- Table View
- List View
Secure Multi-Party Computation Against Passive Adversaries (Synthesis Lectures on Distributed Computing Theory)
by Arpita Patra Ashish ChoudhuryThis book focuses on multi-party computation (MPC) protocols in the passive corruption model (also known as the semi-honest or honest-but-curious model). The authors present seminal possibility and feasibility results in this model and includes formal security proofs. Even though the passive corruption model may seem very weak, achieving security against such a benign form of adversary turns out to be non-trivial and demands sophisticated and highly advanced techniques. MPC is a fundamental concept, both in cryptography as well as distributed computing. On a very high level, an MPC protocol allows a set of mutually-distrusting parties with their private inputs to jointly and securely perform any computation on their inputs. Examples of such computation include, but not limited to, privacy-preserving data mining; secure e-auction; private set-intersection; and privacy-preserving machine learning. MPC protocols emulate the role of an imaginary, centralized trusted third party (TTP) that collects the inputs of the parties, performs the desired computation, and publishes the result. Due to its powerful abstraction, the MPC problem has been widely studied over the last four decades.
Secure Multiparty Computation and Secret Sharing
by Ronald Cramer Ivan Bjerre Damgård Jesper Buus NielsenIn a data-driven society, individuals and companies encounter numerous situations where private information is an important resource. How can parties handle confidential data if they do not trust everyone involved? This text is the first to present a comprehensive treatment of unconditionally secure techniques for multiparty computation (MPC) and secret sharing. In a secure MPC, each party possesses some private data, while secret sharing provides a way for one party to spread information on a secret such that all parties together hold full information, yet no single party has all the information. The authors present basic feasibility results from the last 30 years, generalizations to arbitrary access structures using linear secret sharing, some recent techniques for efficiency improvements, and a general treatment of the theory of secret sharing, focusing on asymptotic results with interesting applications related to MPC.
Secure Networked Inference with Unreliable Data Sources
by Aditya Vempaty Bhavya Kailkhura Pramod K. VarshneyThe book presents theory and algorithms for secure networked inference in the presence of Byzantines. It derives fundamental limits of networked inference in the presence of Byzantine data and designs robust strategies to ensure reliable performance for several practical network architectures. In particular, it addresses inference (or learning) processes such as detection, estimation or classification, and parallel, hierarchical, and fully decentralized (peer-to-peer) system architectures. Furthermore, it discusses a number of new directions and heuristics to tackle the problem of design complexity in these practical network architectures for inference.
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
by Matt Messier John ViegaPassword sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult.Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:How to avoid common programming errors, such as buffer overflows, race conditions, and format string problemsHow to properly SSL-enable applicationsHow to create secure channels for client-server communication without SSLHow to integrate Public Key Infrastructure (PKI) into applicationsBest practices for using cryptography properlyTechniques and strategies for properly validating input to programsHow to launch programs securelyHow to use file access mechanisms properlyTechniques for protecting applications from reverse engineeringThe book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers.Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.
Secure Quantum Network Coding Theory
by Tao Shang Jianwei LiuThis is the first book on secure quantum network coding, which integrates quantum cryptography into quantum communication. It summarizes the main research findings on quantum network coding, while also systematically introducing readers to secure quantum network coding schemes. With regard to coding methods, coding models and coding security, the book subsequently provides a series of quantum network coding schemes based on the integration of quantum cryptography into quantum communication. Furthermore, it describes the general security analysis method for quantum cryptographic protocols. Accordingly, the book equips readers with effective tools for researching and applying quantum network coding.
