Minicursos do IX Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais
Palavras-chave:
Segurança da Informação, Sistemas Computacionais, Minicursos do SBSeg 2009, SBSeg 2009Sinopse
Na IX edição do Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg 2009) recebemos um número expressivo de 19 submissões de propostas de minicurso. A comissão de avaliação composta de 13 pesquisadores selecionou as 6 melhores propostas, as quais encontram-se publicadas como capítulos neste livro.
O Capítulo 1, “Introdução a Ataques por Canais Secundários”, aborda a problemática envolvida na proteção de recursos criptográficos sensíveis em dispositivos eletrônicos embarcados.
O Capítulo 2, “Modelos de Criptografia de Chave Pública Alternativos”, concentra os seus esforços na avaliação das dificuldades de uso de infraestrutura de chaves públicas e faz sugestões no sentido da utilização de alternativas para viabilizar a criptografia de chaves públicas em diferentes contextos.
O Capítulo 3, “Segurança em Redes Colaborativas: Desafios e Propostas de Soluções”, discute os desafios na definição de políticas, relações de confiança, autenticação, autorização e na manutenção de privacidade em ambientes colaborativos.
O Capítulo 4, “Segurança em Redes de Sensores sem fio”, faz um apanhado geral dos aspectos de segurança no ambiente de redes de sensores sem fio, dando ênfase a soluções de segurança para problemas relacionados a roteamento, localização e agregação de dados. O capítulo salienta as necessidades de criptografia para proteger um conteúdo em trânsito.
O Capítulo 5, “Técnicas de Visualização de Dados aplicadas à Segurança da Informação”, apresenta o uso de técnicas de visualização gráfica para auxiliar na inspeção de eventos de segurança, quando o número de ocorrências é elevado.
E finalmente, o Capítulo 6, “Vulnerabilidades em Aplicações Web e Mecanismos de Proteção”, estuda as vulnerabilidades mais comuns do ambiente web e propõe um conjunto de medidas de prevenção para mitigar as mesmas.
Capítulos
-
1. Introdução a Ataques por Canais Secundários
-
2. Modelos de Criptografia de Chave Pública Alternativos
-
3. Segurança em Redes Colaborativas: Desafios e Propostas de Soluções
-
4. Segurança em Redes de Sensores Sem Fio
-
5. Técnicas de Visualização de Dados aplicadas à Segurança da Informação
-
6. Vulnerabilidades em Aplicações Web e Mecanismos de Proteção
Downloads
Referências
A. Bogdanov, L.R. Knudsen, G. Leander, C. Paar, A. Poschmann, M.J.B. Robshaw, Y. Seurin, and C. Vikkelsoe. PRESENT: An ultra-lightweight block cipher. In Cryptographic Hardware and Embedded Systems – CHES’2007, Lecture Notes in Computer Science, Heidelberg, Germany, 2007. Springer.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, Boca Raton, USA, 1999.
Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., e Shi, H. (2008). Searchable encryption revisited: Consistency properties, relation to anonymous ibe, and extensions. J. Cryptol., 21(3):350–391.
Abdalla, M., Catalano, D., Dent, A., Malone-Lee, J., e Smart, N. (2006). Identity-based encryption gone wild. In Automata, Languages and Programming: 33rd International Colloquium, ICALP 2006, pages 300–311. Springer-Verlag LNCS 4052.
Aciiçmez, O., Koç, c. K., and Seifert, J.-P. (2007). On the power of simple branch prediction analysis. In ASIACCS ’07: Proceedings of the 2nd ACM symposium on Information, computer and communications security, pages 312–320, New York, NY, USA. ACM.
Adam Dunkels, Björn Grönvall, and Thiemo Voigt. Contiki - a lightweight and flexible operating system for tiny networked sensors. In Proc. of the First IEEE Workshop on Embedded Networked Sensors (Emnets-I), November 2004.
Adrian Perrig, John Stankovic, and David Wagner. Security in wireless sensor networks. Commun. ACM, 47(6):53–57, 2004.
Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J. D. Tygar. SPINS: security protocols for sensor netowrks. In Proc. of the 7th Annual International Conference on Mobile Computing and Networking, pages 189–199. ACM Press, 2001.
Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, and J. D. Tygar. SPINS: security protocols for sensor netowrks. In Proceedings of the seventh annual international conference on Mobile computing and networking, pages 189–199. ACM Press, 2001.
Agrawal, D., Archambeault, B., Rao, J. R., and Rohatgi, P. (2003). The em sidechannel(s). In CHES ’02: Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, pages 29–45, London, UK. Springer-Verlag.
Akhter, S. and Roberts, J. (2006). Multi-core programming : increasing performance through software multi-threading. Intel Press.
Al-Riyami, S. S. (2005). Cryptographic Schemes based on Elliptic Curve Pairings. Tese de doutorado, Department of Mathematics, Royal Holloway, University of London.
Al-Riyami, S. S. e Paterson, K. G. (2003). Certificateless public key cryptography. In ASIACRYPT 2003, volume 2894 of Lecture Notes in Computer Science. Springer. Cryptology ePrint Archive, Report 2003/126, http://eprint.iacr.org/.
Al-Riyami, S. S. e Paterson, K. G. (2005). Cbe from cl-pke: A generic construction and efficient schemes. In Public Key Cryptography - PKC 2005, volume 3386 of Lecture Notes in Computer Science, pages 398–415, Les Diablerets, Switzerland. Springer.
Alan Mainwaring, Joseph Polastre, Robert Szewczyk, David Culler, and John Anderson. Wireless sensor networks for habitat monitoring. In First ACM Workshop on Wireless Sensor Networks and Applications, Atlanta, GA, September 2002.
Alberto Cerpa and Deborah Estrin. Ascent: Adaptive self-configuring sensor networks topologies. In Proceedings of the Twenty First International Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2002), New York, NY, USA, June 2002.
Alessandro Micarelli and Giuseppe Sansonetti. A Case-Based Approach to Anomaly Intrusion Detection. In Petra Perner, editor, Machine Learning and Data Mining in Pattern Recognition – 5th International Conference, MLDM 2007, Leipzig, Germany, July 18-20, 2007, Proceedings (LNCS 4571), pages 434–448, 2007.
Alexander Heitzmann, Bernardo Palazzi, Charalampos Papamanthou, and Roberto Tamassia. Effective Visualization of File System Access-Control. In John R. Goodall, Gregory Conti, and Kwan-Liu Ma, editors, Visualization for Computer Security – 5th International Workshop, VizSec 2008, Cambridge, MA, USA, September 15, 2008, Proceedings (LNCS 5210), pages 18–25, 2008.
Alfred Inselberg. Parallel Coordinates – Visual Multidimensional Geometry and Its Applications . Springer, 2009.
Alfred Inselberg. The plane with parallel coordinates. The Visual Computer, 1(2):69–91, 1985.
André Ricardo Abed Grégio. Aplicação de Técnicas de Data Mining para a Análise de Logs de Tráfego TCP/IP. Dissertação de Mestrado em Computação Aplicada do Instituto Nacional de Pesquisas Espaciais, 2007. Publicada e disponível na biblioteca do INPE.
Andreas Lachenmann, Pedro José Marrón, Daniel Minder, and Kurt Rothermel. Meeting lifetime goals with energy levels. In SenSys ’07: Proceedings of the 5th international conference on Embedded networked sensor systems, pages 131–144, New York, NY, USA, 2007. ACM.
Anley, C., Heasman, J., Linder, F. F., and Richarte, G. (2007). The Shellcoder's Handbook: Discovering and Exploiting Security Holes. Wiley Publishing, Inc.
Appenzeller, G. e Lynn, B. (2002). Minimal-overhead ip security using identity-based encryption. Disponível em: http://rooster.stanford.edu/~ben/pubs/ipibe.pdf.
Armbrust, M., Fox, A., Grif?th, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., e Zaharia, M. (2009). Above the clouds: A berkeley view of cloud computing. Technical report, University of California at Berkeley.
Asokan, N., Kostiainen, K., Ginzboorg, P., Ott, J., e Luo, C. (2007). Applicability of identity-based cryptography for disruption-tolerant networking. In MobiOpp ’07: Proceedings of the 1st international MobiSys workshop on Mobile opportunistic networking, pages 52–56, New York, NY, USA. ACM.
Asokan, N., Shoup, V., e Waidner, M. (2000). Optimistic fair exchange of digital signature. IEEE Journal of Selected Areas in Communication, 18(4).
Au, M. H., Liu, J. K., Susilo, W., e Yuen, T. H. (2007a). Certificate based (linkable) ring signature. In ISPEC, volume 4464 of Lecture Notes in Computer Science, pages 79–92. Springer.
Au, M. H., Mu, Y., Chen, J., Wong, D. S., Liu, J. K., e Yang, G. (2007b). Malicious kgc attacks in certificateless cryptography. In ASIACCS ’07: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pages 302–311, New York, NY, USA. ACM.
B. Doyle, S. Bell, A. Smeaton, K. McCusker, and N. O’Connor. Security considerations and key negotiation techniques for power constrained sensor networks. The Computer Journal, 49(4):443–453, 2006.
