327 research outputs found
(B)LOCKBOX -- Secure Software Architecture with Blockchain Verification
According to experts, one third of all IT vulnerabilities today are due to
inadequate software verification. Internal program processes are not
sufficiently secured against manipulation by attackers, especially if access
has been gained. There is a lack of internal control instances that can monitor
and control program flows. Especially when a software vulnerability becomes
known, quick action is required, whereby the consequences for an individual
application are often not foreseeable. With our approach (B)LOCKBOX, software
building blocks act as verified entities within a transaction-based blockchain
network. Source Code, binaries and application execution become supervised.
Unwanted interference and manipulation are prevented by the integrity of the
distributed system
Mobile Application Security Platforms Survey
Nowadays Smartphone and other mobile devices have become incredibly important in every aspect of our life. Because they have practically offered same capabilities as desktop workstations as well as come to be powerful in terms of CPU (Central processing Unit), Storage and installing numerous applications. Therefore, Security is considered as an important factor in wireless communication technologies, particularly in a wireless ad-hoc network and mobile operating systems. Moreover, based on increasing the range of mobile application within variety of platforms, security is regarded as on the most valuable and considerable debate in terms of issues, trustees, reliabilities and accuracy. This paper aims to introduce a consolidated report of thriving security on mobile application platforms and providing knowledge of vital threats to the users and enterprises. Furthermore, in this paper, various techniques as well as methods for security measurements, analysis and prioritization within the peak of mobile platforms will be presented. Additionally, increases understanding and awareness of security on mobile application platforms to avoid detection, forensics and countermeasures used by the operating systems. Finally, this study also discusses security extensions for popular mobile platforms and analysis for a survey within a recent research in the area of mobile platform security
After the hype: e-commerce payments grow up
On June 18, 2003, the Payment Cards Center of the Federal Reserve Bank of Philadelphia and the Electronic Commerce Payments Council (eCPC) of the Electronic Funds Transfer Association co-hosted a workshop forum to explore areas of mutual interest related to the proliferation of e-commerce payments. This was the second event jointly sponsored by the groups. ; The first forum, âThe Future of e-Commerce Payments,â which was held in June 2002, focused on the possibilities ahead, as various electronic payment channels displace paper checks as a primary payment form. The more recent forum, âAfter the Hype: e-Commerce Payments Grow Up,â continued the dialog, emphasizing recent economic and marketplace realities that impact ecommerce payments innovation, acceptance, and maturation. ; Participants and speakers included Federal Reserve staff and industry leaders.Electronic commerce
Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques
Cloud Computing holds the potential to eliminate the requirements for setting
up of high-cost computing infrastructure for IT-based solutions and services
that the industry uses. It promises to provide a flexible IT architecture,
accessible through internet for lightweight portable devices. This would allow
multi-fold increase in the capacity or capabilities of the existing and new
software. In a cloud computing environment, the entire data reside over a set
of networked resources, enabling the data to be accessed through virtual
machines. Since these data-centers may lie in any corner of the world beyond
the reach and control of users, there are multifarious security and privacy
challenges that need to be understood and taken care of. Also, one can never
deny the possibility of a server breakdown that has been witnessed, rather
quite often in the recent times. There are various issues that need to be dealt
with respect to security and privacy in a cloud computing scenario. This
extensive survey paper aims to elaborate and analyze the numerous unresolved
issues threatening the cloud computing adoption and diffusion affecting the
various stake-holders linked to it.Comment: 20 pages, 2 Figures, 1 Table. arXiv admin note: substantial text
overlap with arXiv:1109.538
Office 365, Azure AD, and Exchange Online audit automation
El present document estudiarĂ l'actualitzaciĂł dels serveis d'auditoria d'Office 365, Exchange Online i Azure AD d'Ackcent. Dividint-ho en tres passos principals, sent el primer la migraciĂł a una soluciĂł sense servidor d'una infraestructura d'auditoria de correu electrĂČnic amb l'objectiu de revisar dinĂ micament la configuraciĂł mitjançant l'enviament de correus electrĂČnics amb diferents indicadors d'amenaça. L'objectiu de la primera part Ă©s fer una plataforma independent per auditar sense dependĂšncies de proveĂŻdors d'infraestructura de tercers. La segona part serĂ actualitzar una llista de control de seguretat amb noves comprovacions per revisar la configuraciĂł en profunditat. Finalment, s'investigarĂ la possibilitat d'automatitzar l'anĂ lisi del control mitjançant eines de tercers i implementacions personalitzades. La segona i tercera fase del projecte tindran com a objectius millorar la qualitat dels controls que s'analitzaran per a l'auditoria i reduir el temps que dediquen els arquitectes de seguretat a realitzar una auditoria.The present document will study the update of Ackcent's Office 365, Exchange Online, and Azure AD audit services. Dividing it into three main steps, being the first one migration to a server-less solution of an email audit infrastructure aimed to dynamically review the configuration by sending emails with different threat indicators. The objective for the first part is to make an independent platform to audit without dependencies on third-party infrastructure providers. The second part will be to upgrade a security control list with new checks to review the configuration deeply. Finally, the possibility of automatizing the control analysis will be investigated using third-party tools and custom implementations. The second and third stages of the project will have objectives to improve the quality of the controls being analyzed for the audit and reduce the amount of time spent by the security architects to perform an audit
Recommended from our members
A survey on security issues and solutions at different layers of Cloud computing
Cloud computing offers scalable on-demand services to consumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existing in these protocols as well as threats introduced by newer architectures raise many security and privacy concerns. In this paper, we survey the factors affecting Cloud computing adoption, vulnerabilities and attacks, and identify relevant solution directives to strengthen security and privacy in the Cloud environment
- âŠ