Information security concerns the confidentiality, integrity, and availability of information processed by a computer system. With an emphasis on prevention, traditional information security research has focused little on the ability to survive successful attacks, which can seriously impair the integrity and availability of a system. Trusted Recovery And Defensive Information Warfare uses database trusted recovery, as an example, to illustrate the principles of trusted recovery in defensive information warfare. Traditional database recovery mechanisms do not address trusted recovery, except for complete rollbacks, which undo the work of benign transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. Database trusted recovery faces a set of unique challenges. In particular, trusted database recovery is complicated mainly by (a) the presence of benign transactions that depend, directly or indirectly on malicious transactions; and (b) the requirement by many mission-critical database applications that trusted recovery should be done on-the-fly without blocking the execution of new user transactions. Trusted Recovery And Defensive Information Warfare proposes a new model and a set of innovative algorithms for database trusted recovery. Both read-write dependency based and semantics based trusted recovery algorithms are proposed. Both static and dynamic database trusted recovery algorithms are proposed. These algorithms can typically save a lot of work by innocent users and can satisfy a variety of attack recovery requirements of real world database applications. Trusted Recovery And Defensive Information Warfare is suitable as a secondary text for a graduate level course in computer science, and as a reference for researchers and practitioners in information security.
Information Hiding: Steganography and Watermarking - Attacks and Countermeasures deals with information hiding. With the proliferation of multimedia on the Internet, information hiding addresses two areas of concern: privacy of information from surveillance (steganography) and protection of intellectual property (digital watermarking). Steganography (literally, covered writing) explores methods to hide the existence of hidden messages. These methods include invisible ink, microdot, digital signature, covert channel, and spread spectrum communication. Digital watermarks represent a commercial application of steganography. Watermarks can be used to track the copyright and ownership of electronic media. In this volume, the authors focus on techniques for hiding information in digital media. They analyze the hiding techniques to uncover their limitations. These limitations are employed to devise attacks against hidden information. The goal of these attacks is to expose the existence of a secret message or render a digital watermark unusable. In assessing these attacks, countermeasures are developed to assist in protecting digital watermarking systems. Understanding the limitations of the current methods will lead us to build more robust methods that can survive various manipulation and attacks. The more information that is placed in the public's reach on the Internet, the more owners of such information need to protect themselves from theft and false representation. Systems to analyze techniques for uncovering hidden information and recover seemingly destroyed information will be useful to law enforcement authorities in computer forensics and digital traffic analysis. Information Hiding: Steganography and Watermarking - Attacks and Countermeasures presents the authors' research contributions in three fundamental areas with respect to image-based steganography and watermarking: analysis of data hiding techniques, attacks against hidden information, and countermeasures to attacks against digital watermarks. Information Hiding: Steganography and Watermarking – Attacks and Countermeasures is suitable for a secondary text in a graduate level course, and as a reference for researchers and practitioners in industry.
Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.
Information security is receiving a great deal of attention as computers increasingly process more and more sensitive information. A multilevel secure database management system (MLS DBMS) is designed to store, retrieve and process information in compliance with certain mandatory security requirements, essential for protecting sensitive information from unauthorized access, modification and abuse. Such systems are characterized by data objects labeled at different security levels and accessed by users cleared to those levels. Unless transaction processing modules for these systems are designed carefully, they can be exploited to leak sensitive information to unauthorized users. In recent years, considerable research has been devoted to the area of multilevel secure transactions that has impacted the design and development of trusted MLS DBMS products. Multilevel Secure Transaction Processing presents the progress and achievements made in this area. The book covers state-of-the-art research in developing secure transaction processing for popular MLS DBMS architectures, such as kernelized, replicated, and distributed architectures, and advanced transaction models such as workflows, long duration and nested models. Further, it explores the technical challenges that require future attention. Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.
This is an introductory text to the science of neurobiology, describing animal nervous systems, what they consist of, how they work, and how they are studied. Unlike many other neurobiology texts, considerable discussion is given to both human and non-human nervous systems. Written in an easy-to-read style, it will be useful for both biology and medical students. It provides the opportunity for self-testing at the end of each chapter, with objectives and questions. A CD-ROM entitled 'The Human Brain' (ISBN 3-540-14666-0) has been produced to accompany this text, and can be purchased either separately or together with the book (ISBN 3-540-63778-8).
