Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
ICT systems security and privacy protection : 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22-24, 2021 : proceedings / / Audun Josang, Lynn Futcher, Janne Hagen, editors
| ICT systems security and privacy protection : 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22-24, 2021 : proceedings / / Audun Josang, Lynn Futcher, Janne Hagen, editors |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2021] |
| Descrizione fisica | 1 online resource (447 pages) |
| Disciplina | 005.8 |
| Collana | IFIP Advances in Information and Communication Technology |
| Soggetto topico |
Computer security
Computer networks - Security measures |
| ISBN | 3-030-78120-8 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- About IFIP Technical Committee 11 -- Organization -- Contents -- Digital Signatures -- XML Signature Wrapping Still Considered Harmful: A Case Study on the Personal Health Record in Germany -- 1 Introduction -- 2 Background: XML Signature Wrapping (XSW) -- 3 Personal Health Record (PHR) in Germany -- 4 XSW Vulnerable PHR in Germany -- 4.1 Specification Weaknesses -- 4.2 Attack Goals -- 4.3 Proof of Concept -- 5 Robust XML Signature Guidelines -- 5.1 XML Signature Generation Guideline -- 5.2 XML Signature Verification Guideline -- 6 Case-Based Evaluation -- 7 Discussion and Limitations -- 8 Conclusion and Outlook -- References -- Trust Me If You Can: Trusted Transformation Between (JSON) Schemas to Support Global Authentication of Education Credentials -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Architecture Overview -- 5 Issuer Authorization -- 6 Credential Transformation -- 7 Prototype -- 8 Discussion -- 9 Conclusion -- References -- SIUV: A Smart Car Identity Management and Usage Control System Based on Verifiable Credentials -- 1 Introduction -- 2 Background -- 2.1 Access and Usage Control -- 2.2 Abbreviated Language for Authorisation (ALFA) -- 2.3 Verifiable Credentials (VCs) -- 3 SIUV -- 3.1 Usage Control System Plus (UCS+) -- 3.2 SIUV Security Token Service (STS) -- 3.3 SIUV Architecture -- 3.4 Revocation of VCs -- 4 Experimental Evaluation -- 4.1 Use Case -- 4.2 Test Cases -- 5 Conclusion and Future Work -- References -- Vulnerability Management -- A Performance Assessment of Free-to-Use Vulnerability Scanners - Revisited -- 1 Introduction -- 2 Related Work -- 3 Experimentation and Setup -- 3.1 Scanners Technical Features -- 3.2 Test-Bed Design and Setup -- 4 Results and Analysis -- 5 Conclusions -- References -- QuickBCC: Quick and Scalable Binary Vulnerable Code Clone Detection -- 1 Introduction.
2 Related Works -- 2.1 Source Code Clone Detection -- 2.2 Binary Code Clone Detection -- 3 Approach -- 3.1 Similarity and Equivalence Metric -- 3.2 Binary Preprocessor -- 3.3 Vulnerability Signature Generator -- 3.4 Code Clone Detector -- 4 Evaluation -- 4.1 Environmental Setup -- 4.2 Vulnerable Code Clone Detection -- 4.3 Comparison -- 5 Discussion and Future Work -- 5.1 Robustness to Multiple Compile Environments -- 5.2 Better Vulnerability Signature Generation -- 6 Conclusion -- References -- Automatic Inference of Taint Sources to Discover Vulnerabilities in SOHO Router Firmware -- 1 Introduction -- 2 Background and Motivation -- 2.1 Typical Architecture of SOHO Router -- 2.2 Key-Value Features -- 3 Detailed Design -- 3.1 Key-Value Taint Source Inferring -- 3.2 Static Taint Analysis -- 4 Evaluation -- 4.1 Implementation -- 4.2 Experiment Setup -- 4.3 Key-Value Taint Source Inferring -- 4.4 Effectiveness of Vulnerability Detection -- 4.5 Comparison -- 5 Discussion -- 6 Related Work -- 7 Conclusion -- References -- Covert Channels and Cryptography -- ESQABE: Predicting Encrypted Search Queries -- 1 Introduction -- 2 Related Work -- 3 ESQABE: Encrypted Search Query Analysis by Eavesdropping -- 3.1 Prerequisites -- 3.2 Step 1: Extracting Search Query Length-1em -- 3.3 Step 2: Identifying Opened Search Results -- 3.4 Step 3: Visiting Home Pages of Websites -- 3.5 Step 4: Wikipedia -- 3.6 Vulnerable Search Engines -- 4 Experimental Evaluation -- 4.1 Approach -- 4.2 Results -- 5 Defense Mechanisms -- 6 Conclusion -- References -- Reconnection-Based Covert Channels in Wireless Networks -- 1 Introduction -- 2 Fundamentals and Related Work -- 3 Concept and Implementation -- 4 Covert Channel Method 1 -- 4.1 Covert Sender -- 4.2 Covert Receiver -- 4.3 Evaluation -- 5 Covert Channel Method 2 -- 5.1 Covert Sender -- 5.2 Covert Receiver -- 5.3 Evaluation. 6 Passive Countermeasures: Covert Channel Detection -- 6.1 Detection of Covert Channel Method 1 -- 6.2 Detection of Covert Channel Method 2 -- 6.3 Evaluation of Detection Methods -- 7 Active Countermeasures: Covert Channel Limitation -- 8 Comparison with Other Covert Channels -- 8.1 Kraetzer et al.: WLAN Steganography -- 8.2 Zhao: Covert Channels in 802.11e Wireless Networks -- 9 Conclusion -- References -- Minecraft Altered Skin Channel (MASC) -- 1 Introduction -- 2 Background -- 3 Minecraft Skin Channel -- 4 Encoding and Decoding -- 4.1 Encoding -- 4.2 Decoding -- 5 Performance -- 6 Countermeasures -- 7 Conclusion and Future Works -- References -- Lattice-Based Weak Curve Fault Attack on ECDSA -- 1 Introduction -- 1.1 Existing Work on Fault Attacks -- 1.2 Our Approach -- 2 Preliminaries -- 2.1 ECDSA Digital Signature Algorithm -- 2.2 Smoothness of Weak Curve Order -- 2.3 Existing Fault Attacks on Weak Curves -- 2.4 Lattice Basis Reduction -- 3 Lattice-Based Weak Curve Attack -- 3.1 Fault Model -- 3.2 Proposed Fault Attack on Weak Curves -- 3.3 Proposed Lattice-Based ECDSA Key Recovery Algorithm -- 3.4 Attack on ECDSA with Scalar Masking -- 3.5 The Density of Smooth Numbers -- 4 Experimental Analysis -- 5 Conclusion -- References -- Application and System Security -- HyperSec: Visual Analytics for Blockchain Security Monitoring -- 1 Introduction -- 2 Related Work -- 3 Blockchain Security Monitoring -- 3.1 Blockchain Security Monitoring Process -- 3.2 Users -- 3.3 Tasks -- 3.4 Data Elements -- 3.5 Design Requirements -- 4 HyperSec: Hyperledger Security Monitoring Using Visual Analytics -- 4.1 Architecture and Technology -- 4.2 Visual Representations and Interactions -- 5 Evaluation -- 6 Discussion -- 7 Conclusion -- References -- 100 Popular Open-Source Infosec Tools -- 1 Introduction -- 2 Methods -- 2.1 Collecting a Corpus of Tools. 2.2 Google Tool Name Search -- 2.3 Google Tool URL Search -- 2.4 Twitter Tool Name Search -- 2.5 SecTools.org Ranking -- 2.6 GitHub Stars -- 2.7 Tool Cross-references -- 2.8 Aggregate Popularity Metric -- 2.9 Dividing Tools into Categories -- 3 Results -- 3.1 Most Popular Tools -- 3.2 Reliability of the Results -- 3.3 Most Popular Tools per Category -- 3.4 Availability of the Result Data -- 4 Discussion -- 4.1 Future Work -- References -- RootAsRole: Towards a Secure Alternative to sudo/su Commands for Home Users and SME Administrators -- 1 Introduction -- 2 Linux Capabilities -- 3 Related Works -- 4 RootAsRole Module -- 5 Motivation Scenario -- 6 Discussion, Limitations and Conclusions -- References -- Privacy -- Accept All: The Landscape of Cookie Banners in Greece and the UK -- 1 Introduction -- 2 Related Work -- 3 Research