2,692 research outputs found
Cloud Security : A Review of Recent Threats and Solution Models
The most significant barrier to the wide adoption of cloud services has been attributed to perceived cloud insecurity (Smitha, Anna and Dan, 2012). In an attempt to review this subject, this paper will explore some of the major security threats to the cloud and the security models employed in tackling them. Access control violations, message integrity violations, data leakages, inability to guarantee complete data deletion, code injection, malwares and lack of expertise in cloud technology rank the major threats. The European Union invested €3m in City University London to research into the certification of Cloud security services. This and more recent developments are significant in addressing increasing public concerns regarding the confidentiality, integrity and privacy of data held in cloud environments. Some of the current cloud security models adopted in addressing cloud security threats were – Encryption of all data at storage and during transmission. The Cisco IronPort S-Series web security appliance was among security solutions to solve cloud access control issues. 2-factor Authentication with RSA SecurID and close monitoring appeared to be the most popular solutions to authentication and access control issues in the cloud. Database Active Monitoring, File Active Monitoring, URL Filters and Data Loss Prevention were solutions for detecting and preventing unauthorised data migration into and within clouds. There is yet no guarantee for a complete deletion of data by cloud providers on client requests however; FADE may be a solution (Yang et al., 2012)
An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats
The current ubiquity of information coupled with
the reliance on such data by businesses has led to a great
deal of resources being deployed to ensure the security of this
information. Threats can come from a number of sources and the
dangers from those insiders closest to the source have increased
significantly recently. This paper focuses on techniques used to
identify and manage threats as well as the measures that every
organisation should consider to put into action. A novel game-based
onion skin model has been proposed, combining techniques
used in theory-based and hardware-based hardening strategies
xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs
In this paper we show how attackers can covertly leak data (e.g., encryption
keys, passwords and files) from highly secure or air-gapped networks via the
row of status LEDs that exists in networking equipment such as LAN switches and
routers. Although it is known that some network equipment emanates optical
signals correlated with the information being processed by the device
('side-channel'), intentionally controlling the status LEDs to carry any type
of data ('covert-channel') has never studied before. A malicious code is
executed on the LAN switch or router, allowing full control of the status LEDs.
Sensitive data can be encoded and modulated over the blinking of the LEDs. The
generated signals can then be recorded by various types of remote cameras and
optical sensors. We provide the technical background on the internal
architecture of switches and routers (at both the hardware and software level)
which enables this type of attack. We also present amplitude and frequency
based modulation and encoding schemas, along with a simple transmission
protocol. We implement a prototype of an exfiltration malware and discuss its
design and implementation. We evaluate this method with a few routers and
different types of LEDs. In addition, we tested various receivers including
remote cameras, security cameras, smartphone cameras, and optical sensors, and
also discuss different detection and prevention countermeasures. Our experiment
shows that sensitive data can be covertly leaked via the status LEDs of
switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per
LED
Mitigating the Risk of Knowledge Leakage in Knowledge Intensive Organizations: a Mobile Device Perspective
In the current knowledge economy, knowledge represents the most strategically
significant resource of organizations. Knowledge-intensive activities advance
innovation and create and sustain economic rent and competitive advantage. In
order to sustain competitive advantage, organizations must protect knowledge
from leakage to third parties, particularly competitors. However, the number
and scale of leakage incidents reported in news media as well as industry
whitepapers suggests that modern organizations struggle with the protection of
sensitive data and organizational knowledge. The increasing use of mobile
devices and technologies by knowledge workers across the organizational
perimeter has dramatically increased the attack surface of organizations, and
the corresponding level of risk exposure. While much of the literature has
focused on technology risks that lead to information leakage, human risks that
lead to knowledge leakage are relatively understudied. Further, not much is
known about strategies to mitigate the risk of knowledge leakage using mobile
devices, especially considering the human aspect. Specifically, this research
study identified three gaps in the current literature (1) lack of in-depth
studies that provide specific strategies for knowledge-intensive organizations
based on their varied risk levels. Most of the analysed studies provide
high-level strategies that are presented in a generalised manner and fail to
identify specific strategies for different organizations and risk levels. (2)
lack of research into management of knowledge in the context of mobile devices.
And (3) lack of research into the tacit dimension of knowledge as the majority
of the literature focuses on formal and informal strategies to protect explicit
(codified) knowledge.Comment: The University of Melbourne PhD Thesi
A review of behavioural research on data security
Protection of confidential information or data from being leaked to the public is a growing concern among organisations and individuals. This paper presents the results of the search for literature on behavioural and security aspects of data protection. The topics covered by this review include a summary of the changes brought about by the EU GDPR (General Data Protection Regulation). It covers human and behavioural aspects of data protection, security and data breach or loss (threats), IT architectures to protect data (prevention), managing data breaches (mitigation), risk assessment and data protection audits. A distinction is made between threats and prevention from within an organisation and from the outside
The Insider Threat
The Insider threat is defined similarly by experts in the information technology world for businesses, but addressing the threat has not been of great focus for most organizations. Technology and the Internet have grown exponentially over the past decade leading to changes in how business is conducted. Some basic business practices remain the same; protect the organization and its customers from breach of privacy. How data is gathered, stored, and retrieved has changed. Protecting the perimeter is still important, but these changes in technology now open the doors to a new threat; one that is known but not commonly protected against; the insider. Whether intentionally, or accidentally, the insider threat needs to be incorporated into the currently used security architectures and best practices. How should an organization include the insider threat to the current architecture is the question. Changes need to be made by organizations to the current security architecture. Currently, using technology is not enough, but is still necessary. In order to make it better, considering the employee as a whole and the daily activities necessary to complete a job, as well as working with other business units as a whole needs to be included in the architecture. Behavioral traits can be considered but there are issues in privacy that also need to be considered. Monitoring can be done, but that should not be the only thing considered. Employees lack knowledge as to why actions can have a negative effect on an organization and the way to address this is education. Educating end users is necessary and should be performed regularly to keep not just the technologically inclined up to date. Without education, the current technology used will continue to keep out the intruders, but will not be effective enough to protect against intentional and accidental misuse of the organization and its networks
- …