Stefan Raß

  • - 2%

    This book presents a compendium of selected game- and decision-theoretic models to achieve and assess the security of critical infrastructures. Given contemporary reports on security incidents of various kinds, we can see a paradigm shift to attacks of an increasingly heterogeneous nature, combining different techniques into what we know as an advanced persistent threat. Security precautions must match these diverse threat patterns in an equally diverse manner; in response, this book provides a wealth of techniques for protection and mitigation.

    Much traditional security research has a narrow focus on specific attack scenarios or applications, and strives to make an attack "practically impossible." A more recent approach to security views it as a scenario in which the cost of an attack exceeds the potential reward. This does not rule out the possibility of an attack but minimizes its likelihood to the least possible risk. The book follows this economic definition of security, offering a management scientific view that seeks a balance between security investments and their resulting benefits. It focuses on optimization of resources in light of threats such as terrorism and advanced persistent threats. 

    Drawing on the authors' experience and inspired by real case studies, the book provides a systematic approach to critical infrastructure security and resilience. Presenting a mixture of theoretical work and practical success stories, the book is chiefly intended for students and practitioners seeking an introduction to game- and decision-theoretic techniques for security. The required mathematical concepts are self-contained, rigorously introduced, and illustrated by case studies. The book also provides software tools that help guide readers in the practical use of the scientific models and computational frameworks.

  • S-BPM stands for "subject-oriented business process management" and focuses on subjects that represent the entities (people, programs etc.) that are actively engaged in processes. S-BPM has become one of the most widely discussed approaches for process professionals. Its potential particularly lies in the integration of advanced information technology with organizational and managerial methods to foster and leverage business innovation, operational excellence and intra- and inter-organizational collaboration. Thus S-BPM can also be understood as a stakeholder-oriented and social business process management methodology.In this book, the authors show how S-BPM and its tools can be used in order to solve communication and synchronization problems involving humans and/or machines in an organization. All the activities needed in order to implement a business process are shown step by step; it starts by analyzing the problem, continues with modeling and validating the corresponding process, and finishes off by embedding the process into the organization. The final result is a workflow that executes the process without the need for any programming. To this end, in the first step a very simple process is implemented, which is subsequently extended and improved in "adaption projects," because additional problems have to be solved. This approach reflects the organizational reality, in which processes must always be changed and adapted to new requirements. This is a hands-on book, written by professionals for professionals, with a clear and concise style, a wealth of illustrations (as the title suggests), and focusing on an ongoing example with a real industrial background. Readers who want to execute all the steps by themselves can simply download the S-BPM tool suite from the www.i2pm.net website.

  • The chapters in this volume explore how various methods from game theory can be utilized to optimize security and risk-management strategies.  Emphasizing the importance of connecting theory and practice, they detail the steps involved in selecting, adapting, and analyzing game-theoretic models in security engineering and provide case studies of successful implementations in different application domains.  Practitioners who are not experts in game theory and are uncertain about incorporating it into their work will benefit from this resource, as well as researchers in applied mathematics and computer science interested in current developments and future directions.The first part of the book presents the theoretical basics, covering various different game-theoretic models related to and suitable for security engineering.  The second part then shows how these models are adopted, implemented, and analyzed.  Surveillance systems, interconnected networks, and power grids are among the different application areas discussed.  Finally, in the third part, case studies from business and industry of successful applications of game-theoretic models are presented, and the range of applications discussed is expanded to include such areas as cloud computing, Internet of Things, and water utility networks.

  • This book provides an overview of state-of-the-art implementations of quantum random number generators (QRNGs), and especially examines their relation to classical statistical randomness models and numerical techniques for computing random numbers. The reader - who ideally has a background in classical statistics, computer science, or cryptography - is introduced to the world of quantum bits step by step, and explicit relations between QRNGs and their classical counterparts are identified along the way.
    Random number generation is a major pillar of cryptography. Capitalizing on the randomness inherent in quantum phenomena is a rapidly evolving branch of quantum cryptography with countless applications for the future. The value of quantum randomness for cryptographic purposes is empirically demonstrated in statistical evaluations of QRNGs' performance compared to classical techniques for true and pseudorandom number generation. The book then provides an overview of technical implementations of QRNGs, before a concluding discussion of major achievements and remaining obstacles in the field rounds out the coverage, while also opening the door for future research directions.

empty