Questions, Methodology, and Implementation -- 3.1 Building the Target List -- 3.2 Collecting Cookie Banners -- 3.3 Classifying and Normalising the Data -- 4 Data and Results -- 4.1 The Collected Dataset -- 4.2 Findings -- 5 Conclusion -- References -- The AppChk Crowd-Sourcing Platform: Which Third Parties are iOS Apps Talking To? -- 1 Introduction -- 2 Related Work -- 3 Our Approach -- 3.1 Design Goals -- 3.2 App Recordings -- 3.3 Continuous Monitoring -- 4 Evaluation -- 4.1 Use Case: Tracker Detection -- 4.2 Use Case: Comparing Apps and App Groups -- 4.3 Comparison: iOS13 vs. iOS14 -- 5 Discussion -- 6 Conclusion -- References -- Compiling Personal Data and Subject Categories from App Data Models -- 1 Introduction -- 2 Related Work -- 3 Schemalyser Approach -- 3.1 Seed Identification -- 3.2 Identifiability Markup -- 3.3 Role Determination -- 3.4 Decisive Role Selection -- 3.5 Condensed PD Listing -- 4 Evaluation -- 4.1 Interaction Cost and Complexity -- 4.2 Degree of Condensation -- 5 Integration into Development Workflows. 6 Conclusion -- References -- Privacy Concerns Go Hand in Hand with Lack of Knowledge: The Case of the German Corona-Warn-App -- 1 Introduction -- 2 Related Work -- 3 Methodology -- 3.1 Questionnaire -- 3.2 Data Collection and Demographics -- 4 Results -- 4.1 Analysis of Knowledge and Its Relation to Demographics -- 4.2 Privacy Concerns -- 4.3 Relationship of Knowledge and Concerns -- 5 Discussion -- 5.1 Knowledge -- 5.2 Concerns -- 5.3 Knowledge vs. Concerns vs. CWA -- 5.4 Limitations -- 6 Conclusion and Future Work -- A Survey Questionnaire -- References -- Perceived Privacy Problems Within Digital Contact Tracing: A Study Among Swedish Citizens -- 1 Introduction -- 2 Background -- 2.1 Surveillance -- 2.2 Identification -- 2.3 Aggregation -- 2.4 Secondary Use -- 2.5 Disclosure -- 2.6 Stigma -- 2.7 Perceived Privacy Problems and Digital Contact Tracing Apps -- 3 Methodology -- 4 Results -- 5 Discussion and Conclusion -- References -- Network Security -- Secure and Scalable IoT: An IoT Network Platform Based on Network Overlay and MAC Security -- 1 Introduction -- 2 Related Work -- 2.1 L2TP (Layer 2 Tunneling Protocol) -- 2.2 MACsec (802.1AE, MAC Security) -- 2.3 VXLAN (Virtual Extensible LAN) -- 3 Problem Analysis -- 3.1 Security Threats on the IoT Network -- 3.2 Limitations of IoT Application Protocol -- 3.3 Security Threat Modeling Using STRIDE -- 4 Secure and Scalable IoT (SSI) Model -- 4.1 Overview -- 4.2 L2TP and VXLAN Based Overlay Network -- 4.3 End-to-End Encryption Using MACsec -- 4.4 Network Architecture -- 5 Evaluation -- 6 Conclusion -- References -- Enriching DNS Flows with Host-Based Events to Bypass Future Protocol Encryption -- 1 Introduction -- 2 Related Work -- 3 Event and Flow Capture Model -- 4 Event and Flow Matching Methods -- 4.1 Parameter-Based Matching Method -- 4.2 Time-Based Matching Method -- 4.3 Combined Matching Method. 5 DNS Communication Dataset. |
| Record Nr. | UNISA-996464489603316 |
| Cham, Switzerland : , : Springer, , [2021] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
ICT systems security and privacy protection : 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22-24, 2021 : proceedings / / Audun Josang, Lynn Futcher, Janne Hagen, editors
| ICT systems security and privacy protection : 36th IFIP TC 11 International Conference, SEC 2021, Oslo, Norway, June 22-24, 2021 : proceedings / / Audun Josang, Lynn Futcher, Janne Hagen, editors |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2021] |
| Descrizione fisica | 1 online resource (447 pages) |
| Disciplina | 005.8 |
