SEARCH RESULTS
 
Showing 1-10 of 53 records
 
Expand article

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog
 
...securely interact with services and applications controlled by multiple security domains The COA position paper builds on the Jericho Forum commandments, which are published at http://www.opengroup.org/jericho/commandments v1.2.pdf . When reading the commandments, by the way, I find it helps to ignore the explanatory paragraphs, and just...
 
Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum
 
 
 
 
Expand article

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog
 
...securely interact with services and applications controlled by multiple security domains The COA position paper builds on the Jericho Forum commandments, which are published at http://www.opengroup.org/jericho/commandments v1.2.pdf . When reading the commandments, by the way, I find it helps to ignore the explanatory paragraphs, and just...
 
Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum
 
 
 
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...securely in the face of adversarial activity. The chairman of the Common Criteria Development Board (David Martin) agreed with these points in his presentation at the ICCC in Rome this year . Its not that CC cant do this; its just that it currently doesnt . This is the area where Steve Lipner, myself, and others have pointed out repeatedly...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

When typos attack

The Article has images
2007-12-04 08:56:00 by Mike Rothman in Security Mike's Blog
...securely. Right, that's Step 2 in Security Mike's Guide . Step 3 focuses on securely configuring your browser Over the next week or so, when Step 4 goes live, you'll also learn about a utility that plugs into your browser to show whether a web site is good. None of these methods are totally foolproof, but the more layers of security you...
 
Tags: nasty web attacks, web, type pretty fast, pretty, web site, email, step, innocent typos, security
 
 
 
 
Expand article

Hard drives purchased at Oklahoma auction contained personal information

The Article has images
2008-05-26 14:48:06 by Evan Francen in The Breach Blog
...securely, or just discarded? I don't see any problem with leaving hard drives in the computers as long as they are securely wiped. Using a free program like Darik's Boot and Nuke works fine for many applications but can be time consuming Commentary If information is no longer needed by an organization, destroy it. If encryption had been...
 
Tags: oklahoma, information, personal information, oklahoma tax commission, store confidential information, oklahoma corporation commission, corporation commission, information security, tax commission
 
 
 
 
Expand article

Credit Cards Failing Open

2008-10-30 19:35:34 by Chris Eng in Zero in a bit
 
...securely . The general idea is that if a security mechanism fails, it should fail closed. If your firewall crashes, it should block all traffic, not allow all the packets through. If the power source to your card key system is interrupted, it shouldnt unlock all the doors. If the connection between your application server and your LDAP...
 
Tags: credit card transaction, transaction, credit card, credit card companies, credit card weirdness, credit card account, attempt, application server, application
 
 
 
 
Expand article

Cisco Acquires Securent - moving policy decisions to the network layer

2007-11-01 09:12:16 by Andras Cser in Security & Risk Management
 
...securely (without compromising network payload privacy) to the network is not immediately convincing network operations and GRC groups are still siloed at most organizations. Given the fact that enterprises are increasingly looking for integrated IAM stacks, the entry of Cisco into the entitlement management market will require a clear...
 
Tags: iam, iam vendors, network, entitlement management product, iam market, product, entitlement management, network operations, operations
 
 
 
 
Expand article

Citizens Advice stolen laptop was encrypted

The Article has images
2007-12-13 13:37:02 by Evan Francen in The Breach Blog
...securely (i.e. no password written on the laptop), then we MAY be able to assume that the confidentiality of the data on the laptop was not compromised. I am not close enough to the investigation to know An added benefit to laptop encryption is some regulations include "safe harbor" statements that could save serious money and embarrassment....
 
Tags: laptop encryption, laptop encryption software, advice, encryption, encryption product, citizens advice, laptop, sought advice, personal data
 
 
 
 
Expand article

Another stolen Pennsylvania DPW computer, more victims

The Article has images
2007-12-12 15:10:53 by Evan Francen in The Breach Blog
...securely The DPW should be applauded in their response and disclosure (i.e. a link to the press release is prominently displayed on the DPW home page), but admonished for not encrypting sensitive data at rest Past Breaches September, 2007 - Pennsylvania DPW computers stolen, exposing 375,000 citizens
 
Tags: dpw computer, dpw, pennsylvania, pennsylvania dpw computers, dpw clients, pennsylvania department, sensitive personal information, personal information, department
 
 
 
 
Expand article

Reliability Vs. Security

2007-12-07 16:46:00 by sdl in The Security Development Lifecycle