This book examines different aspects of network security metrics and their application to enterprise networks. One of the most pertinent issues in securing mission-critical computing networks is the lack of effective security metrics which this book discusses in detail. Since “you cannot improve what you cannot measure”, a network security metric is essential to evaluating the relative effectiveness of potential network security solutions. The authors start by examining the limitations of existing solutions and standards on security metrics, such as CVSS and attack surface, which typically focus on known vulnerabilities in individual software products or systems. The first few chapters of this book describe different approaches to fusing individual metric values obtained from CVSS scores into an overall measure of network security using attack graphs. Since CVSS scores are only available for previously known vulnerabilities, such approaches do not consider the threat of unknown attacks exploiting the so-called zero day vulnerabilities. Therefore, several chapters of this book are dedicated to develop network security metrics especially designed for dealing with zero day attacks where the challenge is that little or no prior knowledge is available about the exploited vulnerabilities, and thus most existing methodologies for designing security metrics are no longer effective. Finally, the authors examine several issues on the application of network security metrics at the enterprise level. Specifically, a chapter presents a suite of security metrics organized along several dimensions for measuring and visualizing different aspects of the enterprise cyber security risk, and the last chapter presents a novel metric for measuring the operational effectiveness of the cyber security operations center (CSOC). Security researchers who work on network security or security analytics related areas seeking new research topics, as well as security practitioners including network administrators and security architects who are looking for state of the art approaches to hardening their networks, will find this book helpful as a reference. Advanced-level students studying computer science and engineering will find this book useful as a secondary text.
This book constitutes the refereed proceedings of the 19th Annual Working Conference on Data and Applications Security held in Storrs, CT, USA, in August 2005. The 24 revised full papers presented together with an invited lecture were thoroughly reviewed and selected from 54 submissions. The papers present theory, technique, applications, and practical experience of data and application security with topics like cryptography, privacy, security planning and administration, secure information integration, secure semantic Web technologies and applications, access control, integrity maintenance, knowledge discovery and privacy, concurrency control, fault-tolerance and recovery methods.
This book addresses the privacy issue of On-Line Analytic Processing (OLAP) systems. OLAP systems usually need to meet two conflicting goals. First, the sensitive data stored in underlying data warehouses must be kept secret. Second, analytical queries about the data must be allowed for decision support purposes. The main challenge is that sensitive data can be inferred from answers to seemingly innocent aggregations of the data. This volume reviews a series of methods that can precisely answer data cube-style OLAP, regarding sensitive data while provably preventing adversaries from inferring data.
Information Hiding: Steganography and Watermarking - Attacks and Countermeasures deals with information hiding. With the proliferation of multimedia on the Internet, information hiding addresses two areas of concern: privacy of information from surveillance (steganography) and protection of intellectual property (digital watermarking). Steganography (literally, covered writing) explores methods to hide the existence of hidden messages. These methods include invisible ink, microdot, digital signature, covert channel, and spread spectrum communication. Digital watermarks represent a commercial application of steganography. Watermarks can be used to track the copyright and ownership of electronic media. In this volume, the authors focus on techniques for hiding information in digital media. They analyze the hiding techniques to uncover their limitations. These limitations are employed to devise attacks against hidden information. The goal of these attacks is to expose the existence of a secret message or render a digital watermark unusable. In assessing these attacks, countermeasures are developed to assist in protecting digital watermarking systems. Understanding the limitations of the current methods will lead us to build more robust methods that can survive various manipulation and attacks. The more information that is placed in the public's reach on the Internet, the more owners of such information need to protect themselves from theft and false representation. Systems to analyze techniques for uncovering hidden information and recover seemingly destroyed information will be useful to law enforcement authorities in computer forensics and digital traffic analysis. Information Hiding: Steganography and Watermarking - Attacks and Countermeasures presents the authors' research contributions in three fundamental areas with respect to image-based steganography and watermarking: analysis of data hiding techniques, attacks against hidden information, and countermeasures to attacks against digital watermarks. Information Hiding: Steganography and Watermarking – Attacks and Countermeasures is suitable for a secondary text in a graduate level course, and as a reference for researchers and practitioners in industry.
This book constitutes the proceedings of the Fourth International Workshop on Mul timedia Information Systems (MIS’98) held in Istanbul, Turkey in September 1998. This workshop builds upon the success of the three previous workshops in this series that were held in Arlington, VA, West Point, NY, and Como, Italy. As in the past, this is a small focused workshop, consisting of participants drawn from a wide variety of disciplines (e. g. theory, algorithms, real time systems, networks, operating sys tems, graphics and visualization, databases, artificial intelligence, etc. ), all of which focus on research on one or more aspects of multimedia systems. The workshop program included 19 technical papers, three invited talks, and one panel. Of the technical papers 13 were accepted as regular papers and 6 as short con tributions. These papers cover a number of areas including: Multimedia storage system design Image storage and retrieval systems Quality of service considerations Networking support for multimedia information systems Distributed virtual environments Multimedia system architecture issues The invited talks were given by three experts well known for their work in this area. Satish K. Tripathi’s (University of California, Riverside) talk was on “Quality of Service Support for Multimedia Data on Internet”, Paul Emmerman (US Army Re search Laboratory) discussed “Visualizing the Digital Battlefield”, and Val Tannen (University of Pennsylvania) presented “Heterogeneous Data Integration with Mobile Information Manager”. The panel discussion, organized by Chahab Nastar of INRIA, France, addressed “Trends in Visual Information Retrieval.
