Short Courses of the 10th Brazilian Symposium on Information and Computational Systems Security
Keywords:
Information Security, Computational Systems, SBSeg 2010 Short Courses, SBSeg 2010Synopsis
The Brazilian Symposium on Information and Computational Systems Security (SBSeg) is a scientific event promoted annually by the Brazilian Computer Society (SBC). SBSeg represents the country’s main forum for disseminating research results and relevant activities related to information and computational systems security. This book comprises the six chapters produced by the authors of the short courses selected for presentation at SBSeg 2010.
Chapter 1, "Gerenciamento de Identidades Federadas", analyzes the challenges and proposed solutions to provide federated identity management to collaborative networks.
Chapter 2, "Aspectos de segurança e privacidade em ambientes de Computação em Nuvem", explore the state of the art in security and privacy areas of cloud computing environments. Initially, the fundamental aspects of cloud computing will be presented. After a short review of the main concepts in security and privacy, this chapter presents a deeper analysis of the relevant risks and threats in cloud environments, as well as the most known approaches to deter them. The chapter also discusses some open problems and tentative solutions proposed in the litterature.
Chapter 3, "Transformações de código para proteção de software", presents software transformation techniques for protection of intellectual property and security of sensitive data against ‘Man-At-The-End’ attacks. Security is normally associated with the confidentiality of the communication channel based on cryptography. Security based on software protection is associated with code obfuscation, watermarking and tamper-proofing techniques. The goal of all these techniques is to maintain the security of the software code running at the end user, and its protection is extremely important to ensure that the running software is executing as its purpose.
Chapter 4, "Aspectos de Segurança na Interconexão de Redes Celulares e WLANs", explores security aspects, more precisely authentication and authorization, observed during a handover between WLANs and cellular networks, focusing on 2G and 3G.
Chapter 5, "Introdução à segurança de aplicações para a TV digital interativa brasileira", describes preliminary results obtained by CPqD during the security evaluation of interactive applications of the Brazilian interactive digital TV. This chapter evaluates the aspects of secure programming, secure execution environment, and security of receivers, when connected to an IP network. Further, several vulnerabilities found in the software technologies associated with the TVD receivers are shown. The vulnerabilities identified and documented in this text have parallel in known vulnerabilities found in other programming languages and traditional vulnerabilities catalogs.
Chapter 6, "Estratégias de Contingência para Serviços de Tecnologia da Informação e Comunicação", presents theoretical and practical aspects of business continuity management with focus to the preparation disaster recovery plans.
Chapters
-
1. Gerenciamento de Identidades Federadas
-
2. Aspectos de segurança e privacidade em ambientes de Computação em Nuvem
-
3. Transformações de código para proteção de software
-
4. Aspectos de Segurança na Interconexão de Redes Celulares e WLANs
-
5. Introdução à segurança de aplicações para a TV digital interativa brasileira
-
6. Estratégias de Contingência para Serviços de Tecnologia da Informação e Comunicação
Downloads
