This book constitutes the refereed proceedings of the Cryptographers' Track at the RSA Conference 2006, CT-RSA 2006, held in San Jose, CA, USA in February 2006. The book presents 24 papers organized in topical sections on attacks on AES, identification, algebra, integrity, public key encryption, signatures, side-channel attacks, CCA encryption, message authentication, block ciphers, and multi-party computation.

This book constitutes the refereed proceedings of the Second International Information Security Practice and Experience Conference, ISPEC 2006, held in Hangzhou, China, in April 2006. The 35 revised full papers presented were carefully reviewed and selected from 307 submissions. The papers are organized in topical sections.

This book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005.

The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies.

The Domain Name System (DNS) is the system created to map domain names to IP addresses, and is largely responsible for the widespread popularity of the Internet due to the convenience it offers in calling system resources by an easily recognizable name rather than a cryptic number. Given the critical nature of this technology for ensuring smooth operation of Internet-based resources such as Web and mail servers, ita (TM)s imperative that users fully understand key configuration, management and security principles.

Pro DNS and BIND guides readers through the often challenging array of features surrounding DNS with a special focus on the Worlda (TM)s most diffuse DNS implementation, BIND (Berkeley Internet Name Domain). Readers will learn not only about key DNS concepts, but also how to effectively install, configure, deploy and manage BIND in enterprise environments.

This book aims to teach all the essentials of developing dynamic Web sites in OS X in a linear style. This book is not for hardcore developers, but rather for those new to the OS or the Mac, and looking for a primer on Web site development. Typical readers are Web development professionals who are exploring development on the Mac for the first time and Mac-loyal designers expanding from print into Web design.

As software systems become ubiquitous, the issues of dependability become more and more critical. Given that solutions to these issues must be taken into account from the very beginning of the design process, it is appropriate that dependability is addressed at the architectural level.

This book results from an effort to bring together the research communities of software architectures and dependability. Inspired by the ICSE 2003 Workshop on Software Architectures for Dependable Systems, the book focuses on topics relevant to improving the state of the art in architecting dependable systems. The 15 thoroughly reviewed papers originate partly from the workshop; others were solicited in order to achieve complete coverage of all relevant aspects. The papers are organized into topical sections on architectures for dependability, fault-tolerance in software architectures, dependability analysis in software architectures, and industrial experience.

The 9th International Conference on Financial Cryptography and Data Security (FC 2005) was held in the Commonwealth of Dominica from February 28 to March 3, 2005. This conference, organized by the International Financial Cryptography Association (IFCA), continues to be the premier international forum for research, exploration, and debate regarding security in the context of finance and commerce. The conference title and scope was expanded this year to cover all aspects of securing transactions and systems. The goal is to build an interdisciplinary meeting, bringing together cryptographers, data-security specialists, business and economy researchers, as well as economists, IT professionals, implementers, and policy makers. We think that this goal was met this year. The conference received 90 submissions and 24 papers were accepted, 22 in the Research track and 2 in the Systems and Applications track. In addition, the conference featured two distinguished invited speakers, Bezalel Gavish and Lynne Coventry, and two interesting panel sessions, one on phishing and the other on economics and information security. Also, for the first time, some of the papers that were judged to be very strong but did not make the final program were selected for special invitation to our Works in Progress (Rump) Session that took place on Wednesday evening. Three papers were highlighted in this forum this year, and short versions of the papers are included here. As always, other conference attendees were also invited to make presentations during the rump session, and the evening lived up to its colorful reputation.

