"Delete" looks at the surprising phenomenon of perfect remembering in the digital age, and reveals why we must reintroduce our capacity to forget. Digital technology empowers us as never before, yet it has unforeseen consequences as well. Potentially humiliating content on Facebook is enshrined in cyberspace for future employers to see. Google remembers everything we've searched for and when. The digital realm remembers what is sometimes better forgotten, and this has profound implications for us all.

In "Delete," Viktor Mayer-Schonberger traces the important role that forgetting has played throughout human history, from the ability to make sound decisions unencumbered by the past to the possibility of second chances. The written word made it possible for humans to remember across generations and time, yet now digital technology and global networks are overriding our natural ability to forget--the past is ever present, ready to be called up at the click of a mouse. Mayer-Schonberger examines the technology that's facilitating the end of forgetting--digitization, cheap storage and easy retrieval, global access, and increasingly powerful software--and describes the dangers of everlasting digital memory, whether it's outdated information taken out of context or compromising photos the Web won't let us forget. He explains why information privacy rights and other fixes can't help us, and proposes an ingeniously simple solution--expiration dates on information--that may.

"Delete" is an eye-opening book that will help us remember how to forget in the digital age."

With the prevalence of digital information, IT professionals have encountered new challenges regarding data security. In an effort to address these challenges and offer solutions for securing digital information, new research on cryptology methods is essential. Multidisciplinary Perspectives in Cryptology and Information Security considers an array of multidisciplinary applications and research developments in the field of cryptology and communication security. This publication offers a comprehensive, in-depth analysis of encryption solutions and will be of particular interest to IT professionals, cryptologists, and researchers in the field.

Securing the Internet of Things provides network and cybersecurity researchers and practitioners with both the theoretical and practical knowledge they need to know regarding security in the Internet of Things (IoT). This booming field, moving from strictly research to the marketplace, is advancing rapidly, yet security issues abound. This book explains the fundamental concepts of IoT security, describing practical solutions that account for resource limitations at IoT end-node, hybrid network architecture, communication protocols, and application characteristics. Highlighting the most important potential IoT security risks and threats, the book covers both the general theory and practical implications for people working in security in the Internet of Things.

On June 4, Federal Police raided the home of Walkley award-winning journalist Annika Smethurst, changing her life forever. Police claim they were investigating the publication of classified information, her employer called it a 'dangerous act of intimidation', Smethurst believes she was simply doing her job. Smethurst became the accidental poster woman for press freedom as politicians debated the merits of police searching through her underwear drawer. In On Secrets she will discuss the impact this invasion has had on her life, and examine the importance of press freedom.

Assessing and Managing Security Risk in IT Systems: A Structured Methodology builds upon the original McCumber Cube model to offer proven processes that do not change, even as technology evolves. This book enables you to assess the security attributes of any information system and implement vastly improved security environments. Part I delivers an overview of information systems security, providing historical perspectives and explaining how to determine the value of information. This section offers the basic underpinnings of information security and concludes with an overview of the risk management process. Part II describes the McCumber Cube, providing the original paper from 1991 and detailing ways to accurately map information flow in computer and telecom systems. It also explains how to apply the methodology to individual system components and subsystems. Part III serves as a resource for analysts and security practitioners who want access to more detailed information on technical vulnerabilities and risk assessment analytics. McCumber details how information extracted from this resource can be applied to his assessment processes.

Protecting the privacy of student data when bringing technology into the classroom is one of the toughest organizational challenges facing schools and districts today. Parent and legislator concerns about how school systems protect the privacy of student data are at an all-time high. School systems must navigate complex federal and state regulations, understand how technology providers collect and protect student data, explain those complexities to parents, and provide the reassurance the community needs that the student information will remain safe. Student Data Privacy: Building a School Compliance Program provides solutions for all of these challenges and more. It is a step-by-step journey through the process of building the policies and practices to protect student data, and shifting the organizational culture to prioritize privacy while still taking advantage of the tremendous benefits that technology has to offer in the modern classroom.

