Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that organizations collect from their processes and tools, and from the opinions of the experts who practice these processes and methods. This book introduces the reader to the fundamentals of empirical research methods, and demonstrates how these methods can be used to hone a secure software development lifecycle based on empirical data and published best practices.

This book examines the requirements, risks, and solutions to improve the security and quality of complex cyber-physical systems (C-CPS), such as production systems, power plants, and airplanes, in order to ascertain whether it is possible to protect engineering organizations against cyber threats and to ensure engineering project quality. The book consists of three parts that logically build upon each other. Part I "Product Engineering of Complex Cyber-Physical Systems" discusses the structure and behavior of engineering organizations producing complex cyber-physical systems, providing insights into processes and engineering activities, and highlighting the requirements and border conditions for secure and high-quality engineering. Part II "Engineering Quality Improvement" addresses quality improvements with a focus on engineering data generation, exchange, aggregation, and use within an engineering organization, and the need for proper data modeling and engineering-result validation. Lastly, Part III "Engineering Security Improvement" considers security aspects concerning C-CPS engineering, including engineering organizations' security assessments and engineering data management, security concepts and technologies that may be leveraged to mitigate the manipulation of engineering data, as well as design and run-time aspects of secure complex cyber-physical systems. The book is intended for several target groups: it enables computer scientists to identify research issues related to the development of new methods, architectures, and technologies for improving quality and security in multi-disciplinary engineering, pushing forward the current state of the art. It also allows researchers involved in the engineering of C-CPS to gain a better understanding of the challenges and requirements of multi-disciplinary engineering that will guide them in their future research and development activities. Lastly, it offers practicing engineers and managers with engineering backgrounds insights into the benefits and limitations of applicable methods, architectures, and technologies for selected use cases.

This book examines the requirements, risks, and solutions to improve the security and quality of complex cyber-physical systems (C-CPS), such as production systems, power plants, and airplanes, in order to ascertain whether it is possible to protect engineering organizations against cyber threats and to ensure engineering project quality. The book consists of three parts that logically build upon each other. Part I "Product Engineering of Complex Cyber-Physical Systems" discusses the structure and behavior of engineering organizations producing complex cyber-physical systems, providing insights into processes and engineering activities, and highlighting the requirements and border conditions for secure and high-quality engineering. Part II "Engineering Quality Improvement" addresses quality improvements with a focus on engineering data generation, exchange, aggregation, and use within an engineering organization, and the need for proper data modeling and engineering-result validation. Lastly, Part III "Engineering Security Improvement" considers security aspects concerning C-CPS engineering, including engineering organizations' security assessments and engineering data management, security concepts and technologies that may be leveraged to mitigate the manipulation of engineering data, as well as design and run-time aspects of secure complex cyber-physical systems. The book is intended for several target groups: it enables computer scientists to identify research issues related to the development of new methods, architectures, and technologies for improving quality and security in multi-disciplinary engineering, pushing forward the current state of the art. It also allows researchers involved in the engineering of C-CPS to gain a better understanding of the challenges and requirements of multi-disciplinary engineering that will guide them in their future research and development activities. Lastly, it offers practicing engineers and managers with engineering backgrounds insights into the benefits and limitations of applicable methods, architectures, and technologies for selected use cases.