This volume contains the proceedings of the 8th International Workshop on Software and Compilers for Embedded Systems (SCOPES 2004) held in A- terdam, The Netherlands, on September 2 and 3, 2004. Initially, the workshop was referred to as the International Workshop on Code Generation for Emb- ded Systems. The ?rst took place in 1994 in Schloss Dagstuhl, Germany. From its beginnings, the intention of the organizers has been to create an interactive atmosphere in which the participants can discuss and pro't from the assembly of international experts in the ?eld. The name SCOPES has been used since the fourth edition in St. Goar, G- many, in1999whenthescopeoftheworkshopwasextendedtoalsocovergeneral issues in embedded software design. Since then SCOPES has been held again in St. Goar in 2001; Berlin, Germany in 2002; Vienna, Austria in 2003; and now in Amsterdam, The Netherlands. In response to the call for papers, almost 50 very strong papers were s- mitted from all over the world. All submitted papers were reviewed by at least three experts to ensure the quality of the workshop. In the end, the program committee selected 17 papers for presentation at the workshop. These papers are divided into the following categories: application-speci?c (co)design, system and application synthesis, data ?ow analysis, data partitioning, task scheduling and code generation. In addition to the selected contributions, the keynote address was delivered by Mike Uhler from MIPS Technologies. An abstract of his talk is also included in this volume.

The inaugural Information Security Practice and Experience Conference (ISPEC) was held on April 11-14, 2005, in Singapore. As applications of information security technologies become pervasive, - sues pertaining to their deployment and operation are becoming increasingly important. ISPEC is intended to be an annual conference that brings together researchers and practitioners to provide a con?uence of new information se- rity technologies, their applications and their integration with IT systems in various vertical sectors. The Program Committee consisted of leading experts in the areas of information security, information systems, and domain experts in applications of IT in vertical business segments. The topics of the conference covered security applications and case studies, access control, network security, data security, secure architectures, and cryp- graphic techniques. Emphasis was placed on the application of security research to meet practical user requirements, both in the paper selection process and in the invited speeches. Acceptance into the conference proceedings was very competitive. The Call for Papers attracted more than 120 submissions, out of which the Program Committee selected only 35 papers for inclusion in the proceedings. Thisconferencewasmadepossibleonlythroughthecontributionsfrommany individuals and organizations. We would like to thank all the authors who s- mitted papers. We also gratefully acknowledge the members of the Program Committee and the external reviewers, for the time and e?ort they put into reviewing the submissions. Special thanks are due to Ying Qiu for managing the website for paper s- mission, reviewandnoti?cation.PatriciaLohwaskindenoughtoarrangeforthe conference venue, and took care of the administration in running the conference

Concepts like ubiquitous computing and ambient intelligence that exploit - creasingly interconnected networks and mobility put new requirements on data management. An important element in the connected world is that data will be accessible anytime anywhere. This also has its downside in that it becomes easier to get unauthorized data access. Furthermore, it will become easier to collect, store, and search personal information and endanger people's privacy. As a result security and privacy of data becomes more and more of an issue. Therefore, secure data management, which is also privacy-enhanced, turns out to be a challenging goal that will also seriously in?uence the acceptance of ub- uitous computing and ambient intelligence concepts by society. With the above in mind, we organized the SDM 2004 workshop to initiate and promote secure data management as one of the important interdisciplinary - search ?elds that brings together people from the security research community and the data management research community. The call for papers attracted 28 submissions both from universities and industry. The program committee selected 15 researchpapers for presentation at the workshop.The technical c- tributions presented at the SDM workshop are collected in this volume, which, wehope, willserveasavaluableresearchandreferencebookinyourprofessional life.

