发布求助
文献互助 智能选刊 最新文献

Journal of Information Systems Security最新文献

筛选
英文 中文
Social Psychological Variables That Contribute to Resistance to Security Assessment Findings 社会心理变量有助于抵制安全评估结果
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92685.8
Russ Neal
{"title":"Social Psychological Variables That Contribute to Resistance to Security Assessment Findings","authors":"Russ Neal","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92685.8","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92685.8","url":null,"abstract":"Abstract It is not uncommon for IT executive management to require sufficient time to review and digest the findings of a security or disaster recovery risk assessment or the recommendations of a follow-on remediation plan. This is normal and is to be expected. Security remediation or the institution of a disaster recovery plan is costly and resource intensive. But soon a milestone is passed and the security consultant realizes that by the time any action is to be taken by executive management, the findings of the assessment have decayed and the information from several months ago can no longer serve as the information for decision making today. In some instances, consultants have observed management, prompted by audit findings and resulting hard implementation dates, attempting to suddenly act on assessment findings that are months to years old. Other forms of non-action are to belatedly proceed with the security remediation, only to have the project flounder due to non-support.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83948341","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Understanding the IM Security Threat 了解即时通讯安全威胁
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92681.4
Art Gilliland
{"title":"Understanding the IM Security Threat","authors":"Art Gilliland","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92681.4","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92681.4","url":null,"abstract":"Abstract Success in today's fast-paced global economy requires precision, agility, and speed. Organizations must quickly respond to changing market demands and make timely decisions that impact the success or failure of their business. Through the use of available and proven technologies to increase the velocity of collaborative decision making to match the speed of doing business, the demand for information is driving the need for real-time communications in today's organizations. Instant access to information across internal collaborative groups, important customers, and external trading partners creates business efficiencies and sets the real-time organization above the rest.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74434620","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Money Mules: An Investigative View 金钱骡子:一种调查性观点
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92679.2
Ken Dunham
{"title":"Money Mules: An Investigative View","authors":"Ken Dunham","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92679.2","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92679.2","url":null,"abstract":"Abstract Money mules are individuals unwittingly hired by organized criminals to perform international wire fraud and other illicit operations. It's their job to help move money around under the title of “account manager,” “client manager,” and other creative titles. Mules don't often realize they are part of an international fraud ring. It's bigger than you think, moving millions of dollars annually to overseas accounts in Russia and other global locations. This investigative report looks into the world of money mules and how they operate.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75050963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Managing the Risks of Managed Security Services 管理托管安全服务的风险
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92684.7
B. Masuda
{"title":"Managing the Risks of Managed Security Services","authors":"B. Masuda","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92684.7","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92684.7","url":null,"abstract":"Abstract The information security industry has been around for quite a while, but only in the past decade has it matured and become a widespread practice throughout commerce. As the information security industry matures and grows, the application of certain economic principles becomes apparent, such as economies of scale.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87614404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Wardriving: Unauthorized Access to Wi-Fi Networks Wardriving:未经授权访问Wi-Fi网络
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92680.3
Edward H. Freeman
{"title":"Wardriving: Unauthorized Access to Wi-Fi Networks","authors":"Edward H. Freeman","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92680.3","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92680.3","url":null,"abstract":"Abstract Wireless local area network, or Wi-Fi (“wireless fidelity”), is a short-range networking technology. Wi-Fi allows suitably equipped computers to connect to computer networks and the Internet using a radio connection rather than wires. Most new laptop computers can access Wi-Fi routers. T-Mobile HotSpot provides high-speed Wi-Fi in public locations such as Starbucks, Borders, FedEx, Kinko's, Hyatt's, and the airline clubs for most major airlines. Unlimited subscription plans start at $29.99 per month or $6.00 per hour for nonmembers.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75698378","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Securing and Hardening Red†Hat Linux 安全加固Red†Hat Linux