B. Panja, S. Madria, and B. Bhargava. Energy-efficient group key management protocols for hierarchical sensor networks. Int. J. Distrib. Sen. Netw., 3(2):201–223, 2007.
Baek, J., Newmarch, J., Safavi-Naini, R., e Susilo, W. (2004). A survey of identity-based cryptography. AUUG 2004. Disponível em: http://jan.netcomp.monash.edu.au/publications/.
Baek, J., Safavi-Naini, R., e Susilo, W. (2005). Certificateless public key encryption without pairing. In ISC, volume 3650 of Lecture Notes in Computer Science, pages 134–148, Singapore. Springer.
Barker, E., Barker, W., Burr, W., Polk, W., and Smid, M. (2007a). Recommendation for key management - part 1: General (revised). NIST Special Publication 800-57, NIST.
Barker, E., Barker, W., Burr, W., Polk, W., and Smid, M. (2007b). Recommendation for key management - part 2: Best practices for key management organization. NIST Special Publication 800-57, NIST.
Barreto, P. S. L. M., Deusajute, A. M., de Souza Cruz, E., Pereira, G. C. F., e da Silva, R. R. (2008). Toward efficient certificateless signcryption from (and without) bilinear pairings. In SBSeg 2008.
Bartel, M., Boyer, J., e Fox, B. (2002). XML-Signature Syntax and Processing. W3C. http://www.w3.org/TR/xmldsig-core.
Ben Fry. Visualizing Data. O’Reilly, 2007.
Ben Shneiderman. Tree Visualization with Tree-maps: A 2-D Space-Filling Approach. ACM Transactions on Graphics, 11:92–99, 1991.
Benício Pereira de Carvalho Filho. Detecção de Intrusão em Redes de Alta Velocidade. Dissertação de Mestrado em Computação Aplicada do Instituto Nacional de Pesquisas Espaciais, 2005. Publicada e disponível na biblioteca do INPE.
Benjie Chen, Kyle Jamieson, Hari Balakrishnan, and Robert Morris. Span: an energy-efficient coordination algorithm for topology maintenance in ad hoc wireless networks. Wireless Networks, 8(5):481–494, 2002.
Blaze, M., Feigenbaum, J., e Lacy, J. (1996). Decentralized trust management. In IEEE Symposium on Security and Privacy, page 164, Washington, DC, USA. IEEE Computer Society.
Blömer, J., Otto, M., and Seifert, J.-P. (2004). Sign change fault attacks on elliptic curve cryptosystems. In Fault Diagnosis and Tolerance in Cryptography 2006 (FDTC 06), volume 4236 of Lecture Notes in Computer Science, pages 36–52. Prentice Hall.
Böger, D., Fraga, J., Mafra, P., e Wangham, M. S. (2009). A model to verify quality of protection policies in composite web services. In Services, IEEE Congress on, volume 1, pages 629–636, Los Alamitos, CA, USA. IEEE Computer Society.
Boldyreva, A., Fischlin, M., Palacio, A., e Warinschi, B. (2007). A closer look at pki: Security and efficiency. In PKC 2007, volume 4450 of Lecture Notes in Computer Science, pages 458–475. Springer.
Boldyreva, A., Goyal, V., e Kumar, V. (2008). Identity-based encryption with efficient revocation. In CCS ’08: Proceedings of the 15th ACM conference on Computer and communications security, pages 417–426, New York, NY, USA. ACM.
Boneh, D. e Boyen, X. (2004). Efficient selective-ID secure identity based encryption without random oracles. In Advances in Cryptology— EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, pages 223– 238. Berlin: Springer-Verlag. Disponível em: http://www.cs.stanford.edu/~xb/eurocrypt04b/.
Boneh, D. e Franklin, M. K. (2001). Identity-based encryption from the weil pairing. In CRYPTO ’01: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, pages 213–229, London, UK. Springer-Verlag.
Boneh, D., Demillo, R. A., and Lipton, R. J. (2001a). On the importance of eliminating errors in cryptographic computations. Journal of Cryptology, 14:101–119.
Boneh, D., Demillo, R. A., and Lipton, R. J. (2001b). On the importance of eliminating errors in cryptographic computations. Journal of Cryptology, 14:101–119.
Boneh, D., Gentry, C., e Hamburg, M. (2007). Space-efficient identity based encryptionwithout pairings. In FOCS ’07: Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science, pages 647–657, Washington, DC, USA. IEEE Computer Society.
Boneh, D., Gentry, C., Lynn, B., e Shacham, H. (2003). Aggregate and verifiably encrypted signatures from bilinear maps. In EUROCRYPT, pages 416–432.
Booth, D. e Liu, C. K. (2007). Web Services Description Language (WSDL) Version 2.0 Part 0: Primer. W3C.
Brown, D. R. L., Gallant, R. P., e Vanstone, S. A. (2002). Provably secure implicit certificate schemes. In FC ’01: Proceedings of the 5th International Conference on Financial Cryptography, pages 156–165, London, UK. Springer-Verlag.
Brumley, D. and Boneh, D. (2003). Remote timing attacks are practical. In SSYM’03: Proceedings of the 12th conference on USENIX Security Symposium, pages 1–1, Berkeley, CA, USA. USENIX Association.
Buchegger, S. e Boudec, J.-Y. L. (2003). A robust reputation system for mobile ad-hoc networks. Technical Report IC/2003/50, EPFL IC.
Buyya, R., Yeo, C. S., e Venugopal, S. (2008). Market-oriented cloud computing: Vision, hype, and reality for delivering it services as computing utilities. In HPCC ’08: Proceedings of the 2008 10th IEEE International Conference on High Performance Computing and Communications, pages 5–13. IEEE Computer Society.
C. DeCannière. Trivium: a stream cipher construction inspired by block cipher design principles. Information Security, 4176:36–55, 2006.
C. Intanagonwiwat, R. Govindan, and D. Estrin. Directed diffusion: a scalable and robust communication paradigm for sensor networks. In Sixth Annual International Conference on Mobile Computing and Networking, (MobiCom 2000), pages 56–67. ACM, August 2000.
C. Karlof, N. Sastry, and D.Wagner. TinySec: a link layer security architecture for wireless sensor networks. In 2nd International Conference on Embedded Networked Sensor Systems – SenSys’2004, pages 162–175, Baltimore, USA, 2004. ACM.
C. Strydis, D. Zhu, and G. Gaydadjiev. Profiling of symmetric-encryption algorithms for a novel biomedical-implant architecture. In CF’08: Proc. of the 5th conference on Computing frontiers, pages 231–240, New York, NY, USA, 2008. ACM.
C.H. Lim and T. Korkishko. mCrypton – a lightweight block cipher for security of low-cost RFID tags and sensors. In WISA, pages 243–258, 2005.
C.M. Cordeiro and D.P. Agrawal. Ad Hoc & Sensor Networks: Theory And Applications. World Scientific Publishing Co., Inc., River Edge, NJ, USA, 2006.
Camargo, E., da Silva Fraga, J., Wangham, M. S., e de Mello, E. R. (2007). Autenticação e autorização em arquiteturas orientadas a serviço através de identidades federadas. In Simpósio Brasileiro de Redes de Computadores e Sistemas DIstribuídos, pages 75–88.
Camarinha-Matos, L. M. (2005). ICT Infrastructures for VO, chapter Virtual organisations: Systems and practices, pages 83–104. Springer.
Camarinha-Matos, L. M. e Afsarmanesh, H. (2005). Collaborative networks: A new scientific discipline. Journal of Intelligent Manufacturing, 16:439–452.
Camarinha-Matos, L. M., Afsarmanesh, H., e Ollus, M. (2008). Methods and Tools for Collaborative Networked Organizations, chapter Ecolead And Cno Base Concepts, pages 3–32. Springer.
Cancian, M. H. (2009). Uma proposta de guia de referência para provedores de software como um serviço. Master’s thesis, Universidade Federal de Santa Catarina.
Canovas, O., Lopez, G., e Gomez-Skarmeta, A. F. (2004). A credential conversion service for saml-based scenarios. In In Proceedings of 1st European PKI Workshop, pages 297–305.
Capkun, S., Buttyan, L., e Hubaux, J.-P. (2002). Small worlds in security systems: an analysis of the PGP certificate graph. In New Security Paradigms Workshop, pages 28–35.
Carminati, B., Ferrari, E., e Hung, P. C. K. (2005). Web service composition: A security perspective. In WIRI, pages 248–253.
Carmody, S. (2001). Shibboleth Overview and Requirements. Shibboleth Working Group.
Cattaneo, G., Faruolo, P., e Petrillo, U. F. (2004). Providing privacy for web services by anonymous group identification. In International Conference on Web Services (ICWS’04). IEEE.
Charfi, A. e Mezini, M. (2005). Using aspects for security engineering of web service compositions. In Proceedings of the 2005 IEEE International Conference on Web Services, Volume I, pages 59–66.
Chatterjee, S. e Sarkar, P. (2007). Constant size ciphertext hibe in the augmented selective-id model and its extensions. J. UCS, 13(10):1367–1395.
Cheng, Z., Chen, L., Ling, L., e Comley, R. (2007). General and efficient certificateless public key encryption constructions. In Pairing, volume 4575 of Lecture Notes in Computer Science, pages 83–107. Springer.
