الصفحة 1
الصفحة 1
Obstructions in Security-Aware Business Processes : Analysis, Detection, and Handling
This book explores the dilemma-like stalemate between security and regulatory compliance in business processes on the one hand and business continuity and governance on the other. The growing number of regulations, e.g., on information security, data protection, or privacy, implemented in increasingly digitized businesses can have an obstructive effect on the automated execution of business processes. Such security-related obstructions can particularly occur when an access control-based implementation of regulations blocks the execution of business processes. By handling obstructions, security in business processes is supposed to be improved. For this, the book presents a framework that allows the comprehensive analysis, detection, and handling of obstructions in a security-sensitive way. Thereby, methods based on common organizational security policies, process models, and logs are proposed. The Petri net-based modeling and related semantic and language-based research, as well as the analysis of event data and machine learning methods finally lead to the development of algorithms and experiments that can detect and resolve obstructions and are reproducible with the provided software.
Image and video encryption : From digital rights management to secured personal communication
Image and Video Encryption provides a unified overview of techniques for encryption of images and video data. This ranges from commercial applications like DVD or DVB to more research oriented topics and recently published material. This volume introduces different techniques from unified viewpoint, then evaluates these techniques with respect to their respective properties (e.g., security, speed.....). Encryption of visual data is an important topic in the area of mutimedia security, applications range from digital rights management (DVD, DVB) ) to secure personal communications. Within this topic area, we face several aims which contradict each other. What we thrive on is good compression, fast compression, high security, fast encryption, bitstream compliance, little power consumption and little memory requirements. The authors experimentally compare different approaches proposed in the literature and include an extensive bibliography of corresponding published material. Image and Video Encryption is designed for a professional audience composed of researchers and practitioners in industry. The book is also suitable for graduate-level students in computer science and electrical engineering.
Fundamentals of information systems security ; 3rd ed.
Provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of the new risks, threats, and vulnerabilities associated with the transition to a digital world. Part 2 presents a high level overview of the Security+ Exam and provides students with information as they move toward this certification. The book closes with information on information security standards, education, professional certifications, and compliance laws. With its practical, conversational writing style and step-by-step examples, this text is a must-have resource for those entering the world of information systems security.
Fundamentals of information systems security ; 4th ed.
Provides a comprehensive overview of the concepts readers must know as they pursue careers in information systems security. The text opens with a discussion of emerging technologies and the risks, threats, and vulnerabilities associated with our digital world. Part II takes a deeper dive into the foundational knowledge areas and functions associated with a career in information security. The book closes with a survey of information security standards, professional certifications, and compliance laws. With its practical, conversational writing style and step-by-step examples, this text is a must-have resource for those entering the world of information systems security.
Cybersecurity for business : Organization-wide strategies to ensure cyber risk Is not just an IT Issue
Important and cost-effective innovations can substantially increase cyber risk and the loss of intellectual property, corporate reputation and consumer confidence. Over the past several years, organizations around the world have increasingly come to appreciate the need to address cybersecurity issues from a business perspective, not just from a technical or risk angle. Cybersecurity for Business builds on a set of principles developed with international leaders from technology, government and the boardroom to lay out a clear roadmap of how to meet goals without creating undue cyber risk.
Conceptual Modeling - ER 2008 ; 27th International Conference on Conceptual Modeling, Barcelona, Spain, October 20-24, 2008. Proceedings
This book constitutes the refereed proceedings of the 27th International Conference on Conceptual Modeling, ER 2008, held in Barcelona, Spain, in October 2008.
Legal Programming : Designing Legally Compliant RFID and Software Agent Architectures for Retail Processes and Beyond
LEGAL PROGRAMMING: Designing Legally Compliant RFID and Software Agent Architectures for Retail Processes and Beyond provides a process-oriented discussion of the legal concerns presented by agent-based technologies, processes and programming. It offers a general outline of the potential legal difficulties that could arise in relation to them, focusing on the programming of negotiation and contracting processes in a privacy, consumer and commercial context. The authors will elucidate how it is possible to create form of legal framework and design methodology for transaction agents, applicable in any environment and not just in a specific proprietary framework, that provides the right level of compliance and trust. Key elements considered include the design and programming of legally compliant methods, the determination of rights in respect of objects and variables, and ontologies and programming frameworks for agent interactions. Examples are used to illustrate the points made and provide a practical perspective.
