Pub Date : 2007-03-28DOI: 10.1080/10658980601051524
Ross Ortega
ABSTRACT The risk of damaging cyber-attacks on corporate networks has never been higher. Enterprise networks contain the most precious assets of a corporation. Essentially, everything a company creates or does manifests itself within the corporate network. Consequently, corporate networks have become fertile ground for abuse and theft.
{"title":"Defending the Corporate Crown Jewels from the Dangers that Lurk Within — Effective Internal Network Security Focuses on Behavior","authors":"Ross Ortega","doi":"10.1080/10658980601051524","DOIUrl":"https://doi.org/10.1080/10658980601051524","url":null,"abstract":"ABSTRACT The risk of damaging cyber-attacks on corporate networks has never been higher. Enterprise networks contain the most precious assets of a corporation. Essentially, everything a company creates or does manifests itself within the corporate network. Consequently, corporate networks have become fertile ground for abuse and theft.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73184348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-03-28DOI: 10.1080/10658980601051821
Edward H. Freeman
It's not true that life is one damn thing after another; it is one damn thing over and over.—Edna St. Vincent Millay (1892–1950) Security and privacy experts agree any new technology is always one ...
{"title":"RFIDs and Personal Privacy","authors":"Edward H. Freeman","doi":"10.1080/10658980601051821","DOIUrl":"https://doi.org/10.1080/10658980601051821","url":null,"abstract":"It's not true that life is one damn thing after another; it is one damn thing over and over.—Edna St. Vincent Millay (1892–1950) Security and privacy experts agree any new technology is always one ...","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74008720","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-03-28DOI: 10.1080/10658980601051334
Sean Steele, C. Wargo
Insiders — employees, contractors, consultants, and vendors — pose as great a threat to an organization’s security posture as outsiders, including hackers. Few organizations have implemented the policies, procedures, tools, or strategies to effectively address their insider threats. An insider threat assessment is a recommended first step for many organizations, followed by review of relevant security policies and employee awareness training.
{"title":"An Introduction to Insider Threat Management","authors":"Sean Steele, C. Wargo","doi":"10.1080/10658980601051334","DOIUrl":"https://doi.org/10.1080/10658980601051334","url":null,"abstract":"Insiders — employees, contractors, consultants, and vendors — pose as great a threat to an organization’s security posture as outsiders, including hackers. Few organizations have implemented the policies, procedures, tools, or strategies to effectively address their insider threats. An insider threat assessment is a recommended first step for many organizations, followed by review of relevant security policies and employee awareness training.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78045991","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-03-28DOI: 10.1080/10658980601051417
Costas Constantakis
ABSTRACT Security administrators at the global communications service providers have traditionally experienced difficulties in enforcing access security policies in their network operations. It has not, however, been for lack of trying. Whether security breaches have been intentional (hackers) or inadvertent (well-intentioned network operators misusing commands), network outages and intrusions due to an inability to enforce access security policies have been a serious problem, often resulting in tens of millions of dollars in foregone revenues while impairing a service provider's ability to provide continuous service to its customers. This article reviews the challenges that have existed to date for security administrators while exploring a 4-step approach, using newly available security administration automation tools, to overcome these challenges for network operating environments that involve many hundreds of network operators administering tens of thousands of network elements in a global network.
{"title":"Securing Access in Network Operations — Emerging Tools for Simplifying a Carrier's Network Security Administration","authors":"Costas Constantakis","doi":"10.1080/10658980601051417","DOIUrl":"https://doi.org/10.1080/10658980601051417","url":null,"abstract":"ABSTRACT Security administrators at the global communications service providers have traditionally experienced difficulties in enforcing access security policies in their network operations. It has not, however, been for lack of trying. Whether security breaches have been intentional (hackers) or inadvertent (well-intentioned network operators misusing commands), network outages and intrusions due to an inability to enforce access security policies have been a serious problem, often resulting in tens of millions of dollars in foregone revenues while impairing a service provider's ability to provide continuous service to its customers. This article reviews the challenges that have existed to date for security administrators while exploring a 4-step approach, using newly available security administration automation tools, to overcome these challenges for network operating environments that involve many hundreds of network operators administering tens of thousands of network elements in a global network.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76971346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-01-01DOI: 10.1080/10658980601051763
K. Dunham
There is disclosed printing apparatus composed essentially of molded plastics material which has relatively few parts, is easy to manufacture and maintain, and is lightweight and portable. The apparatus is illustrated as being of the table top type which can print both standard type tags and labels, string tags and pin tickets. The apparatus has a print head operable in conjunction with an impression control device, a feed finger assembly with a registration adjustment, a simple drive arrangement operated by a cam with a single cam path, and a reel positionable at different attitudes, and the construction of the apparatus is readily adaptable to both manually operated and motorized versions.
