Filters








19,005 Hits in 5.2 sec

Assessing Security to Compare Architecture Alternatives of Component-Based Systems

Axel Busch, Misha Strittmatter, Anne Koziolek
2015 2015 IEEE International Conference on Software Quality, Reliability and Security  
Our hierarchical model uses stochastic modeling techniques and includes several security related factors, such as attackers, his goals, the security attributes of a component, and the mutual security interferences  ...  In this paper, we propose an approach for assessing security of component-based software architectures.  ...  The probability of this vulnerability to be beneficial for breaking the system is denoted by PoCoB.  ... 
doi:10.1109/qrs.2015.24 dblp:conf/qrs/BuschSK15 fatcat:gus55uzfxngdvpz3g5xizfgk5q

On achieving software diversity for improved network security using distributed coloring algorithms

Adam J. O'Donnell, Harish Sethu
2004 Proceedings of the 11th ACM conference on Computer and communications security - CCS '04  
The algorithms themselves are analyzed for attack tolerance, and strategies for improving the security of the individual software assignment schemes are presented.  ...  We present several distributed algorithms for the assignment of distinct software packages to individual systems and analyze their performance.  ...  By utilizing a second software package for file sharing on the server systems, it is possible to prevent a client system from propagating a worm that attacks a vulnerability in the file sharing subsystem  ... 
doi:10.1145/1030083.1030101 dblp:conf/ccs/ODonnellS04 fatcat:3uaenn24mrgmrmu57mceiiiv7a

Towards a Theory of Application Compartmentalisation [chapter]

Robert N. M. Watson, Steven J. Murdoch, Khilan Gudka, Jonathan Anderson, Peter G. Neumann, Ben Laurie
2013 Lecture Notes in Computer Science  
Drawing a comparison with capability systems, we consider how a distributed system interpretation supports an argument that compartmentalisation improves application security.  ...  Application compartmentalisation decomposes software applications into sandboxed components, each delegated only the rights it requires to operate.  ...  Acknowledgments We would like to thank our colleagues on the Capsicum, CTSRD, and SOAAP projects for their thoughts and comments contribution to this paper, including Ross Anderson, David Chisnall, Brooks  ... 
doi:10.1007/978-3-642-41717-7_4 fatcat:5vxaj7j7zrdg3nwwwypu2zmrsa

THE ENTERPRISE INFORMATION SYSTEM AND RISK MANAGEMENT

Carmen Radut
2009 Annals of the University of Oradea: Economic Science  
System integration can be done by adopting the e-commerce technology and Business-to-Business models that will  ...  of or replaced to ensure that the hardware and software are properly disposed of, that residual data is appropriately handled, and that system migration is conducted in a secure and systematic manner  ...  Vulnerability is a weakness in the information system design, implementation, internal controls, security control that could be exploited by threat which accidentally triggers or intentionally exploited  ... 
doaj:ebe9ce0e096b4259848c2c78321f3cb8 fatcat:3ul5ayeczjbdpgkh5hzuzhtxd4

Security in cloud computing

2014 International Journal of Information Security  
Keywords Cloud computing, Service models, Security risks and issues, Risk mitigation and Cloud services.  ...  For some major security risks and issues enterprises and individuals are unwilling to deploy their data and applications in cloud environment.  ...  Service Delivery Models Cloud is the Internet based computing environment where shared resources, software and information as a service to consumer(s) on demand.  ... 
doi:10.1007/s10207-014-0232-2 fatcat:yvtw6ezauzf57fvauyqhekbmqq

A Comparison of Market Approaches to Software Vulnerability Disclosure [chapter]

Rainer Böhme
2006 Lecture Notes in Computer Science  
Although the discussion on details of responsible vulnerability disclosure is controversial, there is a sort of consensus that better information sharing is socially beneficial.  ...  Practical computer (in)security is largely driven by the existence of and knowledge about vulnerabilities, which can be exploited to breach security mechanisms.  ...  Acknowledgements The author gratefully acknowledges the valuable comments he received from Thorsten Holz, Gaurav Kataria, and Andy Ozment.  ... 
doi:10.1007/11766155_21 fatcat:y4ofg4oau5erbempnyvz725ayq

Security in Cloud Computing

Rajarshi RoyChowdhury
2014 International Journal of Computer Applications  
Keywords Cloud computing, Service models, Security risks and issues, Risk mitigation and Cloud services.  ...  For some major security risks and issues enterprises and individuals are unwilling to deploy their data and applications in cloud environment.  ...  Service Delivery Models Cloud is the Internet based computing environment where shared resources, software and information as a service to consumer(s) on demand.  ... 
doi:10.5120/16870-6767 fatcat:uxn2xpcqo5e3xidkhkxlogzdhi

Security in Cloud Computing [chapter]

2014 Information Protection  
Keywords Cloud computing, Service models, Security risks and issues, Risk mitigation and Cloud services.  ...  For some major security risks and issues enterprises and individuals are unwilling to deploy their data and applications in cloud environment.  ...  Service Delivery Models Cloud is the Internet based computing environment where shared resources, software and information as a service to consumer(s) on demand.  ... 
doi:10.1016/b978-0-12-800843-0.00005-0 fatcat:5r76mkjrxzezjf2wt7xfg5vppa

