Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

The inaugural Information Security Practice and Experience Conference (ISPEC) was held on April 11–14, 2005, in Singapore. As applications of information security technologies become pervasive, - sues pertaining to their deployment and operation are becoming increasingly important. ISPEC is intended to be an annual conference that brings together researchers and practitioners to provide a con?uence of new information se- rity technologies, their applications and their integration with IT systems in various vertical sectors. The Program Committee consisted of leading experts in the areas of information security, information systems, and domain experts in applications of IT in vertical business segments. The topics of the conference covered security applications and case studies, access control, network security, data security, secure architectures, and cryp- graphic techniques. Emphasis was placed on the application of security research to meet practical user requirements, both in the paper selection process and in the invited speeches. Acceptance into the conference proceedings was very competitive. The Call for Papers attracted more than 120 submissions, out of which the Program Committee selected only 35 papers for inclusion in the proceedings. Thisconferencewasmadepossibleonlythroughthecontributionsfrommany individuals and organizations. We would like to thank all the authors who s- mitted papers. We also gratefully acknowledge the members of the Program Committee and the external reviewers, for the time and e?ort they put into reviewing the submissions. Special thanks are due to Ying Qiu for managing the website for paper s- mission,reviewandnoti?cation.PatriciaLohwaskindenoughtoarrangeforthe conference venue, and took care of the administration in running the conference.

Data encryption (Computer science). --- Computer communication systems. --- Operating systems (Computers). --- Computers and civilization. --- Management information systems. --- Computer science. --- Information storage and retrieval. --- Cryptology. --- Computer Communication Networks. --- Operating Systems. --- Computers and Society. --- Management of Computing and Information Systems. --- Information Storage and Retrieval. --- Computer security --- Computer networks --- Data protection --- Security measures

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Electronic funds transfers. --- EFT (Electronic funds transfers) --- Electronic banking --- Electronic check clearing --- Electronic money systems --- Electronic payments systems --- Electronic transfer of funds --- Funds, Electronic transfers of --- Telebanking --- Transfers of funds, Electronic --- Electronic data interchange --- Electronic benefits transfers --- Home banking services

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a secure and practical LRP system, named Cover Pad, for password entry on touch-screen mobile devices. Cover Pad leverages a temporary secure channel between a user and a touch screen which can be easily realized by placing a hand shielding gesture on the touch screen. The temporary secure channel is used to deliver a hidden message to the user for transforming each password symbol before entering it on the touch screen. A user study shows the impact of these testing conditions on the users' performance in practice. Finally, this book introduces a new LRP system named ShadowKey. Shadow Key is designed to achieve better usability for leakage resilient password entry. It leverages either a permanent secure channel, which naturally exists between a user and the display unit of certain mobile devices, or a temporary secure channel, which can be easily realized between a user and a touch screen with a hand-shielding gesture. The secure channel protects the mappings between original password symbols and associated random symbols. Unlike previous LRP system users, Shadow Key users do not need to remember anything except their passwords. Leakage Resilient Password Systems is designed for professionals working in the security industry. Advanced-level students studying computer science and electrical engineering will find this brief full of useful material.

Computer Science. --- Systems and Data Security. --- Information Systems and Communication Service. --- Communications Engineering, Networks. --- Data Encryption. --- Computer science. --- Data protection. --- Data encryption (Computer science). --- Information systems. --- Telecommunication. --- Informatique --- Protection de l'information (Informatique) --- Chiffrement (Informatique) --- Télécommunications --- Data encryption (Computer scienc. --- Engineering & Applied Sciences --- Computer Science --- Information storage and retrieval systems --- Systèmes d'information --- Computer security. --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Security of computer systems --- Security measures --- Protection of computer systems --- Protection --- Computers. --- Electrical engineering. --- Data protection --- Security systems --- Hacking --- Electric engineering --- Engineering --- Automatic computers --- Automatic data processors --- Computer hardware --- Computing machines (Computers) --- Electronic brains --- Electronic calculating-machines --- Electronic computers --- Hardware, Computer --- Cybernetics --- Machine theory --- Calculators --- Cyberspace --- Data encoding (Computer science) --- Encryption of data (Computer science) --- Computer security --- Cryptography --- Informatics --- Science --- Cryptology. --- Electric communication --- Mass communication --- Telecom --- Telecommunication industry --- Telecommunications --- Communication --- Information theory --- Telecommuting

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book constitutes the proceedings of the 12th International Conference on Information Security and Practice and Experience, ISPEC 2016, held in Zhangjiajie, China, in November 2016. The 25 papers presented in this volume were carefully reviewed and selected from 75 submissions. They cover multiple topics in information security, from technologies to systems and applications.

Computer science. --- Computer security. --- Data encryption (Computer science). --- Management information systems. --- Computer Science. --- Systems and Data Security. --- Data Encryption. --- Management of Computing and Information Systems. --- Computer-based information systems --- EIS (Information systems) --- Executive information systems --- MIS (Information systems) --- Data encoding (Computer science) --- Encryption of data (Computer science) --- Informatics --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Security of computer systems --- Security measures --- Protection of computer systems --- Protection --- Sociotechnical systems --- Information resources management --- Management --- Computer security --- Cryptography --- Science --- Data protection --- Security systems --- Hacking --- Communication systems --- Information Systems. --- Cryptology.

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book constitutes the refereed proceedings of the 17th International Conference on Applied Cryptography and Network Security, ACNS 2019, held in Bogota, Colombia in June 2019. The 29 revised full papers presented were carefully reviewed and selected from 111 submissions. The papers were organized in topical sections named: integrity and cryptanalysis; digital signature and MAC; software and systems security; blockchain and cryptocurrency; post quantum cryptography; public key and commitment; theory of cryptographic implementations; and privacy preserving techniques.

Computer security. --- Computer network architectures. --- Computer science. --- Data structures (Computer scienc. --- Information systems. --- Software engineering. --- Systems and Data Security. --- Computer Systems Organization and Communication Networks. --- Computing Milieux. --- Data Structures and Information Theory. --- Information Systems and Communication Service. --- Software Engineering/Programming and Operating Systems. --- Data structures (Computer science) --- Computer software engineering --- Engineering --- Informatics --- Science --- Architectures, Computer network --- Network architectures, Computer --- Computer architecture --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Protection of computer systems --- Security of computer systems --- Data protection --- Security systems --- Hacking --- Protection --- Security measures --- Information structures (Computer science) --- Structures, Data (Computer science) --- Structures, Information (Computer science) --- Electronic data processing --- File organization (Computer science) --- Abstract data types (Computer science) --- Data encryption (Computer science) --- Computer organization. --- Computers. --- Data structures (Computer science). --- Automatic computers --- Automatic data processors --- Computer hardware --- Computing machines (Computers) --- Electronic brains --- Electronic calculating-machines --- Electronic computers --- Hardware, Computer --- Cybernetics --- Machine theory --- Calculators --- Cyberspace --- Organization, Computer