FOSAD has been one of the foremost educational events established with the goal of disseminating knowledge in the critical area of security in computer systems and networks. Over the years, both the summer school and the book series have represented a reference point for graduate students and young researchers from academia or industry, interested to approach the field, investigate open problems, and follow priority lines of research. This book presents thoroughly revised versions of nine tutorial lectures given by leading researchers during three International Schools on Foundations of Security Analysis and Design, FOSAD, held in Bertinoro, Italy, in September 2012 and 2013. The topics covered in this book include model-based security, automatic verification of secure applications, information flow analysis, cryptographic voting systems, encryption in the cloud, and privacy preservation.

This State-of-the-Art Survey contains a selection of papers representing state-of-the-art results in the engineering of secure software-based Future Internet services and systems, produced by the NESSoS project researchers. The engineering approach of the Network of Excellence NESSoS, funded by the European Commission, is based on the principle of addressing security concerns from the very beginning in all software development phases, thus contributing to reduce the amount of software vulnerabilities and enabling the systematic treatment of security needs through the engineering process. The 15 papers included in this volume deal with the main NESSoS research areas: security requirements for Future Internet services; creating secure service architectures and secure service design; supporting programming environments for secure and composable services; enabling security assurance and integrating former results in a risk-aware and cost-aware software life-cycle.

This book constitutes the refereed proceedings of the 17th European Symposium on Computer Security, ESORICS 2012, held in Pisa, Italy, in September 2012. The 50 papers included in the book were carefully reviewed and selected from 248 papers. The articles are organized in topical sections on security and data protection in real systems; formal models for cryptography and access control; security and privacy in mobile and wireless networks; counteracting man-in-the-middle attacks; network security; users privacy and anonymity; location privacy; voting protocols and anonymous communication; private computation in cloud systems; formal security models; identity based encryption and group signature; authentication; encryption key and password security; malware and phishing; and software security.

Most probability problems involve random variables indexed by space and/or time. These problems almost always have a version in which space and/or time are taken to be discrete. This volume deals with areas in which the discrete version is more natural than the continuous one, perhaps even the only one than can be formulated without complicated constructions and machinery. The 5 papers of this volume discuss problems in which there has been significant progress in the last few years; they are motivated by, or have been developed in parallel with, statistical physics. They include questions about asymptotic shape for stochastic growth models and for random clusters; existence, location and properties of phase transitions; speed of convergence to equilibrium in Markov chains, and in particular for Markov chains based on models with a phase transition; cut-off phenomena for random walks. The articles can be read independently of each other. Their unifying theme is that of models built on discrete spaces or graphs. Such models are often easy to formulate. Correspondingly, the book requires comparatively little previous knowledge of the machinery of probability.

Second International Workshop on Formal Aspects in Security and Trust is an essential reference for both academic and professional researchers in the field of security and trust.

Because of the complexity and scale of deployment of emerging ICT systems based on web service and grid computing concepts, we also need to develop new, scalable, and more flexible foundational models of pervasive security enforcement across organizational borders and in situations where there is high uncertainty about the identity and trustworthiness of the participating networked entites. On the other hand, the increasingly complex set of building activities sharing different resources but managed with different policies calls for new and business-enabling models of trust between members of virtual organizations and communities that span the boundaries of physical enterprises and loosely structured groups of individuals.

The papers presented in this volume address the challenges posed by "ambient intelligence space" as a future paradigm and the need for a set of concepts, tools and methodologies to enable the user's trust and confidence in the underlying computing infrastructure.

This state-of-the-art volume presents selected papers from the 2nd International Workshop on Formal Aspects in Security and Trust, held in conjuuctions with the 18th IFIP World Computer Congress, August 2004, in Toulouse, France.

The collection will be important not only for computer security experts and researchers but also for teachers and adminstrators interested in security methodologies and research.

This book constitutes the refereed proceedings of the 12th International Conference on Information Security Conference, ISC 2009, held in Pisa, Italy, September 7-9, 2009.

The 29 revised full papers and 9 revised short papers presented were carefully reviewed and selected from 105 submissions. The papers are organized in topical sections on analysis techniques, hash functions, database security and biometrics, algebraic attacks and proxy re-encryption, distributed system security, identity management and authentication, applied cryptography, access control, MAC and nonces, and P2P and Web services.

The present volume contains the proceedings of the 5th International Workshop on Formal Aspects in Security and Trust (FAST 2008), held in Malaga, Spain, October 9-10, 2008. FAST is an event a?liated with the 13th European Sym- sium on Research in Computer Security (ESORICS 2008). FAST 2008 was held under the auspices of the IFIP WG 1.7 on Foundations of Security Analysis and Design. The 5th International Workshop on Formal Aspects in Security and Trust (FAST 2008) aimed at continuing the successful e?ort of the previous three FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. As computing and network infrastructures become increasingly pervasive, and as they carry increasing economic activity, society needs well-matched security and trust mechanisms. These interactions incre- ingly span several enterprises and involve loosely structured communities of - dividuals. Participants in these activities must control interactions with their partners based on trust policies and business logic. Trust-based decisions - fectively determine the security goals for shared information and for access to sensitive or valuable resources. FAST sought for original papers focusing on formal aspects in: security and trust policy models; security protocol design and analysis; formal models of trustand reputation;logicsfor security andtrust;distributed trust management systems;trust-basedreasoning;digitalassetsprotection;dataprotection;privacy and ID issues; information ?ow analysis; language-based security; security and trust aspects in ubiquitous computing; validation/analysis tools; Web service security/trust/privacy; GRID security; security risk assessment; case studies.