Secure RESTful APIs: Simple Solutions for Beginners (Apress Pocket Guides)
by Massimo NardoneSecure your RESTful APIs with confidence and efficiency. This straightforward guide outlines the essential strategies and best practices for protecting sensitive data when developing RESTful APIs for your applications. Inside, you’ll explore the fundamental functionalities to implement industry-standard authentication authorization mechanisms for Java applications. With chapters covering key security concerns, data protection, and designing and testing secure APIs, this book provides a hands-on approach to protecting user data, validating inputs, and implementing security mechanisms such as JSON Web Tokens (JWT) and OAuth2 authentication. This book offers a focused introduction without unnecessary complexity. Whether you are a beginner or busy professional, this is the only book designed to help you secure your RESTful APIs in no time. What You Will Learn Understand the fundamentals of RESTful APIs and why it is critical to secure them Identify common security risks concerning RESTful APIs and explore effective protection techniques Know how to design and test RESTful APIs, including with input and response data validation Review examples of how to secure JSON Web Token (JWT) and OAuth3 with RestFUL APIs Who This Book is For Web developer beginners who want to learn how to develop Security RESTful APIs applications
Secure Searchable Encryption and Data Management
by Brij B. Gupta MamtaWith the advent of the IT revolution, the volume of data produced has increased exponentially and is still showing an upward trend. This data may be abundant and enormous, but it’s a precious resource and should be managed properly. Cloud technology plays an important role in data management. Storing data in the cloud rather than on local storage has many benefits, but apart from these benefits, there are privacy concerns in storing sensitive data over third-party servers. These concerns can be addressed by storing data in an encrypted form; however, while encryption solves the problem of privacy, it engenders other serious issues, including the infeasibility of the fundamental search operation and a reduction in flexibility when sharing data with other users, amongst others. The concept of searchable encryption addresses these issues. This book provides every necessary detail required to develop a secure, searchable encryption scheme using both symmetric and asymmetric cryptographic primitives along with the appropriate security models to ensure the minimum security requirements for real-world applications.
Secure Semantic Service-Oriented Systems
by Bhavani ThuraisinghamAs the demand for data and information management continues to grow, so does the need to maintain and improve the security of databases, applications, and information systems. In order to effectively protect this data against evolving threats, an up-to-date understanding of the mechanisms for securing semantic Web technologies is essential. Reviewi
Secure Smart Embedded Devices, Platforms and Applications
by Konstantinos Markantonakis Keith MayesNew generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and considerations, while focusing strongly on technical and practical security issues. The benefits and pitfalls of developing and deploying applications that rely on embedded systems and their security functionality are presented. A sufficient level of technical detail to support embedded systems is provided throughout the text, although the book is quite readable for those seeking awareness through an initial overview of the topics. This edited volume benefits from the contributions of industry and academic experts and helps provide a cross-discipline overview of the security and practical issues for embedded systems, tokens, and platforms. It is an ideal complement to the earlier work, Smart Cards Tokens, Security and Applications from the same editors.
Secure Software Systems
by Erik Fretheim Marie DescheneSecure Software Systems presents an approach to secure software systems design and development that tightly integrates security and systems design and development (or software engineering) together. It addresses the software development process from the perspective of a security practitioner. The text focuses on the processes, concepts, and concerns of ensuring that secure practices are followed throughout the secure software systems development life cycle, including the practice of following the life cycle rather than just doing ad hoc development.
Secure System Design and Trustable Computing
by Miodrag Potkonjak Chip-Hong ChangThis book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade. Coverage includes issues related to security and trust in a variety of electronic devices and systems related to the security of hardware, firmware and software, spanning system applications, online transactions and networking services. This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of and trust in, modern society's microelectronic-supported infrastructures.
Secure Voice Processing Systems against Malicious Voice Attacks (SpringerBriefs in Computer Science)
by Shu Wang Kun SunThis book provides readers with the basic understanding regarding the threats to the voice processing systems, the state-of-the-art defense methods as well as the current research results on securing voice processing systems.It also introduces three mechanisms to secure the voice processing systems against malicious voice attacks under different scenarios, by utilizing time-domain signal waves, frequency-domain spectrum features, and acoustic physical attributes.First, the authors uncover the modulated replay attack, which uses an inverse filter to compensate for the spectrum distortion caused by the replay attacks to bypass the existing spectrum-based defenses. The authors also provide an effective defense method that utilizes both the time-domain artifacts and frequency-domain distortion to detect the modulated replay attacks. Second, the book introduces a secure automatic speech recognition system for driverless car to defeat adversarial voice command attacks launched from car loudspeakers, smartphones, and passengers. Third, it provides an acoustic compensation system design to reduce the effects from the spectrum reduction attacks, by the audio spectrum compensation and acoustic propagation principle. Finally, the authors conclude with their research effort on defeating the malicious voice attacks and provide insights into more secure voice processing systems.This book is intended for security researchers, computer scientists, and electrical engineers who are interested in the research areas of biometrics, speech signal processing, IoT security, and audio security. Advanced-level students who are studying these topics will benefit from this book as well.
