Bøger af Edgar Weippl

This volume constitutes the refereed proceedings of two workshops: the International Cross-Domain Conference and Workshop on Availability, Reliability and Security, CD-ARES 2014, and the 4th International Workshop on Security and Cognitive Informatics for Homeland Defense, SeCIHD 2014, co-located with the International Conference on Availability, Reliability and Security, ARES 2014, held in Fribourg, Switzerland, in September 2014. The 23 revised full papers presented were carefully reviewed and selected from numerous submissions. The papers deal with knowledge management, software security, mobile and social computing, enterprise information systems, homeland security and information processing.

This book constitutes the refereed proceedings of the 5th International Conference on Trust and Trustworthy Computing, TRUST 2012, held in Vienna, Austria, in June 2012. The 19 revised full papers presented were carefully reviewed and selected from 48 submissions. The papers are organized in two tracks: a technical track with topics ranging from trusted computing and mobile devices to applied cryptography and physically unclonable functions, and a socio-economic track focusing on the emerging field of usable security.

In our digital world, integrated circuits are present in nearly every moment of our daily life. Even when using the coffee machine in the morning, or driving our car to work, we interact with integrated circuits. The increasing spread of information technology in virtually all areas of life in the industrialized world offers a broad range of attack vectors. So far, mainly software-based attacks have been considered and investigated, while hardware-based attacks have attracted comparatively little interest. The design and production process of integrated circuits is mostly decentralized due to financial and logistical reasons. Therefore, a high level of trust has to be established between the parties involved in the hardware development lifecycle. During the complex production chain, malicious attackers can insert non-specified functionality by exploiting untrusted processes and backdoors. This work deals with the ways in which such hidden, non-specified functionality can be introduced into hardware systems. After briefly outlining the development and production process of hardware systems, we systematically describe a new type of threat, the hardware Trojan. We provide a historical overview of the development of research activities in this field to show the growing interest of international research in this topic. Current work is considered in more detail. We discuss the components that make up a hardware Trojan as well as the parameters that are relevant for an attack. Furthermore, we describe current approaches for detecting, localizing, and avoiding hardware Trojans to combat them effectively. Moreover, this work develops a comprehensive taxonomy of countermeasures and explains in detail how specific problems are solved. In a final step, we provide an overview of related work and offer an outlook on further research in this field.

The new field of cryptographic currencies and consensus ledgers, commonly referred to as blockchains, is receiving increasing interest from various different communities. These communities are very diverse and amongst others include: technical enthusiasts, activist groups, researchers from various disciplines, start ups, large enterprises, public authorities, banks, financial regulators, business men, investors, and also criminals. The scientific community adapted relatively slowly to this emerging and fast-moving field of cryptographic currencies and consensus ledgers. This was one reason that, for quite a while, the only resources available have been the Bitcoin source code, blog and forum posts, mailing lists, and other online publications. Also the original Bitcoin paper which initiated the hype was published online without any prior peer review. Following the original publication spirit of the Bitcoin paper, a lot of innovation in this field has repeatedly come from the community itself in the form of online publications and online conversations instead of established peer-reviewed scientific publishing. On the one side, this spirit of fast free software development, combined with the business aspects of cryptographic currencies, as well as the interests of today's time-to-market focused industry, produced a flood of publications, whitepapers, and prototypes. On the other side, this has led to deficits in systematization and a gap between practice and the theoretical understanding of this new field. This book aims to further close this gap and presents a well-structured overview of this broad field from a technical viewpoint. The archetype for modern cryptographic currencies and consensus ledgers is Bitcoin and its underlying Nakamoto consensus. Therefore we describe the inner workings of this protocol in great detail and discuss its relations to other derived systems.

This volume constitutes the refereed proceedings of two workshops: the Second International Workshop on Modern Cryptography and Security Engineering (MoCrySEn 2013) and the Third International Workshop on Security and Cognitive Informatics for Homeland Defense (SeCIHD 2013) held within the framework of the IFIP 8.4, 8.9, TC 5 International Cross-Domain Conference, CD-ARES 2013, in Regensburg, Germany, in September 2013. The 16 revised papers presented at MoCrySEn 2013 were carefully reviewed and selected from 30 submissions. They deal with symmetric-key cryptography, public-key cryptography, algorithmic cryptanalysis, software and hardware implementation of cryptographic algorithms, database encryption, and interaction between cryptographic theory and implementation issues. The 15 papers presented at SeCIHD 2013 are organized in topical sections on cyber security and dependability, network security and privacy, and multimedia technology for homeland defense.