Geschäftskunden Kundenprogramme
Vor Ort
Merkzettel Warenkorb
Produktbild: Cyber-Vigilance and Digital Trust

Cyber-Vigilance and Digital Trust Cyber Security in the Era of Cloud Computing and Iot

Fr. 196.00

inkl. gesetzl. MwSt., Versandkostenfrei

Beschreibung

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

30.07.2019

Herausgeber

Wiem Tounsi

Verlag

Wiley

Seitenzahl

256

Maße (L/B/H)

23.5/15.7/1.8 cm

Gewicht

520 g

Sprache

Englisch

ISBN

978-1-78630-448-3

Beschreibung

Portrait

Wiem Tounsi, PhD, is Head of the Managed Security Services and R&D division at Axians Cybersecurity Paris, France. Her research interests include network security and privacy issues, mainly policies management, threat analysis and lightweight cryptography. She has authored several research papers in high-level international journals and conferences, and has been an invited keynote speaker at several major scientific conferences.

Produktdetails

Einband

Gebundene Ausgabe

Erscheinungsdatum

30.07.2019

Herausgeber

Wiem Tounsi

Verlag

Wiley

Seitenzahl

256

Maße (L/B/H)

23.5/15.7/1.8 cm

Gewicht

520 g

Sprache

Englisch

ISBN

978-1-78630-448-3

Herstelleradresse

Libri GmbH
Europaallee 1
36244 Bad Hersfeld
DE

Email: gpsr@libri.de

Kundinnen und Kunden meinen

0 Bewertungen

Informationen zu Bewertungen

Zur Abgabe einer Bewertung ist eine Anmeldung im Konto notwendig. Die Authentizität der Bewertungen wird von uns nicht überprüft. Wir behalten uns vor, Bewertungstexte, die unseren Richtlinien widersprechen, entsprechend zu kürzen oder zu löschen.

Die Bewertungen sind nach Format, Anzahl Sterne und Datum sortiert.

Verfassen Sie die erste Bewertung zu diesem Artikel

Helfen Sie anderen Kund*innen durch Ihre Meinung

Kundinnen und Kunden meinen

0 Bewertungen filtern
Die Leseprobe wird geladen.
  • Produktbild: Cyber-Vigilance and Digital Trust

  • Introduction ix
    Wiem TOUNSI

    Chapter 1. What Is Cyber Threat Intelligence and How Is It Evolving? 1
    Wiem TOUNSI

    1.1. Introduction 1

    1.2. Background 3

    1.2.1. New Generation Threats 3

    1.2.2. Analytical Frameworks 6

    1.3. Cyber Threat Intelligence 9

    1.3.1. Cyber Threat Intelligence Sources 9

    1.3.2. Cyber Threat Intelligence Sub-Domains 11

    1.3.3. Technical Threat Intelligence (TTI) 13

    1.4. Related Work 14

    1.5. Technical Threat Intelligence Sharing Problems 16

    1.5.1. Benefits of CTI Sharing for Collective Learning 16

    1.5.2. Reasons for Not Sharing 17

    1.6. Technical Threat Intelligence Limitations 21

    1.6.1. Quantity Over Quality 21

    1.6.2. IOC-Specific Limitations 22

    1.7. Cyber Threat Intelligent Libraries or Platforms 25

    1.7.1. Benefits of CTI Libraries Based In the Cloud 26

    1.7.2. Reluctance to Use Cloud Services 26

    1.8. Discussion 27

    1.8.1. Sharing Faster Is Not Sufficient 27

    1.8.2. Reducing the Quantity of Threat Feeds 28

    1.8.3. Trust to Share Threat Data and to Save Reputation Concerns 30

    1.8.4. Standards for CTI Representation and Sharing 31

    1.8.5. Cloud-Based CTI Libraries for Collective Knowledge and Immunity 34

    1.9. Evaluation of Technical Threat Intelligence Tools 36

    1.9.1. Presentation of Selected Tools 37

    1.9.2. Comparative Discussion 38

    1.10. Conclusion and Future Work 39

    1.11. References 40

    Chapter 2. Trust Management Systems: A Retrospective Study on Digital Trust 51
    Reda YAICH

