Bøger af Sushil Jajodia

Information security concerns the confidentiality, integrity, and availability of information processed by a computer system. With an emphasis on prevention, traditional information security research has focused little on the ability to survive successful attacks, which can seriously impair the integrity and availability of a system. Trusted Recovery And Defensive Information Warfare uses database trusted recovery, as an example, to illustrate the principles of trusted recovery in defensive information warfare. Traditional database recovery mechanisms do not address trusted recovery, except for complete rollbacks, which undo the work of benign transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. Database trusted recovery faces a set of unique challenges. In particular, trusted database recovery is complicated mainly by (a) the presence of benign transactions that depend, directly or indirectly on malicious transactions; and (b) the requirement by many mission-critical database applications that trusted recovery should be done on-the-fly without blocking the execution of new user transactions. Trusted Recovery And Defensive Information Warfare proposes a new model and a set of innovative algorithms for database trusted recovery. Both read-write dependency based and semantics based trusted recovery algorithms are proposed. Both static and dynamic database trusted recovery algorithms are proposed. These algorithms can typically save a lot of work by innocent users and can satisfy a variety of attack recovery requirements of real world database applications. Trusted Recovery And Defensive Information Warfare is suitable as a secondary text for a graduate level course in computer science, and as a reference for researchers and practitioners in information security.

Information security is receiving a great deal of attention as computers increasingly process more and more sensitive information. A multilevel secure database management system (MLS DBMS) is designed to store, retrieve and process information in compliance with certain mandatory security requirements, essential for protecting sensitive information from unauthorized access, modification and abuse. Such systems are characterized by data objects labeled at different security levels and accessed by users cleared to those levels. Unless transaction processing modules for these systems are designed carefully, they can be exploited to leak sensitive information to unauthorized users. In recent years, considerable research has been devoted to the area of multilevel secure transactions that has impacted the design and development of trusted MLS DBMS products. Multilevel Secure Transaction Processing presents the progress and achievements made in this area. The book covers state-of-the-art research in developing secure transaction processing for popular MLS DBMS architectures, such as kernelized, replicated, and distributed architectures, and advanced transaction models such as workflows, long duration and nested models. Further, it explores the technical challenges that require future attention. Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.

This book constitutes the proceedings of the Fourth International Workshop on Mul timedia Information Systems (MIS'98) held in Istanbul, Turkey in September 1998. This workshop builds upon the success of the three previous workshops in this series that were held in Arlington, VA, West Point, NY, and Como, Italy. As in the past, this is a small focused workshop, consisting of participants drawn from a wide variety of disciplines (e. g. theory, algorithms, real time systems, networks, operating sys tems, graphics and visualization, databases, artificial intelligence, etc. ), all of which focus on research on one or more aspects of multimedia systems. The workshop program included 19 technical papers, three invited talks, and one panel. Of the technical papers 13 were accepted as regular papers and 6 as short con tributions. These papers cover a number of areas including: Multimedia storage system design Image storage and retrieval systems Quality of service considerations Networking support for multimedia information systems Distributed virtual environments Multimedia system architecture issues The invited talks were given by three experts well known for their work in this area. Satish K. Tripathi's (University of California, Riverside) talk was on "e;Quality of Service Support for Multimedia Data on Internet"e;, Paul Emmerman (US Army Re search Laboratory) discussed "e;Visualizing the Digital Battlefield"e;, and Val Tannen (University of Pennsylvania) presented "e;Heterogeneous Data Integration with Mobile Information Manager"e;. The panel discussion, organized by Chahab Nastar of INRIA, France, addressed "e;Trends in Visual Information Retrieval.

The LNCS Journal on Data Semantics is devoted to the presentation of notable work that, in one way or another, addresses research and development on issues related to data semantics. Based on the highly visible publication platform Lecture Notes in Computer Science, this new journal is widely disseminated and available worldwide. The scope of the journal ranges from theories supporting the formal definition of semantic content to innovative domain-specific applications of semantic knowledge. The journal addresses researchers and advanced practitioners working on the semantic web, interoperability, mobile information services, data warehousing, knowledge representation and reasoning, conceptual database modeling, ontologies, and artificial intelligence.

