| | |  | Manager's Guides to Computing | Home » » » Foundations of Security Analysis and Design III: FOSAD 2004/2005 Tutorial Lectures (Lecture Notes in Computer Science / Security and Cryptology) (v. 3) | | | | | | | Description: | | The increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of research groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. This book presents thoroughly revised versions of eight tutorial lectures given by leading researchers during two International Schools on Foundations of Security Analysis and Design, FOSAD 2004/2005, held in Bertinoro, Italy, in September 2004 and September 2005. The lectures are devoted to: Justifying a Dolev-Yao Model under Active Attacks, Model-based Security Engineering with UML, Physical Security and Side-Channel Attacks, Static Analysis of Authentication, Formal Methods for Smartcard Security, Privacy-Preserving Database Systems, Intrusion Detection, Security and Trust Requirements Engineering. | | | Product Details: | | | Paperback:
| 280 pages | | Publisher:
| Springer | | Publication Date:
| October 19, 2005 | | Language:
| English | | ISBN:
| 3540289550 | | Product Length:
| 9.26 inches | | Product Width:
| 6.6 inches | | Product Height:
| 0.67 inches | | Package Length:
| 9.2 inches | | Package Width:
| 6.1 inches | | Package Height:
| 0.7 inches | | Package Weight:
| 0.95 pounds | | Average Customer Rating:
|  based on 1 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 1 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
some useful chaptersJul 28, 2011
By W Boudville
The book has some useful chapters. One is on physical security of a device [like a smart card] and the so-called side channel attacks that might be made against it. The chapter gives a classification of the attacks, notably whether it is active exor passive, and whether it is invasive or non-invasive. Some of the attacks can be very difficult to undertake. The best example is an analysis of the electromagnetic radition coming from different parts of the device, where it is assumed that a protective covering has been peeled off. By looking at the EM waves, and perhaps by feeding carefully controlled input [an active attack], the attacker might be able to discern more information about where and what type of computations are done in different sections of the chip.
Another chapter gets into the maths of whether it is possible to have formal methods of testing smart card security. The aim is to be able to implement these in hardware or software, and so have a turnkey method of testing new smart cards.
And another chapter goes into some detail about Intrusion Detection Systems and Intrusion Prevention Systems. No magic bullet here. Many deployments are characterised by high false positive and false negative rates.
| | |
|
