发布求助
文献互助 智能选刊 最新文献

Journal of Information Systems Security最新文献

筛选
英文 中文
Security Functional Components for Building a Secure Network Computing Environment 构建安全的网络计算环境的安全功能组件
Journal of Information Systems Security Pub Date : 2007-11-01 DOI: 10.1080/10658980701747245
Manpreet Singh, M. Patterh
{"title":"Security Functional Components for Building a Secure Network Computing Environment","authors":"Manpreet Singh, M. Patterh","doi":"10.1080/10658980701747245","DOIUrl":"https://doi.org/10.1080/10658980701747245","url":null,"abstract":"ABSTRACT It is difficult to define reliable security policy components that should be applied to validate a secure computing environment. The job gets further complicated when one has to deal with multiple policies in single computing environment. This paper demonstrates how we can overcome the difficulties of defining reliable security components by using evaluation criteria. In this paper we use common criteria to derive the security functional components for a multipolicy-based network computing environment. In the verification process, the derived policy components are related to the specific security objectives of the network communication environment. The evidence listed in the case study supports the claims that the proposed network security policy interpretation framework is a complete and cohesive set of requirements.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"29 1","pages":"332 - 343"},"PeriodicalIF":0.0,"publicationDate":"2007-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82414884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
The IT Compliance Equation: Understanding the Elements IT遵从性等式:理解要素
Journal of Information Systems Security Pub Date : 2007-09-04 DOI: 10.1080/10658980701225374
Steven Schlarman
{"title":"The IT Compliance Equation: Understanding the Elements","authors":"Steven Schlarman","doi":"10.1080/10658980701225374","DOIUrl":"https://doi.org/10.1080/10658980701225374","url":null,"abstract":"*This article originally published in EDPACS 35(1), January 2007, pp 12–23.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"15 1","pages":"224 - 232"},"PeriodicalIF":0.0,"publicationDate":"2007-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73440270","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
From the Editor's Desk 从编辑部
Journal of Information Systems Security Pub Date : 2007-09-04 DOI: 10.1080/10658980701612761
K. Namuduri
{"title":"From the Editor's Desk","authors":"K. Namuduri","doi":"10.1080/10658980701612761","DOIUrl":"https://doi.org/10.1080/10658980701612761","url":null,"abstract":"","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"241 1","pages":"187 - 187"},"PeriodicalIF":0.0,"publicationDate":"2007-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75785541","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Clarifying the Roles of Information Security: 13 Questions the CEO, CIO, and CISO Must Ask Each Other 澄清信息安全的角色:CEO、CIO和CISO必须互相问的13个问题
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701746577
T. Fitzgerald
{"title":"Clarifying the Roles of Information Security: 13 Questions the CEO, CIO, and CISO Must Ask Each Other","authors":"T. Fitzgerald","doi":"10.1080/10658980701746577","DOIUrl":"https://doi.org/10.1080/10658980701746577","url":null,"abstract":"The invention relates to a horizontal tank-type container, particularly for use in winemaking, the beverage industry and the preparation of alcohol. The upper portion of the container is of a substantially circular cylindrical shape. The invention resides in the container being pear-shaped or escutcheon-shaped in cross section normal to the longitudinal container axis, with the narrow portion pointing downward. This enables the container to be conveniently emptied and easily cleaned.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"59 1","pages":"257 - 263"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88404297","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Regulatory Compliance — the Wonderful World of FISMA 法规遵从- FISMA的美妙世界
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701747260
Chris Nowell
{"title":"Regulatory Compliance — the Wonderful World of FISMA","authors":"Chris Nowell","doi":"10.1080/10658980701747260","DOIUrl":"https://doi.org/10.1080/10658980701747260","url":null,"abstract":"A control system for a printing machine having a main shaft with a constant ratio of its rotary speed to a drive speed of the printing machine, has a plurality of translationally, continuously rotatably and discontinuously rotatably movable regulating members controllable by a main shaft of the machine, and a single supply system operating by hydraulic energy and associated with the regulating members, wherein the supply system includes a fixed-displacement pump, an oil supply conduit connecting the fixed-displacement pump with the regulating members, an electrically actuated flow regulating valve acting upon an oil stream, and a signal transmitter with a signal processor arranged so that the flow regulating valve connected with the main shaft via the signal processor.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"61 1","pages":"278 - 280"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87029575","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Reducing Remote Risks within the Enterprise 减少企业内部的远程风险
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701746494
Ken Dunham
{"title":"Reducing Remote Risks within the Enterprise","authors":"Ken Dunham","doi":"10.1080/10658980701746494","DOIUrl":"https://doi.org/10.1080/10658980701746494","url":null,"abstract":"Remote exploitation and attack against enterprise networks is a continual threat against enterprise networks in 2007. Increasingly sophisticated networks and business requirements within a fast changing world of technology have complicated risk reduction today. Sadly, malicious code often becomes the auditing tool for many networks, instead of due diligence. Vulnerable computers, noncompliant computers, executives ignorant to security and targeted attacks, and malicious code infestations run rampant today. By adopting best practices against common vectors of attack, organizations may significantly lower the likelihood of a remote exploitation incident against the network.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"36 1","pages":"295 - 299"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88553791","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