Information Hiding: Steganography and Watermarking - Attacks and Countermeasures deals with information hiding. With the proliferation of multimedia on the Internet, information hiding addresses two areas of concern: privacy of information from surveillance (steganography) and protection of intellectual property (digital watermarking). Steganography (literally, covered writing) explores methods to hide the existence of hidden messages. These methods include invisible ink, microdot, digital signature, covert channel, and spread spectrum communication. Digital watermarks represent a commercial application of steganography. Watermarks can be used to track the copyright and ownership of electronic media. In this volume, the authors focus on techniques for hiding information in digital media. They analyze the hiding techniques to uncover their limitations. These limitations are employed to devise attacks against hidden information. The goal of these attacks is to expose the existence of a secret message or render a digital watermark unusable. In assessing these attacks, countermeasures are developed to assist in protecting digital watermarking systems. Understanding the limitations of the current methods will lead us to build more robust methods that can survive various manipulation and attacks. The more information that is placed in the public's reach on the Internet, the more owners of such information need to protect themselves from theft and false representation. Systems to analyze techniques for uncovering hidden information and recover seemingly destroyed information will be useful to law enforcement authorities in computer forensics and digital traffic analysis. Information Hiding: Steganography and Watermarking - Attacks and Countermeasures presents the authors' research contributions in three fundamental areas with respect to image-based steganography and watermarking: analysis of data hiding techniques, attacks against hidden information, and countermeasures to attacks against digital watermarks. Information Hiding: Steganography and Watermarking &endash; Attacks and Countermeasures is suitable for a secondary text in a graduate level course, and as a reference for researchers and practitioners in industry.

This book constitutes the refereed proceedings of the 20th International Conference on Conceptual Modeling, ER 2001, held in Tokohama, Japan, in November 2001.The 45 revised full papers presented together with three keynote presentations were carefully reviewed and selected from a total of 197 submissions. The papers are organized in topical sections on spatial databases, spatio-temporal databases, XML, information modeling, database design, data integration, data warehouse, UML, conceptual models, systems design, method reengineering and video databases, workflows, web information systems, applications, and software engineering.

This book constitutes the refereed proceedings of the 18th European Symposium on Computer Security, ESORICS 2013, held in Egham, UK, in September 2013.The 43 papers included in the book were carefully reviewed and selected from 242 papers. The aim of ESORICS is to further the progress of research in computer security by establishing a European forum for bringing together researchers in this area, by promoting the exchange of ideas with system developers and by encouraging links with researchers in related areas. The papers cover all topics related to security, privacy and trust in computer systems and networks.

This book constitutes the refereed proceedings of the 7th International Conference on Information Systems Security, ICISS 2011, held in Kolkata, India, in December 2011. The 20 revised full papers presented together with 4 short papers and 4 invited papers were carefully reviewed and selected from 105 submissions. The papers are organized in topical sections on access control and authorization, malwares and anomaly detection, crypto and steganographic systems, verification and analysis, wireless and mobile systems security, Web and network security.

Expanded into two volumes, the Second Edition of Springer¿s Encyclopedia of Cryptography and Security brings the latest and most comprehensive coverage of the topic: Definitive information on cryptography and information security from highly regarded researchers Effective tool for professionals in many fields and researchers of all levels Extensive resource with more than 700 contributions in Second Edition  5643 references, more than twice the number of references that appear in the First Edition With over 300 new entries, appearing in an A-Z format, the Encyclopedia of Cryptography and Security provides easy, intuitive access to information on all aspects of cryptography and security. As a critical enhancement to the First Edition¿s base of 464 entries, the information in the Encyclopedia is relevant for researchers and professionals alike. Topics for this comprehensive reference were elected, written, and peer-reviewed by a pool of distinguished researchers in the field. The Second Edition¿s editorial board now includes 34 scholars, which was expanded from 18 members in the First Edition. Representing the work of researchers from over 30 countries, the Encyclopedia is broad in scope, covering everything from authentication and identification to quantum cryptography and web security. The text¿s practical style is instructional, yet fosters investigation. Each area presents concepts, designs, and specific implementations. The highly-structured essays in this work include synonyms, a definition and discussion of the topic, bibliographies, and links to related literature.  Extensive cross-references to other entries within the Encyclopedia support efficient, user-friendly searches for immediate access to relevant information.  Key concepts presented in the Encyclopedia of Cryptography and Security include: Authentication and identification; Block ciphers and stream ciphers; Computational issues; Copy protection; Cryptanalysisand security; Cryptographic protocols; Electronic payment and digital certificates; Elliptic curve cryptography; Factorization algorithms and primality tests; Hash functions and MACs; Historical systems; Identity-based cryptography; Implementation aspects for smart cards and standards; Key management; Multiparty computations like voting schemes; Public key cryptography; Quantum cryptography; Secret sharing schemes; Sequences; Web Security. Topics covered: Data Structures, Cryptography and Information Theory; Data Encryption; Coding and Information Theory; Appl.Mathematics/Computational Methods of Engineering; Applications of Mathematics; Complexity. This authoritative reference will be published in two formats: print and online.  The online edition features hyperlinks to cross-references, in addition to significant research.

Calendar and time units and specialized units, such as business days and academic years, play a major role in a wide range of information system applications. Practitioners can learn about critical aspects that must be taken into account when designing and implementing databases supporting temporal information.

Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems.

Multilevel Secure Transaction Processing is an excellent reference for researchers and developers in the area of multilevel secure database systems and may be used in advanced level courses in database security, information security, advanced database systems, and transaction processing.