This book provides researchers with a broad perspective of recent developments in the field of database security. It stems from papers presented at the fourth IFIP workshop, which are held to discuss in depth the current state of research and practice in the field. The resulting volume is intended for database specialists, security experts as well as students and educators.
This book constitutes the refereed proceedings of the First International Conference on Information Systems Security, ICISS 2005, held in Calcutta, India in December 2005. The 19 revised papers presented together with 4 invited papers and 5 ongoing project summaries were carefully reviewed and selected from 72 submissions. The papers discuss in depth the current state of the research and practice in information systems security and cover the following topics: authentication and access control, mobile code security, key management and cryptographic protocols, privacy and anonymity, intrusion detection and avoidance, security verification, database and application security and integrity, security in P2P, sensor and ad hoc networks, secure Web services, fault tolerance and recovery methods for security infrastructure, threats, vulnerabilities and risk management, and commercial and industrial security.
The LNCS Journal on Data Semantics is devoted to the presentation of notable work that, in one way or another, addresses research and development on issues related to data semantics. Based on the highly visible publication platform Lecture Notes in Computer Science, this new journal is widely disseminated and available worldwide. The scope of the journal ranges from theories supporting the formal definition of semantic content to innovative domain-specific applications of semantic knowledge. The journal addresses researchers and advanced practitioners working on the semantic web, interoperability, mobile information services, data warehousing, knowledge representation and reasoning, conceptual database modeling, ontologies, and artificial intelligence.
This book constitutes the refereed proceedings of the 20th International Conference on Conceptual Modeling, ER 2001, held in Tokohama, Japan, in November 2001. The 45 revised full papers presented together with three keynote presentations were carefully reviewed and selected from a total of 197 submissions. The papers are organized in topical sections on spatial databases, spatio-temporal databases, XML, information modeling, database design, data integration, data warehouse, UML, conceptual models, systems design, method reengineering and video databases, workflows, web information systems, applications, and software engineering.
This book presents the refereed proceedings of the Second International Eurospace - Ada-Europe Symposium, held in Frankfurt, Germany, in October 1995. The 37 selected revised papers are organized in sections on Ada 95: the future, safety, language, applications, distribution, methods and tools, design methods, life cycle, real-time, and methods. Many significant features of the new Ada 95 version, officially issued in February 1995, are addressed. Besides Ada-specific problems, general software engineering aspects are also presented.
This book examines different aspects of network security metrics and their application to enterprise networks. One of the most pertinent issues in securing mission-critical computing networks is the lack of effective security metrics which this book discusses in detail. Since “you cannot improve what you cannot measure”, a network security metric is essential to evaluating the relative effectiveness of potential network security solutions. The authors start by examining the limitations of existing solutions and standards on security metrics, such as CVSS and attack surface, which typically focus on known vulnerabilities in individual software products or systems. The first few chapters of this book describe different approaches to fusing individual metric values obtained from CVSS scores into an overall measure of network security using attack graphs. Since CVSS scores are only available for previously known vulnerabilities, such approaches do not consider the threat of unknown attacks exploiting the so-called zero day vulnerabilities. Therefore, several chapters of this book are dedicated to develop network security metrics especially designed for dealing with zero day attacks where the challenge is that little or no prior knowledge is available about the exploited vulnerabilities, and thus most existing methodologies for designing security metrics are no longer effective. Finally, the authors examine several issues on the application of network security metrics at the enterprise level. Specifically, a chapter presents a suite of security metrics organized along several dimensions for measuring and visualizing different aspects of the enterprise cyber security risk, and the last chapter presents a novel metric for measuring the operational effectiveness of the cyber security operations center (CSOC). Security researchers who work on network security or security analytics related areas seeking new research topics, as well as security practitioners including network administrators and security architects who are looking for state of the art approaches to hardening their networks, will find this book helpful as a reference. Advanced-level students studying computer science and engineering will find this book useful as a secondary text.
Calendar and time units and specialized units, such as business days and academic years, play a major role in a wide range of information system applications. System support for reasoning about these units, called granularities, is important for the efficient design, use, and implementation of such applications. This book deals with several aspects of temporal information and provides a unifying model for granularities. Practitioners can learn about critical aspects that must be taken into account when designing and implementing databases supporting temporal information.