{"title":"OrderGun.A: A Sophisticated Rootkit","authors":"K. Dunham","doi":"10.1080/10658980601051763","DOIUrl":"https://doi.org/10.1080/10658980601051763","url":null,"abstract":"There is disclosed printing apparatus composed essentially of molded plastics material which has relatively few parts, is easy to manufacture and maintain, and is lightweight and portable. The apparatus is illustrated as being of the table top type which can print both standard type tags and labels, string tags and pin tickets. The apparatus has a print head operable in conjunction with an impression control device, a feed finger assembly with a registration adjustment, a simple drive arrangement operated by a cam with a single cam path, and a reel positionable at different attitudes, and the construction of the apparatus is readily adaptable to both manually operated and motorized versions.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84943538","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-01-01DOI: 10.1080/10658980601051706
Richard P. Tracy
A favorite idiom among security experts is, “Security isn’t a product, it’s a process.” If security is a process, then why not automate it? Today’s workflow and business process management (BPM) technologies are mature enough to support the automation of essential tasks that underlie risk compliance and assessment, vulnerability testing and management, patching, incident management and response, and other information technology security processes. More important, an enterprise platform for IT security process automation enables cybersecurity specialists to centrally orchestrate the interactions of personnel, their work, and various point products for information security—cutting across departments and functional areas to ensure a resilient, flexible security posture. The results: faster deployment and stronger enforcement of security policies; the ability to achieve sustained compliance with industry and government mandates for information security; comprehensive, error-free documentation of security procedures and policies; and more cost-effective attainment of the enterprise’s security goals. This article will review some of the basic issues that relate to information security process automation, including turning security policies into security requirements; challenges in enforcing security requirements; what’s involved in automating information security and compliance processes; and how a security process automation platform supports that effort.
{"title":"IT Security Management and Business Process Automation: Challenges, Approaches, and Rewards","authors":"Richard P. Tracy","doi":"10.1080/10658980601051706","DOIUrl":"https://doi.org/10.1080/10658980601051706","url":null,"abstract":"A favorite idiom among security experts is, “Security isn’t a product, it’s a process.” If security is a process, then why not automate it? Today’s workflow and business process management (BPM) technologies are mature enough to support the automation of essential tasks that underlie risk compliance and assessment, vulnerability testing and management, patching, incident management and response, and other information technology security processes. More important, an enterprise platform for IT security process automation enables cybersecurity specialists to centrally orchestrate the interactions of personnel, their work, and various point products for information security—cutting across departments and functional areas to ensure a resilient, flexible security posture. The results: faster deployment and stronger enforcement of security policies; the ability to achieve sustained compliance with industry and government mandates for information security; comprehensive, error-free documentation of security procedures and policies; and more cost-effective attainment of the enterprise’s security goals. This article will review some of the basic issues that relate to information security process automation, including turning security policies into security requirements; challenges in enforcing security requirements; what’s involved in automating information security and compliance processes; and how a security process automation platform supports that effort.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87250002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-01-01DOI: 10.1080/10658980701322528
Vyaghreswara Rao Namuduri, S. Pandit
ABSTRACT With the advancement of Internet technologies and its wide usage, it has become easy to illegally copy, distribute, and manipulate digital products. Digital watermarking is a proven method to protect authenticity by identifying the owner of the digital content. Significant work has been reported in the last five years on legal and technical measures for protecting digital rights. This paper explains the concepts of ownership rights and related intellectual property rights and their technical and legal protection measures. It also introduces digital water marking, its classification, features, and applications.
{"title":"Multimedia Digital Rights Protection Using Watermarking Techniques","authors":"Vyaghreswara Rao Namuduri, S. Pandit","doi":"10.1080/10658980701322528","DOIUrl":"https://doi.org/10.1080/10658980701322528","url":null,"abstract":"ABSTRACT With the advancement of Internet technologies and its wide usage, it has become easy to illegally copy, distribute, and manipulate digital products. Digital watermarking is a proven method to protect authenticity by identifying the owner of the digital content. Significant work has been reported in the last five years on legal and technical measures for protecting digital rights. This paper explains the concepts of ownership rights and related intellectual property rights and their technical and legal protection measures. It also introduces digital water marking, its classification, features, and applications.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87978908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-01-01DOI: 10.1080/10658980701250083
A. Klein
The machine comprises a dough flattening out station, a puff-pastry cutting station, a cut puff-pastry triangle spacing and orienting station, a triangle aligning station and a forming station, wherein a plurality of conveyor apparatus are provided effective to convey baking pans under the forming station, in such a way as to cause the pastry pieces to orderly fall into shaped recesses formed in the pans. The machine further comprises a mechanical type of device effective to control the falling of the formed pastry pieces on the pans and a rotating brush device for bending the pieces according to a predetermined curvature.
{"title":"Building an Identity Management Infrastructure for Today…and Tomorrow","authors":"A. Klein","doi":"10.1080/10658980701250083","DOIUrl":"https://doi.org/10.1080/10658980701250083","url":null,"abstract":"The machine comprises a dough flattening out station, a puff-pastry cutting station, a cut puff-pastry triangle spacing and orienting station, a triangle aligning station and a forming station, wherein a plurality of conveyor apparatus are provided effective to convey baking pans under the forming station, in such a way as to cause the pastry pieces to orderly fall into shaped recesses formed in the pans. The machine further comprises a mechanical type of device effective to control the falling of the formed pastry pieces on the pans and a rotating brush device for bending the pieces according to a predetermined curvature.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78748430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-01-01DOI: 10.1080/10658980701372804
K. Namuduri
{"title":"From the Editor's Desk","authors":"K. Namuduri","doi":"10.1080/10658980701372804","DOIUrl":"https://doi.org/10.1080/10658980701372804","url":null,"abstract":"","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78073810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2007-01-01DOI: 10.1080/10658980601051904
Edwin F. Ginty
{"title":"Secure Data-Archiving: How to Protect and Store Your Data","authors":"Edwin F. Ginty","doi":"10.1080/10658980601051904","DOIUrl":"https://doi.org/10.1080/10658980601051904","url":null,"abstract":"","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2007-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79661146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: