Are papers in computer security reproducible? The health of the reproducibility culture in a subfield of security biometrics was assessed in a reproducibility audit of all papers published in the first quarter of 2020. Many papers met some reproducibility criteria, but none met them all. Even in a culture of faster, better, cheaper, reproducibility needn't cost much, but its benefits can be substantial

In 2014, the Secretary and Chief of Staff of the Army established the Cyber branch and the U.S. Army Cyber School (USACyS). Quickly building USACyS from scratch required building courseware to fill workforce-oriented curricula. Before we could finish creating sufficient and suitable content, the Army assigned students and scheduled classes. As we worked rapidly to create content, we turned to cloud-hosted

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Advertisement.

Presents the front cover for this issue of the publication.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Presents the table of contents for this issue of the publication.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Presents the introductory editorial for this issue of the publication.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for the Reliability Society.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Presents the front cover for this issue of the publication.

Presents the table of contents for this issue of the publication.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Presents the introductory editorial for this issue of the publication.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

The articles in this special section focus on hardware assisted security systems. During the past two decades, the use of hardware assistance for improving security and privacy has been steadily increasing. In particular, hardware-assisted trusted execution environments (TEEs), such as Arm TrustZone and Intel Software Guard Extensions, are now widely deployed. This has led to many new initiatives in

Advertisement.

Advertisement.

Advertisement.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Cyber intelligence requires analytic and technical skills. It is a pillar of U.S. national security and is needed in the private sector. We outline a framework for cyber intelligence education, including a dual-track model to balance the technical and analytic requirements.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Security flaws in cyberphysical systems are expensive. The key to creating secure but affordable industrial cyber systems is to understand the various points at which security can be implemented to build security into a product. This article is written from the perspective of a practitioner and addresses several components of product security that work together to build security into cyberphysical

The tax code isn’t software. It doesn’t run on a computer. But it’s still code. It’s a series of algorithms that takes an input— financial information for the year—and produces an output: the amount of tax owed. It’s incredibly complex code; there are a bazillion details and exceptions and special cases. It consists of government laws, rulings from the tax authorities, judicial decisions, and legal

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Advertisement.

Compliance programs help protect organizations' intellectual property and valuable resources through mandated security controls; however, organizations often conflate compliance with strong security. Understanding the security gaps that place fully compliant organizations at risk is essential.

On 2 May 2019, during United Kingdom local elections, an e-voting trial was conducted in Gateshead, using a touchscreen, end-to-end verifiable system. This was the first test of its kind in the United Kingdom, and it presented a case study to envisage the future of e-voting.

Advertisement.

Cyberphysical systems (CPSs) are part of the critical infrastructure. CPS security is challenging because the system can be attacked from both cyber and physical domains. In this article, a comprehensive study is taken to summarize the challenges and the proposed solutions for securing CPS from a physics-based perspective.

Advertisement, IEEE.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Advertisement, IEEE.

Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Advertisement. IEEE Security & Privacy magazine provides articles with both a practical and research bent by the top thinkers in the field. Stay current on the latest security tools and theories and gain invaluable practical and research knowledge; learn more about the latest techniques and cutting-edge technology; and discover case studies, tutorials, columns, and in-depth interviews and podcasts

Presents information on the upcomming HOST 2000 Conference. Includes topics to be covered and a calls for papers.

Advertisement. Prospective authors are requested to submit new, unpublished manuscripts for inclusion in the upcoming event described in this call for papers.

Presents the front cover for this issue of the publication.

Presents the table of contents for this issue of the publication.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Presents the introductory editorial for this issue of the publication.

Advertisement.

Internet of Things (IoT) security depends on the kindness of strangers, including in discovering, disclosing, and mitigating vulnerabilities. Multiple organizations have published best practices for producing secure IoT devices. We analyze two hubs, identify vulnerabilities, and detail how best practices would have prevented the flaws.

The divide between IT security and software security can result in the neglect of proper software security. This divide can be bridged by establishing a formal security champion role in the development team and conducting collaborative risk-based security activities.

Advertisement.

Access to individual-level health data is going to be critical for managing the COVID-19 pandemic and enabling society to return to some form of (new) normal functioning. Broader data access is already starting to happen. At the same time, there has been growing alarm by the privacy community about the extent and manner of the level of data sharing that is going on with such sensitive information.

Acquisition is the most common method for introducing new technology into organizations, but security and integrity are difficult to guarantee using conventional acquisition techniques. Best practices for secure acquisition are an essential part of the general education process in cybersecurity.

Why can't we send encrypted email (secure, private correspondence that even our mail providers can't read)? Why do our health-care providers require us to use secure portals to correspond with us instead of directly emailing us? Why are messaging apps the only way to send encrypted messages directly to friends, and why can't we send private messages without agreeing to using a single platform (WhatsApp

Are we (the experts) fooling ourselves that our security approaches are effective or appropriate to protect today?s and future IT environments? Are our old recipes still suitable? After working in IT security for more than 20 years, we started to realize that something had fundamentally changed. We tried to match the growing expectations of customers and consumers (the market), technological development

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Cybersecurity policy analytics quantitatively evaluates the effectiveness of cybersecurity protection measures consisting of both technical and managerial countermeasures and is inherently interdisciplinary work, drawing on the concepts and methods from economics, business, social science, and law.

We discuss the problem of restructuring visual data from different heterogeneous sources to analyze an event of interest. We present X-coherence: a pipeline seeking to organize and represent pieces of data, tying them coherently with the real world and with one another. We also outline research challenges while seeking X-coherence.

Presents the front cover for this issue of the publication.

Advertisement.

Presents the table of contents for this issue of the publication.

Presents a listing of the editorial board, board of governors, current staff, committee members, and/or society editors for this issue of the publication.

Presents the introductory editorial for this issue of the publication.