| Collana | IFIP Advances in Information and Communication Technology |
| Soggetto topico |
Computer security
Computer networks - Security measures |
| ISBN | 3-030-78120-8 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- About IFIP Technical Committee 11 -- Organization -- Contents -- Digital Signatures -- XML Signature Wrapping Still Considered Harmful: A Case Study on the Personal Health Record in Germany -- 1 Introduction -- 2 Background: XML Signature Wrapping (XSW) -- 3 Personal Health Record (PHR) in Germany -- 4 XSW Vulnerable PHR in Germany -- 4.1 Specification Weaknesses -- 4.2 Attack Goals -- 4.3 Proof of Concept -- 5 Robust XML Signature Guidelines -- 5.1 XML Signature Generation Guideline -- 5.2 XML Signature Verification Guideline -- 6 Case-Based Evaluation -- 7 Discussion and Limitations -- 8 Conclusion and Outlook -- References -- Trust Me If You Can: Trusted Transformation Between (JSON) Schemas to Support Global Authentication of Education Credentials -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Architecture Overview -- 5 Issuer Authorization -- 6 Credential Transformation -- 7 Prototype -- 8 Discussion -- 9 Conclusion -- References -- SIUV: A Smart Car Identity Management and Usage Control System Based on Verifiable Credentials -- 1 Introduction -- 2 Background -- 2.1 Access and Usage Control -- 2.2 Abbreviated Language for Authorisation (ALFA) -- 2.3 Verifiable Credentials (VCs) -- 3 SIUV -- 3.1 Usage Control System Plus (UCS+) -- 3.2 SIUV Security Token Service (STS) -- 3.3 SIUV Architecture -- 3.4 Revocation of VCs -- 4 Experimental Evaluation -- 4.1 Use Case -- 4.2 Test Cases -- 5 Conclusion and Future Work -- References -- Vulnerability Management -- A Performance Assessment of Free-to-Use Vulnerability Scanners - Revisited -- 1 Introduction -- 2 Related Work -- 3 Experimentation and Setup -- 3.1 Scanners Technical Features -- 3.2 Test-Bed Design and Setup -- 4 Results and Analysis -- 5 Conclusions -- References -- QuickBCC: Quick and Scalable Binary Vulnerable Code Clone Detection -- 1 Introduction.
2 Related Works -- 2.1 Source Code Clone Detection -- 2.2 Binary Code Clone Detection -- 3 Approach -- 3.1 Similarity and Equivalence Metric -- 3.2 Binary Preprocessor -- 3.3 Vulnerability Signature Generator -- 3.4 Code Clone Detector -- 4 Evaluation -- 4.1 Environmental Setup -- 4.2 Vulnerable Code Clone Detection -- 4.3 Comparison -- 5 Discussion and Future Work -- 5.1 Robustness to Multiple Compile Environments -- 5.2 Better Vulnerability Signature Generation -- 6 Conclusion -- References -- Automatic Inference of Taint Sources to Discover Vulnerabilities in SOHO Router Firmware -- 1 Introduction -- 2 Background and Motivation -- 2.1 Typical Architecture of SOHO Router -- 2.2 Key-Value Features -- 3 Detailed Design -- 3.1 Key-Value Taint Source Inferring -- 3.2 Static Taint Analysis -- 4 Evaluation -- 4.1 Implementation -- 4.2 Experiment Setup -- 4.3 Key-Value Taint Source Inferring -- 4.4 Effectiveness of Vulnerability Detection -- 4.5 Comparison -- 5 Discussion -- 6 Related Work -- 7 Conclusion -- References -- Covert Channels and Cryptography -- ESQABE: Predicting Encrypted Search Queries -- 1 Introduction -- 2 Related Work -- 3 ESQABE: Encrypted Search Query Analysis by Eavesdropping -- 3.1 Prerequisites -- 3.2 Step 1: Extracting Search Query Length-1em -- 3.3 Step 2: Identifying Opened Search Results -- 3.4 Step 3: Visiting Home Pages of Websites -- 3.5 Step 4: Wikipedia -- 3.6 Vulnerable Search Engines -- 4 Experimental Evaluation -- 4.1 Approach -- 4.2 Results -- 5 Defense Mechanisms -- 6 Conclusion -- References -- Reconnection-Based Covert Channels in Wireless Networks -- 1 Introduction -- 2 Fundamentals and Related Work -- 3 Concept and Implementation -- 4 Covert Channel Method 1 -- 4.1 Covert Sender -- 4.2 Covert Receiver -- 4.3 Evaluation -- 5 Covert Channel Method 2 -- 5.1 Covert Sender -- 5.2 Covert Receiver -- 5.3 Evaluation. 