End-to-End Security Across Wired-Wireless Networks for Mobile Users 面向移动用户的无线网络端到端安全
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701747252
S. Zeadally, N. Sklavos, Moganakrishnan Rathakrishnan, S. Fowler
{"title":"End-to-End Security Across Wired-Wireless Networks for Mobile Users","authors":"S. Zeadally, N. Sklavos, Moganakrishnan Rathakrishnan, S. Fowler","doi":"10.1080/10658980701747252","DOIUrl":"https://doi.org/10.1080/10658980701747252","url":null,"abstract":"ABSTRACT Recent advances in mobile computing and wireless communication technologies are enabling high mobility and flexibility of anytime, anywhere service access for mobile users. As a result, network connections of such users often span over heterogeneous networking environments consisting of wired and wireless networking technologies. Both network heterogeneity and user mobility make the securing of data transmission over heterogeneous networks challenging and complex. In this paper, we focus on the challenge of providing secure end-to-end network transmissions to wireless mobile users. To minimize service interruption during ongoing secure sessions of mobile users, we present the design and implementation of an approach based on the well-known Internet Protocol Security (IPSec) standard. We conducted a performance evaluation of our implementation using a Voice over IP (VoIP) application over an actual network testbed. Our empirical performance results demonstrate a packet loss improvement of 17% to 34% (for various VoIP packet sizes) and a handoff delay improvement of almost 24% validating the high efficiency of our proposed approach.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"64 1","pages":"264 - 277"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83595312","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A Basic Firewall Configuration Strategy for the Protection of Development-related Computer Networks and Subnetworks 保护与发展相关的计算机网络和子网的基本防火墙配置策略
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701744853
S. Maskey, Brittany Jansen, D. Guster, Charles Hall
{"title":"A Basic Firewall Configuration Strategy for the Protection of Development-related Computer Networks and Subnetworks","authors":"S. Maskey, Brittany Jansen, D. Guster, Charles Hall","doi":"10.1080/10658980701744853","DOIUrl":"https://doi.org/10.1080/10658980701744853","url":null,"abstract":"ABSTRACT As more and more development-related networks, both instructional and industry related, are being attached to the Internet, the need for protection from hackers becomes evident. This is largely due to the fact that security breaches have reached epidemic proportions. The article therein examines these issues as well as presents a case study for a basic firewall configuration. The logic behind the case study is based on four different modules containing one or more sections: environmental, forward rules, allow ping, and post-routing rules. A figure and source code is provided to indicate how the logic would appear once the plan had been implemented. The example was designed as such in hopes that a more sophisticated and usable product could emerge. In addition, this template could be considered a useful learning and/or teaching resource when teaching basic firewall configurations.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"1 1","pages":"281 - 290"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76916634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Holistic Information Security: ISO 27001 and Due Care 整体信息安全:ISO 27001和应有的注意
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701746478
Edward H. Freeman
{"title":"Holistic Information Security: ISO 27001 and Due Care","authors":"Edward H. Freeman","doi":"10.1080/10658980701746478","DOIUrl":"https://doi.org/10.1080/10658980701746478","url":null,"abstract":"“The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards—and even then I have my doubts.” —Gene Spafford, Professor of Computer Science, Purdue University","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"57 1","pages":"291 - 294"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76117257","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Information Security Policy Development and Implementation 信息安全政策的发展和实施
Journal of Information Systems Security Pub Date : 2007-09-01 DOI: 10.1080/10658980701744861
Avinash W. Kadam
{"title":"Information Security Policy Development and Implementation","authors":"Avinash W. Kadam","doi":"10.1080/10658980701744861","DOIUrl":"https://doi.org/10.1080/10658980701744861","url":null,"abstract":"ABSTRACT Development of the information security policy is a critical activity. Credibility of the entire information security program of an organization depends upon a well-drafted information security policy. Most of the stakeholders do not have time or inclination to wade through a lengthy policy document. This article tries to formulate an approach to the information security policy development that will make the policy document capture the essentials of information security as applicable to a business. The document will also convey the urgency and importance of implementing the policy, not only in letter but also in spirit.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":"8 1","pages":"246 - 256"},"PeriodicalIF":0.0,"publicationDate":"2007-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83936729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信