De-perimeterisation as a cycle: tearing down and rebuilding security perimeters

If an organisation wants to secure its IT assets, where should the security mechanisms be placed? The traditional view is the hard-shell model, where an organisation secures all its assets using a fixed security border: What is inside the security perimeter is more or less trusted, what is outside is not. Due to changes in technologies, business processes and their legal environments this approach is not adequate anymore.\ud This paper examines this process, which was coined de-perimeterisation by the Jericho Forum.\ud In this paper we analyse and define the concepts of perimeter and de-perimeterisation, and show that there is a long term trend in which de-perimeterisation is iteratively accelerated and decelerated. In times of accelerated de-perimeterisation, technical and organisational changes take place by which connectivity between organisations and their environment scales up significantly. In times of deceleration, technical and organisational security measures are taken to decrease the security risks that come with de-perimeterisation, a movement that we call re-perimeterisation. We identify the technical and organisational mechanisms that facilitate de-perimeterisation and re-perimeterisation, and discuss the forces that cause organisations to alternate between these two movements

Data Confidentiality in Mobile Ad hoc Networks

Mobile ad hoc networks (MANETs) are self-configuring infrastructure-less networks comprised of mobile nodes that communicate over wireless links without any central control on a peer-to-peer basis. These individual nodes act as routers to forward both their own data and also their neighbours' data by sending and receiving packets to and from other nodes in the network. The relatively easy configuration and the quick deployment make ad hoc networks suitable the emergency situations (such as human or natural disasters) and for military units in enemy territory. Securing data dissemination between these nodes in such networks, however, is a very challenging task. Exposing such information to anyone else other than the intended nodes could cause a privacy and confidentiality breach, particularly in military scenarios. In this paper we present a novel framework to enhance the privacy and data confidentiality in mobile ad hoc networks by attaching the originator policies to the messages as they are sent between nodes. We evaluate our framework using the Network Simulator (NS-2) to check whether the privacy and confidentiality of the originator are met. For this we implemented the Policy Enforcement Points (PEPs), as NS-2 agents that manage and enforce the policies attached to packets at every node in the MANET.Comment: 12 page

Recommendations for Applying Security-Centric Technology Utilizing a Layered Approach in the Era of Ubiquitous Computing: (A Guide for the Small Business Enterprise).

The purpose of this work is to advise and assist Small Business in applying security centric technology to better manage and secure their information assets. Computer Crimes and Incursions are growing exponentially, in complexity, and in their sinister application. In the face of this onslaught small businesses, indeed organizations everywhere, need to accept this as a business constant or reality, identify the threats, acknowledge the vulnerabilities, and make plans to meet these challenges

Capital markets and e-fraud: policy note and concept paper for future study

The technological dependency of securities exchanges on internet-based (IP) platforms has dramatically increased the industry's exposure to reputation, market, and operational risks. In addition, the convergence of several innovations in the market are adding stress to these systems. These innovations affect everything from software to system design and architecture. These include the use of XML (extensible markup language) as the industry IP language, STP or straight through processing of data, pervasive or diffuse computing and grid computing, as well as the increased use of Internet and wireless. The fraud is not new, rather, the magnitude and speed by which fraud can be committed has grown exponentially due to the convergence of once private networks on-line. It is imperative that senior management of securities markets and brokerage houses be properly informed of the negative externalities associated with e-brokerage and the possible critical points of failure that exist in today's digitized financial sector as they grow into tomorrow's exchanges. The overwhelming issue regarding e-finance is to determine the true level of understanding that senior management has about on-line platforms, including the inherent risks and the depth of the need to use it wisely. Kellermann and McNevin attempt to highlight the various risks that have been magnified by the increasing digitalization of processes within the brokerage arena and explain the need for concerted research and analysis of these as well as the profound consequences that may entail without proper planning. An effective legal, regulatory, and enforcement framework is essential for creating the right incentive structure for market participants. The legal and regulatory framework should focus on the improvement of internal monitoring of risks and vulnerabilities, greater information sharing about these risks and vulnerabilities, education and training on the care and use of these technologies, and better reporting of risks and responses. Public/private partnerships and collaborations also are needed to create an electronic commerce (e-commerce) environment that is safe and sound.Environmental Economics&Policies,Insurance&Risk Mitigation,Financial Intermediation,ICT Policy and Strategies,Banks&Banking Reform

COMPARISON OF THE PARAMETERS OF SIGNALS WITH EXTERNAL ILLUMINATION FOR SUPERVISION OF THE AREA FOR THE PROTECTION OF IMPORTANT STATE OBJECTS

In modern conditions, it becomes necessary to create security systems, surveillance systems, anti-terrorist systems that carry out covert detection and surveillance of small-sized ground objects, including biological ones. Traditionally used single-position radars are ineffective in conditions of a large number of reflections that interfere with and low speed of movement of detected objects (people). The use of several such radars is impractical due to their rather high complexity and cost. In addition, it is impossible to ensure the secrecy of such systems. The construction of radar surveillance systems in the form of semi-active bistatic, including educational, radar systems is promising for the described conditions. One of the important issues in the construction of semi-active bistatic systems is the substantiation of the parameters of external illumination signals and the assessment of the attainable characteristics of such systems when using them. The analysis and definition of the requirements for the characteristics of the illumination signals is carried out. In addition, consider the features of using signals from modern emitting systems in semi-active radars. The basic parameters of the signals are given – the bandwidth, the pulse duration (spectrum width), the power at the transmitter output, the frequency range in which the system operates. The advantages and disadvantages of semi-active radar stations (SA RS), which use such signals, are described. Variants of semi-active bistatic systems with external illumination are determined. The widespread use of modern digital language and telecommunication systems provides the SA RS with effective illumination signals with good correlation properties, which makes it possible to obtain the necessary technical characteristics in a variety of application condition