The new field of cryptographic currencies and consensus ledgers, commonly referred to as blockchains, is receiving increasing interest from various different communities. These communities are very diverse and amongst others include: technical enthusiasts, activist groups, researchers from various disciplines, start ups, large enterprises, public authorities, banks, financial regulators, business men, investors, and also criminals. The scientific community adapted relatively slowly to this emerging and fast-moving field of cryptographic currencies and consensus ledgers. This was one reason that, for quite a while, the only resources available have been the Bitcoin source code, blog and forum posts, mailing lists, and other online publications. Also the original Bitcoin paper which initiated the hype was published online without any prior peer review. Following the original publication spirit of the Bitcoin paper, a lot of innovation in this field has repeatedly come from the community itself in the form of online publications and online conversations instead of established peer-reviewed scientific publishing. On the one side, this spirit of fast free software development, combined with the business aspects of cryptographic currencies, as well as the interests of today's time-to-market focused industry, produced a flood of publications, whitepapers, and prototypes. On the other side, this has led to deficits in systematization and a gap between practice and the theoretical understanding of this new field. This book aims to further close this gap and presents a well-structured overview of this broad field from a technical viewpoint. The archetype for modern cryptographic currencies and consensus ledgers is Bitcoin and its underlying Nakamoto consensus. Therefore we describe the inner workings of this protocol in great detail and discuss its relations to other derived systems.

This book constitutes revised selected papers from the First International Conference on Information Systems Security and Privacy, ICISSP 2015, held in Angers, France, in February 2015. The 12 papers presented in this volume were carefully reviewed and selection from a total of 56 submissions. They were organized in topical sections named: data and software security; privacy and confidentiality; mobile systems security; and biometric authentication. The book also contains two invited papers.

This volume constitutes the refereed proceedings of two workshops: the International Cross-Domain Conference and Workshop on Availability, Reliability and Security, CD-ARES 2014, and the 4th International Workshop on Security and Cognitive Informatics for Homeland Defense, SeCIHD 2014, co-located with the International Conference on Availability, Reliability and Security, ARES 2014, held in Fribourg, Switzerland, in September 2014. The 23 revised full papers presented were carefully reviewed and selected from numerous submissions. The papers deal with knowledge management, software security, mobile and social computing, enterprise information systems, homeland security and information processing.

This book constitutes the refereed proceedings of the IFIP WG 8.4, 8.9, TC 5 International Cross-Domain Conference on Availability, Reliability and Security, CD-ARES 2013, held in Regensburg, Germany, in September 2013. The 21 revised papers presented were carefully reviewed and selected for inclusion in the volume. The papers concentrate on the many aspects of information systems bridging the gap between research results in computer science and the many application fields. They are organized in the following topical sections: economic, ethical, legal, multilingual, organizational and social aspects; context-oriented information integration; data/information management as a service; context-oriented information integration and location-aware computing; security and privacy; risk management and business continuity; and security and privacy and location based applications. Also included are 15 papers from a special session on Human-Computer Interaction and Knowledge Discovery (HCI-KDD 2013).

This volume constitutes the refereed proceedings of two workshops: the Second International Workshop on Modern Cryptography and Security Engineering (MoCrySEn 2013) and the Third International Workshop on Security and Cognitive Informatics for Homeland Defense (SeCIHD 2013) held within the framework of the IFIP 8.4, 8.9, TC 5 International Cross-Domain Conference, CD-ARES 2013, in Regensburg, Germany, in September 2013. The 16 revised papers presented at MoCrySEn 2013 were carefully reviewed and selected from 30 submissions. They deal with symmetric-key cryptography, public-key cryptography, algorithmic cryptanalysis, software and hardware implementation of cryptographic algorithms, database encryption, and interaction between cryptographic theory and implementation issues. The 15 papers presented at SeCIHD 2013 are organized in topical sections on cyber security and dependability, network security and privacy, and multimedia technology for homeland defense.

This book constitutes the refereed proceedings of the IFIP WG 8.4, 8.9, TC 5 International Cross Domain Conference and Workshop on Availability, Reliability and Security, CD-ARES 2012, held in Prague, Czech Republic, in August 2012. The 50 revised papers presented were carefully reviewed and selected for inclusion in the volume. The papers concentrate on the many aspects of information systems bridging the gap between research results in computer science and the many application fields. They are organized in the following topical sections: cross-domain applications: aspects of modeling and validation; trust,security, privacy, and safety; mobile applications; data processing and management; retrieval and complex query processing; e-commerce; and papers from the colocated International Workshop on Security and Cognitive Informatics for Homeland Defense, SeCIHD 2012.

