Sean W. Smith - Böcker

Starting with early prototypes and proposed applications, this book surveys the longer history of amplifying small amounts of hardware security into broader system security - and reports real case study experience with security architecture and applications on multiple types of platforms. The author examines the theory, design, and implementation of the IBM 4758 secure coprocessor platform and discusses real case study applications that exploit the unique capabilities of this platform. The author discusses how these foundations grow into newer industrial designs, and discusses alternate architectures and case studies of applications that this newer hardware can enable. The author closes with an examination of more recent cutting-edge experimental work in this area.

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

How can one trust computation taking place at a remote site, particularly if a party at that site might have motivation to subvert this trust? In recent years, industrial efforts have advanced the notion of a "trusted computing platform" as a building block. Through a conspiracy of hardware and software magic, these platforms attempt to solve this remote trust problem, to preserve various critical properties against various types of adversaries.However, these current efforts are just points on a larger continuum, which ranges from earlier work on secure coprocessor design and applications, through TCPA/TCG, to recent academic developments. Without wading through stacks of theses and research literature, the general computer science reader cannot see this big picture.Trusted Computing Platforms: Design and Applications fills this gap. Starting with early prototypes and proposed applications, this book surveys the longer history of amplifying small amounts of hardware security into broader system security – and reports real case study experience with security architecture and applications on multiple types of platforms. The author examines the theory, design, and implementation of the IBM 4758 secure coprocessor platform and discusses real case study applications that exploit the unique capabilities of this platform. The author discusses how these foundations grow into newer industrial designs, and discusses alternate architectures and case studies of applications that this newer hardware can enable. The author closes with an examination of more recent cutting-edge experimental work in this area.Trusted Computing Platforms: Design and Applications is written for security architects, application designers, and the general computer scientist interested in the evolution and uses of this emerging technology.

This volume contains the proceedings of the Third International Conference on Trust and Trustworthy Computing (TRUST), held at the Ritz-Carlton hotel in Berlin, Germany, June 21–23, 2010. TRUST is a rapidly growing forum for research on the technical and soc- economic aspects of trustworthy infrastructures. TRUST provides an interdis- plinary forum for researchers, practitioners, and decision makers to explore new ideas and discuss experiences in building, designing, using, and understanding trustworthy computing systems. The third edition of TRUST welcomed manuscripts in two di?erent tracks: a Technical Strand and a Socio-economic Strand. We assembled an engaging program with 21 peer-reviewed technical papers and nine peer-reviewed soc- economic papers; eight keynotes from industry, academia, and government; and panel discussions on privacy and standards. In addition, this year, TRUST was co-located with four workshops: Trust in Cloud, Hardware Security, Emerging and Future Risks, and Anonymous Signatures. We would like to thank numerous individuals for their e?ort and contri- tion to the conference and for making TRUST 2010 possible: the Organizing Committee members—Nadine Palacios and Marcel Winandy—for their trem- dous help with all aspects of the organization;the Technicaland Socio-economic Program Committee members, whose names are listed on the following pages, together with the names of external reviewers who helped us in the process of selecting manuscripts to be included in the conference proceedings; the keynote and invited speakers; and the invited panel speakers.