Chow, S. (2009). Removing escrow from identity-based encryption - new security notions and key managment techiniques. In Public Key Cryptography - PKC 2009, volume 5443 of Lecture Notes in Computer Science, pages 256–276. Springer.
Chow, S. S. M., Boyd, C., e Nieto, J. M. G. (2006). Security-mediated certificateless cryptography. In Public Key Cryptography PKC 2006, volume 3958 of Lecture Notes in Computer Science, pages 508–524, New York, NY, USA. Springer.
Chris Karlof and David Wagner. Secure routing in wireless sensor networks: Attacks and countermeasures. In First IEEE International Workshop on Sensor Network Protocols and Applications, pages 113–127, 2002.
Chris Karlof, Naveen Sastry, and David Wagner. Tinysec: A link layer security architecture for wireless sensor networks. In Second ACM Conference on Embedded Networked Sensor Systems (SenSys 2004), November 2004.
Ciet, M. and Joye, M. (2005). Elliptic curve cryptosystems in the presence of permanent and transient faults. Des. Codes Cryptography, 36(1):33–43.
Cintia Borges Margi, Xiaoye Lu, Gefan Zhang, Ganymed Stanek, Roberto Manduchi, and Katia Obraczka. A power-aware, self-managing wireless camera network for, wide area monitoring. In First Workshop on Distributed Smart Cameras (DSC 2006), Boulder, Colorado, USA, October 2006.
Claude Castelluccia, Aldar C-F. Chan, Einar Mykletun, and Gene Tsudik. Efficient and provably secure aggregation of encrypted data in wireless sensor networks. ACM Trans. Sen. Netw., 5(3):1–36, 2009.
Clement, L., Hately, A., von Riegen, C., e Rogers, T. (2004). UDDI Version 3.0.2. OASIS.
Cocks, C. (2001). An identity based encryption scheme based on quadratic residues. In Proceedings of the 8th IMA International Conference on Cryptography and Coding, pages 360–363, London, UK. Springer-Verlag.
Crampton, J., Lim, H. W., e Paterson, K. G. (2007). What can identity-based cryptography offer to web services? In SWS ’07: Proceedings of the 2007 ACM workshop on Secure web services, pages 26–36, New York, NY, USA. ACM.
Crossbow. Micaz datasheet. [link], 2008.
Crossbow. MICAz datasheet. [link], 2008.
Crossbow. Telosb datasheet. [link], 2008.
Crossbow. TelosB datasheet. [link], 2008.
D. Aranha, L. Oliveira, J. López, and R. Dahab. NanoPBC: Implementing cryptographic pairings on an 8-bit platform. In Conference on Hyperelliptic curves, discrete Logarithms, Encryption, etc. – CHiLE’09, 2009.
D. Boyle and T. Newe. Security protocols for use with wireless sensor networks: A survey of security architectures. In ICWMC ’07: Proceedings of the Third International Conference on Wireless and Mobile Communications, page 54, Washington, DC, USA, 2007. IEEE Computer Society.
D. Carman, P. Kruus, and B. Matt. Constraints and approaches for distributed sensor network security. Technical Report 00-010, NAI Labs, September 2000.
D. Hankerson, A. Menezes, and S. Vanstone. Guide to Elliptic Curve Cryptography. Springer-Verlag New York, Inc., Secaucus, NJ, USA, 2003.
D. Hong, J. Sung, S. Hong, J. Lim, S. Lee, B. Koo, C. Lee, D. Chang, J. Lee, K. Jeong, H. Kim, J. Kim, and S. Chee. HIGHT: A new block cipher suitable for low-resource device. In CHES, pages 46–59, 2006.
D. Liu and P. Ning. Establishing pairwise keys in distributed sensor networks. In CCS’03: Proceedings of the 10th ACM conference on Computer and communications security, pages 52–61, New York, NY, USA, 2003. ACM.
Daemen, J. and Rijmen, V. (2002). The Design of Rijndael. Springer-Verlag New York, Inc., Secaucus, NJ, USA.
Damiani, E., De Capitani di Vimercati, S., Fugazza, C., e Samarati, P. (2004). Extending policy languages to the semantic web. Lecture notes in computer science, pages 330–343.
Damiani, E., di Vimercati, S. D. C., e Samarati, P. (2003). Managing multiple and dependable identities. In IEEE Internet Computing, pages 29–37. IEEE.
Daniel A. Keim and Hans-Peter Kriegel. Using Visualization to Support Data Mining of Large Existing Databases. In John P. Lee and Georges G. Grinstein, editors, Database Issues for Data Visualization – IEEE Visualization ’93 Workshop, San Jose, California, USA, October 26, 1993, Proceedings (LNCS 0871), pages 1–17, 1994.
Daniel Bilar. On callgraphs and generative mechanisms. Journal of Computer Virology, 3(4):163–186, 2007.
Daniel Keim. Visual Data Mining. Tutorial, 23rd International Conference on Very Large Data Bases (VLDB ’97), 1997. Visitado em Agosto de 2009.
Daniel Shiffman. Learning Processing – A Beginner’s Guide to Programming Images, Animation, and Interaction. Morgan Kaufmann, 2008.
David Culler, Deborah Estrin, and Mani Srivastava. Overview of sensor networks. Computer Magazine, 37(8):41–49, 2004.
de Mello, E. R. (2009). Um modelo para confiança dinâmica em ambientes orientados a serviços. PhD thesis, Universidade Federal de Santa Catarina.
de Mello, E. R., da Silva Fraga, J., e Wangham, M. S. (2009a). Um modelo de confiança para composição de serviços web. In Simpósio Brasileiro de Redes de Computadores, Recife, PE. Sociedade Brasileira de Computação.
de Mello, E. R., Wangham, M. S., da Silva Fraga, J., e Camargo, E. (2006). Segurança em Serviços Web, chapter 1, pages 1–48. Minicursos do SBSeg 2006. Sociedade Brasileira de Computação.
de Mello, E. R., Wangham, M. S., da Silva Fraga, J., e Rabelo, R. J. (2005). A secure model to establish trust relationships in web services for virtual organizations. In Camarinha-Matos, L. M., Afsarmanesh, H., e Ortiz, A., editors, Collaborative Networks in Their Breeding Environment, pages 183–190. Springer.
de Mello, E. R.,Wangham, M. S., da Silva Fraga, J., Camargo, E., e da Silva Böger, D. (2009b). Model for authentication credentials translation in service oriented architecture. Transactions on Computational Sciences Journal, 5430:68–86.
Demchenko, Y., Gommans, L., e de Laat an Bas Oudenaarde, C. (2005). Web services and grid security vulnerabilities and threats analysis and model. In SC’05: Proc. The 6th IEEE/ACM International Workshop on Grid Computing CD, pages 262–267, Seattle, Washington, USA. IEEE/ACM.
Denis, T. S. (2006). BigNum Math: Implementing Cryptographic Multiple Precision Arithmetic. Syngress Publishing.
Dent, A. W. (2008). A survey of certificateless encryption schemes and security models. Int. J. Inf. Secur., 7(5):349–377. Cryptology ePrint Archive, Report 2006/211, http://eprint.iacr.org/.
Dent, A. W., Libert, B., e Paterson, K. G. (2008). Certificateless encryption schemes strongly secure in the standard model. In Public Key Cryptography - PKC 2008, volume 4939 of Lecture Notes in Computer Science, pages 344–359, Berlin/ Heidelberg. Springer. Também disponível em Cryptology ePrint Archive, Report 2007/121.
Diffie, P. e Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654.
Diffie, W. and Hellman, M. (1976). New directions in cryptography. IEEE Transactions on information Theory.
Dodis, Y. e Katz, J. (2005). Chosen-ciphertext security of multiple encryption. In TCC, volume 3378 of Lecture Notes in Computer Science, pages 188–209. Springer.
Dowd, M., McDonald, J., and Schuh, J. (2006). The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities. Addison-Wesley Professional.
E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. In Crypto’90: Proc. of the 10th Annual International Cryptology Conference on Advances in Cryptology, pages 2–21, London, UK, 1991. Springer-Verlag.
E. Biham, A. Biryukov, and A. Shamir. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In Advances in Cryptology – Eurocrypt’99, volume 1592 of Lecture Notes in Computer Science, pages 55–64. Springer, 1999.
E. Biham, R. Anderson, and L. Knudsen. Serpent: A new block cipher proposal. In FSE, pages 222–238, 1998.
Edgar H. Callaway. Wireless Sensor Networks: Architectures and Protocols. CRC Press, Inc., Boca Raton, FL, USA, 2003.
Edward R. Tufte. The Visual Display of Quantitative Information. Graphic Press, 2nd edition, 2001.
El Gamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. In Proceedings of CRYPTO 84 on Advances in cryptology, pages 10–18, New York, NY, USA. Springer-Verlag New York, Inc.
Encyclopedia of Wireless and Mobile Communications, chapter A Survey on Secure Localization in Wireless Sensor Networks. CRC Press, Taylor and Francis Group, 2007.
Erl, T. (2006). Service-Oriented Architecture, Concepts, Technology, and Design. Prentice Hall.