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92682.5
Sumit Dhar
{"title":"Securing and Hardening Red†Hat Linux","authors":"Sumit Dhar","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92682.5","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92682.5","url":null,"abstract":"Abstract An operating system is only as secure as the way it is configured and set up by the systems administrator. An improperly configured system, no matter how secure the underlying OS, is a disaster waiting to happen. Security thus depends a lot on the foresight and strategies of the administrator.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84480249","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
The Lion and the Gazelle 狮子和瞪羚
Journal of Information Systems Security Pub Date : 2006-03-01 DOI: 10.1201/1086.1065898X/45926.15.1.20060301/92678.1
J. Tiller
{"title":"The Lion and the Gazelle","authors":"J. Tiller","doi":"10.1201/1086.1065898X/45926.15.1.20060301/92678.1","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45926.15.1.20060301/92678.1","url":null,"abstract":"Abstract There are many discussions concerning infosec's value to the business and its role in the value chain. Every company produces, ultimately, goods or services that are the culmination of a series of events or actions encompassing people, process, and technology. The ability to introduce efficiencies — resulting in greater savings without derogation to the product or service — within the value chain presents a significant benefit for the producer. This tenet will impact security professionals like no other in the next few years.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83297320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Don't Trust Your Vendor's Software Distribution Methodology 不要相信供应商的软件分发方法
Journal of Information Systems Security Pub Date : 2006-01-01 DOI: 10.1201/1086.1065898X/45782.14.6.20060101/91858.8
Andrew Storms
{"title":"Don't Trust Your Vendor's Software Distribution Methodology","authors":"Andrew Storms","doi":"10.1201/1086.1065898X/45782.14.6.20060101/91858.8","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45782.14.6.20060101/91858.8","url":null,"abstract":"Abstract Weeks prior to a scheduled maintenance window, a network administrator at Cable and Wireless navigated to Cisco's Web site and downloaded new IOS code for their 12000 series gig routers. Days of rigorous testing resulted in an expected smooth installation of the new software. Unknown to the network administrator or anyone at Cable and Wireless, the IOS code had been Trojaned. Via Lawful Intercept, weeks went by where packets were sent to previously hijacked SOHO systems, which in turn forwarded said information to various sources, eventually making their way to a global terrorist group.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81780946","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Best Practices for Building a Security Operations Center 构建安全运营中心的最佳实践
Journal of Information Systems Security Pub Date : 2006-01-01 DOI: 10.1201/1086.1065898X/45782.14.6.20060101/91856.6
Diana Kelley, Ron Moritz
{"title":"Best Practices for Building a Security Operations Center","authors":"Diana Kelley, Ron Moritz","doi":"10.1201/1086.1065898X/45782.14.6.20060101/91856.6","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45782.14.6.20060101/91856.6","url":null,"abstract":"Abstract If one cannot effectively manage the growing volume of security events flooding the enterprise, one cannot secure one's business. Yet IT security teams are now being overwhelmed by literally millions of security-related messages every day. This daily deluge of security data is being generated by the numerous “point” security solutions deployed across the enterprise: firewalls, intrusion prevention and detection, access control, identity management, anti-virus, etc. These solutions all generate information in different formats, store it in different places, and forward to different locations. And it is more than anyone can handle.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82407960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Disclosure of Information Theft: The ChoicePoint Security Breach 披露信息盗窃:选择点安全漏洞
Journal of Information Systems Security Pub Date : 2006-01-01 DOI: 10.1201/1086.1065898X/45782.14.6.20060101/91853.3
Edward H. Freeman
{"title":"Disclosure of Information Theft: The ChoicePoint Security Breach","authors":"Edward H. Freeman","doi":"10.1201/1086.1065898X/45782.14.6.20060101/91853.3","DOIUrl":"https://doi.org/10.1201/1086.1065898X/45782.14.6.20060101/91853.3","url":null,"abstract":"Abstract In recent months, the media have reported several major security breaches. Hackers have stolen the personal information of thousands of individuals from leading banks, credit bureaus, and insurance companies. In other cases, computers and disks with highly confidential data have simply vanished at the airport security counter or from vehicles parked in the company lot. Stolen data may include such sensitive information as Social Security and driver's license numbers, financial history, and bank account numbers and balances.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2006-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81825851","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信