Microservices Security in Action teaches readers how to secure their microservices applications code and infrastructure. After a straightforward introduction to the challenges of microservices security, the book covers fundamentals to secure both the application perimeter and service-to-service communication. Following a hands-on example, readers explore how to deploy and secure microservices behind an API gateway as well as how to access microservices accessed by a single-page application (SPA). Key Features Key microservices security fundamentals Securing service-to-service communication with mTLS and JWT Deploying and securing microservices with Docker Using Kubernetes security Securing event-driven microservices Using the Istio Service Mesh For developers well-versed in microservices design principles who have a basic familiarity with Java. About the technology As microservices continue to change enterprise application systems, developers and architects must learn to integrate security into their design and implementation. Because microservices are created as a system of independent components, each a possible point of failure, they can multiply the security risk. Prabath Siriwardena is the vice president of security architecture at WSO2, a company that produces open source software, and has more than 12 years of experience in the identity management and security domain. Nuwan Dias is the director of API architecture at WSO2 and has worked in the software industry for more than 7 years, most of which he spent focusing on the API management domain. Both have helped build security designs for Fortune 500 companies including Boeing, Verizon, Nissan, HP, and GE.

Cracking open the politics of transparency and secrecy In an era of open data and ubiquitous dataveillance, what does it mean to "share"? This book argues that we are all "shareveillant" subjects, called upon to be transparent and render data open at the same time as the security state invests in practices to keep data closed. Drawing on Jacques Ranciere's "distribution of the sensible," Clare Birchall reimagines sharing in terms of a collective political relationality beyond the veillant expectations of the state.

This book is about relations between three different areas of mathematics and theoretical computer science: combinatorial group theory, cryptography, and complexity theory. It explores how non-commutative (infinite) groups, which are typically studied in combinatorial group theory, can be used in public key cryptography. It also shows that there is remarkable feedback from cryptography to combinatorial group theory because some of the problems motivated by cryptography appear to be new to group theory, and they open many interesting research avenues within group theory. In particular, a lot of emphasis in the book is put on studying search problems, as compared to decision problems traditionally studied in combinatorial group theory. Then, complexity theory, notably generic-case complexity of algorithms, is employed for cryptanalysis of various cryptographic protocols based on infinite groups, and the ideas and machinery from the theory of generic-case complexity are used to study asymptotically dominant properties of some infinite groups that have been applied in public key cryptography so far. This book also describes new interesting developments in the algorithmic theory of solvable groups and another spectacular new development related to complexity of group-theoretic problems, which is based on the ideas of compressed words and straight-line programs coming from computer science.

This book summarizes recent inventions, provides guidelines and recommendations, and demonstrates many practical applications of homomorphic encryption. This collection of papers represents the combined wisdom of the community of leading experts on Homomorphic Encryption. In the past 3 years, a global community consisting of researchers in academia, industry, and government, has been working closely to standardize homomorphic encryption. This is the first publication of whitepapers created by these experts that comprehensively describes the scientific inventions, presents a concrete security analysis, and broadly discusses applicable use scenarios and markets. This book also features a collection of privacy-preserving machine learning applications powered by homomorphic encryption designed by groups of top graduate students worldwide at the Private AI Bootcamp hosted by Microsoft Research. The volume aims to connect non-expert readers with this important new cryptographic technology in an accessible and actionable way. Readers who have heard good things about homomorphic encryption but are not familiar with the details will find this book full of inspiration. Readers who have preconceived biases based on out-of-date knowledge will see the recent progress made by industrial and academic pioneers on optimizing and standardizing this technology. A clear picture of how homomorphic encryption works, how to use it to solve real-world problems, and how to efficiently strengthen privacy protection, will naturally become clear.

This book constitutes the proceedings of the 29th International Conference on Web Services, ICWS 2022, held in Honolulu, USA, as part of SCF 2022, during December 10-14, 2022.The 9 full papers presented in this volume were carefully reviewed and selected from 20 submissions. The papers cover aspects of services computing and applications. Centered around services computing, it covers various systems and networking research pertaining to cloud, edge and Internet-of-Things (IoT), as well as technologies for intelligent computing, learning, big data and blockchain applications.

