Page 1
Page 1
Obstructions in Security-Aware Business Processes : Analysis, Detection, and Handling
This book explores the dilemma-like stalemate between security and regulatory compliance in business processes on the one hand and business continuity and governance on the other. The growing number of regulations, e.g., on information security, data protection, or privacy, implemented in increasingly digitized businesses can have an obstructive effect on the automated execution of business processes. Such security-related obstructions can particularly occur when an access control-based implementation of regulations blocks the execution of business processes. By handling obstructions, security in business processes is supposed to be improved. For this, the book presents a framework that allows the comprehensive analysis, detection, and handling of obstructions in a security-sensitive way. Thereby, methods based on common organizational security policies, process models, and logs are proposed. The Petri net-based modeling and related semantic and language-based research, as well as the analysis of event data and machine learning methods finally lead to the development of algorithms and experiments that can detect and resolve obstructions and are reproducible with the provided software.
Network Security Policies and Procedures
This volume introduces the technical issues surrounding security, as well as how security policies are formulated at the executive level and communicated throughout the organization. Network Security Policies and Procedures offers an unique mix of technical information and organizational communication concepts.
Intrusion Detection Systems
Sٍheds new light on defense alert systems against computer and network intrusions. It also covers integrating intrusion alerts within security policy framework for intrusion response, related case studies and much more. This volume is presented in an easy-to-follow style while including a rigorous treatment of the issues, solutions, and technologies tied to the field.
Emerging Trends in Information and Communication Security ; International Conference, ETRICS 2006, Freiburg, Germany, June 6-9, 2006. Proceedings
This book constitutes the refereed proceedings of the International Conference on Emerging Trends in Information and Communication Security, ETRICS 2006, held in Freiburg, Germany, in June 2006. The book presents 36 revised full papers, organized in topical sections on multilateral security; security in service-oriented computing, secure mobile applications; enterprise privacy; privacy, identity, and anonymity; security engineering; security policies; security protocols; intrusion detection; and cryptographic security.
Cybercrime Investigators Handbook
Cyber attacks perpetrated against businesses, governments, organizations, and individuals have been occurring for decades. Many attacks are discovered only after the data has been exploited or sold on the criminal markets. Cyber attacks damage both the finances and reputations of businesses and cause damage to the ultimate victims of the crime. From the perspective of the criminal, the current state of inconsistent security policies and lax investigative procedures is a profitable and low-risk opportunity for cyber attacks.
Construction and Analysis of Safe, Secure, and Interoperable Smart Devices ; Vol. 3956 ; Second International Workshop, CASSIS 2005, Nice, France, March 8-11, 2005, Revised Selected Papers
This book constitutes the refereed post-proceedings of the Second International Workshop on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices, CASSIS 2005. The 9 revised full papers presented were carefully selected during two rounds of reviewing and improvement from about 30 workshop talks. The papers are organized in topical sections on research trends in smart devices, Web services, virtual machine technology, security, validation and formal methods, proof-carrying code, and embedded devices.
Construction and analysis of safe, secure, and interoperable smart devices ; Vol. 3362 : International workshop, CASSIS 2004, Marseille, France, March 10-14, 2004, Revised Selected Papers
History based access control and secure information flow / The spec# programming system / Mastering test generation from smart card software formal models / A mechanism for secure, fine-grained dynamic provisioning of applications on small devices / A type system for checking applet isolation in java card / Verification of safety properties in the presence of transactions / Modelling mobility aspects of security policies / Smart devices for next generation mobile services / A flexible framework for the estimation of coverage metrics in explicit state software model checking / Combining several paradigms for circuit validation and verification / Smart card research perspectives
