| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Awareness Program
|
|
Case Studies
|
|
Encryption is not enough for DRM If you examine the ordinary PDF file you will find that a large amount of control information can clearly be seen. In other words, not everything is actually encrypted. That is a weakness since there should be no reliance upon information that has not been protected. Many document protection systems have been attacked successfully using that external control information. It may also allow others to see information that you did not want to be known. So check that all your information is encrypted, and not just the visible content.
LockLizard,
07/19/2005
|
|
Introduction to Digital Rights Management Most people have heard of software licensing and pay per view television, but possibly not connected it with a development in technology called Digital Rights Management (DRM). To understand what DRM is trying to achieve you first of all need to understand intellectual property.
LockLizard,
07/14/2005
|
|
Protecting your Intellectual Property with DRM Implementing a DRM service does not have to be complex or expensive to set up and administer. To a large extent that will depend upon your scale of operation. If you publish a small number of books or documents to a small number of customers you can run a system manually without any difficulty. Obviously if you are publishing several documents every week to hundreds of customers that is more complicated purely from an administrative standpoint. The DRM component need not be so complex.
LockLizard,
07/12/2005
|
|
Is Your Security Event Management Tool Credible? Security Event Management (SEM) vendors often talk about scalability when addressing the degree to which their products can accommodate growth in a customer's increasing network and/or security requirements. When talking about scalability in this context, one must also discuss SEM credibility, specifically, the reproducibility of the results. For a product to be truly scalable, the specific SEM results must remain unchanged as the product "scales". While this sounds obvious, it may not always happen. This article explores the concepts of scalability and credibility, and why these are factors that need to be considered evaluating an SEM product.
Roberto Angelino,
05/17/2005
|
|
End User Device Security Desktop PCs, laptops, and Personal Digital Assistants (PDAs) are everywhere and usually connect to sites outside your security perimeter. In addition, more than 50% of your critical business information is likely stored on these systems (Sussman, 2004); they are also often the home for worms, viruses, and other malicious code. This makes end-user devices perfect portals for attacks against your network. In this article, we explore many of the potential threats, vulnerabilities, and safeguards surrounding end-user computing.
Tom Olzak,
03/29/2005
|
|
A Proactive Approach to IT Security Management This paper shows how proactive management techniques can be applied in the area of information security in order to achieve a scalable and flexible process, capable of responding to both short-term and strategic requirements. Emphasis is given to simple, practical techniques and examples of how these techniques can be applied are provided.
Steve Purser,
02/28/2005
|
|
Baseline Analysis of Security Data In this paper we suggest a different approach for using data mining technology in the intrusion detection area. We claim that the best positioning for a data mining technology within an intrusion detection system is not as a detection engine, but rather as an analysis layer that will filter out the false positives. The ability of data mining technology to build behavioral models representing ‘normal’ behavior of data is most suitable to model the data generated by the intrusion detection engines.
Ophir Rachman, Ph.D,
02/18/2005
|
|
Controlling Internal Abuse Through The Process Of Security For five years, the Computer Security Institute (CSI) and the FBI have conducted an annual survey of the types of attacks companies experience. Invariably, dishonest and disgruntled employees top the list at about 80% as the most likely source of attack. Further, these insider attacks typically fall into the most expensive categories. According to the 2000 CSI/FBI survey, these categories amounted to over $200 million in losses in 1999 (unauthorized insider access – $22.5 million, theft of proprietary data – $66.7 million, financial fraud – $55.9 million, insider network abuse – $27.9 million, sabotage – $27.1 million).
Keith Palmgren,
02/07/2005
|
|
Information Security, The New Niche Information is now not being stored in hardcopy format in boxes upon boxes of paper and kept in light and humidity controlled rooms somewhere beneath the earth. It is now being stored on a digital medium, with the medium being optical or magnetic. This new digital medium poses a risk because it makes the data that is held on these disks much more accessible for all the good and bad reasons. The good reasons far overwhelm the bad reasons this is why we have arrived at the digital age where everything is being stored digitally.
By Philip Buckley, 10/12/2004
|
Why You Should Switch to Firefox Now Recent flaws in the way Microsoft processes common Internet image files, and a decision to offer IE updates only to Windows XP users, lead to just one logical conclusion: ditch Internet Explorer.
09/29/2004
|
|
Page: 1 234567 |
