{"title":"Implementing and Supporting Extranets","authors":"P. Maier","doi":"10.1201/1086/43301.7.4.19990101/31020.9","DOIUrl":"https://doi.org/10.1201/1086/43301.7.4.19990101/31020.9","url":null,"abstract":"Abstract Extranets have been around as long as the first rudimentary LAN-to-LAN networks began connecting two different business entities together to form WANs. In its basic form, an extranet is the interconnection of two previous separate LANs or WANs with origins from different business entities. This term emerged to differentiate previous definitions of external “Internet” connection and a company's internal “intranet.” Exhibit 1 depicts an extranet with a Venn diagram, where the intersection of two (or more) nets formed the extranet. The network in this intersection was previously part of the intranet and now has been made accessible to external parties.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130723073","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Meet Your Cracker Intrusion Management Using Criminal Profiling","authors":"Steven Schlarman","doi":"10.1201/1086/43306.8.3.19990901/31072.5","DOIUrl":"https://doi.org/10.1201/1086/43306.8.3.19990901/31072.5","url":null,"abstract":"Abstract It is 2 A.M. and you receive the call. “We've been hacked.” Those are the only words you remember from the short conversation in your slumbering state. An eye-catching commercial — yes. Reality — yes, for some. Security breaches come in many different styles. This is just one possibility.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115002453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Release for Public Comment","authors":"R. Poore","doi":"10.1201/1086/43306.8.3.19990901/31073.6","DOIUrl":"https://doi.org/10.1201/1086/43306.8.3.19990901/31073.6","url":null,"abstract":"Abstract The Generally Accepted System Security Principles (GASSP) Committee has approved this release of the GASSP for public comment. The introductory materials and the sections through and including Section 2.1 Pervasive Principles are included for the reader's information only. Pervasive Principles have previously had a public comment period. The GASSPC asks the profession to review and comment on Section 2.2 Broad Functional Principles (the majority of the document). Section 2.3 Detailed Security Principles remains a work in progress that will be built on theBroad Functional Principles. We welcome your comments on all aspects of the document; however, we ask that you concentrate on substantive matters rather than editorial.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"117 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124666818","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Search and Seizure of Computer Equipment","authors":"Edward H. Freeman","doi":"10.1201/1086/43306.8.3.19990901/31070.3","DOIUrl":"https://doi.org/10.1201/1086/43306.8.3.19990901/31070.3","url":null,"abstract":"Abstract It may be an executive's worst nightmare. He steps out of the office elevator one morning and finds a group of federal agents busy at work. They are unplugging computers, modems, and printers and hauling them away. The lead agent shows a properly executed search warrant, duly signed by a judge. Her associates are politely grilling employees about the computer system and the facts of a specific inquiry.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122201144","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Anonymity, Privacy, and Trust","authors":"R. Poore","doi":"10.1201/1086/43306.8.3.19990901/31071.4","DOIUrl":"https://doi.org/10.1201/1086/43306.8.3.19990901/31071.4","url":null,"abstract":"Abstract In the Internet realm these days, we see the terms anonymity, privacy,and trustused as if they meant the same thing. We see “trust marks” attempting to describe the privacy policy of a Web site (e.g., Truste™ and WebTrust™). And we see “privacy” described in terms of personally identifiable information (PII) leaving the control of the person whose PII it is. We've also learned that accessing a site without revealing some information useful in tracking back to us is difficult and is never the default situation.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121725898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Coming of Age","authors":"Peter Stephenson","doi":"10.1201/1086/43306.8.3.19990901/31069.2","DOIUrl":"https://doi.org/10.1201/1086/43306.8.3.19990901/31069.2","url":null,"abstract":"Abstract I'm writing this at five in the morning from Lima, Peru. In a couple of hours I'll be on site at one of Latin America's largest banks starting the second day of a consulting engagement. Yesterday morning I was in the hotel dining room eating breakfast and it was as if I had stepped back into the 1960s. The music on speaker system was that old do-wop four-chord progression, straight out of Motown, but with a Latino beat and a Spanish accent. Although my Spanish is weak, I could, actually, understand the words.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121793897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Risk Management and Security","authors":"C. Hamilton","doi":"10.1201/1086/43305.8.2.19990601/31067.11","DOIUrl":"https://doi.org/10.1201/1086/43305.8.2.19990601/31067.11","url":null,"abstract":"Abstract Our society depends on fast, accurate transmission of information. Everything from e- mail, stock quotes, credit ratings, bank balances, travel arrangements, even the weather, are all transacted by computer systems. Just 10 years ago, most employees worked with dumb terminals that performed a prescribed set of functions. These terminals have evolved into personal computers on every desk, most linked to the Internet. Even prisoners request modem access to conduct in-prison enterprises.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116678266","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Selected Security and Legal Issues in E-Commerce","authors":"Frederick Gallegos, Mohammad Al-abdullah","doi":"10.1201/1086/43305.8.2.19990601/31065.9","DOIUrl":"https://doi.org/10.1201/1086/43305.8.2.19990601/31065.9","url":null,"abstract":"Abstract Encryption can be explained as the process of transforming information into an unintelligible form and thus making it extremely hard for others to understand the meaning of the message. Encryption can be used to disguise messages so that even if a message is diverted, it will not be revealed.6","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121682861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Intrusion Detection: Making the Business Case","authors":"Carol A. Siegel","doi":"10.1201/1086/43305.8.2.19990601/31066.10","DOIUrl":"https://doi.org/10.1201/1086/43305.8.2.19990601/31066.10","url":null,"abstract":"Abstract In the current atmosphere of large- scale corporate mergers and acquisitions, downsizing and eliminating redundant operations has become the norm. Couple this with massive one-time expenditures on EMU and the year 2000, the amount spent on mitigating information risk has grown in overall size but has shrunk in the area of data security. Information risk management, a term coined in the early '90s, has had to become leaner and more client-focused, implementing only what is absolutely necessary. This has left IT managers hard-pressed to cost-justify every dollar spent. With IT budgets in the millions and even billions for larger financial services companies, decisions regarding specific technology expenses can have far-reaching implications. Deploying a tool or technology across the enterprise must be thought through carefully in terms of its hard and soft costs and benefits. Thorough analysis up front can mean a faster approval cycle for the product and a more transparent implementation. The key i...","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"420 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126705875","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Defining a Technical Architecture for Health Care Security","authors":"Dahl Gerberick, D. Huber, Robert Rudloff","doi":"10.1201/1086/43305.8.2.19990601/31064.8","DOIUrl":"https://doi.org/10.1201/1086/43305.8.2.19990601/31064.8","url":null,"abstract":"Abstract In the previous article, “Preparing for Health Care Legislation,” we established the need for Health Care security concerns and emphasized an enterprise approach to properly, effectively, establishing security for Electronic Medical Records (EMRs). In this article we present a technical architecture addressing Health Insurance Portability and Accountability Act (HIPAA) of 1996.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"100 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1999-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115541156","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}