6 Passive Countermeasures: Covert Channel Detection -- 6.1 Detection of Covert Channel Method 1 -- 6.2 Detection of Covert Channel Method 2 -- 6.3 Evaluation of Detection Methods -- 7 Active Countermeasures: Covert Channel Limitation -- 8 Comparison with Other Covert Channels -- 8.1 Kraetzer et al.: WLAN Steganography -- 8.2 Zhao: Covert Channels in 802.11e Wireless Networks -- 9 Conclusion -- References -- Minecraft Altered Skin Channel (MASC) -- 1 Introduction -- 2 Background -- 3 Minecraft Skin Channel -- 4 Encoding and Decoding -- 4.1 Encoding -- 4.2 Decoding -- 5 Performance -- 6 Countermeasures -- 7 Conclusion and Future Works -- References -- Lattice-Based Weak Curve Fault Attack on ECDSA -- 1 Introduction -- 1.1 Existing Work on Fault Attacks -- 1.2 Our Approach -- 2 Preliminaries -- 2.1 ECDSA Digital Signature Algorithm -- 2.2 Smoothness of Weak Curve Order -- 2.3 Existing Fault Attacks on Weak Curves -- 2.4 Lattice Basis Reduction -- 3 Lattice-Based Weak Curve Attack -- 3.1 Fault Model -- 3.2 Proposed Fault Attack on Weak Curves -- 3.3 Proposed Lattice-Based ECDSA Key Recovery Algorithm -- 3.4 Attack on ECDSA with Scalar Masking -- 3.5 The Density of Smooth Numbers -- 4 Experimental Analysis -- 5 Conclusion -- References -- Application and System Security -- HyperSec: Visual Analytics for Blockchain Security Monitoring -- 1 Introduction -- 2 Related Work -- 3 Blockchain Security Monitoring -- 3.1 Blockchain Security Monitoring Process -- 3.2 Users -- 3.3 Tasks -- 3.4 Data Elements -- 3.5 Design Requirements -- 4 HyperSec: Hyperledger Security Monitoring Using Visual Analytics -- 4.1 Architecture and Technology -- 4.2 Visual Representations and Interactions -- 5 Evaluation -- 6 Discussion -- 7 Conclusion -- References -- 100 Popular Open-Source Infosec Tools -- 1 Introduction -- 2 Methods -- 2.1 Collecting a Corpus of Tools. 2.2 Google Tool Name Search -- 2.3 Google Tool URL Search -- 2.4 Twitter Tool Name Search -- 2.5 SecTools.org Ranking -- 2.6 GitHub Stars -- 2.7 Tool Cross-references -- 2.8 Aggregate Popularity Metric -- 2.9 Dividing Tools into Categories -- 3 Results -- 3.1 Most Popular Tools -- 3.2 Reliability of the Results -- 3.3 Most Popular Tools per Category -- 3.4 Availability of the Result Data -- 4 Discussion -- 4.1 Future Work -- References -- RootAsRole: Towards a Secure Alternative to sudo/su Commands for Home Users and SME Administrators -- 1 Introduction -- 2 Linux Capabilities -- 3 Related Works -- 4 RootAsRole Module -- 5 Motivation Scenario -- 6 Discussion, Limitations and Conclusions -- References -- Privacy -- Accept All: The Landscape of Cookie Banners in Greece and the UK -- 1 Introduction -- 2 Related Work -- 3 Research Questions, Methodology, and Implementation -- 3.1 Building the Target List -- 3.2 Collecting Cookie Banners -- 3.3 Classifying and Normalising the Data -- 4 Data and Results -- 4.1 The Collected Dataset -- 4.2 Findings -- 5 Conclusion -- References -- The AppChk Crowd-Sourcing Platform: Which Third Parties are iOS Apps Talking To? -- 1 Introduction -- 2 Related Work -- 3 Our Approach -- 3.1 Design Goals -- 3.2 App Recordings -- 3.3 Continuous Monitoring -- 4 Evaluation -- 4.1 Use Case: Tracker Detection -- 4.2 Use Case: Comparing Apps and App Groups -- 4.3 Comparison: iOS13 vs. iOS14 -- 5 Discussion -- 6 Conclusion -- References -- Compiling Personal Data and Subject Categories from App Data Models -- 1 Introduction -- 2 Related Work -- 3 Schemalyser Approach -- 3.1 Seed Identification -- 3.2 Identifiability Markup -- 3.3 Role Determination -- 3.4 Decisive Role Selection -- 3.5 Condensed PD Listing -- 4 Evaluation -- 4.1 Interaction Cost and Complexity -- 4.2 Degree of Condensation -- 5 Integration into Development Workflows. 