Information security is receiving a great deal of attention as computers increasingly process more and more sensitive information. A multilevel secure database management system (MLS DBMS) is designed to store, retrieve and process information in compliance with certain mandatory security requirements, essential for protecting sensitive information from unauthorized access, modification and abuse. Such systems are characterized by data objects labeled at different security levels and accessed by users cleared to those levels. Unless transaction processing modules for these systems are designed carefully, they can be exploited to leak sensitive information to unauthorized users. In recent years, considerable research has been devoted to the area of multilevel secure transactions that has impacted the design and development of trusted MLS DBMS products. Multilevel Secure Transaction Processing presents the progress and achievements made in this area. The book covers state-of-the-art research in developing secure transaction processing for popular MLS DBMS architectures, such as kernelized, replicated, and distributed architectures, and advanced transaction models such as workflows, long duration and nested models. Further, it explores the technical challenges that require future attention. Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.
Information Hiding: Steganography and Watermarking - Attacks and Countermeasures deals with information hiding. With the proliferation of multimedia on the Internet, information hiding addresses two areas of concern: privacy of information from surveillance (steganography) and protection of intellectual property (digital watermarking). Steganography (literally, covered writing) explores methods to hide the existence of hidden messages. These methods include invisible ink, microdot, digital signature, covert channel, and spread spectrum communication. Digital watermarks represent a commercial application of steganography. Watermarks can be used to track the copyright and ownership of electronic media. In this volume, the authors focus on techniques for hiding information in digital media. They analyze the hiding techniques to uncover their limitations. These limitations are employed to devise attacks against hidden information. The goal of these attacks is to expose the existence of a secret message or render a digital watermark unusable. In assessing these attacks, countermeasures are developed to assist in protecting digital watermarking systems. Understanding the limitations of the current methods will lead us to build more robust methods that can survive various manipulation and attacks. The more information that is placed in the public's reach on the Internet, the more owners of such information need to protect themselves from theft and false representation. Systems to analyze techniques for uncovering hidden information and recover seemingly destroyed information will be useful to law enforcement authorities in computer forensics and digital traffic analysis. Information Hiding: Steganography and Watermarking - Attacks and Countermeasures presents the authors' research contributions in three fundamental areas with respect to image-based steganography and watermarking: analysis of data hiding techniques, attacks against hidden information, and countermeasures to attacks against digital watermarks. Information Hiding: Steganography and Watermarking – Attacks and Countermeasures is suitable for a secondary text in a graduate level course, and as a reference for researchers and practitioners in industry.
This book constitutes the refereed proceedings of the 19th Annual Working Conference on Data and Applications Security held in Storrs, CT, USA, in August 2005. The 24 revised full papers presented together with an invited lecture were thoroughly reviewed and selected from 54 submissions. The papers present theory, technique, applications, and practical experience of data and application security with topics like cryptography, privacy, security planning and administration, secure information integration, secure semantic Web technologies and applications, access control, integrity maintenance, knowledge discovery and privacy, concurrency control, fault-tolerance and recovery methods.
Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.
Information security concerns the confidentiality, integrity, and availability of information processed by a computer system. With an emphasis on prevention, traditional information security research has focused little on the ability to survive successful attacks, which can seriously impair the integrity and availability of a system. Trusted Recovery And Defensive Information Warfare uses database trusted recovery, as an example, to illustrate the principles of trusted recovery in defensive information warfare. Traditional database recovery mechanisms do not address trusted recovery, except for complete rollbacks, which undo the work of benign transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. Database trusted recovery faces a set of unique challenges. In particular, trusted database recovery is complicated mainly by (a) the presence of benign transactions that depend, directly or indirectly on malicious transactions; and (b) the requirement by many mission-critical database applications that trusted recovery should be done on-the-fly without blocking the execution of new user transactions. Trusted Recovery And Defensive Information Warfare proposes a new model and a set of innovative algorithms for database trusted recovery. Both read-write dependency based and semantics based trusted recovery algorithms are proposed. Both static and dynamic database trusted recovery algorithms are proposed. These algorithms can typically save a lot of work by innocent users and can satisfy a variety of attack recovery requirements of real world database applications. Trusted Recovery And Defensive Information Warfare is suitable as a secondary text for a graduate level course in computer science, and as a reference for researchers and practitioners in information security.
Thank you for visiting our website. Would you like to provide feedback on how we could improve your experience?
This site does not use any third party cookies with one exception — it uses cookies from Google to deliver its services and to analyze traffic.Learn More.