This book constitutes the refereed proceedings of the 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2021, held in Calgary, Canada, in July 2021.* The 15 full papers and 8 short papers presented were carefully reviewed and selected from 45 submissions. The papers present high-quality original research from academia, industry, and government on theoretical and practical aspects of information security. They are organized in topical sections named differential privacy, cryptology, machine learning, access control and others. *The conference was held virtually due to the COVID-19 pandemic.

This book constitutes the refereed proceedings of the 36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2022, held in Newark, NJ, USA, in July 2022. The 12 full papers and 6 short papers presented were carefully reviewed and selected from 33 submissions. The conference covers research in data and applications security and privacy.

This book constitutes the refereed proceedings of the 34th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2020, held in Regensburg, Germany, in June 2020.* The 14 full papers and 8 short papers presented were carefully reviewed and selected from 39 submissions. The papers present high-quality original research from academia, industry, and government on theoretical and practical aspects of information security. They are organized in topical sections named network and cyber-physical systems security; information flow and access control; privacy-preserving computation; visualization and analytics for security; spatial systems and crowdsourcing security; and secure outsourcing and privacy. *The conference was held virtually due to the COVID-19 pandemic.

This book constitutes the refereed proceedings of the 27th IFIP WG 11.3 International Conference on Data and Applications Security and Privacy, DBSec 2013, held in Newark, NJ, USA in July 2013. The 16 revised full and 6 short papers presented were carefully reviewed and selected from 45 submissions. The papers are organized in topical sections on privacy, access control, cloud computing, data outsourcing, and mobile computing.

This brief presents the challenges and solutions for VANETs’ security and privacy problems occurring in mobility management protocols including Mobile IPv6 (MIPv6), Proxy MIPv6 (PMIPv6), and Network Mobility (NEMO). The authors give an overview of the concept of the vehicular IP-address configurations as the prerequisite step to achieve mobility management for VANETs, and review the current security and privacy schemes applied in the three mobility management protocols. Throughout the brief, the authors propose new schemes and protocols to increase the security of IP addresses within VANETs including an anonymous and location privacy-preserving scheme for the MIPv6 protocol, a mutual authentication scheme that thwarts authentication attacks, and a fake point-cluster based scheme to prevent attackers from localizing users inside NEMO-based VANET hotspots. The brief concludes with future research directions. Professionals and researchers will find the analysis and new privacy schemes outlined in this brief a valuable addition to the literature on VANET management.

Summarizes the current state and upcoming trends within the area of fog computing Written by some of the leading experts in the field, Fog Computing: Theory and Practice focuses on the technological aspects of employing fog computing in various application domains, such as smart healthcare, industrial process control and improvement, smart cities, and virtual learning environments. In addition, the Machine-to-Machine (M2M) communication methods for fog computing environments are covered in depth. Presented in two parts—Fog Computing Systems and Architectures, and Fog Computing Techniques and Application—this book covers such important topics as energy efficiency and Quality of Service (QoS) issues, reliability and fault tolerance, load balancing, and scheduling in fog computing systems. It also devotes special attention to emerging trends and the industry needs associated with utilizing the mobile edge computing, Internet of Things (IoT), resource and pricing estimation, and virtualization in the fog environments. Includes chapters on deep learning, mobile edge computing, smart grid, and intelligent transportation systems beyond the theoretical and foundational concepts Explores real-time traffic surveillance from video streams and interoperability of fog computing architectures Presents the latest research on data quality in the IoT, privacy, security, and trust issues in fog computing Fog Computing: Theory and Practice provides a platform for researchers, practitioners, and graduate students from computer science, computer engineering, and various other disciplines to gain a deep understanding of fog computing.

Annotation Technology's influence on privacy has become a matter of everyday concern for millions of people, from software architects designing new products to political leaders and consumer groups. This book explores the issue from the perspective of technology itself: how privacy-protective features can become a core part of product functionality, rather than added on late in the development process.

There are three fundamental components in Control-Flow Integrity (CFI) enforcement. The first component is accurately recovering the policy (CFG). Usually, the more precise the policy is, the more security CFI improves, but precise CFG generation was considered hard without the support of source code. The second component is embedding the CFI policy securely. Current CFI enforcement usually inserts checks before indirect branches to consult a read-only table which stores the valid CFG information. However, this kind of read-only table can be overwritten by some kinds of attacks (e.g., the Rowhammer attack and data-oriented programming). The third component is to efficiently enforce the CFI policy. In current approaches CFI checks are always executed whenever there is an indirect control flow transfer. Therefore, it is critical to minimize the performance impact of CFI checks. In this book, we propose novel solutions to handle these three fundamental components. To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure, by making use of the idea of instruction-set randomization. Each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that we are only required to do the CFI check when needed.

Blockchain technology is an emerging distributed, decentralized architecture and computing paradigm, which has accelerated the development and application of cloud, fog and edge computing; artificial intelligence; cyber physical systems; social networking; crowdsourcing and crowdsensing; 5g; trust management and finance; and other many useful sectors. Nowadays, the primary blockchain technology uses are in information systems to keep information secure and private. However, many threats and vulnerabilities are facing blockchain in the past decade such 51% attacks, double spending attacks, etc. The popularity and rapid development of blockchain brings many technical and regulatory challenges for research and academic communities. The main goal of this book is to encourage both researchers and practitioners of Blockchain technology to share and exchange their experiences and recent studies between academia and industry. The reader will be provided with the most up-to-date knowledge of blockchain in mainstream areas of security and privacy in the decentralized domain, which is timely and essential (this is due to the fact that the distributed and p2p applications are increasing day-by-day, and the attackers adopt new mechanisms to threaten the security and privacy of the users in those environments). This book provides a detailed explanation of security and privacy with respect to blockchain for information systems, and will be an essential resource for students, researchers and scientists studying blockchain uses in information systems and those wanting to explore the current state of play.