F.X. Standaert, G. Piret, N. Gershenfeld, and J.J. Quisquater. SEA: A scalable encryption algorithm for small embedded applications. In Proc. of Smart Card Research and Applications (CARDIS’06), LNCS, pages 222–236. Springer-Verlag, 2006.
Fabian Fischer, Florian Mansmann, Daniel A. Keim, Stephan Pietzko, and Marcel Waldvogel. Large-Scale Network Monitoring for Visual Analysis of Attacks. In John R. Goodall, Gregory Conti, and Kwan-Liu Ma, editors, Visualization for Computer Security – 5th International Workshop, VizSec 2008, Cambridge, MA, USA, September 15, 2008, Proceedings (LNCS 5210), pages 111–118, 2008.
Fan, X., Gong, G., e Jao, D. (2008). Speeding up pairing computations on genus 2 hyperelliptic curves with efficiently computable automorphisms. In Pairing ’08: Proceedings of the 2nd international conference on Pairing-Based Cryptography, pages 243–264, Berlin, Heidelberg. Springer-Verlag.
Fei Hu and Neeraj K. Sharma. Security considerations in wireless sensor networks. Ad Hoc Networks, 3(1):69–89, Jan. 2005.
Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., and Berners-Lee, T. (1999). RFC 2616: Hypertext Transfer Protocol - HTTP/1.1.
Fogie, S., Grossman, J., Hansen, R. R., Rager, A., and Petkov, P. D. (2007). XSS Attacks: Cross Site Scripting Exploits and Defense. Syngress.
Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., and Stewart, L. (1999). RFC 2617: HTTP Authentication: Basic and Digest Access Authentication.
Fujisaki, E. e Okamoto, T. (1999). Secure integration of asymmetric and symmetric encryption schemes. In CRYPTO ’99: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, pages 537–554, London, UK. Springer-Verlag.
G. Bauer, P. Potisk, and S. Tillich. Comparing block cipher modes of operation on MICAz sensor nodes. In PDP’09: Proc. of the 2009 17th Euromicro International Conference on Parallel, Distributed and Network-based Processing, pages 371–378, Washington, DC, USA, 2009. IEEE Computer Society.
G. Contreras, M. Martonosi, J. Peng, G-Y. Lueh, and R. Ju. The XTREM power and performance simulator for the Intel XScale core: Design and experiences. ACM Trans. Embed. Comput. Syst., 6(1):4, 2007.
Galindo, D., Morillo, P., e Ràfols, C. (2008). Improved certificatebased encryption in the standard model. J. Syst. Softw., 81(7):1218–1226.
Gambetta, D. (1988). Trust: Making and Breaking Cooperative Relations. Basil Blackwell.
Gebotys, C. H. and White, B. A. (2006). Methodology for attack on a java-based pda. In CODES+ISSS ’06: Proceedings of the 4th international conference on Hardware/software codesign and system synthesis, pages 94–99, New York, NY, USA. ACM.
Gebotys, C. H. and White, B. A. (2008). Em analysis of a wireless java-based pda. ACM Trans. Embed. Comput. Syst., 7(4):1–28.
Gentry, C. (2003). Certificate-based encryption and the certificate revocation problem. Cryptology ePrint Archive, Report 2003/183.
Gentry, C. e Silverberg, A. (2002). Hierarchical id-based cryptography. In ASIACRYPT ’02: Proceedings of the 8th International Conference on IX Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais 93 the Theory and Application of Cryptology and Information Security, pages 548–566, London, UK. Springer-Verlag.
Gilman Tolle, Joseph Polastre, Robert Szewczyk, Neil Turner, Kevin Tu, Phil Buonadonna, Stephen Burgess, David Gay,Wei Hong, Todd Dawson, and David Culler. A macroscope in the redwoods. In Third ACM Conference on Embedded Networked Sensor Systems (SenSys), 2005.
Girault, M. (1991). Self-certified public keys. In EuroCrypt91, pages 490–497, Brighton, UK. Springer. LCNS vol.547.
Godfrey, P. B., Shenker, S., e Stoica, I. (2006). Minimizing churn in distributed systems. In Proceedings of ACM SIGCOMM, pages 147–158, Pisa, Italy.
Gong, L. and Ellison, G. (2003). Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation. Pearson Education.
Goya, D. H. (2006). Proposta de esquemas de criptografia e de assinatura sob modelo de criptografia de chave pública sem certificado. Dissertação de mestrado, Instituto de Matemática e Estatística, Universidade de São Paulo. Disponível em http://www.teses.usp.br/teses/disponiveis/45/45134/tde-28072006-142410/.
Gray, E., Seigneur, J.-M., Chen, Y., e Jensen, C. D. (2003). Trust propagation in small worlds. In First International Conference on Trust Management, pages 239–254.
Gregory Conti, Erik Dean, Matthew Sinda, and Benjamin Sangster. Visual Reverse Engineering of Binary and Data Files. In John R. Goodall, Gregory Conti, and Kwan-Liu Ma, editors, Visualization for Computer Security – 5th International Workshop, VizSec 2008, Cambridge, MA, USA, September 15, 2008, Proceedings (LNCS 5210), pages 1–17, 2008.
Günther, C. G. (1989). An identity-based key-exchange protocol. In EUROCRYPT, volume 434 of Lecture Notes in Computer Science, pages 29–37. Springer.
H. Chan, A. Perrig, and D. Song. Random key predistribution schemes for sensor networks. In SP’03: Proc. of the 2003 IEEE Symposium on Security and Privacy, page 197, Washington, DC, USA, 2003. IEEE Computer Society.
Hani Alzaid, Ernest Foo, and Juan Manuel Gonzalez Nieto. Secure data aggregation in wireless sensor network: a survey. In Sixth Australasian Information Security Conference (AISC2008), volume 81 of CRPIT, page 93-105, 2008.
Hankerson, D., Menezes, A. J., and Vanstone, S. (2003). Guide to Elliptic Curve Cryptography. Springer-Verlag New York, Inc., Secaucus, NJ, USA.
Hayes, B. (2008). Cloud computing. Communications of the ACM, 51(7):9–11.
Hennessy, J. L. and Patterson, D. A. (2002). Computer Architecture: A Quantitative Approach (The Morgan Kaufmann Series in Computer Architecture and Design). Morgan Kaufmann.
Hess, F. (2003). Efficient identity based signature schemes based on pairings. In SAC ’02: Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography, pages 310–324, London, UK. Springer-Verlag.
Hoffman, B. and Sullivan, B. (2007). Ajax Security. Addison-Wesley Professional, 1st edition.
Howard, M., LeBlanc, D., and Viega, J. (2005). 19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them. McGraw-Hill Osborne Media.
Hu, B. C., Wong, D. S., Zhang, Z., e Deng, X. (2006). Key replacement attack against a generic construction of certificateless signature. In Information Security and Privacy, 11th Australasian Conference, ACISP 2006, volume 4058 of Lecture Notes in Computer Science, pages 235–246. Springer.
Hu, B., Wong, D., Zhang, Z., e Deng, X. (2007). Certificateless signature: a new security model and an improved generic construction. Designs, Codes and Cryptography, 42(2):109–126.
Hung, P. C. K., Ferrari, E., e Carminati, B. (2004). Towards standardized web services privacy technologies. In International Conference on Web Services (ICWS’04). IEEE.
Hwang, Y. H., Liu, J. K., e Chow, S. S. (2008). Certificateless public key encryption secure against malicious kgc attacks in the standard model. Journal of Universal Computer Science, 14(3):463–480.
IEEE Standard. IEEE 802.15.4: Wireless medium access control (MAC) and physical layer (PHY) specifications for low-rate wireless personal area networks (WPANs), 2006.
Ifrah Farrukh Khan and Muhammad Younas Javed. A survey on routing protocols and challenge of holes in wireless sensor networks. Advanced Computer Theory and Engineering, International Conference on, 0:161–165, 2008.
Ignacio Solis and Katia Obraczka. The impact of timing in data aggregation for sensor networks. In The 2004 International Conference on Communications (ICC 2004), June 2004.
Imamura, T., Dillaway, B., e Simon, E. (2002). XML Encryption Syntax and Processing. W3C. http://www.w3.org/TR/xmlenc-core.
Intel Corp. Intel XScale Core: Developer’s Manual, 2000. Order No. 273473-001.
Ioannis Krontiris, Zinaida Benenson, Thanassis Giannetsos, Felix C. Freiling, and Tassos Dimitriou. Cooperative intrusion detection in wireless sensor networks. In EWSN, pages 263–278, 2009.
Iosif-Viorel Onut, Bin Zhu, and Ali A. Ghorbani. SVision: A Network Host-Centered Anomaly Visualization Technique. In Jianying Zhou, Javier Lopez, Robert H. Deng, and Feng Bao, editors, Information Security – 8th International Conference, ISC 2005, Singapore, September 20-23, 2005, Proceedings (LNCS 3650), pages 16–28, 2005.
J. Beddow. Shape Coding of Multidimensional Data on a Mircocomputer Display. In Visualization ’90. Proceedings of the First IEEE Conference on Visualization, pages 238–246, 1990.
J. Black and P. Rogaway. A block-cipher mode of operation for parallelizable message authentication. In Advances in Cryptology - EUROCRYPT’02. Lecture Notes in Computer Science, pages 384–397. Springer-Verlag, 2002.