"Raymond Chen is the original raconteur of Windows." --Scott Hanselman, ComputerZen.com "Raymond has been at Microsoft for many years and has seen many nuances of Windows that others could only ever hope to get a glimpse of. With this book, Raymond shares his knowledge, experience, and anecdotal stories, allowing all of us to get a better understanding of the operating system that affects millions of people every day. This book has something for everyone, is a casual read, and I highly recommend it!" --Jeffrey Richter, Author/Consultant, Cofounder of Wintellect "Very interesting read. Raymond tells the inside story of why Windows is the way it is." --Eric Gunnerson, Program Manager, Microsoft Corporation "Absolutely essential reading for understanding the history of Windows, its intricacies and quirks, and why they came about." --Matt Pietrek, MSDN Magazine's Under the Hood Columnist "Raymond Chen has become something of a legend in the software industry, and in this book you'll discover why. From his high-level reminiscences on the design of the Windows Start button to his low-level discussions of GlobalAlloc that only your inner-geek could love, The Old New Thing is a captivating collection of anecdotes that will help you to truly appreciate the difficulty inherent in designing and writing quality software." --Stephen Toub, Technical Editor, MSDN Magazine Why does Windows work the way it does? Why is Shut Down on the Start menu? (And why is there a Start button, anyway?) How can I tap into the dialog loop? Why does the GetWindowText function behave so strangely? Why are registry files called "hives"? Many of Windows' quirks have perfectly logical explanations, rooted in history. Understand them, and you'll be more productive and a lot less frustrated. Raymond Chen--who's spent more than a decade on Microsoft's Windows development team--reveals the "hidden Windows" you need to know. Chen's engaging style, deep insight, and thoughtful humor have made him one of the world's premier technology bloggers. Here he brings together behind-the-scenes explanations, invaluable technical advice, and illuminating anecdotes that bring Windows to life--and help you make the most of it. A few of the things you'll find inside: What vending machines can teach you about effective user interfaces A deeper understanding of window and dialog management Why performance optimization can be so counterintuitive A peek at the underbelly of COM objects and the Visual C++ compiler Key details about backwards compatibility--what Windows does and why Windows program security holes most developers don't know about How to make your program a better Windows citizen

* In-depth, unique coverage of ZSH, one of most modern and powerful of all shells. Also covers Bash, the preferred shell for most serious Linux and Unix users. * Very strong author and tech review team: Co-author Peter Stephenson has been involved in the development of Zsh since the 1990s when he started to write the FAQ. For the last few years, he has served as coordinator of the shell's development. Tech Reviewers: Ed Schaefer is the "Shell Corner" columnist for SysAdmin Magazine and Bart Schaefer is one of the lead developers of Zsh development. * Book is immediately useful, packed with short example and suggestions that the reader can put to use in their shell environment. * Extensive coverage of interactive and advanced shell features, including shell extensions, completion functions, and shortcuts. * Great book for users of all expertise; perennial seller.

The 7th International Conference on Theory and Applications of Satis?ab- ity Testing (SAT 2004) was held 10-13 May 2004 in Vancouver, BC, Canada. The conference featured 9 technical paper sessions, 2 poster sessions, as well as the 2004 SAT Solver Competition and the 2004 QBF Solver Evaluation. It also included invited talks by Stephen A. Cook (University of Toronto) and Kenneth McMillan (Cadence Berkeley Labs). The 89 participants represented no less than 17 countries and four continents. SAT 2004 continued the series of meetings which started with the Workshops on Satis?ability held in Siena, Italy (1996), Paderborn, Germany (1998) and Renesse, The Netherlands (2000); the Workshop on Theory and Applications of Satis?ability Testing held in Boston, USA(2001);theSymposiumonTheoryandApplicationsofSatis?abilityTesting held in Cincinnati, USA (2002); and the 6th International Conference on Theory and Applications of Satis?ability Testing held in Santa Margherita Ligure, Italy (2003). The International Conference on Theory and Applications of Satis?ability Testing is the primary annual meeting for researchers studying the propo- tional satis?ability problem (SAT), a prominent problem in both theoretical and applied computer science. SAT lies at the heart of the most important open problem in complexity theory (P vsNP) and underlies many applications in, among other examples, arti?cial intelligence, operations research and electronic design engineering. The primary objective of the conferences is to bring together researchersfromvariousareasandcommunities, includingtheoreticalandexp- imental computer science as well as many relevant application areas, to promote collaboration and the communication of new theoretical and practical results in SAT-related research and its industrial applications

