The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Insider threats and attacks are a known problem. Within an enterprise it is very difficult to detect and identify insider attacks and abuse against information systems. A study was conducted by observing a group of IS security analysts who detect and identify insider attacks. Commonalities and generalizations were made based on the study to create an insider attack detection model. This model will...
This paper studies the square roots of total Boolean matrices. The basic matrices are introduced and it is proved that all the square roots of the total Boolean matrix can be constructed from the basic ones. Next the basic matrices of order 2, 3, 4, 5 are enumerated and they are connected with directed graphs. Finally some issues are discussed concerning applications of self-organization and routing...
Network security management plays a crucial role in protecting organization assets and its computer infrastructure. This can be done by identifying the vulnerabilities and developing effective control that reduces the risk of attacks and failures. Network risk assessment is a subjective process that is linked to multiple variables. These variables are associated with the organization assets and their...
Security is a critical requirement for the e-health system because the patient's sensitive information can be accessed remotely and this makes the entire system vulnerable to malicious attacks. In this paper, we present a novel role-interaction-organization security model and apply it to the e-health system which is modeled as a multi-agent system. The roles in our proposed model do not only determine...
Corporate financial misrepresentation and its consequences including the recent stock market meltdown has only exacerbated the need for more government vigilance on corporate governance. This has resulted in the introduction and enforcement of a plethora of regulations for corporate governance - regulatory and legislative compliance. Recently corporations have shifted their focus from reducing the...
A federated identity management system extends identity information across multiple security domains. It is an enabler for sharing information and services among organizations while respecting the authorization decisions of each organization. Federation can be realized in two ways: (1) Conventional federation that is based on a multilateral agreement among participants and (2) peer-to-peer (P2P) federation...
Today, cross-site scripting (XSS) vulnerability is one of the major problems of web application security. To prevent XSS attacks, there are several solutions based on blacklist filtering or whitelist filtering. Unfortunately, these solutions cannot solve XSS vulnerabilities completely. In this paper, we propose a binding mechanism, which is comparable to the binding mechanism for SQL. Furthermore,...
In this paper we compare four risk analysis methods: Mehari, Magerit, NIST800-30 and Microsoft's Security Management Guide. Mehari is a method for risk analysis and risk management developed by CLUSIF (Club de la Securite del' Information Francais). Magerit is a risk analysis and management methodology for information systems developed by CSAE (Consejo Superior de Administracion Electronica). NIST800-30...
The paper describe relevance of outsourcing managed security services. It has many benefits of using, but also brings key risks for business mission. If organization is planning to implement out of house information security, then it must stick to hard and fast rules to reduce these risks and get all advances. There are listed below steps of interaction such as preparing request for proposal, composing...
An increasingly large number of digital documents, need to be preserved by organizations. Business documents such as various contracts may be of great business value, may only exit in digital form and may need to be preserved for longer periods of times that may span over decades or even centuries. The preservation process should take care of both the integrity and authenticity of digital documents,...
Measuring cybersecurity is difficult, but other disciplines can offer important lessons and techniques for building a system that can help test hypotheses about system security.
Human resources are the core resources of the innovative organization. The effective human resource management is important content in innovative organization. According to the characteristics of the innovative organizationpsilas human resources, this article analyzes the common problems such as the structure of the innovative organization's talents is unreasonable; the introduction of the innovative...
Network security management plays a crucial role in protecting organization assets and its computer infrastructure by identifying an effective control that reduces the risk of attacks and failures. Network risk assessment is a subjective process that is affected by multiple distinctive variables. These variables are associated with the organization assets and their impact on the health of the organization...
Security has been a major concern for grid computing systems owing to their dynamic nature, heterogenity, scalability and presence of multiple domains. Grid security has always been viewed as an authentication problem rather than an authorization issue. Accessing resources across a secure channel is essential in a grid scenario. In this paper, we present a cross domain role-based delegation and revocation...
This work introduces the concept of self-organizing security (SOS) network as a resilient architectural foundation on which the operational mechanism for deploying dynamic, short living emergency response organizations capable to react quickly to emerging crisis situations can be evolved. A simulation testbed for SOS networks is presented that balances micromanagement of subordinates with the excessive...
In various computer security settings, such as when customers use the same passwords at several independent Web sites, security decisions made by one organization may have significant impact on the security of another. We develop a model for security decision-making in inter-dependent organizations described by a linear influence network. In this model, a matrix represents how one organization's investments...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.