J. Black. Authenticated encryption, 2004. http://www.cs.colorado.edu/~jrblack/papers/ae.pdf.
J. Daemen and V. Rijmen. A newMAC construction ALRED and a specific instance ALPHA-MAC. In FSE, pages 1–17, 2005.
J. Daemen and V. Rijmen. The Design of Rijndael: AES – The Advanced Encryption Standard. Springer, Heidelberg, Germany, 2002.
J. Daemen and V. Rijmen. The wide trail design strategy. Lecture Notes in Computer Science, 2260:222–239, 2001. http://link.springer-ny.com/link/service/series/0558/papers/2260/22600222.pdf.
J. Daemen, L. R. Knudsen, and V. Rijmen. The block cipher SQUARE. In Fast Software Encryption – FSE’97, volume 1267 of Lecture Notes in Computer Science, pages 149–165, Haifa, Israel, 1997. Springer.
J. Großschädl, S. Tillich, C. Rechberger, M. Hofmann, and M. Medwed. Energy evaluation of software implementations of block ciphers under memory constraints. In DATE’07: Proc. of the conference on Design, automation and test in Europe, pages 1110–1115, San Jose, CA, USA, 2007. EDA Consortium.
J. Kulik, W.R. Heinzelman, and H. Balakrishnan. Negotiation-based protocols for dissemination information in wireless sensor networks. In Submited to ACM Wireless Networks, 2001.
Jain, R. (1991). The art of computer systems performance analysis. Wiley.
Jason Hill, Robert Szewczyk, Alec Woo, Seth Hollar, David Culler, and Kristofer Pister. System architecture directions for networked sensors. SIGPLAN Not., 35(11):93–104, 2000.
Jean-Pierre, O. A., pierre Seifert, J., and Çetin Kaya Koç (2006). Predicting secret keys via branch prediction. In in Cryptology – CT-RSA 2007, The Cryptographers’ Track at the RSA Conference 2007, pages 225–242. Springer-Verlag.
Johann Van Der Merwe, Dawoud Dawoud, and Stephen McDonald. A survey on peer-to-peer key management for mobile ad hoc networks. ACM Comput. Surv., 39(1):1, 2007.
Jones, M. e Pickles, S. (2007). Shebangs final report. Technical report, University of Manchester.
Jøsang, A. e Pope, S. (2005). User centric identity management. In Asia Pacific Information Technology Security Conference (AusCERT’05).
Jøsang, A., Fabre, J., Hay, B., Dalziel, J., e Pope, S. (2005). Trust requirements in identity management. In Australasian workshop on Grid computing and e-research (CRPIT’44), pages 99–108, Darlinghurst, Australia. Australian Computer Society, Inc.
Joux, A. (2000). A one round protocol for tripartite diffie-hellman. In ANTSIV: Proceedings of the 4th International Symposium on Algorithmic Number Theory, volume 1838 of Lecture Notes in Computer Science, pages 385–394, London, UK. Springer-Verlag.
Joye, M. e Neven, G. (2009). Identity-based Cryptography. IOS Press, Amsterdam.
Kang, B. G. e Park, J. H. (2005). Is it possible to have cbe from cl-pke? Cryptology ePrint Archive, Report 2005/431.
Kang, B. G., Park, J. H., e Hahn, S. G. (2004). A certificate-based signature scheme. In CT-RSA, volume 2964 of Lecture Notes in Computer Science, pages 99–111. Springer.
Kim, S., Oh, S., Park, S., e Won, D. (1999). Verifiable self-certified public keys. In WCC’99 : Workshop on Coding and Cryptography, pages 139–148, Le Chesnay, França. INRIA.
Kissel, R., Stine, K., Scholl, M., Rossman, H., Fahlsing, J., and Gulick, J. (2008). Security considerations in the system development life cycle. NIST Special Publication SP 800-64, National Institute of Standards and Technology.
Knudsen, L. (2005). SMASH - A Cryptographic Hash Function. In Fast Software Encryption: 12th International Workshop, FSE 2005, volume 3557 of Lecture Notes in Computer Science, pages 228-242. Springer.
Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177):203–209.
Koblitz, N. (1994). A course in number theory and cryptography, 2.ed. Springer-Verlag, New York - NY - USA.
Kürümlüoglu, M., Nostdal, R., e Karvonen, I. (2005). Base concepts, chapter Virtual organisations: Systems and practices, pages 11–28. Springer.
L. Doherty, B. A. Warneke, B. Boser, and K. S. J. Pister. Energy and performance considerations for smart dust. International Journal of Parallel and Distributed Systems and Networks, 4(3):121–133, 2001.
L. Eschenauer and V. Gligor. A key-management scheme for distributed sensor networks. In CCS’02: Proc. of the 9th ACM conference on Computer and communications security, pages 41–47, New York, NY, USA, 2002. ACM.
L. Oliveira, R. Dahab, J. Lopez, F. Daguano, and A. Loureiro. Identity-based encryption for sensor networks. In PERCOMW’07: Proc. of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops, pages 290–294, Washington, DC, USA, 2007. IEEE Computer Society.
Lee, B. e Kim, K. (2002). Self-certified signatures. In INDOCRYPT ’02: Proceedings of the Third International Conference on Cryptology, pages 199– 214, London, UK. Springer-Verlag.
Li, J., Huang, X., Mu, Y., Susilo, W., e Wu, Q. (2007). Certificate-based signature: Security model and efficient construction. In EuroPKI, volume 4582 of Lecture Notes in Computer Science, pages 110–125. Springer.
Libert, B. e Quisquater, J.-J. (2006). On constructing certificateless cryptosystems from identity based encryption. In Public Key Cryptography 2006 (PKC’06), volume 3958 of Lecture Notes in Computer Science, pages 474–490, New York, NY, USA. Springer-Verlag.
Liberty (2003a). Introduction to the Liberty Alliance Identity Architecture. Liberty Alliance.
Liberty (2003b). Privacy and Security Best Practices. Liberty Alliance.
Lim, H. W. (2006). On the Application of Identity-Based Cryptography In Grid Security. Doutorado, University of London.
Lim, H.W. e Paterson, K. G. (2005). Identity-based cryptography for grid security. In E-SCIENCE ’05: Proceedings of the First International Conference on e-Science and Grid Computing, pages 395–404,Washington, DC, USA. IEEE Computer Society.
Litchfield, D. (2007). The Oracle Hacker's Handbook - Hacking and Defending Oracle. Wiley Publishing, Inc.
Liu, J. K. e Zhou, J. (2008). Efficient certificate-based encryption in the standard model. In SCN ’08: Proceedings of the 6th international conference on Security and Cryptography for Networks, pages 144–155, Berlin, Heidelberg. Springer-Verlag.
Liu, J. K., Au, M. H., e Susilo,W. (2007). Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In ASIACCS ’07: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pages 273–283, New York, NY, USA. ACM.
Liu, J. K., Baek, J., e Zhou, J. (2009). Certificate-based sequential aggregate signature. In WiSec ’09: Proceedings of the second ACM conference on Wireless network security, pages 21–28, New York, NY, USA. ACM.
Liu, J. K., Baek, J., Susilo, W., e Zhou, J. (2008). Certificate-based signature schemes without pairings or random oracles. In ISC ’08: Proceedings of the 11th international conference on Information Security, volume 5222 of Lecture Notes in Computer Science, pages 285–297, Berlin, Heidelberg. Springer-Verlag.
Lopez, G., Canovas, O., Gomez-Skarmeta, A. F., Otenko, S., e Chadwick, D. (2005). A Heterogeneous Network Access Service based on PERMIS and SAML. In In Proceedings of 2nd EuroPKI Workshop.
Lorch, M., Kafura, D., e Shah, S. (2003a). An xacml-based policy management and authorization service for globus resources. In GRID ’03: Proceedings of the 4th International Workshop on Grid Computing, page 208, Washington, DC, USA. IEEE Computer Society.
Lorch, M., Proctor, S., Lepro, R., Kafura, D., e Shah, S. (2003b). First experiences using xacml for access control in distributed systems. In ACM Workshop on XML Security.
Lu, Y. e Li, J. (2008). A general and secure certification-based encryption construction. In ChinaGrid’08, pages 182–189, Los Alamitos, CA. IEEE Computer Society.
Lu, Y., Li, J., e Xiao, J. (2009). Constructing efficient certificate-based encryption with paring. Journal of Computers, 4(1):19–26.
M. Bellare, J. Kilian, and P. Rogaway. The security of the cipher block chaining message authentication code. Journal of Computer and System Sciences, 61(3):362–399, 2000.
M. Bellare, P. Rogaway, and D. Wagner. The EAX mode of operation: A two-pass authenticated-encryption scheme optimized for simplicity and efficiency. In Fast Software Encryption 2004, pages 389–407, February 2004. http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf.
M. Hell, T. Johansson, and W. Meier. Grain: a stream cipher for constrained environments. Int. J. Wire. Mob. Comput., 2(1):86–93, 2007.
