Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Web services based on the eXtensible Markup Language (XML), the Simple Object Access Protocol (SOAP), and related standards, and deployed in Service-Oriented Architectures (SOA), are the key to Web-based interoperability for applications within and across organizations. It is crucial that the security of services and their interactions with users is ensured if Web services technology is to live up to its promise. However, the very features that make it attractive – such as greater and ubiquitous access to data and other resources, dynamic application configuration and reconfiguration through workflows, and relative autonomy – conflict with conventional security models and mechanisms. Elisa Bertino and her coauthors provide a comprehensive guide to security for Web services and SOA. They cover in detail all recent standards that address Web service security, including XML Encryption, XML Signature, WS-Security, and WS-SecureConversation, as well as recent research on access control for simple and conversation-based Web services, advanced digital identity management techniques, and access control for Web-based workflows. They explain how these implement means for identification, authentication, and authorization with respect to security aspects such as integrity, confidentiality, and availability. This book will serve practitioners as a comprehensive critical reference on Web service standards, with illustrative examples and analyses of critical issues; researchers will use it as a state-of-the-art overview of ongoing research and innovative new directions; and graduate students will use it as a textbook on advanced topics in computer and system security.

Computer networks -- Security measures. --- Computer security. --- Service-oriented architecture (Computer science). --- Web services. --- Computer security --- Web services --- Computer networks --- Service-oriented architecture (Computer science) --- Computer Science --- Telecommunications --- Electrical & Computer Engineering --- Engineering & Applied Sciences --- Security measures --- Application software --- Security measures. --- Computer network security --- Network security, Computer --- Security of computer networks --- Service-oriented network architecture (Computer science) --- SOA (Computer science) --- SONA (Computer science) --- Application computer programs --- Application computer software --- Applications software --- Apps (Computer software) --- Computer science. --- Information technology. --- Business --- Software engineering. --- Computer Science. --- Systems and Data Security. --- Information Systems Applications (incl. Internet). --- IT in Business. --- Software Engineering. --- Data processing. --- Computer network architectures --- Electronic data interchange --- Computer software --- Cloud computing

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques -- such as firewalls and network security tools -- are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter One introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter Two covers authentication and access control techniques, and Chapter Three shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter Four addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter Five. These tools aim at collecting, analyzing, and correlating -- in real-time -- any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter Six goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter Seven, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges -- such as a DBA in database management systems. Finally, in Chapter Eight, the book concludes with a few remarks and additional research directions. Table of Contents: Introduction / Authentication / Access Control / Anomaly Detection / Security Information and Event Management and Auditing / Separation of Duty / Case Study: Oracle Database Vault / Conclusion.

Computer networks. --- Data structures (Computer science). --- Information theory. --- Computer Communication Networks. --- Data Structures and Information Theory.

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This volume presents the proceedings of the International Symposium on Object-Oriented Methodologies and Systems (ISOOMS '94), held in Palermo, Italy in September 1994 in conjunction with the AICA 1994 Italian Computer Conference. The 25 full papers included cover not only technical areas of object-orientation, such as databases, programming languages, and methodological aspects, but also application areas. The book is organized in chapters on object-oriented databases, object-oriented analysis, behavior modeling, object-oriented programming languages, object-oriented information systems, and object-oriented systems development.

Computer science. --- Database management. --- Software engineering. --- Programming Techniques. --- Database Management. --- Software Engineering. --- Programming Languages, Compilers, Interpreters. --- Informatics --- Science --- Computer software engineering --- Engineering --- Data base management --- Data services (Database management) --- Database management services --- DBMS (Computer science) --- Generalized data management systems --- Services, Database management --- Systems, Database management --- Systems, Generalized database management --- Electronic data processing

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Object-oriented databases --- Bases de données à objets

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This title discusses the emerging trends in defining, measuring, and operationalizing reputation as a new and essential component of the knowledge that is generated and consumed online. The book also proposes a future research agenda related to these issues—with the ultimate goal of shaping the next generation of theoretical and analytic strategies needed for understanding how knowledge markets are influenced by social interactions and reputations built around functional roles. Roles, Trust, and Reputation in Social Media Knowledge Markets exposes issues that have not been satisfactorily dealt with in the current literature. In a broader sense, the volume aims to change the way in which knowledge generation in social media spaces is understood and utilized. The tools, theories, and methodologies proposed here offer concrete avenues for developing the next generation of research strategies and applications that will help: tomorrow’s information consumers make smarter choices, developers to create new tools, and researchers to launch new research programs.

Physics. --- Complex Networks. --- Data Mining and Knowledge Discovery. --- Complex Systems. --- Methodology of the Social Sciences. --- Computer Appl. in Social and Behavioral Sciences. --- Data mining. --- Social sciences --- Physique --- Exploration de données (Informatique) --- Sciences sociales --- Data processing. --- Methodology. --- Informatique --- Méthodologie --- Social sciences_xData processing. --- Social sciences_xMethodology. --- Physics --- Physical Sciences & Mathematics --- Physics - General --- Knowledge, Sociology of. --- Social media. --- Knowledge, Theory of (Sociology) --- Sociology of knowledge --- User-generated media --- Application software. --- System theory. --- Social sciences. --- Communication --- User-generated content --- Knowledge, Theory of --- Public opinion --- Sociology --- Social epistemology --- Applications of Graph Theory and Complex Networks. --- Algorithmic knowledge discovery --- Factual data analysis --- KDD (Information retrieval) --- Knowledge discovery in data --- Knowledge discovery in databases --- Mining, Data --- Database searching --- Application computer programs --- Application computer software --- Applications software --- Apps (Computer software) --- Computer software --- Behavioral sciences --- Human sciences --- Sciences, Social --- Social science --- Social studies --- Civilization --- Systems, Theory of --- Systems science --- Science --- Natural philosophy --- Philosophy, Natural --- Physical sciences --- Dynamics --- Philosophy