This book constitutes the thoroughly refereed post-proceedings of the Fourth International Workshop on Formal Aspects in Security and Trust, FAST 2006, held in Hamilton, Ontario, Canada, August 26-27, 2006.

The 18 revised papers presented were carefully reviewed and selected from 47 submissions. The papers focus of formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies.

This book constitutes the refereed proceedings of the 4th International Conference on Trust Management, iTrust 2006. 30 revised full papers and 4 revised short papers are presented together with 1 keynote paper and 7 trust management tool and systems demonstration reports. Besides technical issues in distributed computing and open systems, topics from law, social sciences, business, and philosophy are addressed.

This book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005.

The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies.

The increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of - search groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. The Int- national School on Foundations of Security Analysis and Design (FOSAD, see http: //www.sti.uniurb.it/events/fosad/)has been one of the foremost events - tablishedwiththegoalofdisseminatingknowledgeinthiscriticalarea, especially for young researchers approaching the ?eld and graduate students coming from less-favoured and non-leading countries. The FOSAD school is held annually at the Residential Centre of Bertinoro (http: //www.ceub.it/), in the fascinating setting of a former convent and ep- copal fortress that has been transformed into a modern conference facility with computing services and Internet access. Since the ?rst school, in 2000, FOSAD hasattractedmorethan250participantsand50lecturersfromallovertheworld. A collection of tutorial lectures from FOSAD 2000 was published in Springer s LNCS volume 2171. Some of the tutorials given at the two successive schools (FOSAD 2001 and 2002) are gathered in a second volume, LNCS 2946. To c- tinue this tradition, the present volume collects a set of tutorials fromthe fourth FOSAD, held in 2004, and from FOSAD 2005."

Second International Workshop on Formal Aspects in Security and Trust is an essential reference for both academic and professional researchers in the field of security and trust.

Because of the complexity and scale of deployment of emerging ICT systems based on web service and grid computing concepts, we also need to develop new, scalable, and more flexible foundational models of pervasive security enforcement across organizational borders and in situations where there is high uncertainty about the identity and trustworthiness of the participating networked entites. On the other hand, the increasingly complex set of building activities sharing different resources but managed with different policies calls for new and business-enabling models of trust between members of virtual organizations and communities that span the boundaries of physical enterprises and loosely structured groups of individuals.

The papers presented in this volume address the challenges posed by "ambient intelligence space" as a future paradigm and the need for a set of concepts, tools and methodologies to enable the user's trust and confidence in the underlying computing infrastructure.

This state-of-the-art volume presents selected papers from the 2nd International Workshop on Formal Aspects in Security and Trust, held in conjuuctions with the 18th IFIP World Computer Congress, August 2004, in Toulouse, France.

The collection will be important not only for computer security experts and researchers but also for teachers and adminstrators interested in security methodologies and research.

Most probability problems involve random variables indexed by space and/or time. These problems almost always have  a version in which space and/or time are taken to be discrete. This volume deals with areas in which the discrete version is more natural than the continuous one, perhaps even the only one than can be formulated without complicated constructions and machinery. The 5 papers of this volume discuss problems in which there has been significant progress in the last few years; they are motivated by, or have been developed in parallel with, statistical physics. They include questions about asymptotic shape for stochastic growth models and for random clusters; existence, location and properties of phase transitions; speed of convergence to equilibrium in Markov chains, and in particular for Markov chains based on models with a phase transition; cut-off phenomena for random walks. The articles can be read independently of each other. Their unifying theme is that of models built on discrete spaces or graphs. Such models are often easy to formulate. Correspondingly, the book requires comparatively little previous knowledge of the machinery of probability.

This book constitutes the proceedings of the 18th International Conference on Service-Oriented Computing, ICSOC 2020, which was planned to take place in Dubai, UAE, during December 14-17, 2020. Due to the COVID-19 pandemic the conference was held online. The 23 full, 16 short, and 3 industry papers included in this volume were carefully reviewed and selected from 137 submissions. They were organized in topical sections named: microservices; Internet of Things; services at the edge; machine learning for service oriented computing; smart data and smart services; service oriented technology trends; industry papers.

