Security Reputation Metrics

Security reputation metrics (aka. security metrics) quantify the security levels of organization (e.g., hosting or Internet access providers) relative to comparable entities. They enable benchmarking and are essential tools for decision and policy-making in security, and may be used to govern and steer responsible parties towards investing in security when economic or other decision-making factors may drive them to do otherwise

Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features on the global market for shared hosting -- containing 1,259 providers -- by gathering indicators from 442,684 domains. Exploratory factor analysis of 15 indicators identifies four main latent factors that capture security efforts: content security, webmaster security, web infrastructure security and web application security. We confirm, via a fixed-effect regression model, that providers exert significant influence over the latter two factors, which are both related to the software stack in their hosting environment. Finally, by means of GLM regression analysis of these factors on phishing and malware abuse, we show that the four security and software patching factors explain between 10\% and 19\% of the variance in abuse at providers, after controlling for size. For web-application security for instance, we found that when a provider moves from the bottom 10\% to the best-performing 10\%, it would experience 4 times fewer phishing incidents. We show that providers have influence over patch levels--even higher in the stack, where CMSes can run as client-side software--and that this influence is tied to a substantial reduction in abuse levels

Cities, The Sharing Economy and What's Next

This report seeks to provide an analysis of what is currently happening in American cities so that city leaders may better understand, encourage and regulate the growing sharing economy. Interviews were conducted with city officials on the impact of the sharing economy and related topics, and the report centers around five key themes: innovation, economic development, equity, safety and implementation.The sharing economy is also commonly referred to as collaborative consumption, the collaborative economy, or the peer-to-peer economy. This term refers to business models that enable providers and consumers to share resources and services, from housing to vehicles and more. These business models typically take the form of an online and/or application-based platform for business transactions

Foundations and Technological Landscape of Cloud Computing

The cloud computing paradigm has brought the benefits of utility computing to a global scale. It has gained paramount attention in recent years. Companies are seriously considering to adopt this new paradigm and expecting to receive significant benefits. In fact, the concept of cloud computing is not a revolution in terms of technology; it has been established based on the solid ground of virtualization, distributed system, and web services. To comprehend cloud computing, its foundations and technological landscape need to be adequately understood. This paper provides a comprehensive review on the building blocks of cloud computing and relevant technological aspects. It focuses on four key areas including architecture, virtualization, data management, and security issues

Investigação e desenho de uma solução empresarial de alojamento web para Angola

As infraestruturas tecnológicas são pilares indispensáveis do aumento da intensidade tecnológica, do crescimento económico de um pais ou empresa, bem como a sua capacidade produtiva e empreendedora. Uma das actividades mais importantes nesta mudança tecnológica é a de fornecer serviços de acesso a sítios e servidores Internet. Se em países ditos desenvolvidos existe uma oferta vasta e muito variada, noutros países essa oferta é ainda escassa e pouco versátil. Uma das barreiras para o aumento desta capacidade de oferta é a complexidade do desenho de uma solução de fornecimento deste tipo de serviços, porque envolve um conjunto amplo de requisitos, desde logo os físicos como os de equipamentos de rede até aos de software, como os da virtualização de servidores. Foi realizado um estudo tendo como base na situação actual do mercado angolano em relação aos serviços baseados na Internet, a promoção de capacidades inovadoras e as infraestruturas de suporte à estes serviços. Foi verificada uma notável necessidade de se investir fortemente em infraestruturas tecnológicas bem como a integração de novas tecnologias no mercado e nas empresas. Esta dissertação sugere uma estrutura que colmata as lacunas encontradas contribuindo para uma maior compatibilidade nesta área pela implementação de uma solução tecnologicamente actual preparada para responder ao dinamismo e crescimento do mercado de Angola nos próximos anos.The technology infrastructures are indispensable pillars to the increase of the technological development, supporting the economic growth of a country or a company, as well as to its productive and entrepreneurial capacity. One of the most important activities in this technologic change is to supply access services to sites and Internet servers. If in developed countries there is a wide and varied offer for these services, in other countries this offer is scarse and not very versatile. One of the barriers to the increase in the capacity of offering these Internet services is the complexity of the design of a solution for these types of services, as this comprehends a wide set of requirements, ranging from the physical such as the network infrastructures, to the logical such as virtualization technologies. A study was carried out having as base the current situation of the market in Angola regarding the providers of Internet based services, the promotion of innovative solutions and the infrastructures that support these services. It was noted the need to make a strong investment in technology infrastructures and to integrate new technologies in the market. This dissertation suggests a structure that fills the found gaps, contributing to a greater compatibility in the implementation of Technologies in this area, and providing a solution that is ready to respond to the needs of innovation and growth of the Angolan market in the coming years