirements to accommodate the Internet of things (IoT), cybersecurity, blockchain networks, cloud, and quantum computer technologies. As 5G wireless increasingly establishes itself over the next few years, moving legacy applications into these new architectures will be critical for companies to compete in a consumer-driven and social media-based economy. Few organizations, however, understand the challenges and complexities of moving from a central database legacy architecture to a ledger and networked environment. The challenge is not limited to just designing new software applications. Indeed, the next generation needs to function more independently on various devices, and on more diverse and wireless-centric networks. Furthermore, databases must be broken down into linked list-based blockchain architectures, which will involve analytic decisions regarding which portions of data and metadata will be processed within the chain, and which ones will be dependent on cloud systems. Finally, the collection of all data throughout these vast networks will need to be aggregated and used for predictive analysis across a variety of competitive business applications in a secured environment. Certainly not an easy task for any analyst/designer! Many organizations will continue to use packaged products and open-source applications. These third-party products will need to be integrated into the new architecture paradigms and have seamless data aggregation capabilities, while maintaining the necessary cyber compliances. The book also clearly defines the roles and responsibilities of the stakeholders involved, including the IT departments, users, executive sponsors, and third-party vendors. The book's structure also provides a step-by-step method to help ensure a higher rate of success in the context of re-engineering existing applications and databases, as well as selecting third-party products, conversion methods and cybercontrols. It was written for use by a broad audience, including IT developers, software engineers, application vendors, business line managers, and executives.