Secure Web Application Development: A Hands-On Guide with Python and Django
by Matthew BakerCyberattacks are becoming more commonplace and the Open Web Application Security Project (OWASP), estimates 94% of sites have flaws in their access control alone. Attacks evolve to work around new defenses, and defenses must evolve to remain effective. Developers need to understand the fundamentals of attacks and defenses in order to comprehend new techniques as they become available. This book teaches you how to write secure web applications.The focus is highlighting how hackers attack applications along with a broad arsenal of defenses. This will enable you to pick appropriate techniques to close vulnerabilities while still providing users with their needed functionality.Topics covered include:A framework for deciding what needs to be protected and how stronglyConfiguring services such as databases and web serversSafe use of HTTP methods such as GET, POST, etc, cookies and use of HTTPSSafe REST APIsServer-side attacks and defenses such as injection and cross-site scriptingClient-side attacks and defenses such as cross-site request forgerySecurity techniques such as CORS, CSPPassword management, authentication and authorization, including OAuth2Best practices for dangerous operations such as password change and resetUse of third-party components and supply chain security (Git, CI/CD etc)What You'll LearnReview the defenses that can used to prevent attacksModel risks to better understand what to defend and howChoose appropriate techniques to defend against attacksImplement defenses in Python/Django applicationsWho This Book Is ForDevelopers who already know how to build web applications but need to know more about securityNon-professional software engineers, such as scientists, who must develop web tools and want to make their algorithms available to a wider audience.Engineers and managers who are responsible for their product/company technical security policy
Secure Wireless Sensor Networks
by Mauro ContiThis book explores five fundamental mechanisms to build secure Wireless Sensor Networks (WSNs). It presents security issues related to a single node which deals with the authentication and communication confidentiality with other nodes. It also focuses on network security, providing solutions for the node capture attack and the clone attack. It examines a number of areas and problems to which WSNs are applied continuously, including: supporting rescue operations, building surveillance, fire prevention, battlefield monitoring and more. However, known and unknown threats still affect WSNs and in many applications of this new technology the security of the network is a fundamental issue for confidentiality, integrity, authenticity and availability. The last section of the book addresses security for a common WSN service. Case studies are provided throughout. Secure Wireless Sensor Networks: Threats and Solutions targets advanced-level students and researchers in computer science and electrical engineering as a secondary text book. Professionals working in the wireless sensor networks field will also find this book useful as a reference.
Secure Your Node.js Web Application: Keep Attackers Out and Users Happy
by Karl DuunaCyber-criminals have your web applications in their crosshairs. They search for and exploit common security mistakes in your web application to steal user data. Learn how you can secure your Node.js applications, database and web server to avoid these security holes. Discover the primary attack vectors against web applications, and implement security best practices and effective countermeasures. Coding securely will make you a stronger web developer and analyst, and you'll protect your users.Bake security into your code from the start. See how to protect your Node.js applications at every point in the software development life cycle, from setting up the application environment to configuring the database and adding new functionality. You'll follow application security best practices and analyze common coding errors in applications as you work through the real-world scenarios in this book.Protect your database calls from database injection attacks and learn how to securely handle user authentication within your application. Configure your servers securely and build in proper access controls to protect both the web application and all the users using the service. Defend your application from denial of service attacks. Understand how malicious actors target coding flaws and lapses in programming logic to break in to web applications to steal information and disrupt operations. Work through examples illustrating security methods in Node.js. Learn defenses to protect user data flowing in and out of the application.By the end of the book, you'll understand the world of web application security, how to avoid building web applications that attackers consider an easy target, and how to increase your value as a programmer.What You Need:In this book we will be using mainly Node.js. The book covers the basics of JavaScript and Node.js. Since most Web applications have some kind of a database backend, examples in this book work with some of the more popular databases, including MySQL, MongoDB, and Redis.