This book constitutes the refereed proceedings of the 5th International Conference on Trust and Trustworthy Computing, TRUST 2012, held in Vienna, Austria, in June 2012. The 19 revised full papers presented were carefully reviewed and selected from 48 submissions. The papers are organized in two tracks: a technical track with topics ranging from trusted computing and mobile devices to applied cryptography and physically unclonable functions, and a socio-economic track focusing on the emerging field of usable security.

Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that organizations collect from their processes and tools, and from the opinions of the experts who practice these processes and methods. This book introduces the reader to the fundamentals of empirical research methods, and demonstrates how these methods can be used to hone a secure software development lifecycle based on empirical data and published best practices.

This volume LNCS-IFIP constitutes the refereed proceedings of the 7th IFIP TC 5, TC 12, WG 8.4, WG 8.9, WG 12.9 International Cross-Domain Conference, CD-MAKE 2023 in Benevento, Italy, during August 28 – September 1, 2023.  The 18 full papers presented together were carefully reviewed and selected from 30 submissions. The conference focuses on integrative machine learning approach, considering the importance of data science and visualization for the algorithmic pipeline with a strong emphasis on privacy, data protection, safety and security.

This book constitutes the revised selected papers of the 6th International Conference on Information Systems Security and Privacy, ICISSP 2020, held in Valletta, Malta, in February 2020. The 11 full papers presented were carefully reviewed and selected from a total of 125 submissions. The papers presented in this volume address various topical research, including new approaches for attack modelling andprevention, incident management and response, and user authentication andaccess control, as well as business and human-oriented aspects such as data pro-tection and privacy, and security awareness.

This book constitutes the refereed proceedings of the 5th IFIP TC 5, TC 12, WG 8.4, WG 8.9, WG 12.9 International Cross-Domain Conference, CD-MAKE 2021, held in virtually in August 2021.The 20 full papers and 2 short papers presented were carefully reviewed and selected from 48 submissions. The cross-domain integration and appraisal of different fields provides an atmosphere to foster different perspectives and opinions; it will offer a platform for novel ideas and a fresh look on the methodologies to put these ideas into business for the benefit of humanity.

This book constitutes the refereed proceedings of the 4th IFIP TC 5, TC 12, WG 8.4, WG 8.9, WG 12.9 International Cross-Domain Conference, CD-MAKE 2020, held in Dublin, Ireland, in August 2020. The 30 revised full papers presented were carefully reviewed and selected from 140 submissions. The cross-domain integration and appraisal of different fields provides an atmosphere to foster different perspectives and opinions; it will offer a platform for novel ideas and a fresh look on the methodologies to put these ideas into business for the benefit of humanity. Due to the Corona pandemic CD-MAKE 2020 was held as a virtual event.

This book constitutes the refereed proceedings of the IFIP TC 5, TC 12, WG 8.4, 8.9, 12.9 International Cross-Domain Conference for Machine Learning and Knowledge Extraction, CD-MAKE 2019, held in Canterbury, UK, in August 2019.The 25 revised full papers presented were carefully reviewed and selected from 45 submissions. The cross-domain integration and appraisal of different fields provides an atmosphere to foster different perspectives and opinions; it will offer a platform for novel ideas and a fresh look on the methodologies to put these ideas into business for the benefit of humanity.

This book constitutes the refereed proceedings of the 6th IFIP TC 5, TC 12, WG 8.4, WG 8.9, WG 12.9 International Cross-Domain Conference, CD-MAKE 2022, held in Vienna, Austria during August 2022.The 23 full papers presented were carefully reviewed and selected from 45 submissions. The papers are covering a wide range from integrative machine learning approach, considering the importance of data science and visualization for the algorithmic pipeline with a strong emphasis on privacy, data protection, safety and security.

