Privacy and data protection Books

Book SynopsisTake your penetration testing career to the next level by discovering how to set up and exploit cost-effective hacking lab environments on AWS, Azure, and GCP Key Features Explore strategies for managing the complexity, cost, and security of running labs in the cloud Unlock the power of infrastructure as code and generative AI when building complex lab environments Learn how to build pentesting labs that mimic modern environments on AWS, Azure, and GCP Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionThe significant increase in the number of cloud-related threats and issues has led to a surge in the demand for cloud security professionals. This book will help you set up vulnerable-by-design environments in the cloud to minimize the risks involved while learning all about cloud penetration testing and ethical hacking. This step-by-step guide begins by helping you design and build penetration testing labs that mimic modern cloud environments running on AWS, Azure, and Google Cloud Platform (GCP). Next, you’ll find out how to use infrastructure as code (IaC) solutions to manage a variety of lab environments in the cloud. As you advance, you’ll discover how generative AI tools, such as ChatGPT, can be leveraged to accelerate the preparation of IaC templates and configurations. You’ll also learn how to validate vulnerabilities by exploiting misconfigurations and vulnerabilities using various penetration testing tools and techniques. Finally, you’ll explore several practical strategies for managing the complexity, cost, and risks involved when dealing with penetration testing lab environments in the cloud. By the end of this penetration testing book, you’ll be able to design and build cost-effective vulnerable cloud lab environments where you can experiment and practice different types of attacks and penetration testing techniques.What you will learn Build vulnerable-by-design labs that mimic modern cloud environments Find out how to manage the risks associated with cloud lab environments Use infrastructure as code to automate lab infrastructure deployments Validate vulnerabilities present in penetration testing labs Find out how to manage the costs of running labs on AWS, Azure, and GCP Set up IAM privilege escalation labs for advanced penetration testing Use generative AI tools to generate infrastructure as code templates Import the Kali Linux Generic Cloud Image to the cloud with ease Who this book is forThis book is for security engineers, cloud engineers, and aspiring security professionals who want to learn more about penetration testing and cloud security. Other tech professionals working on advancing their career in cloud security who want to learn how to manage the complexity, costs, and risks associated with building and managing hacking lab environments in the cloud will find this book useful.Table of ContentsTable of Contents Getting Started with Penetration Testing Labs in the Cloud Preparing Our First Vulnerable Cloud Lab Environment Succeeding with Infrastructure as Code Tools and Strategies Setting Up Isolated Penetration Testing Lab Environments on GCP Setting Up Isolated Penetration Testing Lab Environments on Azure Setting Up Isolated Penetration Testing Lab Environments on AWS Setting Up an IAM Privilege Escalation Lab Designing and Building a Vulnerable Active Directory Lab Recommended Strategies and Best Practices

