The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
There are many business applications which fit far better the terminology and techniques of industrial control than they do that of conventional data processing. A dealer in any commodity whose price is continually fluctuating, be it money, stocks, or physical supplies, requires real-time information about the deals of his colleagues and competitors and the state of the market: he requires on-stream...
Skilled hackers have designed a sophisticated type of malware that blends multiple techniques, hides and changes its code, and employs tricks to entice users to implement and spread it. The malware is generally called the Storm worm. This paper introduces the basic information about Storm worm and how we can combat against this attack.
A research team has tested a new way of stealing encryption keys stored on computer hard drives. The researchers, based at Princeton University's Center for Information Technology Policy, obtained the keys by chilling a dynamic RAM (DRAM) chip with a can of common dust remover. With the keys, a hacker could decrypt everything on the disk. Full-data encryption stores the cryptographic keys in a computer's...
QuERIES offers a novel multidisciplinary approach to quantifying risk associated with security technologies resulting in investment-efficient cybersecurity strategies. R esearchers can use the QuERIES methodology to rigorously determine, for the first time, appropriate investment levels and strategies for the protection of intellectual property in complex systems. As a result, it can have a significant...
Computer security has experienced important fundamental changes over the past decade. The most promising developments in security involve arming software developers and architects with the knowledge and tools they need to build more secure software. Among the many security tools available to software practitioners, static analysis tools for automated code review are the most effective. The paper presents...
Without a human organization that can sift information and raise the gold from the dust, knowledge will die as rumor and innuendo will overwhelm any truth that may be making the rounds.
Cybersecurity was the topic in this paper. The author mention that advancing cybersecurity begins by recognizing all its aspects as a vector quantity with four distinct forces shaping its evolution. Rebranding exercise, organizational imperative, cyberspace domain, national defense priority were the forces mentioned and discussed.
Fears about hackers intruding into Wi-Fi networks and either stealing important information or planting malware have increased over the years. As a result, wireless intrusion-prevention systems are becoming increasingly important.
In an interview conducted by Computer editorial board member Ann E.K. Sobel, Cigital CTO Gary McGraw discusses the state of software security and the BSIMM—a data-driven research project describing and measuring what successful organizations are doing to ensure software security.
Under the game-change metaphor, strategies developed to address hard problems will potentially lead to breakthroughs in many different interrelated cybersecurity areas. For software assurance, a game change should focus on improving resiliency and hardening new technologies that implement moving-target defenses and tailored trustworthy spaces.
As software dependence reaches critical levels, threats become more pervasive, and losses become more costly, higher education must place more value on the tenets of software assurance. Courses must focus not only on security but on providing justified confidence in the software or system throughout its life cycle.
The Department of Homeland Security National Cyber Security Division's Software Assurance Program promotes the collaborative development of reliable measurement instruments and standards, opportunities for the exchange and dissemination of knowledge, a skilled workforce, and a secure software supply chain.
The developing world must exploit the opportunities afforded by cloud computing while minimizing the associated risks to allow access to advanced IT infrastructure, data centers, and applications and protect sensitive information.
Captchas are a standard defense on commercial websites against undesirable or malicious Internet bot programs, but widely deployed schemes can be broken with simple but novel attacks. Applying security engineering expertise to the design of Captchas can significantly improve their robustness.
Globalization of the semiconductor industry and associated supply chains have made integrated circuits increasingly vulnerable to Trojans. Researchers must expand efforts to verify trust in intellectual property cores and ICs.
Because it is increasingly difficult if not impossible to define the perimeter that separates the trusted inside from the untrusted outside, many security and privacy mechanisms no longer work in an online world.
The same-origin policy, a fundamental security mechanism within Web browsers, overly restricts Web application development while creating an ever-growing list of security holes, reinforcing the argument that the SOP is not an appropriate security model.
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.