Increasingly our critical infrastructures are reliant on computers. We see examples of such infrastructures in several domains, including medical, power, telecommunications, and finance. Although automation has advantages, increased reliance on computers exposes our critical infrastructures to a wider variety and higher likelihood of accidental failures and malicious attacks. Disruption of services caused by such undesired events can have catastrophic effects, such as disruption of essential services and huge financial losses. The increased reliance of critical services on our cyberinfrastructure and the dire consequences of security breaches have highlighted the importance of information security. Authorization, security protocols, and software security are three central areas in security in which there have been significant advances in developing systematic foundations and analysis methods that work for practical systems. This book provides an introduction to this work, covering representative approaches, illustrated by examples, and providing pointers to additional work in the area. Table of Contents: Introduction / Foundations / Detecting Buffer Overruns Using Static Analysis / Analyzing Security Policies / Analyzing Security Protocols

This book constitutes the refereed proceedings of the 13th Asian Computing Science Conference, ASIAN 2009, held in Seoul, Korea, in December 2009.

The 7 revised full papers and 3 revised short papers presented together with 2 invited talks were carefully reviewed and selected from 45 submissions. Focusing on the theory and practice of information security and privacy, the papers include topics of deducibility constraints, symmetric encryption modes, dynamic security domains and policies, cryptography, formal verification of quantum programs, decision of static equivalence, authenticated message and proxy signature scheme.