Read more less

Book SynopsisAttention to corporate information has never been more important than now. The ability to generate accurate business intelligence, accurate financial reports and to understand your business relies on better processes and personal commitment to clean data. Every byte of data that resides inside your company, and some that resides outside its walls, has the potential to make you stronger by giving you the agility, speed and intelligence that none of your competitors yet have. Data governance is the term given to changing the hearts and minds of your company to see the value of such information quality. The Data Governance Imperative is a business person's view of data governance. This practical book covers both strategies and tactics around managing a data governance initiative. The author, Steve Sarsfield, works for a major enterprise software company and is a leading expert in data quality and data governance, focusing on the business perspectives that are important to data champions, front-office employees, and executives. Steve runs an award-winning and world-recognized blog called the Data Governance and Data Quality Insider, offering practical wisdom.Table of ContentsChapter 1: The need for Data Governance 20 Sins of the Past 21 Where Are The Metrics? 24 Unnecessary Complexity 26 ETL and Data Warehouse 27 Building More Efficiency 29 Reducing Risk and Improving Compliance 36 The Value of an Acquisition 30 Decisions Based on Gut 33 Data Governance and Being Green 33 Why Data Governance? 36 Who Needs Data Governance? 38 Chapter 2: What is data governance? 40 How do different groups see data governance? 40 Defining Data Governance by its Benefits 45 Chapter 3: Defining Data Governance Success 50 Generic Data Governance Success Factors 50 Specific Data Governance Success 55 Chapter 4: Getting Funded for IQ projects 57 The Data Champion 57 Return on Investment 61 Picking the Right Projects 62 Building Credibility 64 Leveraging a Crisis 64 Conversation Starters 65 The 'Do Nothing' Option 70 Overcoming Objections to Data Governance 71 Chapter 5: People - What does a data governance team look like? 77 Data Governance Roles and Responsibilities 77 Data Governance Council 80 Team Performance Goals 82 Methodologies 83 Chapter 6: Painting the Picture 86 Mission Statement 86 Communication Strategies 87 Having Productive Meetings 88 Getting the Data 93 Data Governance Workshops 94 Building a Useful Data Quality Scorecard 95 Views of Data Quality Scorecard 96 Which Key Metrics Do I Track? 97 chapter 7 - Fixing your data 114 Causes and Actions 114 Information Quality and Data Intensive Projects 121 The Six Phases of a Data Intensive Project 121 Phase One: Project Preparation 122 Phase Two: Making the Blueprint 126 Phase Three: Implement 131 Phase Four: Rollout Preparation 133 Phase Five: Go Live 136 Phase Six: Maintain 139 Chapter 8: technologies that support data governance 141 Types of Data Governance Technologies 142 PREVENTATIVE 142 Diagnostic and Health 145 Infrastructure 149 Enrichment 154 Chapter 9: WHAT'S NEXT 155 ITG Resources 157

Read more less

Book SynopsisWhat are citizens of a free country willing to tolerate in the name of public safety? Jon Fasman journeys from the US to London — one of the most heavily surveilled cities on earth — to China and beyond, to expose the legal, political, and moral issues surrounding how the state uses surveillance technology. Automatic licence-plate readers allow police to amass a granular record of where people go, when, and for how long. Drones give the state eyes — and possibly weapons — in the skies. Algorithms purport to predict where and when crime will occur, and how big a risk a suspect has of reoffending. Specially designed tools can crack a device’s encryption keys, rending all privacy protections useless. And facial recognition technology poses perhaps a more dire and lasting threat than any other form of surveillance. Jon Fasman examines how these technologies help police do their jobs, and what their use means for our privacy rights and civil liberties, exploring vital questions, such as: Should we expect to be tracked and filmed whenever we leave our homes? Should the state have access to all of the data we generate? Should private companies? What might happen if all of these technologies are combined and put in the hands of a government with scant regard for its citizens’ civil liberties? Through on-the-ground reporting and vivid storytelling, Fasman explores one of the most urgent issues of our time.Trade Review‘[A] deeply reported and sometimes chilling look at mass surveillance technologies in the American justice system … Fasman avoids alarmism while making a strong case for greater public awareness and tighter regulations around these technologies. This illuminating account issues an essential warning about a rising threat to America’s civil liberties.’ * Publishers Weekly *‘A cogent critique of the age of ubiquitous surveillance … An urgent examination of police-state intrusions on the privacy of lawful and law-abiding citizens.’ * Kirkus Reviews *‘If you want to understand the stakes and the landscape of surveillance in your life — yes, yours right now — We See It All is an outstanding place to start. Fasman walks his readers through a meticulously balanced review of how police, corporations, local businesses, governments, and ordinary people conspire to exchange real privacy for the feeling of safety. An evocative storyteller, Fasman lays out his case that, because government regulation lags impossibly behind technological advances, the only salve for our predicament is collective awareness. And collective action. The writing is sober and sobering. And, though the recent fires of Minneapolis, Atlanta, Portland, and the nation have not centred squarely on surveillance, Fasman argues convincingly that the next ones very well might.’ -- Phillip Atiba Goff, co-founder and CEO of the Centre for Policing Equity, and professor of African American studies and psychology at Yale University‘This powerful, engrossing book will challenge your assumptions about persistent surveillance. Jon Fasman makes a clear case for civil liberties and explains how our laws and public safety infrastructure must keep pace with the advancement of technology. It's a must-read for anyone interested in the future and the unintended consequences of artificial intelligence, data, encryption and recognition technology.’ -- Amy Webb, founder of The Future Today Institute, author of The Big Nine and The Signals are Talking‘Jon Fasman has given us a stellar account of the use of surveillance technologies by the police. It's comprehensive, even-handed, informative, and fun to read.’ -- Barry Friedman, Jacob D. Fuchsberg professor at New York University School of Law‘This lively book is a call to action.’ -- David Anderson * Literary Review *‘Attempts to shake us out of our complacency … We See It All is a brutal reminder of the ‘perpetual’ surveillance powers of the police and government.’ -- Bernard E. Harcourt * TLS *Praise for The Unpossessed City: ‘Bestseller Fasman … takes a compassionate look at the hard truths of modern-day Russia in his absorbing second novel … The bio-thriller aspect of the plot provides a loose frame for Fasman's real concerns … and, more importantly, the trials and tribulations of the new Russia itself.’ * Publishers Weekly *Praise for The Geographer's Library: ‘A brainy noir … [A] winningly cryptic tale … [A] cabinet of wonders written by a novelist whose surname and sensibility fit comfortably on the shelf between Umberto Eco and John Fowles.’ * Los Angeles Times *Praise for The Geographer's Library: ‘One of the year's most literate and absorbing entertainments.’ -- Kirkus Reviews