To many readers, Mozart/Oz represents a new addition to the pantheon of p- gramming systems. One way of evaluating a newcomer is through the eyes of the classics, for example Kernighan and Pike's "The Practice of Programming," a bookthatconcludeswithsix"lastingconcepts" simplicityandclarity, generality, evolution, interfaces, automation, andnotation.KernighanandPikeconcentrate on using standard languages such as C and Java to implement these concepts, but it is instructive to see how a multiparadigm language such as Oz changes the outlook. Oz's concurrency model yields simplicity and clarity (because Oz makes it easier to express complex programs with many interacting components), g- erality, and better interfaces (because the data?ow model automatically makes interfaces more lightweight). Constraint programming in Oz again yields simplicity and clarity (because theprogrammercanexpresswhatneedstobetrueratherthanthemorecomplex issue of how to make it true), and o?ers a powerful mathematical notation that is di?cult to implement on top of languages that do not support it natively. Mozart's distributed computing model makes for improved interfaces and eases the evolution of systems. In my own work, one of the most important concernsistobeabletoquicklyscaleupaprototypeimplementationintoalar- scale service that can run reliably on thousands of computers, serving millions of users. The ?eld of computer science needs more research to discover the best ways of facilitating this, but Mozart provides one powerful approach. Altogether, Mozart/Ozhelpswithallthelastingconceptsexceptautomation, and it plays a particularly strong role in notation, which Kernighan and Pike pointoutisanunderappreciatedarea.Ibelievethatprovidingtherightnotation isthemostimportantofthesixconcepts, onethatsupportsalltheothers.Mul- paradigm systems such as Oz provide more choices for notation than sing- paradigm languages.

E-commerce services are su?ering abuse by programs (bots, spiders, etc.) m- querading as legitimate human users. E?orts to defend against such attacks have, over the past several years, stimulated investigations into a new family of security protocols - "Human Interactive Proofs" (HIPs) - which allow a person to authenticate herself as a member of a given group: e.g., as a human (vs. a machine), as herself (vs. anyoneelse), as an adult (vs. a child). Most commercial usesofHIPstodayareCAPTCHAs,"CompletelyAutomaticPublicTuringtests to tell Computers and Humans Apart," which exploit the gap in ability between humans and machine vision systems in reading images of text. HIP challenges can also be non-graphical, e.g., requiring recognition of speech, solving puzzles, etc. Wearepleasedtopresentthe?rstrefereedandarchivallypublishedcollection of state-of-the-art papers on HIPs and CAPTCHAs. Each paper was reviewed by three members of the Program Committee, judged by the Co-chairs to be of su?cient relevance and quality, and revised by the authors in response to the referees' suggestions. The papers investigate performance analysis of novel CAPTCHAs, HIP - chitectures, and the role of HIPs within security systems. Kumar Chellapilla, Kevin Larson, Patrice Simard, and Mary Czerwinski describe user trials of a CAPTCHA designed to resist segmentation attacks, including a systematic evaluation of its tolerance by human users. Henry Baird, Michael Moll, and Sui- Yu Wang analyze data from a human legibility trial of another segmentati- resistantCAPTCHAandlocateahighlylegibleengineeringregime.AmaliaRusu and Venu Govindaraju describe research towards CAPTCHAs based on reading synthetically damaged images of real images of unconstrained handwritten text.

Code generation has the potential to revolutionize application development. Rather than handcrafting each piece of code, enterprises will increasingly turn to code generation, based on templates and application of business logic, to automatically generate code to perform a variety of tasks. Code Generation in Microsoft . NET presents the fundamentals of code generation. Code generation is already used extensively in Visual Studio . NET - every form-based application contains potentially hundreds of lines of wizard created code, which is modified as the developer sets various properties. Strongly typed datasets, XML schemas and web service proxies are also generated automatically by Visual Studio. This results in a huge cost savings and improvement in software reliability. Developers need both the technical details of how to accomplish code generation in . NET as well as a coherent series of steps to follow to incorporate code generation into their development. Code Generation in Microsoft . NET teaches developers how to adopt these techniques in their own development efforts. code generation both within and between projects in the organization. The mechanics of code generation introduced in the book are organized around these steps, and provide the tools to leverage code generation for significant payback on the very first application where it is used.

Most programming books are about as exciting as Bill Gates' left ear. But with this latest eye-opening release, technology author--> Karl Moore--> shows it doesn't have to be quite so dull and uninspiring. Split into eight dynamic parts, Karl Moore's Visual Basic .NET covers every key area of real-life computer developmentand promises to turn even newbie programmers into VB .NET wizards, quicker than anyone else. It's a perfect tutorial guide for those learning VB .NET from scratch or moving from VB6.

