Norbert Pohlmann – författare

The Information Security Solutions Europe Conference (ISSE) was started in 1999 by EEMA and TeleTrusT with the support of the European COlnmission and the German Federal Minis­ try of Technology and Economics. Today the annual conference is a fixed event in every IT security professional's calendar. The aim of ISSE is to support the development of a European information security culture and especially a cross-border framework for trustworthy IT ap­ plications for citizens, industry and administration. Therefore, it is important to take into con­ sideration both international developments and European regulations and to allow for the in­ terdisciplinary character of the information security field. In the five years of its existence ISSE has thus helped shape the profile of this specialist area. The integration of security in IT applications was initially driven only by the actual security issues considered important by experts in the field; currently, however, the economic aspects of the corresponding solutions are the most important factor in deciding their success. ISSE offers a suitable podium for the discussion of the relationship between these considerations and for the presentation of the practical implementation of concepts with their technical, or­ ganisational and economic parameters.

The Information Security Solutions Europe Conference (ISSE) was started in 1999 by EEMA and TeleTrusT with the support of the European Commission and the German Federal Minis­ try of Technology and Economics. Today the annual conference is a fixed event in every IT security professional's calendar. The aim of ISSE is to support the development of a Euro­ pean information security culture and especially a cross-border framework for trustworthy IT applications for citizens, industry and administration. Therefore, it is important to take into consideration both international developments and European regulations and to allow for the interdisciplinary character of the information security field. In the five years of its existence ISSE has thus helped shape the profile of this specialist area. The integration of security in IT applications was initially driven only by the actual security issues considered important by experts in the field; currently, however, the economic aspects of the corresponding solutions are the most important factor in deciding their success. ISSE offers a suitable podium for the discussion of the relationship between these considerations and for the presentation of the practical implementation of concepts with their technical, or­ ganisational and economic parameters.

This book presents the most interesting talks given at ISSE 2012 - the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The topics include: - Information Security Strategy; Enterprise and Cloud Computing Security - Security and Privacy Impact of Green Energy; Human Factors of IT Security - Solutions for Mobile Applications; Identity & Access Management - Trustworthy Infrastructures; Separation & Isolation - EU Digital Agenda; Cyber Security: Hackers & Threats Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2012. Content Information Security Strategy - Enterprise and Cloud Computing Security - Security and Privacy - Impact of Green Energy - Human Factors of IT Security - Solutions for Mobile Applications - Identity & Access Management - Trustworthy Infrastructures - Separation & Isolation - EU Digital Agenda - Cyber Security - Hackers & Threats Target Group Developers of Electronic Business Processes IT Managers IT Security Experts Researchers The Editors Norbert Pohlmann: Professor for Distributed System and Information Security at Westfälische Hochschule Gelsenkirchen Helmut Reimer: Senior Consultant, TeleTrusT Wolfgang Schneider: Senior Adviser, Fraunhofer Institute SIT

This book presents the most interesting talks given at ISSE 2013 – the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The topics include:- Cloud Security, Trust Services, eId & Access Management- Human Factors, Awareness & Privacy, Regulations and Policies- Security Management- Cyber Security, Cybercrime, Critical Infrastructures- Mobile Security & ApplicationsAdequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2013.

This book presents the most interesting talks given at ISSE 2014 – the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The reader may expect state-of-the-art: best papers of the Conference ISSE 2014.

This book presents the most interesting talks given at ISSE 2015 – the forum for the interdisciplinary discussion of the key European Commission security objectives and policy directions.