6 Conclusion -- References -- Privacy Concerns Go Hand in Hand with Lack of Knowledge: The Case of the German Corona-Warn-App -- 1 Introduction -- 2 Related Work -- 3 Methodology -- 3.1 Questionnaire -- 3.2 Data Collection and Demographics -- 4 Results -- 4.1 Analysis of Knowledge and Its Relation to Demographics -- 4.2 Privacy Concerns -- 4.3 Relationship of Knowledge and Concerns -- 5 Discussion -- 5.1 Knowledge -- 5.2 Concerns -- 5.3 Knowledge vs. Concerns vs. CWA -- 5.4 Limitations -- 6 Conclusion and Future Work -- A Survey Questionnaire -- References -- Perceived Privacy Problems Within Digital Contact Tracing: A Study Among Swedish Citizens -- 1 Introduction -- 2 Background -- 2.1 Surveillance -- 2.2 Identification -- 2.3 Aggregation -- 2.4 Secondary Use -- 2.5 Disclosure -- 2.6 Stigma -- 2.7 Perceived Privacy Problems and Digital Contact Tracing Apps -- 3 Methodology -- 4 Results -- 5 Discussion and Conclusion -- References -- Network Security -- Secure and Scalable IoT: An IoT Network Platform Based on Network Overlay and MAC Security -- 1 Introduction -- 2 Related Work -- 2.1 L2TP (Layer 2 Tunneling Protocol) -- 2.2 MACsec (802.1AE, MAC Security) -- 2.3 VXLAN (Virtual Extensible LAN) -- 3 Problem Analysis -- 3.1 Security Threats on the IoT Network -- 3.2 Limitations of IoT Application Protocol -- 3.3 Security Threat Modeling Using STRIDE -- 4 Secure and Scalable IoT (SSI) Model -- 4.1 Overview -- 4.2 L2TP and VXLAN Based Overlay Network -- 4.3 End-to-End Encryption Using MACsec -- 4.4 Network Architecture -- 5 Evaluation -- 6 Conclusion -- References -- Enriching DNS Flows with Host-Based Events to Bypass Future Protocol Encryption -- 1 Introduction -- 2 Related Work -- 3 Event and Flow Capture Model -- 4 Event and Flow Matching Methods -- 4.1 Parameter-Based Matching Method -- 4.2 Time-Based Matching Method -- 4.3 Combined Matching Method. 5 DNS Communication Dataset. |
| Record Nr. | UNINA-9910485594503321 |
| Cham, Switzerland : , : Springer, , [2021] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Identity and Privacy in the Internet Age [[electronic resource] ] : 14th Nordic Conference on Secure IT Systems, NordSec 2009, Oslo, Norway, 14-16 October 2009, Proceedings / / edited by Audun Jøsang, Torleiv Maseng, Svein J. Knapskog
| Identity and Privacy in the Internet Age [[electronic resource] ] : 14th Nordic Conference on Secure IT Systems, NordSec 2009, Oslo, Norway, 14-16 October 2009, Proceedings / / edited by Audun Jøsang, Torleiv Maseng, Svein J. Knapskog |
| Edizione | [1st ed. 2009.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2009 |
| Descrizione fisica | 1 online resource (X, 303 p.) |
| Disciplina | 005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Application software
Information storage and retrieval Coding theory Information theory Computer security Data structures (Computer science) Data encryption (Computer science) Computer Applications Information Storage and Retrieval Coding and Information Theory Systems and Data Security Data Structures and Information Theory Cryptology |
| Soggetto genere / forma |
Kongress.