"Karl Moore's Visual Basic .NET: The Tutorials" consists of a number of key tutorials, each dealing with a specific, "real-life" area of programming. The tutorials are broken down into easily digestible 10-page installments, with an accompanying FAQ and review sheet at the close. Numerous "top tips" are also distributed throughout the texts to aid understanding.

This volume contains the proceedings of the 26th International Conference on Application and Theory of Petri Nets and Other Models of Concurrency (ICATPN 2005). The Petri net conferences serve to discuss yearly progress in the ?eld of Petri nets and related models of concurrency, and to foster new - vancesintheapplicationandtheoryofPetrinets.Theconferencestypicallyhave 100-150 participants, one third from industry and the others from universities and research institutions, and they always take place in the last week of June. SuccessiveeditionsoftheconferencearecoordinatedbytheSteeringCommittee, whose members are listed on the next page, which also supervises several other activities-see the Petri Nets World at the URLwww.daimi.au.dk/PetriNets. The 2005 conference was organized in Miami by the School of Computer Science at Florida International University (USA). We would like to express our deep thanks to the Organizing Committee, chaired by Xudong He, for the time and e?ort invested to the bene't of the community in making the event successful. Several tutorials and workshops were organized within the conf- ence, covering introductory and advanced aspects related to Petri nets. Detailed information can be found at the conference URLwww.cs.fiu.edu/atpn2005. We received altogether 71 submissions from authors in 22 countries. Two submissions were not in the scope of the conference. The Program Comm- tee selected 23 contributions from the remaining 69 submissions, classi?ed into three categories: application papers (6 accepted, 25 submitted), theory papers (14 accepted, 40 submitted), and tool presentations (3 accepted, 4 submitted).

* Clear and abundant examples, using real-world code, written by three experienced developers who write networking code for a living. * Describes how to build clients and servers, explains how TCP, UDP, and IP work, and shows how to debug networking applications via packet sniffing and deconstruction. * Well suited for Windows developer looking to expand to Linux, or for the proficient Linux developer looking to incorporate client-server programming into their application.

Researchers in the ?eld of life sciences rely increasingly on information te- nology to extract and manage relevant knowledge. The complex computational and data management needs of life science research make Grid technologies an attractive support solution. However, many important issues must be addressed before the Life Science Grid becomes commonplace. The 1st International Life Science Grid Workshop (LSGRID 2004) was held in Kanazawa Japan, May 31-June 1, 2004. This workshop focused on life s- ence applications of grid systems especially for bionetwork research and systems biology which require heterogeneous data integration from genome to phenome, mathematical modeling and simulation from molecular to population levels, and high-performance computing including parallel processing, special hardware and grid computing. Fruitful discussions took place through 18 oral presentations, including a keynote address and ?ve invited talks, and 16 poster and demonstration p- sentations in the ?elds of grid infrastructure for life sciences, systems biology, massive data processing, databases and data grids, grid portals and pipelines for functional annotation, parallel and distributed applications, and life science grid projects. The workshop emphasized the practical aspects of grid techno- gies in terms of improving grid-enabled data/information/knowledge sharing, high-performance computing, and collaborative projects. There was agreement among the participants that the advancement of grid technologies for life science research requires further concerted actions and promotion of grid applications. We therefore concluded the workshop with the announcement of LSGRID 2005.

Welcome to ICOIN 2005,the International Conference on Information Netwo- ing, held at Ramada Plaza Jeju Hotel, Jeju Island, Korea during January 31- February2,2005.ICOIN2005followedthesuccessofpreviousconferences.Since 1986, the conference has provided a technical forum for various issues in inf- mation networking. The theme of each conference re?ects the historic events in the computer communication industry. (Please refer to www.icoin2005.or.kr for details.) The theme of ICOIN 2004, "Convergence in Broadband and Mobile Networking," was used again for ICOIN 2005 since we believed it was ongoing. This year we received 427 submissions in total, which came from 22 co- tries. Upon submission, authors were asked to select one of the categories listed in the Call for Papers. The most popular category chosen was network se- rity, followed by mobile networks and wireless LANs. Other areas with strong showings included QoS and resource management, ad hoc and sensor networks, and wireless multimedia systems. From the outset, we could see where recent research interest lay and could make sure that the theme was still going in the right direction.