Why Do People Hide Knowledge in the Online Knowledge Community? An Integrated Framework of Protection Motivation, Self-Determination, and Social Exchange Beliefs

Qin Yang, Young-Chan Lee
2021 Sustainability  
Suppressing knowledge hiding is a prerequisite for achieving positive knowledge interactions among people.  ...  We tested the research model through a valid sample of 377 respondents from Chinese online knowledge community users.  ...  He discovered that the severity and vulnerability of the threat have a more significant effect on anti-plagiarism software adoption.  ... 
doi:10.3390/su13179885 fatcat:mclqqwn4bfadhhnrojvdfgqzba

The Evolving State of Medical Device Cybersecurity

Suzanne Schwartz, Aftin Ross, Seth Carmody, Penny Chase, Steve Christey Coley, Julie Connolly, Cathy Petrozzino, Margie Zuk
2018 Biomedical Instrumentation & Technology  
Development Challenges • Manufacturers should design in security and leverage existing security criteria and standards in this process. • Third-party software developers should share a listing of their  ...  a Medical Device Security Information Sharing Council to serve as an umbrella for several initiatives, including standing up an ISAO and conducting medical device risk assessments. 34 Promenade Software  ... 
doi:10.2345/0899-8205-52.2.103 pmid:29558182 fatcat:vuv4qis34zfvnp7jc3m4fpzkqm

Employees' Compliance with BYOD Security Policy: Insights from Reactance, Organizational Justice, and Protection Motivation Theory

Frida Ferdani Putri, Anat Hovav
2014 European Conference on Information Systems  
BYOD security awareness program increases an employee's response efficacy (a positive effect) and response cost (a negative effect).  ...  We derived our research model from reactance, protection motivation and organizational justice theories.  ...  Equity in distributive justice can also be conceived as a mutually beneficial transfer of valued resources between two actors (Cook and Hegtvedt 1983) .  ... 
dblp:conf/ecis/PutriH14 fatcat:4dbg3a3largrtcnp6us3pvazpm

Model-based Security Analysis of the German Health Card Architecture

J. Jürjens, R. Rumm
2008 Methods of Information in Medicine  
Conclusions: The results indicate that it can be feasible to apply a model-based security analysis using UMLsec to an industrial health information system like the German Health Card architecture, and  ...  In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such systems.  ...  The first author is supported by the Royal Society through the Joint International Project with TU Munich on "Modelbased Formal Security Analysis of Crypto-Protocol Implementations".  ... 
doi:10.3414/me9122 fatcat:qxy6tzabzvhxvkbdam6q5b6mdy

Towards efficient collaboration in cyber security

Peter Hui, Joe Bruce, Glenn Fink, Michelle Gregory, Daniel Best, Liam McGrath, Alex Endert
2010 2010 International Symposium on Collaborative Technologies and Systems  
These analysts necessarily perform much of the same work independently-for instance, analyzing the same list of security bulletins released by largely the same set of software vendors.  ...  As such, communication and collaboration between such analysts would be mutually beneficial to the analysts involved, potentially reducing redundancy and offering the opportunity to preemptively alert  ...  To this end, with some qualifications, it would be beneficial for cyber-security analysts to be able to share such information amongst each other.  ... 
doi:10.1109/cts.2010.5478473 dblp:conf/cts/HuiBFGBME10 fatcat:r6vblubz6bcnrcqrqdhcrxofby

An Exhaustive Survey on Physical Node Capture Attack in WSN

Bhavana Butani, Piyush Kumar Shukla, Sanjay Silakari
2014 International Journal of Computer Applications  
So, Security of wireless sensor network is an important issue for maintaining confidentiality and integrity of wireless links.  ...  It also analyzes various detection and key predistribution schemes for inventing a new scheme to improve resilience against node capture attack..  ...  ICmetrics or Integrated Circuit metric generates shared keys for secure communication by making use of hardware and software characteristics.  ... 
doi:10.5120/16577-6265 fatcat:umstipzwtzcfpdwqj4myexq2fe

A Novel Approach to National-level Cyber Risk Assessment Based on Vulnerability Management and Threat Intelligence

Marek Janiszewski, Anna Felkner, Piotr Lewandowski
2019 Journal of Telecommunications and Information Technology  
Evaluation of risk that is based on technical information, as well as on mutual relationships between various institutions and services, may result in very valuable situational awareness.  ...  Acknowledgements Work done as part of the CYBERSECIDENT/369195/I/ NCBR/2017 project supported by the National Centre of Research and Development in the frame of CyberSecIdent Programme.  ...  Aggregation and provision of such information to clients may be beneficial for security monitoring.  ... 
doi:10.26636/jtit.2019.130919 fatcat:usumhki77jb5hmm6kwsheby5ze
« Previous Showing results 1 — 15 out of 19,005 results