Oslo (2009) |
| ISBN | 3-642-04766-1 |
| Classificazione |
DAT 461f
SS 4800 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Session 1: Anonymity and Privacy -- On the Effectiveness of Privacy Breach Disclosure Legislation in Europe: Empirical Evidence from the US Stock Market -- Facilitating the Adoption of Tor by Focusing on a Promising Target Group -- A Parallelism-Based Approach to Network Anonymization -- Security Usability of Petname Systems -- Session 2: Modelling and Design -- An Analysis of Widget Security -- Trade-Offs in Cryptographic Implementations of Temporal Access Control -- Blunting Differential Attacks on PIN Processing APIs -- Session 3: Network Layer Security -- Characterising Anomalous Events Using Change - Point Correlation on Unsolicited Network Traffic -- An Improved Attack on TKIP -- Session 4: Security for Mobile Users -- ContikiSec: A Secure Network Layer for Wireless Sensor Networks under the Contiki Operating System -- A Mechanism for Identity Delegation at Authentication Level -- Introducing Sim-Based Security Tokens as Enabling Technology for Mobile Real-Time Services -- Towards True Random Number Generation in Mobile Environments -- Session 5: Embedded Systems and Mechanisms -- Towards Modelling Information Security with Key-Challenge Petri Nets -- Security and Trust for the Norwegian E-Voting Pilot Project E-valg 2011 -- Advanced SIM Capabilities Supporting Trust-Based Applications -- Towards Practical Enforcement Theories -- Session 6: Protocols and Protocol Analysis -- Security Analysis of AN.ON’s Payment Scheme -- Formal Analysis of the Estonian Mobile-ID Protocol -- Generating In-Line Monitors for Rabin Automata. |
| Record Nr. | UNISA-996465313803316 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2009 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Secure IT Systems [[electronic resource] ] : 17th Nordic Conference, NordSec 2012, Karlskrona, Sweden, October 31 -- November 2, 2012, Proceedings / / edited by Audun Jøsang, Bengt Carlsson
| Secure IT Systems [[electronic resource] ] : 17th Nordic Conference, NordSec 2012, Karlskrona, Sweden, October 31 -- November 2, 2012, Proceedings / / edited by Audun Jøsang, Bengt Carlsson |
| Edizione | [1st ed. 2012.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2012 |
| Descrizione fisica | 1 online resource (X, 247 p. 62 illus.) |
| Disciplina | a005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
Data structures (Computer science) Coding theory Information theory Data encryption (Computer science) Application software Management information systems Computer science Systems and Data Security Data Structures and Information Theory Coding and Information Theory Cryptology Information Systems Applications (incl. Internet) Management of Computing and Information Systems |
| Soggetto genere / forma | Conference proceedings. |
| ISBN | 3-642-34210-8 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Designed to Fail: A USB-Connected Reader for Online Banking -- Security Add-Ons for Mobile Platforms -- THAPS: Automated Vulnerability Scanning of PHP Applications -- Cyber security exercises and competitions as a platform for cyber security experiments -- The Development of Cyber Security Warning, Advice & Report Points -- Towards an Empirical Examination of IT Security Infrastructures in SME -- How to Select a Security Requirements Method? A comparative study with students and practitioners -- There is Safety in Numbers: Preventing Control-Flow Hijacking by Duplication -- Coinductive Unwinding of Security-Relevant -- Retooling and Securing Systemic Debugging -- Cracking Associative Passwords -- A Hybrid Approach for Highly Available & Secure Storage of Pseudo-SSO Credentials -- Assessing the Quality of Packet-Level Traces Collected on Internet Backbone Links -- Everything but the Kitchen Sink: Determining the effect of multiple attacks on privacy preserving technology users -- Can We Identify Manipulative Behavior and the Corresponding Suspects on Review Websites using Supervised Learning? -- Privacy-Friendly Cloud Storage for the Data Track. |
| Record Nr. | UNISA-996465301903316 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2012 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Security and Trust Management [[electronic resource] ] : 8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers / / edited by Audun Jøsang, Pierangela Samarati, Marinella Petrocchi
