1,048 research outputs found
Security Reputation Metrics
Security reputation metrics (aka. security metrics) quantify the security
levels of organization (e.g., hosting or Internet access providers) relative to
comparable entities. They enable benchmarking and are essential tools for
decision and policy-making in security, and may be used to govern and steer
responsible parties towards investing in security when economic or other
decision-making factors may drive them to do otherwise
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting
Hosting providers play a key role in fighting web compromise, but their
ability to prevent abuse is constrained by the security practices of their own
customers. {\em Shared} hosting, offers a unique perspective since customers
operate under restricted privileges and providers retain more control over
configurations. We present the first empirical analysis of the distribution of
web security features and software patching practices in shared hosting
providers, the influence of providers on these security practices, and their
impact on web compromise rates. We construct provider-level features on the
global market for shared hosting -- containing 1,259 providers -- by gathering
indicators from 442,684 domains. Exploratory factor analysis of 15 indicators
identifies four main latent factors that capture security efforts: content
security, webmaster security, web infrastructure security and web application
security. We confirm, via a fixed-effect regression model, that providers exert
significant influence over the latter two factors, which are both related to
the software stack in their hosting environment. Finally, by means of GLM
regression analysis of these factors on phishing and malware abuse, we show
that the four security and software patching factors explain between 10\% and
19\% of the variance in abuse at providers, after controlling for size. For
web-application security for instance, we found that when a provider moves from
the bottom 10\% to the best-performing 10\%, it would experience 4 times fewer
phishing incidents. We show that providers have influence over patch
levels--even higher in the stack, where CMSes can run as client-side
software--and that this influence is tied to a substantial reduction in abuse
levels
Cities, The Sharing Economy and What's Next
This report seeks to provide an analysis of what is currently happening in American cities so that city leaders may better understand, encourage and regulate the growing sharing economy. Interviews were conducted with city officials on the impact of the sharing economy and related topics, and the report centers around five key themes: innovation, economic development, equity, safety and implementation.The sharing economy is also commonly referred to as collaborative consumption, the collaborative economy, or the peer-to-peer economy. This term refers to business models that enable providers and consumers to share resources and services, from housing to vehicles and more. These business models typically take the form of an online and/or application-based platform for business transactions
Foundations and Technological Landscape of Cloud Computing
The cloud computing paradigm has brought the benefits of utility computing to a global scale. It has gained paramount attention in recent years. Companies are seriously considering to adopt this new paradigm and expecting to receive significant benefits. In fact, the concept of cloud computing is not a revolution in terms of technology; it has been established based on the solid ground of virtualization, distributed system, and web services. To comprehend cloud computing, its foundations and technological landscape need to be adequately understood. This paper provides a comprehensive review on the building blocks of cloud computing and relevant technological aspects. It focuses on four key areas including architecture, virtualization, data management, and security issues
Investigação e desenho de uma solução empresarial de alojamento web para Angola
As infraestruturas tecnológicas são pilares indispensáveis do aumento da intensidade tecnológica, do crescimento económico de um pais ou empresa, bem como a sua capacidade produtiva e empreendedora. Uma das actividades mais importantes nesta mudança tecnológica é a de fornecer serviços de acesso a sítios e servidores Internet. Se em países ditos desenvolvidos existe uma oferta vasta e muito variada, noutros países essa oferta é ainda escassa e pouco versátil. Uma das barreiras para o aumento desta capacidade de oferta é a complexidade do desenho de uma solução de fornecimento deste tipo de serviços, porque envolve um conjunto amplo de requisitos, desde logo os físicos como os de equipamentos de rede até aos de software, como os da virtualização de servidores. Foi realizado um estudo tendo como base na situação actual do mercado angolano em relação aos serviços baseados na Internet, a promoção de capacidades inovadoras e as infraestruturas de suporte à estes serviços. Foi verificada uma notável necessidade de se investir fortemente em infraestruturas tecnológicas bem como a integração de novas tecnologias no mercado e nas empresas. Esta dissertação sugere uma estrutura que colmata as lacunas encontradas contribuindo para uma maior compatibilidade nesta área pela implementação de uma solução tecnologicamente actual preparada para responder ao dinamismo e crescimento do mercado de Angola nos próximos anos.The technology infrastructures are indispensable pillars to the increase of the technological development, supporting the economic growth of a country or a company, as well as to its productive and entrepreneurial capacity. One of the most important activities in this technologic change is to supply access services to sites and Internet servers. If in developed countries there is a wide and varied offer for these services, in other countries this offer is scarse and not very versatile. One of the barriers to the increase in the capacity of offering these Internet services is the complexity of the design of a solution for these types of services, as this comprehends a wide set of requirements, ranging from the physical such as the network infrastructures, to the logical such as virtualization technologies. A study was carried out having as base the current situation of the market in Angola regarding the providers of Internet based services, the promotion of innovative solutions and the infrastructures that support these services. It was noted the need to make a strong investment in technology infrastructures and to integrate new technologies in the market. This dissertation suggests a structure that fills the found gaps, contributing to a greater compatibility in the implementation of Technologies in this area, and providing a solution that is ready to respond to the needs of innovation and growth of the Angolan market in the coming years
- …