This volume contains the proceedings of the 7th International Workshop on Software and Compilers for Embedded Systems, SCOPES 2003, held in Vienna, Austria, September 24-26, 2003. Initially, the workshop was referred to as the International Workshop on Code Generation for Embedded Systems. The ?rst workshop took place in 1994 in Schloss Dagstuhl, Germany. From its beg- nings, the intention of the organizers was to create an atmosphere in which the researcherscould participateactively in dynamic discussionsand pro't from the assembly of international experts in the ?eld. It was at the fourth workshop, in St. Goar, Germany, in 1999, that the spectrum of topics of interest for the workshop was extended, and not only code generation, but also software and compilers for embedded systems, were considered. The change in ?elds of interest led to a change of name, and this is when the present name was used for the ?rst time. Since then, SCOPES has been held again in St. Goar, Germany, in 2001; Berlin, Germany, in 2002; and this year, 2003, in Vienna, Austria. In response to the call for papers, 43 very strong papers from all over the world were submitted. The program committee selected 26 papers for pres- tation at SCOPES 2003. All submitted papers were reviewed by at least three experts in order to ensure the quality of the work presented at the workshop.

* Covers the new, forthcoming release of Samba 3. * Demonstrates how to integrate Samba with other network protocols, such as NFS, AppleTalk, LPD, IPP, DNS, and NTP. * Clear and concise, the books describes the inner working of SMB/CIFS, and how to configure and maintain the Samba software on many platforms, including Linux, Unix, FreeBSD, Mac OS X (Jaguar and Panther), and Windows.

The 7th Annual Financial Cryptography Conference was held January 27-30, 2003, in Guadeloupe, French West Indies. Financial Cryptography is organized by the International Financial Cryptography Association. Financial Cryptography 2003 received 54 paper submissions, of which one was withdrawn. The remaining papers were carefully reviewed by at least three members of the program committee. The program committee selected 17 papers for inclusion in the conference, revised versions of which are included in this proceedings. In addition to the submitted papers, the program included interesting and entertaining invited talks by Tim Jones on digital cash and by Richard Field on the interactions between technology and the United Nations. There were also several panels, on micropayments, economics of security, and trusted computing platforms, some of which are represented by contributions in these proceedings, and a rump session chaired by Juan Garay. We thank the program committee (listed on the next page) for their hard work in selecting the program from these papers. We also thank the external referees who helped with the reviewing task: N. Asokan, Danny Bickson, - manuel Bresson, Dario Catalano, Xuhua Ding, Louis Granboulan, Stuart Haber, Amir Herzberg, Bill Horne, Russ Housley, Yongdae Kim, Brian LaMacchia, Phil MacKenzie, Maithili Narasimha, Phong Nguyen, Kaisa Nyberg, David Poi- cheval, Tomas Sander, Yaron Sella, Mike Szydlo, Anat Talmy, Ahmed Tew?k, Susanne Wetzel, Shouhuai Xu, and Jeong Yi. (Apologies for any omissions - advertent.

While the Windows Script Host (WSH) is capable of performing a number of common tasks such as file handling and network connections, WSH's great strength is its ability to use COM components. This allows WSH to perform database, E-mail, security, user administration, network, and system administration through objects built into Windows. This book provides practical solutions to common problems as well as detailed discussions of the underlying technology used in the solutions.Stein Borge provides a general introduction to new features in recent versions of WSH, and then covers the file, shell and network operations using built-in WSH objects. Borge also provides chapters on lesser-known but important recent additions to WSH of standard input/output streams and regular expressions, as well as covering registry operations using the built-in Shell objects and WMI objects.Automating Windows Administration is targeted towards administrative and support staff in Microsoft networked environments who desperately want a way to automate common administrative tasks. common administrative tasks for all business-oriented versions of Windows from NT to Windows 2003 Server using the Windows Script Host (WSH). WSH is a replacement for Microsoft batch scripts.