| Security and Trust Management [[electronic resource] ] : 8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers / / edited by Audun Jøsang, Pierangela Samarati, Marinella Petrocchi |
| Edizione | [1st ed. 2013.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2013 |
| Descrizione fisica | 1 online resource (X, 321 p. 74 illus.) |
| Disciplina | 004 |
| Collana | Security and Cryptology |
| Soggetto topico |
Seguridad informática
Management information systems Computer science Data encryption (Computer science) Systems and Data Security Management of Computing and Information Systems Cryptology Computer Science, general |
| ISBN | 3-642-38004-2 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Policy Enforcement and Monitoring -- Cost-Aware Runtime Enforcement of Security Policies -- Enforcing More with Less: Formalizing Target-Aware Run-Time Monitors -- Lazy Security Controllers -- Access Control -- Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-mechanizable Activities -- Labeled Goal-Directed Search in Access Control Logic -- A Use-Based Approach for Enhancing UCON -- Analysis of Communicating Authorization Policies -- Trust, Reputation, and Privacy Building Trust and Reputation In: A Development Framework for Trust Models Implementation -- Matrix Powers Algorithms for Trust Evaluation in Public-Key Infrastructures -- Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy -- Distributed Systems and Physical Security -- Switchwall: Automated Topology Fingerprinting and Behavior Deviation Identification -- DOT-COM: Decentralized Online Trading and COMmerce -- Formalizing Physical Security Procedures -- Authentication -- A PUF-Based Authentication Protocol to Address Ticket-Switching of RFID-Tagged Items -- Authenticating Email Search Results -- Software Authentication to Enhance Trust in Body Sensor Networks -- YubiSecure? Formal Security Analysis Results for the Yubikey and YubiHSM -- Security Policies -- Boosting Model Checking to Analyse Large ARBAC Policies -- Constrained Role Mining -- A Datalog Semantics for Paralocks. |
| Record Nr. | UNISA-996466196303316 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2013 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Security and Trust Management : 8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers / / edited by Audun Jøsang, Pierangela Samarati, Marinella Petrocchi
| Security and Trust Management : 8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers / / edited by Audun Jøsang, Pierangela Samarati, Marinella Petrocchi |
| Edizione | [1st ed. 2013.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2013 |
| Descrizione fisica | 1 online resource (X, 321 p. 74 illus.) |
| Disciplina | 004 |
| Collana | Security and Cryptology |
| Soggetto topico |
Seguridad informática
Management information systems Computer science Data encryption (Computer science) Systems and Data Security Management of Computing and Information Systems Cryptology Computer Science, general |
| ISBN | 3-642-38004-2 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Policy Enforcement and Monitoring -- Cost-Aware Runtime Enforcement of Security Policies -- Enforcing More with Less: Formalizing Target-Aware Run-Time Monitors -- Lazy Security Controllers -- Access Control -- Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-mechanizable Activities -- Labeled Goal-Directed Search in Access Control Logic -- A Use-Based Approach for Enhancing UCON -- Analysis of Communicating Authorization Policies -- Trust, Reputation, and Privacy Building Trust and Reputation In: A Development Framework for Trust Models Implementation -- Matrix Powers Algorithms for Trust Evaluation in Public-Key Infrastructures -- Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy -- Distributed Systems and Physical Security -- Switchwall: Automated Topology Fingerprinting and Behavior Deviation Identification -- DOT-COM: Decentralized Online Trading and COMmerce -- Formalizing Physical Security Procedures -- Authentication -- A PUF-Based Authentication Protocol to Address Ticket-Switching of RFID-Tagged Items -- Authenticating Email Search Results -- Software Authentication to Enhance Trust in Body Sensor Networks -- YubiSecure? Formal Security Analysis Results for the Yubikey and YubiHSM -- Security Policies -- Boosting Model Checking to Analyse Large ARBAC Policies -- Constrained Role Mining -- A Datalog Semantics for Paralocks. |
| Record Nr. | UNINA-9910741159103321 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2013 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||