    2.1. Introduction 51

    2.2. What Is Trust? 52

    2.3. Genesis of Trust Management Systems 54

    2.3.1. Access Control Model 54

    2.3.2. Identity-Based Access Control 55

    2.3.3. Lattice-Based Access Control 57

    2.3.4. Role-Based Access Control 58

    2.3.5. Organization-Based Access Control 59

    2.3.6. Attribute-Based Access Control 61

    2.4. Trust Management 62

    2.4.1. Definition 62

    2.4.2. Trust Management System 64

    2.4.3. Foundations 65

    2.4.4. Automated Trust Negotiation 70

    2.5. Classification of Trust Management Systems 72

    2.5.1. Authorization-Based TMSs 73

    2.5.2. Automated Trust Negotiation Systems 81

    2.6. Trust Management In Cloud Infrastructures 90

    2.6.1. Credentials-Based Trust Models 90

    2.6.2. SLA-Based Trust Models 90

    2.6.3. Feedback-Based Trust Models 91

    2.6.4. Prediction-Based Trust Models 92

    2.7. Conclusion 93

    2.8. References 94

    Chapter 3. Risk Analysis Linked to Network Attacks 105
    Kamel KAROUI

    3.1. Introduction 105

    3.2. Risk Theory 107

    3.2.1. Risk Analysis Terminology 107

    3.2.2. Presentation of the Main Risk Methods 109

    3.2.3. Comparison of the Main Methods 116

    3.3. Analysis of IS Risk In the Context of IT Networks 120

    3.3.1. Setting the Context 120

    3.3.2. Risk Assessment 127

    3.3.3. Risk Treatment 133

    3.3.4. Acceptance of Risks 136

    3.3.5. Risk Communication 137

    3.3.6. Risk Monitoring 138

    3.4. Conclusion 138

    3.5. References 138

    Chapter 4. Analytical Overview on Secure Information Flow In Android Systems: Protecting Private Data Used By Smartphone Applications 141
    Mariem GRAA

    4.1. Introduction 142

    4.2. Information Flow 143

    4.2.1. Explicit Flows 143

    4.2.2. Implicit Flows 143

    4.2.3. Covert Channels 144

    4.3. Data Tainting 145

    4.3.1. Interpreter Approach 145

    4.3.2. Architecture-Based Approach 146

    4.3.3. Static Taint Analysis 146

    4.3.4. Dynamic Taint Analysis 147

    4.4. Protecting Private Data In Android Systems 149

    4.4.1. Access Control Approach 149

    4.4.2. Preventing Private Data Leakage Approach 153

    4.4.3. Native Libraries Approaches 157

    4.5. Detecting Control Flow 160

    4.5.1. Technical Control Flow Approaches 160

    4.5.2. Formal Control Flow Approaches 162

    4.6. Handling Explicit and Control Flows In Java and Native Android Apps¿ Code 164

    4.6.1. Formal Specification of the Under-Tainting Problem 164

    4.6.2. Formal Under-Tainting Solution 166

    4.6.3. System Design 175

    4.6.4. Handling Explicit and Control Flows In Java Android Apps¿ Code 176

    4.6.5. Handling Explicit and Control Flows In Native Android Apps¿ Code 180

    4.6.6. Evaluation 184

    4.6.7. Discussion 187

    4.7. Protection Against Code Obfuscation Attacks Based on Control Dependencies In Android Systems 188

    4.7.1. Code Obfuscation Definition 188

    4.7.2. Types of Program Obfuscations 189

    4.7.3. Obfuscation Techniques 189

    4.7.4. Code Obfuscation In Android System 190

    4.7.5. Attack Model 191

    4.7.6. Code Obfuscation Attacks 192

    4.7.7. Detection of Code Obfuscation Attacks 194

    4.7.8. Obfuscation Code Attack Tests 195

    4.8. Detection of Side Channel Attacks Based on Data Tainting In Android Systems 198

    4.8.1. Target Threat Model 199

    4.8.2. Side Channel Attacks 200

    4.8.3. Propagation Rules for Detecting Side Channel Attacks 203

    4.8.4. Implementation 205

    4.8.5. Evaluation 207

    4.9. Tracking Information Flow In Android Systems Approaches Comparison: Summary 210

    4.10. Conclusion and Highlights 215

    4.11. References 216

    List of Authors 227

    Index 229