IT Security Controls : A Guide to Corporate Standards and Frameworks
Gives an overview of the major standards and frameworks, and a proposed architecture to meet them. The book identifies and describes the necessary controls and processes that must be implemented in order to secure your organization's infrastructure. The book proposes a comprehensive approach to the implementation of IT security controls with an easily understandable graphic implementation proposal to comply with the most relevant market standards (ISO 27001, NIST, PCI-DSS, and COBIT) and a significant number of regulatory frameworks from central banks across the World (European Union, Switzerland, UK, Singapore, Hong Kong, India, Qatar, Kuwait, Saudi Arabia, Oman, etc.). You will learn: Understand corporate IT security controls, including governance, policies, procedures, and security awareness Know cybersecurity and risk assessment techniques such as penetration testing, red teaming, compliance scans, firewall assurance, and vulnerability scans Understand technical IT security controls for unmanaged and managed devices, and perimeter controls Implement security testing tools such as steganography, vulnerability scanners, session hijacking, intrusion detection, and more
ISSE 2006 — Securing Electronic Busines Processes : Highlights of the Information Security Solutions Europe 2006 Conference
Presents the most interesting talks given at ISSE 2006 - the forum for the interdisciplinary discussion of how to adequately secure electronic business processes. The topics include: Smart Token and e-ID-Card Developments and their Application - Secure Computing and how it will change the way we trust computers - Risk Management and how to quantify security threats - Awareness raising, Data Protection and how we secure corporate information. Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2006.
Business process management ; 6th International Conference, BPM 2008, Milan, Italy, September 2-4, 2008. Proceedings
This book constitutes the refereed proceedings of the 6th International Conference on Business Process Management, BPM 2008, held in Milan, Italy, in September 2008.
Business process management ; 5th International Conference, BPM 2007, Brisbane, Australia, September 24-28, 2007, Proceedings
This book includes business process maturity and performance, business process modeling, case studies, compliance and change, process configuration and execution, formal foundations of BPM, business process mining, and semantic issues in BPM.
Building the Infrastructure for Cloud Security : A Solutions view
For cloud users and providers alike, security is an everyday concern, yet there are very few books covering cloud security as a main subject. This book will help address this information gap from an Information Technology solution and usage-centric view of cloud infrastructure security. The book highlights the fundamental technology components necessary to build and enable trusted clouds. Here also is an explanation of the security and compliance challenges organizations face as they migrate mission-critical applications to the cloud, and how trusted clouds, that have their integrity rooted in hardware, can address these challenges.
Boosting Collaborative Networks 4.0 ; 21st IFIP WG 5.5 Working Conference on Virtual Enterprises, PRO-VE 2020, Valencia, Spain, November 23–25, 2020, Proceedings
This book constitutes the refereed proceedings of the 21st IFIP WG 5.5 Working Conference on Virtual Enterprises, PRO-VE 2020, held in Valencia, Spain, in November 2020. The conference was held virtually. The 53 full papers were carefully reviewed and selected from 135 submissions. They provide a comprehensive overview of major challenges and recent advances in various domains related to the digital transformation and collaborative networks and their applications with a strong focus on the following areas related to the main theme of the conference: collaborative business ecosystems; collaborative business models; collaboration platform; data and knowledge services; blockchain and knowledge graphs; maintenance, compliance and liability; digital transformation; skills for organizations of the future
Artificial intelligence in the financial services industry
Today, the financial services sector is facing a period of rapid disruption and innovation, and artificial intelligence (AI) is at the heart of these changes. Artificial intelligence can be used to gather enormous amounts of data, detect abnormalities, and solve complex problems. Financial institutions are already experimenting extensively with AI strategies to enhance and streamline financial institutions, BSA and AML compliance, CRA requirements, fraud detection, and real estate valuations, all while reducing cost levels. This book looks at how artificial intelligence is affecting the financial services industry.
