Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book constitutes the refereed proceedings of the 25th IFIP WG 11.3 International Conference on Data and Applications Security and Privacy, DBSec 2011, held in Richmond, VA, USA, in July 2011. The 14 revised full papers and 9 short papers presented together with 3 invited lectures were carefully reviewed and selected from 37 submissions. The topics of these papers include access control, privacy-preserving data applications, data confidentiality and query verification, query and data privacy, authentication and secret sharing.

Complex analysis --- Computer science --- Computer architecture. Operating systems --- Information systems --- Computer. Automation --- ICT (informatie- en communicatietechnieken) --- DES (data encryption standard) --- complexe analyse (wiskunde) --- informatiesystemen --- computerbeveiliging --- informatica management --- computernetwerken

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a secure and practical LRP system, named Cover Pad, for password entry on touch-screen mobile devices. Cover Pad leverages a temporary secure channel between a user and a touch screen which can be easily realized by placing a hand shielding gesture on the touch screen. The temporary secure channel is used to deliver a hidden message to the user for transforming each password symbol before entering it on the touch screen. A user study shows the impact of these testing conditions on the users' performance in practice. Finally, this book introduces a new LRP system named ShadowKey. Shadow Key is designed to achieve better usability for leakage resilient password entry. It leverages either a permanent secure channel, which naturally exists between a user and the display unit of certain mobile devices, or a temporary secure channel, which can be easily realized between a user and a touch screen with a hand-shielding gesture. The secure channel protects the mappings between original password symbols and associated random symbols. Unlike previous LRP system users, Shadow Key users do not need to remember anything except their passwords. Leakage Resilient Password Systems is designed for professionals working in the security industry. Advanced-level students studying computer science and electrical engineering will find this brief full of useful material.

Computer Science. --- Systems and Data Security. --- Information Systems and Communication Service. --- Communications Engineering, Networks. --- Data Encryption. --- Computer science. --- Data protection. --- Data encryption (Computer science). --- Information systems. --- Telecommunication. --- Informatique --- Protection de l'information (Informatique) --- Chiffrement (Informatique) --- Télécommunications --- Data encryption (Computer scienc. --- Engineering & Applied Sciences --- Computer Science --- Information storage and retrieval systems --- Systèmes d'information --- Computer security. --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Security of computer systems --- Security measures --- Protection of computer systems --- Protection --- Computers. --- Electrical engineering. --- Data protection --- Security systems --- Hacking --- Electric engineering --- Engineering --- Automatic computers --- Automatic data processors --- Computer hardware --- Computing machines (Computers) --- Electronic brains --- Electronic calculating-machines --- Electronic computers --- Hardware, Computer --- Cybernetics --- Machine theory --- Calculators --- Cyberspace --- Data encoding (Computer science) --- Encryption of data (Computer science) --- Computer security --- Cryptography --- Informatics --- Science --- Cryptology. --- Electric communication --- Mass communication --- Telecom --- Telecommunication industry --- Telecommunications --- Communication --- Information theory --- Telecommuting

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a secure and practical LRP system, named Cover Pad, for password entry on touch-screen mobile devices. Cover Pad leverages a temporary secure channel between a user and a touch screen which can be easily realized by placing a hand shielding gesture on the touch screen. The temporary secure channel is used to deliver a hidden message to the user for transforming each password symbol before entering it on the touch screen. A user study shows the impact of these testing conditions on the users' performance in practice. Finally, this book introduces a new LRP system named ShadowKey. Shadow Key is designed to achieve better usability for leakage resilient password entry. It leverages either a permanent secure channel, which naturally exists between a user and the display unit of certain mobile devices, or a temporary secure channel, which can be easily realized between a user and a touch screen with a hand-shielding gesture. The secure channel protects the mappings between original password symbols and associated random symbols. Unlike previous LRP system users, Shadow Key users do not need to remember anything except their passwords. Leakage Resilient Password Systems is designed for professionals working in the security industry. Advanced-level students studying computer science and electrical engineering will find this brief full of useful material.

Electrical engineering --- Applied physical engineering --- Mass communications --- Programming --- Computer architecture. Operating systems --- Information systems --- Computer. Automation --- ICT (informatie- en communicatietechnieken) --- cryptografie --- computers --- informatica --- informatiesystemen --- computerbeveiliging --- elektrotechniek --- communicatietechnologie

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This two-volume set LNICST 254-255 constitutes the post-conference proceedings of the 14thInternational Conference on Security and Privacy in Communication Networks, SecureComm 2018, held in Singapore in August 2018. The 33 full and 18 short papers were carefully reviewed and selected from 108 submissions. The papers are organized in topical sections on IoT security, user and data privacy, mobile security, wireless security, software security, cloud security, social network and enterprise security, network security, applied cryptography, and web security.

Computer security. --- Computer network architectures. --- Computer science. --- Data structures (Computer scienc. --- Systems and Data Security. --- Computer Systems Organization and Communication Networks. --- Computing Milieux. --- Data Structures and Information Theory. --- Informatics --- Science --- Architectures, Computer network --- Network architectures, Computer --- Computer architecture --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Protection of computer systems --- Security of computer systems --- Data protection --- Security systems --- Hacking --- Protection --- Security measures --- Computer networks --- Computer organization. --- Computers. --- Data structures (Computer science). --- Information structures (Computer science) --- Structures, Data (Computer science) --- Structures, Information (Computer science) --- Electronic data processing --- File organization (Computer science) --- Abstract data types (Computer science) --- Automatic computers --- Automatic data processors --- Computer hardware --- Computing machines (Computers) --- Electronic brains --- Electronic calculating-machines --- Electronic computers --- Hardware, Computer --- Cybernetics --- Machine theory --- Calculators --- Cyberspace --- Organization, Computer

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This two-volume set LNICST 254-255 constitutes the post-conference proceedings of the 14thInternational Conference on Security and Privacy in Communication Networks, SecureComm 2018, held in Singapore in August 2018. The 33 full and 18 short papers were carefully reviewed and selected from 108 submissions. The papers are organized in topical sections on IoT security, user and data privacy, mobile security, wireless security, software security, cloud security, social network and enterprise security, network security, applied cryptography, and web security.

Computer science --- Computer architecture. Operating systems --- Information systems --- Computer. Automation --- draadloze computernetwerken --- cloud computing --- IoT (Internet of Things) --- mobiele netwerken --- computers --- informatica --- computerbesturingssystemen --- informatietechnologie --- computerbeveiliging --- OS (operating system) --- computernetwerken --- computerkunde