This volume constitutes the refereed proceedings of the 5th IFIP WG 11.2 International Workshop on Information Security Theory and Practices: Security and Privacy of Mobile Devices in Wireless Communication, WISTP 2011, held in Heraklion, Crete, Greece, in June 2011. The 19 revised full papers and 8 short papers presented together with a keynote speech were carefully reviewed and selected from 80 submissions. They are organized in topical sections on mobile authentication and access control, lightweight authentication, algorithms, hardware implementation, security and cryptography, security attacks and measures, security attacks, security and trust, and mobile application security and privacy.

This book gathers and analyzes the latest attacks, solutions, and trends in mobile networks. Its broad scope covers attacks and solutions related to mobile networks, mobile phone security, and wireless security. It examines the previous and emerging attacks and solutions in the mobile networking worlds, as well as other pertinent security issues. The many attack samples present the severity of this problem, while the delivered methodologies and countermeasures show how to build a truly secure mobile computing environment.

Provides a strong foundation of cybercrime knowledge along with the core concepts of networking, computer security, Internet of Things (IoTs), and mobile devices. Addresses legal statutes and precedents fundamental to understanding investigative and forensic issues relative to evidence collection and preservation. Identifies the new security challenges of emerging technologies including mobile devices, cloud computing, Software-as-a-Service (SaaS), VMware, and the Internet of Things. Strengthens student understanding of the fundamentals of computer and network security, concepts that are often glossed over in many textbooks, and includes the study of cybercrime as critical forward-looking cybersecurity challenges.

This book presents state-of-the-art contributions from both scientists and practitioners working in intrusion detection and prevention for mobile networks, services, and devices. It covers fundamental theory, techniques, applications, as well as practical experiences concerning intrusion detection and prevention for the mobile ecosystem. It also includes surveys, simulations, practical results and case studies.

This volume contains the 12 papers presented at the WISTP 2009 conference, held in Brussels, Belgium in September 2009. WISTP 2009 was the third int- national workshop devoted to information security theory and practice. WISTP 2009 built on the successful WISTP 2007 and 2008 conferences, held in Heraklion, Crete, Greece and Seville, Spain in May 2007 and May 2008, - spectively. The proceedings of WISTP 2007 and WISTP 2008 were published as volumes 4462 and 5019 of the Lecture Notes in Computer Science series. This workshop received the following support: – Co-sponsored by IFIP WG 11. 2 Small System Security – Co-sponsored by VDE ITG – Technical sponsorship of the IEEE Systems, Man & Cybernetics Society – Supported by the Technical Committee on Systems Safety and Security – Organized in cooperation with the ACM SIGSAC – Supported by ENISA – Supported by the Institute for Systems and Technologies of Information, Control and Communication (INSTICC) These proceedings contain 12 original papers covering a range of theoretical and practical topics in information security. For the purposes of the organi- tion of the WISTP program, the papers were divided into four main categories, namely: – Mobility – Attacks and Secure Implementations – Performance and Security – Cryptography The12papersincludedherewereselectedfromatotalof27submissions. The refereeing process was rigorous,involving at least three (and mostly four or ?ve) independent reports being prepared for each submission.

Similar to unraveling a math word problem, Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges guides you through a deciphering process that translates each security goal into a set of security variables, substitutes each variable with a specific security technology domain, formulates the equation that is the deployment strategy, then verifies the solution against the original problem by analyzing security incidents and mining hidden breaches, ultimately refines the security formula iteratively in a perpetual cycle. You will learn about: Secure proxies – the necessary extension of the endpoints Application identification and control – visualize the threats Malnets – where is the source of infection and who are the pathogens Identify the security breach – who was the victim and what was the lure Security in Mobile computing – SNAFU With this book, you will be able to: Identify the relevant solutions to secure the infrastructure Construct policies that provide flexibility to the users so to ensure productivity Deploy effective defenses against the ever evolving web threats Implement solutions that are compliant to relevant rules and regulations Offer insight to developers who are building new security solutions and products

Mobile is impacting heavily on our society today. In this book, Nicoletti analyzes the application of mobile to the world of financial institutions. He considers future developments and the possible use of mobile to help the transformation in products, processes, organizations and business models of financial institutions globally.

This book provides a comprehensive introduction to hardware security, from specification to implementation. Applications discussed include embedded systems ranging from small RFID tags to satellites orbiting the earth. The authors describe a design and synthesis flow, which will transform a given circuit into a secure design incorporating counter-measures against fault attacks. In order to address the conflict between testability and security, the authors describe innovative design-for-testability (DFT) computer-aided design (CAD) tools that support security challenges, engineered for compliance with existing, commercial tools. Secure protocols are discussed, which protect access to necessary test infrastructures and enable the design of secure access controllers.

Data collection allows today’s businesses to cater to each customer’s individual needs and provides a necessary edge in a competitive market. However, any breach in confidentiality can cause serious consequences for both the consumer and the company. The Handbook of Research on Emerging Developments in Data Privacy brings together new ideas on how to deal with potential leaks of valuable customer information. Highlighting the legal aspects of identity protection, trust and security, and detection techniques, this comprehensive work is a valuable resource for any business, legal, or technology professional looking to improve information security within their organization.