Shon Harris and other team members would like to share with you the materials we have published for various periodicals.
We will continually be updating this page with more articles, so please check back often. If you would like to use any of our material, please e-mail us at info@logicalsecurity.com for permission first and please indicate that the material came from our web site.
Malicious Software: Viruses
Malicious software, often abbreviated with the term “malware”, is software designed to
infiltrate or damage a computer system without the owner's informed consent. It can therefore penetrate
the system evading controls.
GBL Suggestions
GBL only deals with customer data, not business to business data. GBL can be over ridden by other laws and regulations because OCC and other agencies cover other types of requirements other than just customer data protection. OCC is there to assess the integrity of the bank, not just protecting customer data.
Access Control Methods
The purpose of this article is to introduce, from a theoretical point of view, the main access control methods, in order to provide a better understanding of methods to reinforce the security policy that are based on these concepts. We'll concentrate above all on Mandatory Access Control.
What the Botnets are Netting and for Whom
The greatest threat to online and offline businesses today are not terrorists or even cyber-terrorists, but good old fashioned organized crime groups using fancy new tools on the Internet to fleece the unsuspecting public, governments and global corporations. Computer crimes on businesses are increasing at an alarming rate, and the cost of computer crimes, just like other business costs, will always be passed on to the customer.
Introduction to Elliptic Curve Cryptography
The purpose of this article is to introduce the reader to Elliptic Curve Cryptography.
Most of the products and of the standards that use public-key cryptography for encryption and digital signatures use RSA, that is the Rivest-Shamir-Adleman algorithm, based on the difficulty of factoring the product of two large prime numbers, which ensures that calculating the private key from the public one is hard (computationally too expensive).
Introduction to Intrusion Detection Systems
An Intrusion Detection System (IDS) is an important means to protect IT systems from external attacks. IDSs are monitoring systems and they are passive, that is they detect attacks or potential attacks, they can send alert messages, but don't interfere with the monitored system and events.
Base-Rate Fallacy Considerations
In this article Bayesian statistics is applied to Intrusion Detection Systems (IDSs), in particular to false positives and false negatives, that is alarms without real threat and threats undetected by the IDS. What is the relation between false positives and false negatives? Which one is more important? Are they to be minimized in the same way or one more than the other?
What Are The Dangers Of Instant Messaging?
Historically, operating systems and many applications have utilized their own authentication
mechanisms to validate a user and grant access to network resources.As the world becomes ever
more integrated, the authentication processes on a network must not only satisfy the security
concerns of identifying the validity of a user to the resource, and vice versa,
SELinux and AppArmor: An Introductory Comparison
In another article, “Hardening Linux Systems in the Application Layer: Why It's Important”, I explained the importance of hardening our Linux systems by reinforcing the security policy in the application layer too. As I said, SELinux is not the only available tool for this purpose.
How VoIP really works?
Voice over Internet Protocol (VoIP) is a protocol (convention or standard) that governs the the transmission of voice through the Internet or other packet switched networks (networks in which small units of data called packets are routed through a network). In other words, VoIP uses a broadband internet connection, like cable or DSL, for routing telephone calls.
A family of EAP’s (or is it a flock of EAP’s?)
Historically, operating systems and many applications have utilized their own authentication
mechanisms to validate a user and grant access to network resources.As the world becomes ever
more integrated, the authentication processes on a network must not only satisfy the security
concerns of identifying the validity of a user to the resource, and vice versa,
How Do Bots And Botnets Work?
Basically a bot is simply a very sophisticated program which mimics human behavior. Yet they are a definite risk for home computer security online.
Reinforcing the Security Policy of Linux Systems
In my professional life I see that Linux systems, in several cases Red Hat Enterprise/Advanced Linux distributions, are protected at network level, with firewalls and other things, but system administrators often haven't a deep knowledge of application level security,
Back To School: IT Training Services
"Training is always the last thing on the mind of the people with the purse strings, and it’s usually the first thing to go when the budget gets cut," says Shon Harris.
View Article
Role Model
Identity management is a critical security challenge, but without viable standards for access control, your best efforts may be just a drop in the bucket.
