1,220,457 research outputs found
An examination into the role of knowledge management and computer security in organizations
Organisations develop their computer security procedures based on external guidelines such as
ISO 17799 with very little provision to incorporate organisational knowledge in their security
procedures. While these external guidelines make recommendations as to how an organisation
should develop and implement best practices in computer security they often fail to provide a
mechanism that links the security process to the organisational knowledge. The result is that
often, security policies, procedures and controls are implemented that are neither strong nor
consistent with the organisation's objectives. This study has examined the role of Knowledge
Management in organisational Computer Security in 19 Australian SMEs. The study has
determined that although the role of knowledge management in organisational computer security
is currently limited, there appears to be evidence to argue that the application of knowledge
management systems to organisational computer security development and management
processes will considerably enhance performance and reduce costs.
The study supports that future research is warranted to focus on how existing computer security
standards and practices can be improved to allow for a stronger integration with organisational
knowledge through the application of knowledge management systems
Introduction to Security Onion
Security Onion is a Network Security Manager (NSM) platform that provides multiple Intrusion Detection Systems (IDS) including Host IDS (HIDS) and Network IDS (NIDS). Many types of data can be acquired using Security Onion for analysis. This includes data related to: Host, Network, Session, Asset, Alert and Protocols. Security Onion can be implemented as a standalone deployment with server and sensor included or with a master server and multiple sensors allowing for the system to be scaled as required. Many interfaces and tools are available for management of the system and analysis of data such as Sguil, Snorby, Squert and Enterprise Log Search and Archive (ELSA). These interfaces can be used for analysis of alerts and captured events and then can be further exported for analysis in Network Forensic Analysis Tools (NFAT) such as NetworkMiner, CapME or Xplico. The Security Onion platform also provides various methods of management such as Secure SHell (SSH) for management of server and sensors and Web client remote access. All of this with the ability to replay and analyse example malicious traffic makes the Security Onion a suitable low cost alternative for Network Security Management. In this paper, we have a feature and functionality review for the Security Onion in terms of: types of data, configuration, interface, tools and system management
A trustworthy mobile agent infrastructure for network management
Despite several advantages inherent in mobile-agent-based approaches to network management as compared to traditional SNMP-based approaches, industry is reluctant to adopt the mobile agent paradigm as a replacement for the existing manager-agent model; the management community requires an evolutionary, rather than a revolutionary, use of mobile agents. Furthermore, security for distributed management is a major concern; agent-based management systems inherit the security risks of mobile agents. We have developed a Java-based mobile agent infrastructure for network management that enables the safe integration of mobile agents with the SNMP protocol. The security of the system has been evaluated under agent to agent-platform and agent to agent attacks and has proved trustworthy in the performance of network management tasks
Individual Risk Management for Digital Payment Systems
Despite existing security standards and security technologies, such as secure hardware, gaps between users’ demand for security and the security offered by a payment system can still remain. These security gaps imply risks for users. In this paper, we introduce a framework for the management of those risks. As a result, we present an instrument enabling users to evaluate eventual risks related with digital payment systems and to handle these risks with technical and economic instruments.Payment Systems, Digital Money
Interpreting the management of information systems security
The management of adverse events within organisations has become a pressing issue as the perceptions of risk continue to heighten. However the basic need for developing secure information systems has remained unfulfilled. This is because the focus has been on the means of delivery of information, i.e. the technology, rather than on the various contextual factors related to information processing.
The overall aim of this research is to increase understanding of the issues and concerns in the management of information systems security. The study is conducted by reviewing the analysis, design and management of computer based information in two large organisations - A British national Health Service Hospital Trust and a Borough Council. The research methodology adopts an interpretive mode of inquiry. The management of information systems security is evaluated in terms of the business environment, organisational culture, expectations and obligations of different roles, meanings of different actions and the related patterns of behaviour. Findings from the two case studies show that an inappropriate analysis, design and management of computer based information systems affects the integrity and wholeness of an organisation. As a result, the probability of occurrence of adverse events increases. In such an environment there is a strong likelihood that security measures may either be ignored or are inappropriate to the real needs of an organisation. Therefore what is needed is coherence between the computer based information systems and the business environment in which they are embedded.
In conclusion, this study shows that to resolve the problem of managing information systems security, we need to understand the deep seated pragmatic aspects of an organisation. Solutions to the problem of security can be provided by interpreting the behavioural patterns of the people involved
An analysis of security issues in building automation systems
The purpose of Building Automation Systems (BAS) is to centralise the management of a wide range of building services, through the use of integrated protocol and communication media. Through the use of IP-based communication and encapsulated protocols, BAS are increasingly being connected to corporate networks and also being remotely accessed for management purposes, both for convenience and emergency purposes. These protocols, however, were not designed with security as a primary requirement, thus the majority of systems operate with sub-standard or non-existent security implementations, relying on security through obscurity. Research has been undertaken into addressing the shortfalls of security implementations in BAS, however defining the threats against BAS, and detection of these threats is an area that is particularly lacking. This paper presents an overview of the current security measures in BAS, outlining key issues, and methods that can be improved to protect cyber physical systems against the increasing threat of cyber terrorism and hacktivism. Future research aims to further evaluate and improve the detection systems used in BAS through first defining the threats and then applying and evaluating machine learning algorithms for traffic classification and IDS profiling capable of operating on resource constrained BAS
Pretty Private Group Management
Group management is a fundamental building block of today's Internet
applications. Mailing lists, chat systems, collaborative document edition but
also online social networks such as Facebook and Twitter use group management
systems. In many cases, group security is required in the sense that access to
data is restricted to group members only. Some applications also require
privacy by keeping group members anonymous and unlinkable. Group management
systems routinely rely on a central authority that manages and controls the
infrastructure and data of the system. Personal user data related to groups
then becomes de facto accessible to the central authority. In this paper, we
propose a completely distributed approach for group management based on
distributed hash tables. As there is no enrollment to a central authority, the
created groups can be leveraged by various applications. Following this
paradigm we describe a protocol for such a system. We consider security and
privacy issues inherently introduced by removing the central authority and
provide a formal validation of security properties of the system using AVISPA.
We demonstrate the feasibility of this protocol by implementing a prototype
running on top of Vuze's DHT
On Secure Workflow Decentralisation on the Internet
Decentralised workflow management systems are a new research area, where most
work to-date has focused on the system's overall architecture. As little
attention has been given to the security aspects in such systems, we follow a
security driven approach, and consider, from the perspective of available
security building blocks, how security can be implemented and what new
opportunities are presented when empowering the decentralised environment with
modern distributed security protocols. Our research is motivated by a more
general question of how to combine the positive enablers that email exchange
enjoys, with the general benefits of workflow systems, and more specifically
with the benefits that can be introduced in a decentralised environment. This
aims to equip email users with a set of tools to manage the semantics of a
message exchange, contents, participants and their roles in the exchange in an
environment that provides inherent assurances of security and privacy. This
work is based on a survey of contemporary distributed security protocols, and
considers how these protocols could be used in implementing a distributed
workflow management system with decentralised control . We review a set of
these protocols, focusing on the required message sequences in reviewing the
protocols, and discuss how these security protocols provide the foundations for
implementing core control-flow, data, and resource patterns in a distributed
workflow environment
- …