This book constitutes the refereed proceedings of the IFIP TC 5, WG 8.4, 8.9, 12.9 International Cross-Domain Conference for Machine Learning and Knowledge Extraction, CD-MAKE 2018, held in Hamburg, Germany, in September 2018. The 25 revised full papers presented were carefully reviewed and selected from 45 submissions. The papers are clustered under the following topical sections: MAKE-Main Track, MAKE-Text, MAKE-Smart Factory, MAKE-Topology, and MAKE Explainable AI.

This book constitutes the refereed proceedings of the IFIP TC 5, WG 8.4, 8.9, 12.9 International Cross-Domain Conference for Machine Learning and Knowledge Extraction, CD-MAKE 2017, held in Reggio, Italy, in August/September 2017. The 24 revised full papers presented were carefully reviewed and selected for inclusion in this volume. The papers deal with fundamental questions and theoretical aspects and cover a wide range of topics in the field of machine learning and knowledge extraction. They are organized in the following topical sections: MAKE topology; MAKE smart factory; MAKE privacy; MAKE VIS; MAKE AAL; and MAKE semantics.

This volume constitutes the refereed proceedings of the IFIP WG 8.4, 8.9, TC 5 International Cross-Domain Conference on Availability, Reliability and Security in Information Systems, CD-ARES 2016, and the Workshop on Privacy Aware Machine Learning for Health Data Science, PAML 2016, co-located with the International Conference on Availability, Reliability and Security, ARES 2016, held in Salzburg, Austria, in September 2016. The 13 revised full papers and 4 short papers presented were carefully reviewed and selected from 23 submissions. They are organized in the following topical sections: Web and semantics; diagnosis, prediction and machine learning; security and privacy; visualization and risk management; and privacy aware machine learning for health data science.

The two-volume set, LNCS 9326 and LNCS 9327 constitutes the refereed proceedings of the 20th European Symposium on Research in Computer Security, ESORICS 2015, held in Vienna, Austria, in September 2015. The 59 revised full papers presented were carefully reviewed and selected from 298 submissions. The papers address issues such as networks and Web security; system security; crypto application and attacks; risk analysis; privacy; cloud security; protocols and attribute-based encryption; code analysis and side-channels; detection and monitoring; authentication; policies; and applied security.

Mobile computing and multimedia technologies continue to expand and change the way we interact with each other on a business and social level. With the increased use of mobile devices and the exchange of information over wireless networks, information systems are able to process and transmit multimedia data in various areas. Contemporary Challenges and Solutions for Mobile and Multimedia Technologies provides comprehensive knowledge on the growth and changes in the field of multimedia and mobile technologies. This reference source highlights the advancements in mobile technology that are beneficial for developers, researchers, and designers.

We are living in a world of mobile multimedia. The field of mobile computing and multimedia is expanding in an unprecedented pace. Indicators are the rapidly increasing penetration of the smart phones and other mobile devices market around the world, which is growing nearly twice as fast as the desktop market. Mobile multimedia is the set of protocols and standards for multimedia information exchange over wireless networks. It enables information systems to process and transmit multimedia data to provide the end user with services from various areas, such as the mobile working place, mobile entertainment, mobile information retrieval, user-generated content and context based services. Innovations in Mobile Multimedia Communications and Applications: New Technologies provides an in-depth coverage of next-generation mobile computing paradigm, including mobile wireless technologies, mobile services and applications, and research and development challenges surrounding backend systems, network infrastructure, and mobile terminals including smart phones and other mobile devices.

The growth of mobile technology has caused considerable changes in the way we interact with one another within both personal and business environments. Advancements in mobile computing and mobile multimedia resonate with engineers, strategists, developers, and managers while also determining the behavior and interaction of end users. Advancing the Next-Generation of Mobile Computing: Emerging Technologies offers historical perspectives on mobile computing, as well as new frameworks and methodologies for mobile networks, intelligent mobile applications, and mobile computing applications. This collection of research aims to inform researchers, designers, and users of mobile technology and promote awareness of new trends and tools in this growing field of study.