View Article
Introduction to Security Governance
Security governance is very similar in nature to corporate and IT governance because there is overlapping functionality and goals between the three. All three work within an organizational structure of a company and have the same goals of helping to ensure that the company will survive and thrive – they just each have different focuses.
Corporate governance has to do with how the board of directors and executive management run and control a company. IT governance is how technology is used and managed so that it supports business needs. There are many professional and official sounding definitions of security governance such as the following by the IT Governance Institute in its Board Briefing on IT Governance, 2nd Edition:
View Article
Risk Management Guide
Companies have always had to deal with different types of risk, be it financial, legal, the success of a new product launch or a merger, or the threat of natural disasters. These risks are traditionally treated as silos. The CFO is responsible for understanding and making decisions pertaining to financial risk. The IT department is responsible for the risk of losing data processing capabilities. Legal council is responsible for understanding and managing the company's legal issues. And so on. But this fragmented approach to risk is becoming more dangerous as companies face risks that threaten the company's overall existence. These risks come in the form of noncompliance with government regulations, increasing information security threats, terrorist activities and natural disasters. It is important now more than ever, for companies to develop and maintain a holistic risk management program that coordinates these silos because they all have the same overall goal – to protect the company and its assets.
View Article
Understanding Standards for Risk Management and Compliance
Regulatory requirements are driving companies to look into risk management more than ever before. SOX, HIPAA and GLBA all require risk analysis and management. But organizations looking for a solution can quickly find themselves swimming in a sea of acronyms that includes NIST 800-30, AS/NZS 4360:2004, OCTAVE, COSO and CobiT.
View Article
Risks Associated with Outsourcing
Although outsourcing can greatly reduce labor costs, because countries have different laws, regulations and enforcement motivations, many companies have to deal with a range of unfamiliar issues to ensure their work is secure. For example, in 2002, ...
View Article
Denying Denial-Of-Service
New solutions fight DoS/DDoS by automatically detecting and blocking potential attacks. Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have been around for years, but with reports that 4,000 DoS attacks are launched each week, it's clear the problem isn't close to being resolved. In fact, in a recent poll of Information Security readers, 90 percent said they remained either "very concerned" or "somewhat concerned" about DoS or DDoS.
View Article
Security Strategies for E-Companies - The Science of Secrets
Cryptology continues to evolve as our need for keeping secrets increases. Cryptology, the science of secure communications, is as old as civilization and the written word. Throughout the ages, everyone from kings to shopkeepers has employed codes to gain a competitive edge, reduce vulnerability, hide their true intentions or revel in the comfort of knowing something that someone else doesn't.
View Article
802.11 Security Shortcomings
Wireless communication has been around for years, but only recently has it ascended to the status of a mainstream communication method. Portable devices (e.g., PDAs, cell phones, laptops) have proliferated, giving mobile users access to email accounts, Internet sites, online banking, and the stock exchange. This proliferation has led to WLAN vendors scurrying to develop proprietary wireless network solutions and application vendors hurrying to code new wireless programs.
View Article
Learning from SQL Slammer
Many people might have heard of the Slammer worm, but few people fully understand the root of the attack. Familiarizing yourself with Slammer's methods can help you evaluate the risk to your environment and prepare for future attacks by similar worms.
View Article
Greater WLAN Security with 802.11i
To improve the standard and close holes in current wireless implementations, IEEE developed the 802.11i Task Group. To address each of the aforementioned flaws, this group has developed a new authentication framework that encompasses several components.
View Article
How 802.11i Addresses WEP's Core Deficiencies
Wired Equivalent Privacy (WEP) contains three core deficiencies. The first deficiency is the use of static encryption keys. The second deficiency is the ineffective use of initialization vectors (IVs). The third deficiency is the lack of packet integrity assurance.
View Article
Vulnerability Mismanagement
The following are seven must-have elements of a successful vulnerability management program. They're not about scanning or applying patches; they're the essentials that will enable you to efficiently and effectively find and remediate vulnerabilities
View Article
To Catch a Thief
Understanding the requirements of bringing the necessary forensics capability in-house and the most popular tools in use today.
View Article
|
