overviewofthebestindustrialpracticesinITsecurityanalysis.Inparticular, the paperpresentsrecentresearchresultsinthe areaofformalfoundations andpow- erfultoolsforsecurityanalysis.ThecontributionbyUlfarErlingssonoutlinesthe general issues of low-level software security. Concrete details of low-level attacks anddefensesaregiveninthe caseof CandC++softwarecompiledinto machine code. Fabio Martinelli and Paolo Mori describe a solution to improve the Java native security support. Two examples of the application of the proposed so- tion, with history-based monitoring of the application behavior, are given in the case of grid computing and mobile devices. The purpose of the chapter by Javier Lopez, Cristina Alcaraz, and Rodrigo Roman is to review and discuss critical information infrastructures, and show how to protect their functionalities and performance against attacks. As an example, the chapter also discusses the role of wireless sensor networks technology in the protection of these infrastructures. The paper by Liqun Chen is a survey in the area of asymmetric key cryp- graphic methodologies for identity-based cryptography. Audun Josang gives an overviewofthebackground, currentstatus, andfuturetrendoftrustandrepu- tionsystems.Inthefollowingchapter, MarcinCzenko, SandroEtalle, DongyiLi, and William H. Winsborough present the trust management approach to access controlindistributed systems.Inparticular, they focus onthe RT family ofro- based trust management languages. Chris Mitchell and Eimear Gallery report on the trusted computing technology for the next-generation mobile deviceTechnical report, Java Community Process (November 2002), http://www.jcp.org/ aboutJava/communityprocess/maintenance/jsr118/ 26. JSR 120 Expert Group: Wireless messaging api (wma) for Java 2 micro edition. Technical Report JSR 120anbsp;...
|Title||:||Foundations of Security Analysis and Design|
|Author||:||Alessandro Aldini, Roberto Gorrieri|
|Publisher||:||Springer Science & Business Media - 2007-08-30|