| Contents |
SAFECode whitepaper: Fundamental practices of secure software development 2nd edition / Editor: Stacy Simpson -- Security management, CISO inside: -- In-house standardization of security measures: Necessity, benefits and real-world obstructions / Eberhard von Faber -- An effective approach for assessing the risk of acquired IT products / Eric Baize, Steve Lipner -- IT-security in railway signalling systems / Christian Schlehuber, Erik Tews, Stefan Katzenbeisser -- 13+ real ways to destroy business by breaking company's SAP applications / Alexander Polyakov. -- Trust services, eID and cloud security: -- Achieving the eIDAS vision through the mobile, social and cloud triad / Francisco Jordan, Helena Pujol, David Ruana -- Security versus usability -- User-friendly qualified signatures based on German ID cards / Gregor Bühler, Enrico Entschew, Marcel Selhorst -- Using the semantic web to generate trust indicators / Marc Sel. -- Cybersecurity, cybercrime, critical infrastructures: -- Hidden and uncontrolled -- On the emergence of network steganographic threats / Steffen Wendzel, Wojciech Mazurczyk, Luca Caviglione, Michael Meier -- Restricting excessive state-on-state cyber espionage under international law: A quest of futility? / Murdoch Watney -- Securing cloud: Elastic key management and homomorphic encryption / Alexander W. Koehler -- Secure communication and digital sovereignty in Europe / Norbert Pohlmann, Michael Sparenberg, Illya Siromaschenk, Kilian Kilden -- The need of European white knights for the TLS/SSL certificate system / Arno Fiedler, Christoph Thiel. -- BYOD and mobile security: -- Emerging technologies, disrupt or be disrupted / Steven Ackx -- Hardware intrinsic security to protect value in the mobile market / Vincent van der Leest, Roel Maes, Geert-Jan Schrijen, Pim Tuyls -- On cross-border mobile government systems / Milan Marković, Goran Dorđević. -- Privacy, data protection, human factors: -- Privacy for cloud storage / Anders Andersen, Trygve Hardersen, Norbert Schirmer -- Enforcing data privacy in the age of Google Glass / Christian Thiel, Christoph Thiel -- Internet of trucks and digital tachograph -- Security and privacy threats / Marc Sel, Dusko Karaklajic. -- Regulation & policies: -- Towards eIDAS as a service / Detlef Hühnlein -- What now? Data retention scenarios after the ECJ ruling / Alessandro Guarino -- From research results to strategy: A mapping exercise / Michele Bezzi, Frances Cleary, Luca Compagna. |
| Abstract |
This book presents the most interesting talks given as ISSE 2014 - the forum for the interdisciplinary discussion of how to adequately secure electronic business processes. The topics include: trust services, eID and cloud security ; BYOD and mobile security ; Cybersecurity, cybercrime, critical infrastructures ; Security management, CISO inside ; Privacy, data protection, human factors ; Regulations & policies. Adequate information security is one of the basic requirements of all electronic business processes. It is crucial for effective solutions that the possibilities offered by security technology can be integrated with the commercial requirements of the applications. The reader may expect state-of-the-art: best papers of the Conference ISSE 2014. ... Target groups: chief information security officers ; developers of electronic business processes ; IT managers ; IT security experts ; Researchers. -- back cover. |
