The Internet of Things (IoT) - the emerging global interconnection of billions of 'smart' devices - will be collecting increasing amounts of private and sensitive data about our lives, and will require increasing degrees of reliability and trustworthiness in terms of the levels of assurance provided with respect to confidentiality, integrity and availability. This book examines these important security considerations for the IoT. Topics covered include a security survey of middleware for the IoT; privacy in the IoT; privacy and consumer IoT - a sensemaking perspective; a secure platform for smart cities and IoT; model - based security engineering for the IoT; federated identity and access management in IoT systems; the security of the MQTT protocol; securing communications among severely constrained, wireless embedded devices; lightweight cryptographic identity solutions for the IoT; and a reputation model for the IoT.

This book constitutes the thoroughly refereed post-workshop proceedings of the 19th International Workshop on Security Protocols, held in Cambridge, UK, in March 2011. Following the tradition of this workshop series, each paper was revised by the authors to incorporate ideas from the workshop, and is followed in these proceedings by an edited transcription of the presentation and ensuing discussion. The volume contains 17 papers with their transcriptions as well as an introduction, i.e. 35 contributions in total. The theme of the workshop was "Alice doesn't live here anymore."

This book constitutes the thoroughly refereed post-proceedings of the 13th International Workshop on Security Protocols, held in Cambridge, UK, in April 2005.

The 24 revised full papers presented together with edited transcriptions of some of the discussions following the presentations have passed through multiple rounds of reviewing, revision, and selection. Among the topics addressed are authentication, anonymity, cryptographics and biometrics, cryptographic protocols, network security, privacy, SPKI, user-friendliness, access control, API security, costs of security, and others.

This book constitutes the thoroughly refereed post-proceedings of the 12th International Workshop on Security Protocols, April 2004. The book presents 21 revised full papers presented together with edited transcriptions of some of the discussions following the presentations. Among the topics addressed are authentication, anonymity, verification of cryptographic protocols, mobile ad-hoc network security, denial of service, SPKI, access control, timing attacks, API security, biometrics for security, and others.

Once again we bring you the proceedings of the International Workshop on Security Protocols. It seems hard to believe that we have reached the tenth event in this annual series. This year our theme was "Discerning the Protocol Participants." Security protocols are usually described in terms of the active participants - Alice c- putes foo and sends it to Bob. However most security protocols also include o?-line participants, which are not synchronously involved in the exchange of messages: a bank may participate on behalf of a customer, and an arbiter may subsequently be asked to interpret the meaning of a run. These silent partners to the protocol have their own security policies, and assumptionsaboutidentity, authorizationandcapabilityneedtobere-examined when the agenda of a hidden participant may change. We hope that the position papers published here, which have been rewritten and rethought in the light of the discussions at the workshop, will be of interest, not just for the speci?c contributions they make but also for the deeper issues which they expose. In order to identify these issues more clearly, we include transcripts for some of the discussions which took place in Cambridge during the workshop. What would you have liked to add? Do let us know.

This book constitutes the thoroughly refereed post-proceedings of the 9th International Workshop on Security Protocols held in Cambridge, UK in April 2001.The 13 revised full papers presented together with transcriptions of the discussions following the presentations have gone through two rounds of reviewing, revision, and selection. Also included are abstracts and transcriptions of invited presentations and topically focused discussions. Among the topics addressed are mobile computing and security, denial of service, authentication, Internet protocols, timing attacks, PIM security, security engineering, non-repudiation, trust management, access control policies, and Bluetooth security.

The Cambridge International Workshop on Security Protocols has now run for eight years. Each year we set a theme, focusing upon a speci?c aspect of security protocols, and invite position papers. Anybody is welcome to send us a position paper (yes, you are invited) and we don t insist they relate to the current theme in an obvious way. In our experience, the emergence of the theme as a unifying threadtakesplaceduringthediscussionsattheworkshopitself.Theonlyground rule is that position papers should formulate an approach to some unresolved issues, rather than being a description of a ?nished piece of work. Whentheparticipantsmeet, wetrytofocusthediscussionsupontheconc- tual issues which emerge. Security protocols link naturally to many other areas of Computer Science, and deep water can be reached very quickly. Afterwards, we invite participants to re-draft their position papers in a way which exposes the emergent issues but leaves open the way to their further development. We also prepare written transcripts of the recorded discussions. These are edited (in some cases very heavily) to illustrate the way in which the di?erent arguments and perspectives have interacted. We publish these proceedings as an invitation to the research community. Although many interesting results ?rst see the light of day in a volume of our proceedings, laying claim to these is not our primary purpose of publication. Rather, we bring our discussions and insights to a wider audience in order to suggest new lines of investigation which the community may fruitfully pursue."

This book constitutes the thoroughly refereed post-workshop proceedings of the 7th International Workshop on Security Protocols held in Cambridge, UK, in April 1999.The 20 revised contributions presented as position statements are followed by transcripts of the discussions between the authors and the audience; thus the volume reflects the lively interaction at the workshop. All relevant aspects of current research and development in the area are addressed.

This book constitutes the thoroughly refereed post-workshop proceedings of the 6th International Workshop on Security Protocols held in Cambridge, UK in April 1998.
The 15 revised papers presented as position statements are followed by transcripts of the discussions between the authors and the audience. Also included is a report on the final panel discussion on future directions in security protocols research and developments. Thus the volume reflects the lively interaction at the workshop. The papers are devoted to the interrelations between trust and delegation, exploring the implications and effects of these upon such issues as authorization, security policy, and cryptosystems and component design.

This book constitutes the strictly refereed post-workshop proceedings of the 5th International Workshop on Security Protocols, held in Paris, France, in April 1997. The 17 revised full papers presented address all current aspects of security protocols. Among the topics covered are secure distribution of knowledge, electronic voting systems, secure Internet transactions, digital signatures, key exchange, cryprographic protocols, authentication, threshold systems, secret sharing, ect.

Welcome back to the International Security Protocols Workshop. Our theme for this, the 14th workshop in the series, is "Putting the Human Back in the Protocol". We've got into the habit of saying "Of course, Alice and Bob aren't really people. Alice and Bob are actually programs running in some computers." But we build computer systems in order to enable people to interact in accordance with certain social protocols. So if we're serious about system services being end-to-end then, at some level of abstraction, the end points Alice and Bob are humanafterall.Thishascertainconsequences.Weexploresomeoftheminthese proceedings, in the hope that this will encourage you to pursue them further. Is Alice talking to the correct stranger? Our thanks to Sidney Sussex College, Cambridge for the use of their faci- ties, and to the University of Hertfordshire for lending us several of their sta?. Particular thanks once again to Lori Klimaszewska of the University of C- bridge Computing Service for transcribing the audio tapes, and to Virgil Gligor for acting as our advisor.

This volume constitutes selected papers presented at the First Inernational Conference on Ubiquitous Security, UbiSec 2021, held in Guangzhou, China, in December 2021. The presented 26 full papers and 2 short papers were thoroughly reviewed and selected from the 96 submissions. They focus on security, privacy and anonymity aspects in cyberspace, physical world, and social networks.

This book constitutes the thoroughly refereed post- conference proceedings of the Ninth International Conference on Risks and Security of Internet Systems, CRiSIS 2014, held in Trento, Italy, in August 2014. The 13 full papers and 6 short papers presented were selected from 48 submissions. They explore risks and security issues in Internet applications, networks and systems covering topics such as trust, security risks and threats, intrusion detection and prevention, access control and security modeling.