Secure and Privacy-Preserving Data Communication in Internet of Things
by Liehuang Zhu Zijian Zhang Chang XuThis book mainly concentrates on protecting data security and privacy when participants communicate with each other in the Internet of Things (IoT). Technically, this book categorizes and introduces a collection of secure and privacy-preserving data communication schemes/protocols in three traditional scenarios of IoT: wireless sensor networks, smart grid and vehicular ad-hoc networks recently. This book presents three advantages which will appeal to readers. Firstly, it broadens reader's horizon in IoT by touching on three interesting and complementary topics: data aggregation, privacy protection, and key agreement and management. Secondly, various cryptographic schemes/protocols used to protect data confidentiality and integrity is presented. Finally, this book will illustrate how to design practical systems to implement the algorithms in the context of IoT communication. In summary, readers can simply learn and directly apply the new technologies to communicate data in IoT after reading this book.
Secure and Resilient Digital Transformation of Healthcare: First Workshop, SUNRISE 2023, Stavanger, Norway, November 30, 2023, Proceedings (Communications in Computer and Information Science #1884)
by Sokratis Katsikas Habtamu Abie Sandeep Pirbhulal Vasileios GkioulosThis CCIS post conference volume constitutes the proceedings of First Workshop, SUNRISE 2023, in Stavanger, Norway, in November 2023. The 4 full papers together in this volume were carefully reviewed and selected from 9 submissions. The workshop offers a wide range of techniques addressing cybersecurity skills, access control, privacy risks, and resilience in healthcare systems.
Secure and Resilient Digital Transformation of Healthcare: Second International Workshop, SUNRISE 2024, Bergen, Norway, November 25, 2024, Proceedings (Communications in Computer and Information Science #2404)
by Sokratis Katsikas Habtamu Abie Sandeep Pirbhulal Vasileios GkioulosThis CCIS post conference volume constitutes the proceedings of the Second International Workshop on Secure and Resilient Digital Transformation of Healthcare, SUNRISE 2024, in Bergen, Norway, during November 25, 2024. The 6 full papers presented in this volume were carefully reviewed and selected from 9 submissions. They are grouped into the following topics: Resilience and Dynamic Risk Assessment in Healthcare; Cybersecurity Adaptive and Continuous Authentication in Healthcare; Invited Paper from Keynotes.
Secure and Resilient Software Development
by Mark S. Merkow Lakshmikanth RaghavanAlthough many software books highlight open problems in secure software development, few provide easily actionable, ground-level solutions. Breaking the mold, Secure and Resilient Software Development teaches you how to apply best practices and standards for consistent and secure software development. It details specific quality software developmen
Secure and Resilient Software: Requirements, Test Cases, and Testing Methods
by Mark S. Merkow Lakshmikanth RaghavanSecure and Resilient Software: Requirements, Test Cases, and Testing Methods provides a comprehensive set of requirements for secure and resilient software development and operation. It supplies documented test cases for those requirements as well as best practices for testing nonfunctional requirements for improved information assurance. This resource-rich book includes: Pre-developed nonfunctional requirements that can be reused for any software development project Documented test cases that go along with the requirements and can be used to develop a Test Plan for the software Testing methods that can be applied to the test cases provided Downloadable resources with all security requirements and test cases as well as MS Word versions of the checklists, requirements, and test cases covered in the book Offering ground-level, already-developed software nonfunctional requirements and corresponding test cases and methods, this book will help to ensure that your software meets its nonfunctional requirements for security and resilience. The accompanying downloadable resources filled with helpful checklists and reusable documentation provides you with the tools needed to integrate security into the requirements analysis, design, and testing phases of your software development lifecycle.Some Praise for the Book:This book pulls together the state of the art in thinking about this important issue in a holistic way with several examples. It takes you through the entire lifecycle from conception to implementation ... .—Doug Cavit, Chief Security Strategist, Microsoft Corporation...provides the reader with the tools necessary to jump-start and mature security within the software development lifecycle (SDLC). —Jeff Weekes, Sr. Security Architect at Terra Verde Services