As identity theft and corporate data vulnerability continue to escalate, corporations must protect both the valuable consumer data they collect and their own intangible assets. Both Congress and the states have passed laws to improve practices, but the rate of data loss persists unabated and companies remain slow to invest in information security. Engaged in a bottom-up investigation, "Harboring Data" reveals the emergent nature of data leakage and vulnerability, as well as some of the areas where our current regulatory frameworks fall short.
With insights from leading academics, information security professionals, and other area experts, this original work explores the business, legal, and social dynamics behind corporate information leakage and data breaches. The authors reveal common mistakes companies make, which breaches go unreported despite notification statutes, and surprising weaknesses in the federal laws that regulate financial data privacy, children's data collection, and health data privacy. This forward-looking book will be vital to meeting the increasing information security concerns that new data-intensive business models will have.

An original deep history of the internet that tells the story of the centuries-old utopian dreams behind it-and explains why they have died today Many think of the internet as an unprecedented and overwhelmingly positive achievement of modern human technology. But is it? In The Internet Is Not What You Think It Is, Justin Smith offers an original deep history of the internet, from the ancient to the modern world-uncovering its surprising origins in nature and centuries-old dreams of radically improving human life by outsourcing thinking to machines and communicating across vast distances. Yet, despite the internet's continuing potential, Smith argues, the utopian hopes behind it have finally died today, killed by the harsh realities of social media, the global information economy, and the attention-destroying nature of networked technology. Ranging over centuries of the history and philosophy of science and technology, Smith shows how the "internet" has been with us much longer than we usually think. He draws fascinating connections between internet user experience, artificial intelligence, the invention of the printing press, communication between trees, and the origins of computing in the machine-driven looms of the silk industry. At the same time, he reveals how the internet's organic structure and development root it in the natural world in unexpected ways that challenge efforts to draw an easy line between technology and nature. Combining the sweep of intellectual history with the incisiveness of philosophy, The Internet Is Not What You Think It Is cuts through our daily digital lives to give a clear-sighted picture of what the internet is, where it came from, and where it might be taking us in the coming decades.

Internet attack on computer systems is pervasive. It can take from less than a minute to as much as eight hours for an unprotected machine connected to the Internet to be completely compromised. It is the information security architect's job to prevent attacks by securing computer systems. This book describes both the process and the practice of assessing a computer system's existing information security posture. Detailing the time-tested practices of experienced security architects, it explains how to deliver the right security at the right time in the implementation lifecycle. Securing Systems: Applied Security Architecture and Threat Models covers all types of systems, from the simplest applications to complex, enterprise-grade, hybrid cloud architectures. It describes the many factors and prerequisite information that can influence an assessment. The book covers the following key aspects of security analysis: When should the security architect begin the analysis? At what points can a security architect add the most value? What are the activities the architect must execute? How are these activities delivered? What is the set of knowledge domains applied to the analysis? What are the outputs? What are the tips and tricks that make security architecture risk assessment easier? To help you build skill in assessing architectures for security, the book presents six sample assessments. Each assessment examines a different type of system architecture and introduces at least one new pattern for security analysis. The goal is that after you've seen a sufficient diversity of architectures, you'll be able to understand varied architectures and can better see the attack surfaces and prescribe security solutions.

Data privacy technologies are essential for implementing information systems with privacy by design.Privacy technologies clearly are needed for ensuring that data does not lead to disclosure, but also that statistics or even data-driven machine learning models do not lead to disclosure. For example, can a deep-learning model be attacked to discover that sensitive data has been used for its training? This accessible textbook presents privacy models, computational definitions of privacy, and methods to implement them. Additionally, the book explains and gives plentiful examples of how to implement-among other models-differential privacy, k-anonymity, and secure multiparty computation. Topics and features: Provides integrated presentation of data privacy (including tools from statistical disclosure control, privacy-preserving data mining, and privacy for communications) Discusses privacy requirements and tools for different types of scenarios, including privacy for data, for computations, and for users Offers characterization of privacy models, comparing their differences, advantages, and disadvantages Describes some of the most relevant algorithms to implement privacy models Includes examples of data protection mechanisms This unique textbook/guide contains numerous examples and succinctly and comprehensively gathers the relevant information. As such, it will be eminently suitable for undergraduate and graduate students interested in data privacy, as well as professionals wanting a concise overview. Vicenc Torra is Professor with the Department of Computing Science at Umea University, Umea, Sweden.