Dieses Lehrbuch gibt Ihnen einen Überblick über die Themen der IT-Sicherheit Die digitale Transformation eröffnet viele neue Möglichkeiten, den dadurch lassen sich Geschäftsmodelle und Verwaltungsprozesse radikal verändern. Aber mit fortschreitender Digitalisierung nimmt jedoch die Komplexität der IT-Systeme- und Infrastrukturen zu. Zudem werden die Methoden der professionellen Angreifer ausgefeilter und die Angriffsziele kontinuierlich lukrativer, insgesamt führt dies bei Unternehmen und der Gesellschaft  zu hohen Schäden. Für eine erfolgreiche Zukunft unserer Gesellschaft ist es daher entscheidend, diesen gestiegenen Risiken entgegenzuwirken und eine sichere sowie vertrauenswürdige IT zu gestalten. Von daher ist es notwendig, dass mit den wachsenden Herausforderungen auch neue Entwicklungen und Prozessen in der Cyber-Sicherheit einhergehen. Was sich hier getan hat können Sie in der 2. Auflage des Lehrbuchs ‚Cyber-Sicherheit‘, von Prof. Norbert Pohlmann, nachlesen. Denn inder Überarbeitung der sehr erfolgreichen Erst-Auflage wurden die bestehenden Kapitel ergänzt und aktualisiert sowie zusätzlich für neue Themen weitere Kapitel hinzugefügt. Aber auch Lehrmaterialien, wie 19 komplette Vorlesungen und Überbungen auf den Webseiten wurden angepasst und erweitert.Auf insgesamt 746 Seiten bietet Informatikprofessor Norbert Pohlmann grundlegendes Wissen über die Cyber-Sicherheit und geht bei innovativen Themen, wie Self Sovereign Identity oder dem Vertrauenswürdigkeits-Modell, detailliert in die Tiefe. Dabei ist dem Autor wichtig, nicht nur theoretisches Fachwissen zu vermitteln, sondern auch den Leser in die Lage zu versetzen, die Cyber-Sicherheit aus der anwendungsorientierten Perspektive zu betrachten.Lernen Sie mithilfe dieses Lehrbuchs mehr über Mechanismen, Prinzipien, Konzepte und Eigenschaften von Cyber-Sicherheitssystemen. So sind Sie in der Lage, die Sicherheit und Vertrauenswürdigkeit von IT-Lösungen zu beurteilen.Grundlegende Aspekte der Cyber-SicherheitIm einführenden Abschnitt werden den Lesenden die Grundlagen der IT-Sicherheit vermittelt:·       Cyber-Sicherheitsstrategien·       Motivationen von Angreifern·       Sicherheitsbedürfnisse der Bürger und Mitarbeiter von Unternehmen·       Aktuelle Cyber-Sicherheitsprobleme·       Herausforderungen für eine sicher und vertrauenswürdige digitale Zukunft·       Wirksamkeitskonzepte von Cyber-SicherheitsmechanismenDetaillierte Darstellung relevanter Systeme, Prozesse und Prinzipien In den weiteren Kapiteln wird auf besonders relevante Teilbereiche der Cyber-Sicherheit fokussiert:·       Kryptographie·       Hardware-Sicherheitsmodule zum Schutz von sicherheitsrelevanten Informationen·       Digitale Signatur, elektronische Zertifikate sowie PKIs und PKAs·       Identifikation und Authentifikation·       Enterprise Identity und Access Management·       Trusted Computing·       Cyber-Sicherheit Frühwarn- und Lagebildsysteme·       Firewall-Systeme·       E-Mail-Sicherheit·       Blockchain-Technologie·       Künstliche Intelligenz und Cyber-Security·       Social Web Cyber-Sicherheit·       Self-Sovereign Identity (SSI) - neu·       Vertrauen und Vertrauenswürdigkeit - neu·       Weitere Aspekte der Cyber-Sicherheit - neuZudem erfahren Sie mehr über neue Standards und Methoden bei IPSec-Verschlüsselung, Transport Layer Security (TLS) sowie Sicherheitsmaßnahmen gegen DDoS-Angriffe. Anschauliche Grafiken und Tabellen bilden Prozesse und Zusammenhänge verständlich ab. Didaktisch gut aufbereitet, können Sie die Inhalte mit zahlreichen neuen Übungsaufgaben vertiefen. Das Lehrbuch richtet sich insbesondere an Lesende, für die ein umfassendes Know-how zu Cyber-Security im Arbeits-, Lehr- oder Privatumfeld relevant und interessant ist:·       Studierende der Informatik, IT- oder Cyber-Sicherheit, aber auch angrenzende Disziplinen·       Auszubildende im Bereich Fachinformatik, digitale Medien·       Mitarbeitende/Führungspersonen aller Branchen, die sich mit Digitalisierung beschäftigen Die zweite Auflage des Lehrbuchs Cyber-Sicherheit von Prof. Norbert Pohlmann wurde umfassend überarbeitet, aktualisiert und um drei neue Kapitel sowie ein Glossar erweitert.

This book presents the most interesting talks given at ISSE 2006 - the forum for the interdisciplinary discussion of how to adequately secure electronic business processes. The topics include: Smart Token and e-ID-Card Developments and their Application - Secure Computing and how it will change the way we trust computers - Risk Management and how to quantify security threats - Awareness raising, Data Protection and how we secure corporate information. Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2006.

ENISA is proud to be working with eema, TeleTrusT, NASK (the Polish research and development organization and leading Polish data networks operator) and the German Federal Ministry of the Inte rior as well as the German Federal Offce for Information Security for this year’s 9th annual Information Security Solutions Europe Confer ence. The aimof the ISSE has always been to support the developmentof a European information security culture and especially a cross border framework for trustworthy IT applications for citizens, industry and administration. ENISA is committed to these goals. In our work we assist and advise the European Commission, Member States as well as business community on network and information security as well as on legislative requirements, and we are delighted to support the ISSE again this year. The security of communication networks and information systems is of increasing concern. In order to face today’s complex information security challenges it is clear that working collaboratively with one another is the key to generating new strategies to address these problems. It has been an exciting opportunity to facilitate this collaboration at the ISSE 2007, pulling together the wealth of industry knowledge, information and research that we hold in Europe, as well as across the globe. The success of this event in generating ideas and frank, lively debate around the complex topic of IT security is due also to the independent, varied nature of the programme, which was selected by world wide specialists in the feld.

This book presents the most interesting talks given at ISSE 2008 - the forum for the interdisciplinary discussion of how to adequately secure electronic business processes. The topics include: - Identity Management, Information Security Management - PKI-Solutions, Economics of IT-Security - Smart Tokens, e-ID-Cards, Infrastructur Solutions - Critical Information Infrastructure Protection, Data Protection, Legal Aspects. Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2008.

This book presents the most interesting talks given at ISSE 2009 - the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The topics include: - Economics of Security and Identity Management - Security Services and Large Scale Public Applications - Privacy and Data Protection and Awareness Raising - Standards and Technical Solutions - Secure Software, Trust and Assurance Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2009.

This book presents the most interesting talks given at ISSE 2010 - the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The topics include: - Identity and Security Management - Technical and Economical Aspects of Cloud Security - Security Services and Large Scale Public Applications - Smart Grid Security and Emerging Security Solutions - Privacy and Data Protection Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2010.

This book presents the most interesting talks given at ISSE 2011 - the forum for the inter-disciplinary discussion of how to adequately secure electronic business processes. The topics include: - Cloud Computing & Enterprise Security Services - Awareness, Education, Privacy & Trustworthiness - Smart Grids, Mobile & Wireless Security - Security Management, Identity & Access Management - eID & eGovernment - Device & Network Security Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2011.