| Description |
1 online resource (380 pages) : illustrations |
| Series |
Lecture Notes in Computer Science ; v. 12026 |
|
LNCS sublibrary. SL 3, Information systems and applications, incl. Internet/Web, and HCI |
|
Lecture notes in computer science ; 12026.
|
|
LNCS sublibrary. SL 3, Information systems and applications, incl. Internet/Web, and HCI.
|
| Contents |
Intro -- Preface -- Organization -- Contents -- Risk Analysis and Management -- pQUANT: A User-Centered Privacy Risk Analysis Framework -- 1 Introduction -- 2 Related Work -- 2.1 Privacy Risk Quantification -- 2.2 Privacy Risk Communication -- 3 System Model -- 3.1 Attribute-Entity Model -- 3.2 Some Privacy Related Problems -- 3.3 Privacy Risks Metrics -- 4 pQUANT Components and Design Goals -- 4.1 Design Goals -- 4.2 System Components -- 5 Validation and Discussion -- 6 Summary and Future Work -- References |
|
1 Introduction -- 2 Background -- 3 Asset Identification Approach -- 3.1 Requirements on Asset Identification -- 3.2 Conceptual Model and Asset Classes -- 3.3 Our Method for Systematic Asset Identification -- 4 Application Example -- 5 Related Work -- 6 Conclusions and Future Work -- References -- Access Control and Permission -- Inference Control in Distributed Environment: A Comparison Study -- 1 Introduction -- 2 Access Control vs Inference Control -- 3 Inference Control in Centralized Database Systems -- 3.1 Inference Attacks -- 3.2 Inference Prevention Methods |
|
3.3 Discussion of the Inference Prevention Methods -- 4 Inference Control in Distributed Environment -- 4.1 Inference Control in Distributed Database Systems -- 4.2 Inference Control in Data Integration Systems -- 4.3 Inference and Data Outsourcing -- 5 Research Directions -- 6 Conclusion -- References -- MAPPER: Mapping Application Description to Permissions -- 1 Introduction -- 2 MAPPER Design -- 2.1 Overview of MAPPER -- 2.2 Data Collection -- 2.3 Application Description to Permission Modeling -- 2.4 Processing Applications -- 3 Evaluation -- 3.1 Evaluation Setup -- 3.2 Results |
|
6 Conclusions and Future Work -- Acknowledgements -- References -- Continuous Risk Management for Industrial IoT: A Methodological View -- 1 Introduction -- 2 Why Continuous Risk Management for ICS? -- 3 Users, Relevant Stakeholders, and Related Processes -- 4 Related Work -- 5 The Continuous Risk Assessment Methodology -- 5.1 Baseline Risk Assessment -- 5.2 Transition Phase -- 5.3 Continuous Risk Assessment -- 6 Using Bayesian Networks in Risk Estimations -- 7 Future Work -- 8 Conclusions -- References -- Systematic Asset Identification and Modeling During Requirements Engineering |
|
An Industrial Trial of an Approach to Identification and Modelling of Cybersecurity Risks in the Context of Digital Secondary Substations -- Abstract -- 1 Introduction -- 2 Research Strategy -- 3 Approach to Cybersecurity Identification and Modelling -- 4 Trial of the Approach on an Industry Pilot on Future Digital Substations -- 4.1 Setting of the Case Study -- 4.2 Process Outline -- 4.3 Results from the Case Study -- 4.4 Experiences and Lessons Learned -- 5 Discussion -- 5.1 To What Degree Are the Requirements Fulfilled? -- 5.2 Threats to Validity and Reliability |
| Summary |
This book constitutes the revised selected papers from the 14th International Conference on Risks and Security of Internet and Systems, CRiSIS 2019, held in Hammamet, Tunisia, in October 2019. The 20 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 64 submissions. They cover diverse research themes that range from classic topics, such as risk analysis and management; access control and permission; secure embedded systems; network and cloud security; information security policy; data protection and machine learning for security; distributed detection system and blockchain |
| Bibliography |
Includes bibliographic references and author index |
| Notes |
Print version record |
| Subject |
Computer networks -- Security measures -- Congresses
|
|
Internet -- Security measures -- Congresses
|
|
Computer security -- Congresses
|
|
Computer networks -- Security measures
|
|
Computer security
|
|
Internet -- Security measures
|
| Genre/Form |
proceedings (reports)
|
|
Conference papers and proceedings
|
|
Conference papers and proceedings.
|
|
Actes de congrès.
|
| Form |
Electronic book
|
| Author |
Kallel, Slim, editor.
|
|
Cuppens, Frédéric, editor.
|
|
Cuppens-Boulahia, Nora, editor.
|
|
Hadj Kacem, Ahmed, editor
|
| ISBN |
9783030415686 |
|
3030415686 |
|