This book describes cyber-security issues underpinning several cyber-physical systems and several application domains, proposing a common perspective able to collect similarities as well as depict divergences and specific solution methods. Special attention is given to those approaches and technologies that unleash the power of collaboration among stakeholders, in a field based often developed in isolation and segregation of information. Given the pervasively growing dependency of society on IT technology, and the corresponding proliferation of cyber-threats, there is both an imperative need and opportunity to develop a coherent set of techniques to cope with the changing nature of the upcoming cyber-security challenges. These include evolving threats and new technological means to exploit vulnerabilities of cyber-physical systems that have direct socio-technical, societal and economic consequences for Europe and the world. We witness cyber-attacks on large scale infrastructures for energy, transport, healthcare systems and smart systems. The interplay between security and safety issues is now paramount and will be even more relevant in the future. The book collects contributions from a number of scientists in Europe and presents the results of several European Projects, as NeCS, SPARTA, E-CORRIDOR and C3ISP. It will be of value to industrial researchers, practitioners and engineers developing cyber-physical solutions, as well as academics and students in cyber-security, ICT, and smart technologies in general.

This book constitutes the refereed proceedings of the 11th International Workshop on Data Privacy Management, DPM 2016 and the 5th International Workshop on Quantitative Aspects in Security Assurance, QASA 2016, held in Heraklion, Crete, Greece, in September 2016. 9 full papers and 4 short papers out of 24 submissions are included in the DPM 2016 Workshop. They are organized around areas related to the management of privacy-sensitive informations, such as translation of high-level business goals into system-level privacy policies; administration of sensitive identifiers; data integration and privacy engineering. The QASA workshop centeres around research topics with a particular emphasis on the techniques for service oriented architectures, including aspects of dependability, privacy, risk and trust. Three full papers and one short papers out of 8 submissions are included in QASA 2016.

FOSAD has been one of the foremost educational events established with the goal of disseminating knowledge in the critical area of security in computer systems and networks. Over the years, both the summer school and the book series have represented a reference point for graduate students and young researchers from academia and industry, interested to approach the field, investigate open problems, and follow priority lines of research. This book presents thoroughly revised versions of four tutorial lectures given by leading researchers during three International Schools on Foundations of Security Analysis and Design, FOSAD, held in Bertinoro, Italy, in September 2014, 2015 and 2016. The topics covered in this book include zero-knowledge proof systems, JavaScript sandboxing, assessment of privacy, and distributed authorization.

This book constitutes the revised selected papers of the 10th International Workshop on Data Privacy Management, DPM 2015, and the 4th International Workshop on Quantitative Aspects in Security Assurance, QASA 2015, held in Vienna, Austria, in September 2015, co-located with the 20th European Symposium on Research in Computer Security, ESORICS 2015. In the DPM 2015 workshop edition, 39 submissions were received. In the end, 8 full papers, accompanied by 6 short papers, 2 position papers and 1 keynote were presented in this volume. The QASA workshop series responds to the increasing demand for techniques to deal with quantitative aspects of security assurance at several levels of the development life-cycle of systems and services, from requirements elicitation to run-time operation and maintenance. QASA 2015 received 11 submissions, of which 4 papers are presented in this volume as well.

This book constitutes the revised selected papers of the 9th International Workshop on Data Privacy Management, DPM 2014, the 7th International Workshop on Autonomous and Spontaneous Security, SETOP 2014, and the 3rd International Workshop on Quantitative Aspects in Security Assurance, held in Wroclaw, Poland, in September 2014, co-located with the 19th European Symposium on Research in Computer Security (ESORICS 2014). The volume contains 7 full and 4 short papers plus 1 keynote talk from the DPM workshop; 2 full papers and 1 keynote talk from the SETOP workshop; and 7 full papers and 1 keynote talk from the QASA workshop - selected out of 52 submissions. The papers are organized in topical sections on data privacy management; autonomous and spontaneous security; and quantitative aspects in security assurance.

The Lecture Notes collect seven mini-courses presented at the 5th Prague Summer School on Mathematical Statistical Physics that took placeduringtwoweeksofSeptember2006.Aswithprecedingschools, it was aimed at PhD students and young postdocs. The central theme of the volume is what could be called "mathematics of phase transitions" in diverse contexts. Even though all courses were meant to introduce the reader to recent progress of a particular topic of modern statis- cal physics, attention has been paid to providing a solid grounding by carefully developing various basic tools. One of the techniques that led, more than two decades ago, to a seriesofimportantoutcomesinthetheoryofphasetransitionsoflattice models was re?ection positivity. Recently it resurfaced and was used to obtain interesting new results in various settings. The lectures of Marek Biskup include a thorough introduction to re?ection positivity as well as a review of its recent applications. In addition, it contains a crash course on lattice spin models that is useful as a background for other lectures of the collection. Also the following two contributions concern equilibrium statistical physics.ThelecturesofDmitriIo?earedevotedtoastochasticgeom- ricreformulationofclassicalaswellasquantumIsingmodels.Auni?ed approachtotheFortuin-Kasteleynandrandomcurrentrepresentations in terms of path integrals is presented. Statistical mechanics of directed polymers interacting with o- dimensionalspatiale?ectsisatopicwithvariousapplicationsinphysics and biophysics. The lectures of Fabio Toninelli are devoted to a th- ough discussion of the localization/delocalization transition in these models.