M. Luk, G. Mezzour, A. Perrig, and V. Gligor. MiniSec: A secure sensor network communication architecture. In IPSN’07: Proc. of the 6th international conference on Information processing in sensor networks, pages 479–488, New York, NY, USA, 2007. ACM.
M. Matsui. Linear cryptanalysis method for DES cipher. In Advances in Cryptology - Eurocrypt’93, volume 765 of Lecture Notes in Computer Science, pages 62–73, Lofthus, Norway, 1993. Springer-Verlag. http://homes.esat.kuleuven.be/~abiryuko/Cryptan/matsui_des.PDF.
M. Matsui. New block encryption algorithm MISTY. In Fast Software Encryption – FSE’97, volume 1267 of Lecture Notes in Computer Science, pages 54–68. Springer, 1997.
M. N.Wegman and J. L. Carter. New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences, 22:265–279, 1981.
M. Simplicio, P. Barreto, T. Carvalho, C. Margi, and M. Näslund. The CURUPIRA - 2 block cipher for constrained platforms: Specification and benchmarking. In Proc. of the 1st International Workshop on Privacy in Location-Based Applications - PiLBA’08, volume 397. CEUR-WS, 2008. http://sunsite.informatik.rwth-aachen.de/Publications/CEUR-WS/Vol-397/.
M. Simplicio. Algoritmos criptográficos para redes de sensores. Master’s thesis, Escola Politécnica at the University of São Paulo, April 2008. [link].
M. Younis, K. Ghumman, and M. Eltoweissy. Location-aware combinatorial key management scheme for clustered sensor networks. IEEE Trans. Parallel Distrib. Syst., 17(8):865–882, 2006.
Ma, D. (2007). Business model of software-as-a-service. In Proc. of IEEE International Conference on Services Computing (SCC 2007).
Malone-Lee, J. (2002). Identity-based signcryption. Cryptology ePrint Archive-Report 2002/098. http://eprint.iacr.org/2002/098.
Mao,W. (2003). Modern cryptography : theory and practice. Prentice Hall.
Mark Luk, Ghita Mezzour, Adrian Perrig, and Virgil Gligor. MiniSec: a secure sensor network communication architecture. In IPSN ’07: Proceedings of the 6th international conference on Information processing in sensor networks, pages 479– 488, New York, NY, USA, 2007. ACM.
Mcafee, A. P. (2006). Enterprise 2.0: The dawn of emergent collaboration. MIT Sloan Management Review, 47(3):21–28.
Mccullagh, N. e Barreto, P. S. L. M. (2004). A new twoparty identity-based authenticated key agreement. In In proceedings of CT-RSA 2005, LNCS 3376, pages 262–274. Springer-Verlag. Também disponível em Cryptology ePrint Report 2004/122.
McGraw, G. (2006). Software Security: Building Security In. Addison-Wesley Professional.
Md. Enamul Karim, Andrew Walenstein, Arun Lakhotia, and Laxmi Parida. Malware phylogeny generation using permutations of code. Journal of Computer Virology, 1(1):13–23, 2005.
MediaCrypt AG. The IDEA block cipher – submission to the NESSIE project. http://cryptonessie.org, 2000.
Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A. (2001). Handbook of Applied Cryptography. CRC Press, 5th edition.
Merrill, D. (2006). Mashups: The new breed of web app. Technical report, IBM. http://www.ibm.com/developerworks/web/library/x-mashups.html.
Meucci, M. et al. (2008). OWASP testing guide v3.0. OWASP.
Milenkovic, M., Milenkovic, A., Milenkovic, A., and Kulick, J. (2004). Microbenchmarks for determining branch predictor organization. Software Practice and Experience, 34:465–487.
Milgram, S. (1967). The small world problem. Psychology Today, 1:61.
Miller, V. S. (1986). Use of elliptic curves in cryptography. In CRYPTO ’85: Advances in Cryptology, pages 417–426, London, UK. Springer-Verlag.
Misaghi, M. (2008). Um Ambiente Criptográfico Baseado na Identidade. Doutorado, Escola Politécnica, Universidade de São Paulo.
Mitra, N. e Lafon, Y. (2003). SOAP Version 1.2 Part 0: Primer. W3C. = http://www.w3.org/TR/soap12-part0.
Mohammad Rahimi, Rick Baer, Obimdinachi I. Iroezi, Juan C. Garcia, Jay Warrior, Deborah Estrin, and Mani Srivastava. Cyclops: In situ image sensing and interpretation in wireless sensor networks. In SenSys 2005), 2005.
Muthaiyah, S. e Kerschberg, L. (2007). Virtual organization security policies: An ontology-based integration approach. Information Systems Frontiers, 9(5):505–514.
N. Canh, Y.-K. Lee, and S. Lee. HGKM: A group-based key management scheme for sensor networks using deployment knowledge. 6th Annual Communication Networks and Services Research Conference. CNSR’08, pages 544–551, May 2008.
N. Fournel, M. Minier, and S. Ubéda. Survey and benchmark of stream ciphers for wireless sensor networks. In WISTP, volume 4462 of Lecture Notes in Computer Science, pages 202–214. Springer, 2007.
Naccache, D. (2007). Secure and practical identity-based encryption. IET Information Security, 1(2):59–64. Também disponível em Cryptology ePrint Report 2005/369.
Nadeem Ahmed, Salil S. Kanhere, and Sanjay Jha. The holes problem in wireless sensor networks: a survey. SIGMOBILE Mob. Comput. Commun. Rev., 9(2):4–18, 2005.
Niels Provos and Thorsten Holz. Virtual Honeypots. Addison Wesley, 2008.
NIST. Federal Information Processing Standard (FIPS 197) – Advanced Encryption Standard (AES). National Institute of Standards and Technology, November 2001.
NIST. Federal Information Processing Standard (FIPS PUB 113) – Standard on Computer Data Authentication. National Institute of Standards and Technology, U.S. Department of Commerce, May 1985. http://www.itl.nist.gov/fipspubs/fip113.htm.
NIST. Special Publication 800-38B Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication. National Institute of Standards and Technology, U.S. Department of Commerce, May 2005. http://csrc.nist.gov/publications/PubsSPs.html.
NIST. Special Publication 800-38D – Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. National Institute of Standards and Technology, U.S. Department of Commerce, November 2007. http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf.
NIST. Special Publication SP 800-38A – Recommendations for Block Cipher Modes of Operation, Methods and Techniques. National Institute of Standards and Technology, December 2001. http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf.
NSA. Skipjack and KEA Algorithm Specifications, version 2.0. National Security Agency, May 1998.
O’Reilly, T. (2005). What is web 2.0: Design patterns and business models for the next generation of software.
Oaks, S. (2001). JavaTM Security. O'Reilly, 2nd edition.
OASIS (2004). Web Services Security: SOAP Message Security 1.0. OASIS. [link].
OASIS (2005a). eXtensible Access Control Markup Language (XACML) version 2.0. Organization for the Advancement of Structured Information Standards (OASIS). http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf.
OASIS (2005b). Security Assertion Markup Language (SAML) 2.0 Technical Overview. Organization for the Advancement of Structured Information Standards (OASIS).
Oren, Y. and Shamir, A. (2007). Remote password extraction from rfid tags. IEEE Trans. Comput., 56(9):1292–1296.
P. Barreto and M. Simplicio. CURUPIRA, a block cipher for constrained platforms. In Anais do 25o Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos - SBRC 2007, volume 1, pages 61–74. SBC, 2007. http://www.larc.usp.br/~mjunior/files/en/Curupira1-extended.pdf.
P. Ekdahl and T. Johansson. A new version of the stream cipher SNOW. In Selected Areas in Cryptography, pages 47–61, 2002. http://www.it.lth.se/cryptology/snow/snow20.pdf.
P. Levis, S. Madden, J. Polastre, R. Szewczyk, K. Whitehouse, A. Woo, D. Gay, J. Hill, M. Welsh, E. Brewer, and D. Culler. TinyOS: An operating system for wireless sensor networks. Springer-Verlag, 2004.
Papastergiou, S., Valvis, G., e Polemi, D. (2008). A holistic anonymity framework for web services. In PETRA ’08: Proceedings of the 1st international conference on PErvasive Technologies Related to Assistive Environments, pages 1–8, New York, NY, USA. ACM.
Patterson, R. e Miller, J. (2006). Expressing authorization in semantic web services. In 2006 IEEE International Conference on Granular Computing, pages 792–795.
Patterson, R., Miller, J., Cardoso, J., e Davis, M. (2008). Bringing semantic security to semantic web services. The Semantic Web Real-world Applications from Industry, page 273.
PCI (2009a). Payment Card Industry (PCI) Data Security Standard - Requirements and Security Assessment Procedures - version 1.2.1. PCI Security Standards Council.
PCI (2009b). Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS) - version 1.2.1. PCI Security Standards Council.
Pedro H. Calais, Douglas E. V. Pires, Dorgival Olavo Guedes, Wagner Meira Jr, Cristine Hoepers, and Klaus Steding-Jessen. A campaign-based characterization of spamming strategies. In Proceedings of Fifth Conference on E-mail and Anti-Spam - CEAS, 2008.
Penning, H. P. (2006). Analysis of the strong set in the pgp web of trust. http://www.cs.uu.nl/people/henkp/henkp/pgp/pathfinder/plot/.