Read more less

Book Synopsis.- An Evolutionary Game Theoretic-Based Approach to Task Offloading in Hybrid Vehicular Cloud-Edge Environment..- Securing Child Health Records With RSA-Encrypted NFTs and Smart Contract on the Blockchain..- A Novel Redundant Service Caching and Task Offloading Method in Mobile Edge Computing..- RBLA: Rank-Based-LoRA-Aggregation for Fine-Tuning Heterogeneous Models in FLaaS..- User Preference-Informed and Mobility-Aware Caching in a Cooperative MEC Environment..- Personalized Mobility-Aware Caching Strategies in Multi-Access Edge Computing..- Workflow Task Offloading Upon MEC: A Novel Mobility-Aware and Clustering-Based Approach..- PLNCaE: Advanced Framework for Preprocessed Lightweight Neural Networks in Brain Tumor Classification and Explanation..- MSC: A Framework With Advanced Sampling Methods for Skin Cancer Classification.

Read more less

Book Synopsis.- Sustainable Development Goals; Energy and Carbon Efficiency; and conceptualizations of diversity...- Decoupled Recommender Systems: Exploring Alternative Recommender Ecosystem Designs..- Enhancing Tourism Recommender Systems for Sustainable City Trips Using Retrieval-Augmented Generation..- Simulating the Impact of Recommendation Salience on Tourists Experienced Utility..- Knowledge Data Modeling in Food Recommendation: A Case Study on Nutritional Values..- Modeling Social Media Recommendation Impacts Using Academic Networks: A Graph Neural Network Approach..- Green Recommender Systems: Optimizing Dataset Size for Energy-Efficient Algorithm Performance..- EMERS: Energy Meter for Recommender Systems..- e-Fold Cross-Validation for Recommender-System Evaluation..- RecSys CarbonAtor: Predicting Carbon Footprint of Recommendation System Models..- Eco-Aware Graph Neural Networks for Sustainable Recommendations..- 14 Kg of CO2: Analyzing the Carbon Footprint and Performance of Session-Based Recommendation Algorithms..- From Explanation to Exploration: promoting DivErsity in Recommendation Systems..- Effects of Representation Nudges on the Perception of Playlist Recommendations.