This book presents the data privacy protection which has been extensively applied in our current era of big data. However, research into big data privacy is still in its infancy. Given the fact that existing protection methods can result in low data utility and unbalanced trade-offs, personalized privacy protection has become a rapidly expanding research topic.In this book, the authors explore emerging threats and existing privacy protection methods, and discuss in detail both the advantages and disadvantages of personalized privacy protection. Traditional methods, such as differential privacy and cryptography, are discussed using a comparative and intersectional approach, and are contrasted with emerging methods like federated learning and generative adversarial nets. The advances discussed cover various applications, e.g. cyber-physical systems, social networks, and location-based services. Given its scope, the book is of interest to scientists, policy-makers, researchers, and postgraduates alike.

This book provides an opportunity for investigators, government officials, systems scientists, strategists, assurance researchers, owners, operators and maintainers of large, complex and advanced systems and infrastructures to update their knowledge with the state of best practice in the challenging domains whilst networking with the leading representatives, researchers and solution providers. Drawing on 12 years of successful events on information security, digital forensics and cyber-crime, the 13th ICGS3-20 conference aims to provide attendees with an information-packed agenda with representatives from across the industry and the globe. The challenges of complexity, rapid pace of change and risk/opportunity issues associated with modern products, systems, special events and infrastructures. In an era of unprecedented volatile, political and economic environment across the world, computer-based systems face ever more increasing challenges, disputes and responsibilities, and whilst the Internet has created a global platform for the exchange of ideas, goods and services, it has also created boundless opportunities for cyber-crime. As an increasing number of large organizations and individuals use the Internet and its satellite mobile technologies, they are increasingly vulnerable to cyber-crime threats. It is therefore paramount that the security industry raises its game to combat these threats. Whilst there is a huge adoption of technology and smart home devices, comparably, there is a rise of threat vector in the abuse of the technology in domestic violence inflicted through IoT too. All these are an issue of global importance as law enforcement agencies all over the world are struggling to cope.

Data collected and distributed on the internet is generally free, non-exclusive, and non-rivalrous. Yet online data is often difficult to access. This book examines the infrastructure for collecting, storing, and distributing data to show how it is embedded behind intellectual property and technological barriers. It proposes that the EU introduce an access and transfer governance right to data that can work in tandem with data protection rules. Chapters explore the subject matter of this protection, potential rights holders and the scope of the protection, and exceptions and limitations under intellectual property law and competition law. Comprehensive and timely, Regulating Access and Transfer of Data, sets the foundations for a new legal system for our data-driven generation.

This book looks at transatlantic jurisdictional conflicts in data protection law and how the fundamental right to data protection conditions the EU's exercise of extraterritorial jurisdiction. Governments, companies and individuals are handling ever more digitised personal data, so it is increasingly important to ensure this data is protected. Meanwhile, the Internet is changing how territory and jurisdiction are realised online. The EU promotes personal data protection as a fundamental right. Especially since the EU's General Data Protection Regulation started applying in 2018, its data protection laws have had strong effects beyond its territory. In contrast, similar US information privacy laws are rooted in the marketplace and carry less normative heft. This has provoked clashes with the EU when their values, interests and laws conflict. This research uses three case studies to suggest ways to mitigate transatlantic jurisdictional tensions over data protection and security, the free flow of information and trade.

