Introduction to Security Onion

Security Onion is a Network Security Manager (NSM) platform that provides multiple Intrusion Detection Systems (IDS) including Host IDS (HIDS) and Network IDS (NIDS). Many types of data can be acquired using Security Onion for analysis. This includes data related to: Host, Network, Session, Asset, Alert and Protocols. Security Onion can be implemented as a standalone deployment with server and sensor included or with a master server and multiple sensors allowing for the system to be scaled as required. Many interfaces and tools are available for management of the system and analysis of data such as Sguil, Snorby, Squert and Enterprise Log Search and Archive (ELSA). These interfaces can be used for analysis of alerts and captured events and then can be further exported for analysis in Network Forensic Analysis Tools (NFAT) such as NetworkMiner, CapME or Xplico. The Security Onion platform also provides various methods of management such as Secure SHell (SSH) for management of server and sensors and Web client remote access. All of this with the ability to replay and analyse example malicious traffic makes the Security Onion a suitable low cost alternative for Network Security Management. In this paper, we have a feature and functionality review for the Security Onion in terms of: types of data, configuration, interface, tools and system management

Introduction : Virtually perfect security (transcript of discussion)

“Virtually Perfect Security” is an attempt to tie together three slightly different interlocking strands. The first is the fact that although we talk about security as if it were some sort of metaphysical property (so that a system is either secure or isn’t), we all know that really whether a system is secure or not depends on the context which you put it, and you can move a system to a different context and change whether it’s secure or not. In practice, we also usually prove security relative to a particular abstraction, and the danger is that we have a system that “really” is secure, and then we discover that the attacker is using a different abstraction. Our attempt to find abstractions which the attacker can’t fool with this trick with has pushed us into talking about security using abstractions that are further and further away from anything that a user might think of as comprehensible or convenien

Source of Finance for Social Security Reform with Redistribution

This study investigates the welfare implications of social security reforms in Japan. Based on the overlapping generations model with idiosyncratic income risk, we consider four social security reform plans: (1) gradual reduction in the replacement rate by half, (2) sudden cut in the replacement rate by half, (3) introduction of a consumption tax, and (4) introduction of a capital income tax. We compute the transition paths of each case, and find that the introduction of a consumption tax and a capital income tax improves the welfare of young and future households, based on ex-ante welfare. We also reveal that two redistribution effects of the basic public pension are keys when considering social security reforms: (a) the insurance effect on lifetime income, and (b) the intertemporal effect that affects the asset and consumption profile.Social Security Reform, Consumption Tax, Capital Income Tax

A Political Economy Theory of Government Debt and Social Security

This paper analyzes the determinants of government debt and social security for the old in a closed-economy, overlapping-generation model. Under the probabilistic voting, the model presents (i) an intergenerational link of resource allocation via debt and social security; (ii) multiple political equilibria; and (iii) a negative cor- relation between tax and debt. These three results are robust to the introduction of public goods as an alternative government expenditure or to the introduction of income heterogeneity within a generation.Government debt; Social security; Overlapping generations; Proba- bilistic voting

Pareto improving social security reform when financial markets are incomplete!?

This paper studies an overlapping generations model with stochastic production and incomplete markets to assess whether the introduction of an unfunded social security system leads to a Pareto improvement. When returns to capital and wages are imperfectly correlated a system that endows retired households with claims to labor income enhances the sharing of aggregate risk between generations. Our quantitative analysis shows that, abstracting from the capital crowding-out effect, the introduction of social security represents a Pareto improving reform, even when the economy is dynamically effcient. However, the severity of the crowding-out effect in general equilibrium tends to overturn these gains. Klassifikation: E62, H55, H31, D91, D58 . April 2005

Pareto Improving Social Security Reform when Financial Markets are Incomplete!?

This paper studies an overlapping generations model with stochastic production and incomplete markets to assess whether the introduction of an unfunded social security system leads to a Pareto improvement. When returns to capital and wages are imperfectly correlated a system that endows retired households with claims to labor income enhances the sharing of aggregate risk between generations. Our quantitative analysis shows that, abstracting from the capital crowding-out effect, the introduction of social security represents a Pareto improving reform, even when the economy is dynamically effcient. However, the severity of the crowding-out effect in general equilibrium tends to overturn these gains.Social Security Reform, Aggregate Fluctuations, Intergenerational Risk Sharing, Incomplete Markets.