Secure and Smart Cyber-Physical Systems
by Danda B. Rawat Uttam Ghosh Fortune MhlangaCybersecurity is a paramount concern in both Internet of Things (IoT) and Cyber-Physical Systems (CPSs) due to the interconnected and often critical nature of these systems. The integration of AI/ML into the realm of IoT and CPS security has gained significant attention and momentum in recent years. The success of AI/ML in various domains has sparked interest in leveraging these technologies to enhance the security, resilience, and adaptability of IoT and CPS. Secure and Smart Cyber-Physical Systems provides an extensive exploration of AI/ML-based security applications in the context of IoT and CPS.Features• Presents cutting-edge topics and research in IoT and CPS.• Includes contributions from leading worldwide researchers.• Focuses on CPS architectures for secure and smart environments.• Explores AI/ML and blockchain approaches for providing security and privacy to CPS including smart grids, smart cities, and smart healthcare.• Provides comprehensive guidance into the intricate world of software development for medical devices.• Covers a blueprint for the emergence of 6G communications technology in Industry 5.0 and federated-learning-based secure financial services.This book covers state-of-the-art problems, existing solutions, and potential research directions for CPS researchers, scholars, and professionals in both industry and academia.
Secure and Trusted Cyber Physical Systems: Recent Approaches and Future Directions (Smart Sensors, Measurement and Instrumentation #43)
by Ernest Foo Shantanu Pal Zahra JadidiThis book highlights the latest design and development of security issues and various defences to construct safe, secure and trusted Cyber-Physical Systems (CPS). In addition, the book presents a detailed analysis of the recent approaches to security solutions and future research directions for large-scale CPS, including its various challenges and significant security requirements. Furthermore, the book provides practical guidance on delivering robust, privacy, and trust-aware CPS at scale. Finally, the book presents a holistic insight into IoT technologies, particularly its latest development in strategic applications in mission-critical systems, including large-scale Industrial IoT, Industry 4.0, and Industrial Control Systems. As such, the book offers an essential reference guide about the latest design and development in CPS for students, engineers, designers, and professional developers.
Secure and Trustworthy Cyberphysical Microfluidic Biochips: A practical guide to cutting-edge design techniques for implementing secure and trustworthy cyberphysical microfluidic biochips
by Krishnendu Chakrabarty Jack Tang Mohamed Ibrahim Ramesh KarriThis book describes novel hardware security and microfluidic biochip design methodologies to protect against tampering attacks in cyberphysical microfluidic biochips (CPMBs). It also provides a general overview of this nascent area of research, which will prove to be a vital resource for practitioners in the field.This book shows how hardware-based countermeasures and design innovations can be a simple and effective last line of defense, demonstrating that it is no longer justifiable to ignore security and trust in the design phase of biochips.
Secure and Trustworthy Transportation Cyber-Physical Systems
by Houbing Song Yunchuan SunThis book comprehensively reviews the cyber security and privacy issues in transportation cyber-physical systems (TCPSs). It examines theories and various state-of-the-art technologies and methodologies. Starting with a survey of the latest solutions in TCPSs, it introduces a smart-transport-system architecture design based on cyber-physical systems. It then discusses in detail the principles and metrics of evaluating safety and privacy in TCPSs and elaborates the verification and analysis of secure, robust and trustworthy TCPSs. Moreover, it demonstrates the advanced and novel tools commonly used in practice by several researchers. Lastly it provides an exhaustive case study on the authentication and attestation in TCPSs. This book is of interest not only to readers in the field of TCPSs, but also to those in interdisciplinary fields, such as energy, healthcare, bio-engineering etc.
Secure by Design
by Daniel Sawano Dan Bergh Johnsson Daniel DeogunAs a developer, you need to build software in a secure way. But you can't spend all your time focusing on security. The answer is to use good design principles, tools, and mindsets that make security an implicit result - it's secure by design. Secure by Design teaches developers how to use design to drive security in software development. This book is full of patterns, best practices, and mindsets that you can directly apply to your real world development. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.