Information Security Theory And Practices Security And Privacy Of Pervasive Systems And Smart Devices

Annotation This volume constitutes the refereed proceedings of the 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices, WISTP 2010, held in Passau, Germany, in April 2010. The 20 revised full papers and 10 short papers were carefully reviewed and selected from 69 submissions. They are organized in topical sections on embedded security, protocols, highly constrained embedded systems, security, smart card security, algorithms, hardware implementations, embedded systems and anonymity/database security.

Annotation. This volume constitutes the refereed proceedings of the 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices, WISTP 2010, held in Passau, Germany, in April 2010. The 20 revised full papers and 10 short papers were carefully reviewed and selected from 69 submissions. They are organized in topical sections on embedded security, protocols, highly constrained embedded systems, security, smart card security, algorithms, hardware implementations, embedded systems and anonymity/database security.

This volume constitutes the refereed proceedings of the 4th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Pervasive Systems and Smart Devices, WISTP 2010, held in Passau, Germany, in April 2010. The 20 revised full papers and 10 short papers were carefully reviewed and selected from 69 submissions. They are organized in topical sections on embedded security, protocols, highly constrained embedded systems, security, smart card security, algorithms, hardware implementations, embedded systems and anonymity/database security.

This volume constitutes the refereed proceedings of the Third IFIP WG 11.2 International Workshop on Information Security Theory and Practice: Smart Devices, Pervasive Systems, and Ubiquitous Networks, WISTP 2009 held in Brussels, Belgium in September 2009. The 12 revised full papers presented were carefully reviewed and selected from 27 submissions for inclusion in the book; they are organized in topical sections on mobility, attacks and secure implementations, performance and security, and cryptography.

This volume contains the 12 papers presented at the WISTP 2009 conference, held in Brussels, Belgium in September 2009. WISTP 2009 was the third int- national workshop devoted to information security theory and practice. WISTP 2009 built on the successful WISTP 2007 and 2008 conferences, held in Heraklion, Crete, Greece and Seville, Spain in May 2007 and May 2008, - spectively. The proceedings of WISTP 2007 and WISTP 2008 were published as volumes 4462 and 5019 of the Lecture Notes in Computer Science series. This workshop received the following support: – Co-sponsored by IFIP WG 11. 2 Small System Security – Co-sponsored by VDE ITG – Technical sponsorship of the IEEE Systems, Man & Cybernetics Society – Supported by the Technical Committee on Systems Safety and Security – Organized in cooperation with the ACM SIGSAC – Supported by ENISA – Supported by the Institute for Systems and Technologies of Information, Control and Communication (INSTICC) These proceedings contain 12 original papers covering a range of theoretical and practical topics in information security. For the purposes of the organi- tion of the WISTP program, the papers were divided into four main categories, namely: – Mobility – Attacks and Secure Implementations – Performance and Security – Cryptography The12papersincludedherewereselectedfromatotalof27submissions. The refereeing process was rigorous,involving at least three (and mostly four or ?ve) independent reports being prepared for each submission.

With the rapid development of information technologies and the transition to next-generation networks, computer systems and in particular embedded s- tems are becoming more and more mobile and ubiquitous. They also strongly interact with the physical world. Ensuring the security of these complex and resource-constrained systems is a really challenging research topic. Therefore this Workshop in Information Security Theory and Practices was organized to bring together researchers and practitioners in related areas, and to encourage cooperation between the research and the industrial communities. This was the second edition of WISTP, after the ?rst event in Heraklion, Greece, in 2007. This year again we had a signi?cant number of high-quality submissions coming from many di?erent countries. These submissions re?ected the major topics of the conference, i. e. , smart devices, convergence, and ne- generation networks. Submissions were reviewed by at least three reviewers, in most cases by four, and at least by ?ve for the papers involving Program C- mittee members. This long and rigorousprocess could be achievedthanks to the hard work of the Program Committee members and additional reviewers, listed in the following pages. This led to the selection of high-quality papers that made up the workshop program and are published in these proceedings. A number of posters and short papers were also selected for presentation at the conference. The process was very selective and we would like to thank all those authors who submitted contributions that could not be selected.

Organizations are increasingly relying on electronic information to conduct business, which has caused the amount of personal information to grow exponentially. Threats, Countermeasures, and Advances in Applied Information Security addresses the fact that managing information security program while effectively managing risks has never been so critical. This book contains 24 chapters on the most relevant and important issues and advances in applied information security management. The chapters are authored by leading researchers and practitioners in the field of information security from across the globe. The chapters represent emerging threats and countermeasures for effective management of information security at organizations.