Read more less

Book Synopsis

Read more less

Book SynopsisThis open access book answers two central questions: firstly, is it at all possible to verify electronic equipment procured from untrusted vendors? Secondly, can I build trust into my products in such a way that I support verification by untrusting customers? In separate chapters the book takes readers through the state of the art in fields of computer science that can shed light on these questions. In a concluding chapter it discusses realistic ways forward. In discussions on cyber security, there is a tacit assumption that the manufacturer of equipment will collaborate with the user of the equipment to stop third-party wrongdoers. The Snowden files and recent deliberations on the use of Chinese equipment in the critical infrastructures of western countries have changed this. The discourse in both cases revolves around what malevolent manufacturers can do to harm their own customers, and the importance of the matter is on par with questions of national security.This book is of great interest to ICT and security professionals who need a clear understanding of the two questions posed in the subtitle, and to decision-makers in industry, national bodies and nation states. Table of Contents1 Introduction: 1.1 A New Situation.- 1.2 What are we Afraid of?.- 1.3 Huawei and ZTE.- 1.4 Trust in Vendors.- 1.5 Points of Attack.- 1.6 Trust in Vendors is Different from Computer Security.- 1.7 Why the Problem is Important.- 1.8 Advice for Readers.- 2 Trust: 2.1 Prisoner's Dilemma.- 2.2 Trust and Game Theory.- 2.3 Trust and Freedom of Choice.- 2.4 Trust, Consequence and Situation.- 2.5 Trust and Security.- 2.6 Trusted Computing Base---Trust between Components.- 2.7 Discussion.- 3 What is an ICT-System?: 3.1 Transistors and Integrated Circuits.- 3.2 Memory and Communication.- 3.3 Processors and Instruction Sets.- 3.4 Firmware.- 3.5 Operating Systems, Device Drivers, Hardware Adaptation Layers and Hypervisors.- 3.6 Bytecode Interpreters.- 3.7 The Application on Top.- 3.8 Infrastructures and Distributed Systems.- 3.9 Discussion.- 4 Development of ICT Systems: 4.1 Software Development.- 4.2 Hardware Development .- 4.3 Security Updates and Maintenance.- 4.4 Discussion.- 5 Theoretical Foundation: 5.1 Gödel and the Liar's Paradox.- 5.2 Turing and the Halting Problem.- 5.3 Decidability of Malicious Behaviour.- 5.4 Is there Still Hope?.- 5.5 Where does this Lead Us?.- 6 Reverse Engineering of Code: 6.1 Application of Reversing in ICT.- 6.2 Static Code Analysis.- 6.3 Disassemblers.- 6.4 Decompilers.- 6.5 Debuggers.- 6.6 Antireversing.- 6.7 Hardware.- 6.8 Discussion.- 7 Static Detection of Malware: 7.1 Classes of Malware.- 7.2 Signatures, and Static Code Analysis.- 7.3 Encrypted and Oligomorphic Malware.- 7.4 Obfuscation Techniques.- 7.5 Polymorphic and Metamorphic Malware.- 7.6 Heuristic Approaches.- 7.7 Malicious Hardware.- 7.8 Specification Based Techniques.- 7.9 Discussion.- 8 Dynamic Detection Methods: 8.1 Dynamic Properties.- 8.2 Unrestricted Execution.- 8.3 Emulator Based Analysis.- 8.4 Virtual Machines.- 8.5 Evasion Techniques.- 8.6 Analysis.- 8.7 Hardware.- 8.8 Discussion.- 9 Formal Methods: 9.1 Formal Methods Overview.- 9.2 Specification.- 9.3 Programming Languages.- 9.4 Hybrid Programming and Specification Languages.- 9.5 Semantic Translation.- 9.6 Logics.- 9.7 Theorem Proving and Model Checking.- 9.8 Proofcarrying Code.- 9.9 Conclusion.- 10 Software Quality and Quality Management: 10.1 What is Software Quality Management?.- 10.2 Software Development Process.- 10.3 Software Quality Models.- 10.4 Software Quality Management.- 10.5 Software Quality Metrics.- 10.6 Standards.- 10.7 Common Criteria (ISO/IEC-15408).- 10.8 Software Testing.- 10.9 Verification through Formal Methods.- 10.10 Code Review.- 10.11 Discussion.- 11 Containment of Untrusted Modules: 11.1 Overview.- 11.2 Partial Failures and Fault Models.- 11.3 Erlang---a Programming Language Supporting Containment.- 11.4 Microservices---an Architecture Model Supporting Containment.- 11.5 Hardware Containment.- 11.6 Discussion.- 12 Summary and Way Forward: 12.1 Summary of Findings.- 12.2 Way Forward.- 12.3 Concluding Remarks.