Petersen, H. e Horster, P. (1997). Self-certified keys - concepts and applications.
Pfitzmann, A. e Hansen, M. (2007). Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management – a consolidated proposal for terminology. Version 0.29. http://dud.inf.tu-dresden.de/Anon_Terminology.shtml.
Philip Levis, David Gay, and David Culler. Active sensor networks. In 2nd USENIX/ ACM Symposium on Network Systems Design and Implementation (NSDI), 2005.
Pramstaller, N., Rechberger, C., and Rijmen, V. (2005). Breaking a New Hash Function Design Strategy Called SMASH. In Selected Areas in Cryptography, 12th International Workshop, SAC 2005, volume 3897 of Lecture Notes in Computer Science, pages 234-244. Springer.
R. Gennaro, S. Halevi, H. Krawczyk, T. Rabin, S. Reidt, and S. Wolthusen. Strongly-resilient and non-interactive hierarchical key-agreement in MANETs. In ESORICS’08: Proc. of the 13th European Symposium on Research in Computer Security, pages 49–65, Berlin, Heidelberg, 2008. Springer-Verlag.
R. Müller, G. Alonso, and D. Kossmann. SwissQM: Next generation data processing in sensor networks. In CIDR, pages 1–9, 2007.
R. Sakai, K. Ohgishi, and M. Kasahara. Cryptosystems based on pairing. In Symposium on Cryptography and Information Security-SCIS’2000, pages 26–28, 2000.
R.L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21:120–126, 1978.
R.L. Rivest, M. Robshaw, R. Sidney, and Y. Yin. The RC6 block cipher. In in First Advanced Encryption Standard (AES) Conference, page 16, 1998.
Rabelo, R. J. (2008). Methods and Tools for Collaborative Networked Organizations, chapter Advanced Collaborative Business ICT Infrastructures, pages 337–365. Springer.
Rabelo, R. J., del Mar Castro Rodriguez, M., Conconi, A., e Sesana, M. (2008). Methods and Tools for Collaborative Networked Organizations, chapter The ECOLEAD Plug and Play Collaborative Business Infrastructure, pages 371–395. Springer.
Raffael Marty. Applied Security Visualization. Addison Wesley, 2008.
Rannenberg, K. (2000). Multilateral security a concept and examples for balanced security. InWorkshop on New security paradigms (NSPW’00), pages 151– 162, New York, NY, USA. ACM Press.
Rao, J. e Sadeh, N. (2005). A semantic web framework for interleaving policy reasoning and external service discovery. Lecture notes in computer science, 3791:56.
Rivest, R., Shamir, A., and Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. http://portal.acm.org.
Russell, S. J. and Norvig (2003). Artificial Intelligence: A Modern Approach (Second Edition). Prentice Hall.
S. Lucks. Two-pass authenticated encryption faster than generic composition. In Fast Software Encryption 2005, pages 284–298, 2005. http://www.iacr.org/cryptodb/archive/2005/FSE/3123/3123.pdf.
S. Rinne, T. Eisenbarth, and C. Paar. Performance analysis of contemporary light-weight block ciphers on 8-bit microcontrollers. [link], 2007. Ecrypt workshop SPEED - Software Performance Enhancement for Encryption and Decryption.
Sabater, J. e Sierra, C. (2001). Regret: A reputation model for gregarious societies. 4th Workshop on Deception, Fraud and Trust in Agent Societies, pages 61–69.
Sabater, J. e Sierra, C. (2005). Review on Computational Trust and Reputation Models. Artificial Intelligence Review, 24(1):33–60.
Saeednia, S. (2003). A note on girault’s self-certified model. Inf. Process. Lett., 86(6):323–327.
Sakai, R. e Kasahara, M. (2003). Id based cryptosystems with pairing on elliptic curve. Cryptology ePrint Archive, Report 2003/054.
Sakai, R., Ohgishi, K., e Kasahara, M. (2000). Cryptosystems based on pairing. In Symposium on Cryptography and Information Security (SCIS2000), pages 26–28, Okinawa, Japan. Inst. of Electronics, Information and Communication Engineers.
Sam Madden, Michael J. Franklin, Joseph M. Hellerstein, andWei Hong. TinyDB: An acqusitional query processing system for sensor networks. ACM Transactions on Database Systems, 2005.
Sandhu, R. S. e Samarati, P. (1994). Access control: Principles and practice. IEEE Communications Magazine, 32(9):40–48.
Sandia. Submission to NIST: Cipher-state (CS) mode of operation for AES. http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/, 2004.
SANS (2008a). Security 519 - web application workshop. SANS Institute.
SANS (2008b). Security 542 - advanced web application penetration testing. SANS Institute.
Scott, M., Costigan, N., e Abdulwahab, W. (2006). Implementing cryptographic pairings on smartcards. In CHES, volume 4249 of Lecture Notes in Computer Science, pages 134–147. Springer. 27
Seacord, R. C. (2005). Secure Coding in C and C++. Addison-Wesley Professional.
Sedra, A. S. and Smith, K. C. (1997). Microelectronic circuits, chapter 4. Oxford University Press, Inc., 4th edition.
Shah, S. (2007). Web 2.0 Security - Defending AJAX, RIA, and SOA. Charles River Media.
Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Proceedings of CRYPTO 84 on Advances in cryptology, volume 196/1985 of Lecture Notes in Computer Science, pages 47–53, New York, NY, USA. Springer-Verlag New York, Inc.
Shao, Z. (2007). Self-certified signatures based on discrete logarithms. In WAIFI ’07: Proceedings of the 1st international workshop on Arithmetic of Finite Fields, pages 252–263, Berlin, Heidelberg. Springer-Verlag.
Shao, Z. (2008). Certificate-based verifiably encrypted signatures from pairings. Information Sciences, 178(10):2360–2373.
Shibboleth (2005). Shibboleth Architecture. [link].
Silberschatz, A., Galvin, P. B., and Gagne, G. (2004). Operating System Concepts. Wiley. Stinson, D. R. (2002). Cryptography: Theory and Practice, Second Edition. Chapman & Hall/CRC.
Spence, D., Geddes, N., Jensen, J., Richards, A., Viljoen, M., Martin, A., Dovey, M., Norman, M., Tang, K., Trefethen, A., Wallom, D., Allan, R., e Meredith, D. (2006). Shibgrid: Shibboleth access for the uk national grid service. In Proceedings of the Second IEEE International Conference on e-Science and Grid Computing (e-Science’06), page 75. IEEE Computer Society.
Spett, K. (2003). Blind SQL Injection - Are your web applications vulnerable? SPI Labs.
Stallings, W. (2005). Cryptography and Network Security. Prentice Hall, 4th edition.
Stefan Axelsson. Visualisation for Intrusion Detection – Hooking the Worm. In Einar Snekkenes and Dieter Gollmann, editors, Computer Security – ESORICS 2003, 8th European Symposium on Research in Computer Security, Gjøvik, Norway, October 13-15, 2003, Proceedings (LNCS 2808)), year = 2003, pages = 309–325,.
Stuttard, D. and Pinto, M. (2007). The Web Application Hacker's Handbook. Wiley Publishing, Inc.
Sun, Y., Zhang, F., e Baek, J. (2007). Strongly secure certificateless public key encryption without pairing. In CANS, volume 4856 of Lecture Notes in Computer Science, pages 194–208. Springer.
Sutton, R. S. e Barto, A. G. (1998). Reinforcement Learning: An Introduction. MIT Press.
Szczechowiak, P., Oliveira, L. B., Scott, M., Collier, M., e Dahab, R. (2008). Nanoecc: Testing the limits of elliptic curve cryptography in sensor networks. In European conference on Wireless Sensor Networks, EWSN08, volume 4913 of Lecture Notes in Computer Science, pages 305–320.
T. Eisenbarth, S. Kumar, C. Paar, A. Poschmann, and L. Uhsadel. A survey of lightweight-cryptography implementations. IEEE Design and Test of Computers, 24(6):522–533, 2007.
T. Krovetz and P. Rogaway. Internet draft: The OCB authenticated-encryption algorithm. http://www.cs.ucdavis.edu/~rogaway/papers/ocb-id.htm, March 2005.
T. Li, H. Wu, X. Wang, and F. Bao. SenSec design. Technical report, InfoComm Security Department, February 2005.
Teacy, W. T., Patel, J., Jennings, N. R., e Luck, M. (2006). Travos: Trust and reputation in the context of inaccurate information sources. Autonomous Agents and Multi-Agent Systems, 12(2):183–198.
Terada, R. (2008). Segurança de Dados - Criptografia em Redes de Computador. Editora Edgard Blücher, São Paulo, SP, 2 edition.
TERENA (2008). TERENA Compendium of National Research and Education Networks In Europe. TERENA.
Teuvo Kohonen. Self-Organizing Maps. Springer, 2nd edition, 1997.
Texas Instruments, Inc. MSP430x13x, MSP430x14x Mixed Signal Microcontroller – Datasheet, 2001.
Tijs van Dam and Koen Langendoen. An adaptive energy-efficient MAC protocol for wireless sensor networks. In ACM SenSys 03, Los Angeles, CA, November 2003.