This book presents chapters from diverse range of authors on different aspects of how Blockchain and IoT are converging and the impacts of these developments. The book provides an extensive cross-sectional and multi-disciplinary look into this trend and how it affects artificial intelligence, cyber-physical systems, and robotics with a look at applications in aerospace, agriculture, automotive, critical infrastructures, healthcare, manufacturing, retail, smart transport systems, smart cities, and smart healthcare. Cases include the impact of Blockchain for IoT Security; decentralized access control systems in IoT; Blockchain architecture for scalable access management in IoT; smart and sustainable IoT applications incorporating Blockchain, and more. The book presents contributions from international academics, researchers, and practitioners from diverse perspectives. Presents how Blockchain and IoT are converging and the impacts of these developments on technology and its application; Discusses IoT and Blockchain from cross-sectional and multi-disciplinary perspectives; Includes contributions from researchers, academics, and professionals from around the world.

Shortly after it was first introduced in 2006, differential privacy became the flagship data privacy definition. Since then, numerous variants and extensions were proposed to adapt it to different scenarios and attacker models. In this work, we propose a systematic taxonomy of these variants and extensions. We list all data privacy definitions based on differential privacy, and partition them into seven categories, depending on which aspect of the original definition is modified. These categories act like dimensions: Variants from the same category cannot be combined, but variants from different categories can be combined to form new definitions. We also establish a partial ordering of relative strength between these notions by summarizing existing results. Furthermore, we list which of these definitions satisfy some desirable properties, like composition, post-processing, and convexity by either providing a novel proof or collecting existing ones.

This book addresses one of the most overlooked practical, methodological, and moral questions in the journey to secure and handle the massive amount of data being generated from smart devices interactions: the integration of Blockchain with 5G-enabled IoT. After an overview, this book discusses open issues and challenges, which may hinder the growth of Blockchain technology. Then, this book presents a variety of perspectives on the most pressing questions in the field, such as: how IoT can connect billions of objects together; how the access control mechanisms in 5G-enabled industrial environment works; how to address the real-time and quality-of-service requirements for industrial applications; and how to ensure scalability and computing efficiency. Also, it includes a detailed discussions on the complexity of adoption of Blockchain for 5G-Enabled IoT and presents comparative case studies with respect to various performance evaluation metrics such as scalability, data management, standardization, interoperability and regulations, accessibility, human-factors engineering and interfaces, reliability, heterogeneity, and QoS requirements. This book acts as a professional guide for the practitioners in information security and related topics.

This book provides extensive insights on blockchain systems, starting from a historical perspective and moving towards building foundational knowledge, with focus on communication networks. It covers blockchain applications, algorithms, architectures, design and implementation, and security and privacy issues, providing the reader with a comprehensive overview. Further, it discusses blockchain systems and its integration to communication networks. The book includes hands-on, practical tutorials, self-assessment exercises, and review questions; tips and sample programs are also provided throughout. Complementary supporting material for instructors, including open source programming code for practical tutorials and exercises, is also available. The target audience includes graduate students, professionals, and researchers working in the areas of blockchain systems, distributed ledger technology, computer networks and communications, artificial intelligence, and cybersecurity.

This book presents the data privacy protection which has been extensively applied in our current era of big data. However, research into big data privacy is still in its infancy. Given the fact that existing protection methods can result in low data utility and unbalanced trade-offs, personalized privacy protection has become a rapidly expanding research topic.In this book, the authors explore emerging threats and existing privacy protection methods, and discuss in detail both the advantages and disadvantages of personalized privacy protection. Traditional methods, such as differential privacy and cryptography, are discussed using a comparative and intersectional approach, and are contrasted with emerging methods like federated learning and generative adversarial nets. The advances discussed cover various applications, e.g. cyber-physical systems, social networks, and location-based services. Given its scope, the book is of interest to scientists, policy-makers, researchers, and postgraduates alike.

This book explores the concepts and techniques of cloud security using blockchain. Also discussed is the possibility of applying blockchain to provide security in various domains. The authors discuss how blockchain holds the potential to significantly increase data privacy and security while boosting accuracy and integrity in cloud data. The specific highlight of this book is focused on the application of integrated technologies in enhancing cloud security models, use cases, and its challenges. The contributors, both from academia and industry, present their technical evaluation and comparison with existing technologies. This book pertains to IT professionals, researchers, and academicians towards fourth revolution technologies.