Read more less

Book Synopsis

Read more less

Book Synopsis.- Blockchain and Data Mining..- Intrusion Anomaly Detection with Multi-Transformer..- A Federated Learning Method Based on Linear Probing and Fine-Tuning..- Facilitating Feature and Topology Lightweighting: An Ethereum Transaction Graph Compression Method for Malicious Account Detection..- A Secure Hierarchical Federated Learning Framework based on FISCO Group Mechanism..- Research on Network Traffic Anomaly Detection Method Based on Deep Learning..- Hyper-parameter Optimization and Proxy Re-encryption for Federated Learning..- Data Security and Anomaly Detection..- Exploring Embedded Content in the Ethereum Blockchain: Data Restoration and Analysis..- Task Allocation and Process Optimization of Data, Information, Knowledge, and Wisdom (DIKW)-based Workflow Engine..- Location Data Sharing Method Based on Blockchain and Attribute-Based Encryption..- Implicit White-Box Implementations of Efficient Double-Block-Length MAC..- A Survey on Blockchain Scalability..- Supply Chain Financing Model Embedded with Full-Process Blockchain..- Blockchain Performance Optimization..- ReCon: Faster Smart Contract Vulnerability Detection by Reusable Symbolic Execution Tree..- SVD-SESDG: Smart Contract Vulnerability  Detection Technology via Symbol Execution and  State Variable Dependency Graph..- Dual-view Aware Smart Contract Vulnerability Detection for Ethereum..- Blockchain Layered Sharding Algorithm Based on Transaction Characteristics..- An Empirical Study on the Performance of EVMs and Wasm VMs for Smart Contract Execution..- Ponzi Scheme Detection in Smart Contracts Using Heterogeneous Semantic Graph.

Read more less

Book Synopsis.- Frontier Technology Integration..- Blockchain-Enabled Large Language Models for Prognostics and Health Management Framework in Industrial Internet of Things..- Protecting Shepherded Parallel Permissioned Blockchain System from Congestion-related Attack..- Cross-Chain Overview:Development, Mechanisms, Protocols, Security, and Challenges..- VMeta: A QoS Dataset for Metaverse Services..- OptimalFix:An Automated Framework for Fixing Vulnerabilities in Smart Contracts Effectively..- Visionary Security Framework for Blockchain Integrated Metaverse Platform..- Trustworthy System and Cryptocurrencies..- Analysis of Cryptocurrencies Mixing Services and Its Regulatory Mechansim..- A Cross-chain Model Based on Credit Hierarchical Notary Group for IoT Roaming Settlement..- GDCTSA: A Grouped Data Collection Scheme for Trustworthy Systems Assessment..- Privacy Vulnerability Analysis of Bitcoin Network..- Deduplication Cloud Storage Integrity Auditing with Unpredictable Challenge Messages..- Blockchain Applications..- Drug traceability and health monitoring system with Hyperledger Fabric..- BCPA-OC Blockchain-Based Conditional Privacy-Preserving Authentication with Out-of-Band Communication for VANETs..- BBDAS: Blockchain-assisted Blinded Data Auditing Scheme for Cloud-Edge Systems..- A Blockchain-Based Tamper-Resistant Broadcast Encryption Scheme..- Joint Optimization of Task Offloading and Resource Allocation in Blockchain-Enabled Vehicular Fog Computing Networks.

Read more less