Trappe, W. e Washington, L. C. (2005). Introduction to Cryptography with Coding Theory. Prentice Hall, 2 edition.
V. Rajendran, K. Obraczka, and J.J. Garcia-Luna-Aceves. Energy-efficient, collision-free medium access control for wireless sensor networks. In ACM SenSys 03, Los Angeles, CA, November 2003.
van der Stock, A., Cruz, D., Chapman, J., Lowery, D., Keary, E., Morana, M. M., Rook, D., and Prego, J. W. P. (2008). OWASP code review guide v1.1. OWASP.
Vecchio, D. D., Basney, J., e Nagaratnam, N. (2005). Credex: Usercentric credential management for grid and web services. In International Conference on Web Services, pages 149–156, Orlando, Florida - EUA.
Viega, J. and McGraw, G. (2001). Building Secure Software: How to Avoid Security Problems the Right Way. Addison-Wesley Professional.
W. Du, J. Deng, Y. Han, P. Varshney, J. Katz, and A. Khalili. A pairwise key predistribution scheme for wireless sensor networks. ACM Trans. Inf. Syst. Secur., 8(2):228–258, 2005.
W. Du, J. Deng, Y. Han, S. Chen, and P. Varshney. A key management scheme for wireless sensor networks using deployment knowledge. INFOCOM 2004. Twentythird Annual Joint Conference of the IEEE Computer and Communications Societies, 1:–597, March 2004.
W. Liu, R. Luo, and H. Yang. Cryptography overhead evaluation and analysis for wireless sensor networks. Communications and Mobile Computing, International Conference on, 3:496–501, 2009.
W. S. Cleveland. Visualizing Data. Hobart Press, 1993.
W.R. Heinzelman, A. Chandrakasan, and H. Balakrishnan. Energy-efficient communication protocol for wireless microsensor networks. In Proceedings of the Hawaii International Conference on System Sciences, pages 3005–14. IEEE, January 2000.
W3C (2002). The Platform for Privacy Preferences 1.0 (P3P1) Specification. W3C Recommendation. http://www.w3c.org/TR/P3P.
W3C (2004a). Web Services Architecture. W3C Working Group. http://www.w3.org/TR/2004/NOTE-ws-arch-20040211.
W3C (2004b). Web Services Architecture Requirements. W3C Working Group. http://www.w3.org/TR/2004/NOTE-wsa-reqs-20040211.
Wang, L., Shao, J., Cao, Z., Mambo, M., e Yamamura, A. (2007). A certificate-based proxy cryptosystem with revocable proxy decryption power. In Progress in Cryptology - INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007, Proceedings, volume 4859 of Lecture Notes in Computer Science, pages 297–311. Springer.
Wang, X. and Lisa, Y. Y. (2005). Finding Collisions in the Full SHA-1. In CRYPTO 2005: 25th Annual International Cryptology Conference, volume 3621 of Lecture Notes in Computer Science. Springer.
Wang, X. and Yu, H. (2005). How to Break MD5 and Other Hash Functions. In EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, volume 3494 of Lecture Notes in Computer Science, pages 19-35. Springer.
Wang, Y. e Vassileva, J. (2003). Bayesian Network Trust Model in Peer-to-Peer Networks. Workshop on Deception, Fraud and Trust in Agent Societies, 7.
Wangham, M. S., de Mello, E. R., Rabello, R., e da Silva Fraga, J. (2005). Provendo garantias de segurança para formação de organizações virtuais. Gestão Avançada de Manufatura, 22:75–84.
Waters, B. R. (2005). Efficient identity-based encryption without random oracles. In EUROCRYPT’05, volume 3494 of Lecture Notes in Computer Science, pages 114–127. Springer. Também disponível em Cryptology ePrint Report 2004/180.
Weerawarana, S., Curbera, F., Leymann, F., Storey, T., e Ferguson, D. F. (2005). Web Services Plataform Architecture. Prentice Hall, Indiana.
Wei Ye, John Heidemann, and Deborah Estrin. An energy-efficient MAC protocol for wireless sensor networks. In Proceedings of the 21st International Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2002), New York, NY, USA, June 2002.
Wendi Heinzelman, Anantha Chandrakasan, and Hari Balakrishnan. Energyefficient communication protocol for wireless microsensor networks. In 33rd Hawaii International Conference on System Sciences (HICSS ’00), Hawaii, January 2000.
Whitby, A., Jøsang, A., e Indulska, J. (2005). Filtering out unfair ratings in bayesian reputation systems. The Icfain Journal of Management Research, 4(2):48–64.
Wiesmann, A., Curphey, M., van der Stock, A., and Stirbei, R. (2005). A guide to building secure web applications and web services. OWASP.
Winslett, M., Yu, T., Seamons, K. E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., e Yu, L. (2002). Negotiating trust on the web. IEEE Internet Computing, 06(6):30–37.
Wireless Sensor Networks, chapter Localization in Sensor Networks. Springer, 2004.
WS-FEDERATION (2006). Web services federation language (ws-federation) version 1.1. [link].
WS-METADATAEXCHANGE (2009). Web services metadata exchange (ws-metadataexchange). W3C Working Draft. [link].
WS-POLICY (2007). Web services policy 1.5 - framework. W3C Recommendation. http://www.w3.org/TR/2007/REC-ws-policy-20070904/.
WS-SECURITY (2006). Web services security: Soap message security 1.1. OASIS Standard Specification. [link].
WS-SECURITYPOLICY (2007). Ws-securitypolicy 1.2. OASIS Standard. [link].
Wu chi Feng, Brian Code, Ed Kaiser, Mike Shea, Wu chang Feng, and Louis Bavoil. Panoptes: scalable low-power video sensor networking technologies. In MULTIMEDIA ’03: Proceedings of the eleventh ACM international conference on Multimedia, pages 562–571, New York, NY, USA, 2003. ACM Press.
Wysopal, C., Nelson, L., Zovi, D. D., and Justin, E. (2006). The Art of Software Security Testing: Identifying Software Security Flaws. Symantec Press.
X. Lai and J. Massey. A proposal for a new block encryption standard. In EUROCRYPT’ 90: Proc. of the workshop on the theory and application of cryptographic techniques on Advances in Cryptology, pages 389–404, New York, NY, USA, 1991. Springer-Verlag.
Xiang-HuiWang and Guo-Yin Zhang. Web-Based Three-Dimension E-Mail Traffic Visualization. In Heng Tao Shen, Jinbao Li, Minglu Li, Jun Ni, and Wei Wang, editors, Advanced Web and Network Technologies, and Applications – APWeb 2006 International Workshops: XRA, IWSN, MEGA, and ICSE, Harbin, China, January 16-18, 2006, Proceedings (LNCS 3842), pages 979–986, 2006.
Y. W. Law, J. Doumen, and P. Hartel. Survey and benchmark of block ciphers for wireless sensor networks. ACM Transactions on Sensor Networks (TOSN), 2(1):65–93, 2006.
Yan Yu, Ramesh Govindan, and Deborah Estrin. Geographical and energy aware routing: a recursive data dissemination protocol for wireless sensor networks. Technical Report TR-01-0023, UCLA - Computer Science Department, 2001.
Yao, D., Fazio, N., Dodis, Y., e Lysyanskaya, A. (2004). Id-based encryption for complex hierarchies with applications to forward security and broadcast encryption. In CCS ’04: Proceedings of the 11th ACM conference on Computer and communications security, pages 354–363, New York - NY - USA. ACM Press.
Yum, D. H. e Lee, P. J. (2004). Identity-based cryptography in public key management. In EuroPKI 2004, volume 3093 of Lecture Notes in Computer Science, pages 71–84, Samos Island, Greece. Springer-Verlag.
Zabala, E. (2009). Rijndael Cipher: 128-bit Version (Data-Block and Key) Encrypton. Available at http://www.cs.bc.edu/~straubin/cs381-05/blockciphers/rijndael_ingles2004.swf.
Zhang, G. eWang, S. (2008). A certificateless signature and group signature schemes against malicious pkg. In 22nd International Conference on Advanced Information Networking and Applications, AINA 2008, pages 334–341. IEEE Computer Society.
Zhang, L.-J. e Zhou, Q. (2009). Ccoa: Cloud computing open architecture. In 2009 IEEE International Conference on Web Services, pages 607–616.
Zhang, X., Nakae, M., Covington, M. J., e Sandhu, R. (2008). Toward a usage-based security framework for collaborative computing systems. ACM Trans. Inf. Syst. Secur., 11(1):1–36.
Zhang, X., Nakae, M., Covington, M., e Sandhu, R. (2006). A usagebased authorization framework for collaborative computing systems. In Proceedings of the eleventh ACM symposium on Access control models and technologies, pages 180–189. ACM New York, NY, USA.
Zhang, Z., Wong, D. S., XU, J., e FENG, D. (2006). Certificateless public key signature: Security model and efficient construction. In 4th. International Conference on Applied Cryptography and Network Security, ACNS’06, volume 3989 of Lecture Notes in Computer Science, Singapore. Springer.
Zheng, Y. (1997). Digital signcryption or how to achieve cost(signature & encryption) cost(signature) + cost(encryption). In CRYPTO ’97: Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, pages 165–179, London, UK. Springer-Verlag.