Security Tools - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Attestation of Identity Information 2006-11-10 14:17:30 Oracle

This Oracle white paper discusses the fundamental premise of attestation and the role of identity management in achieving cost-effective, sustainable compliance. Attestation is the requirement that management periodically certifies that only appropriate individuals have accessed sensitive information. While the cost of complying with the provisions of regulations like Sarbanes Oxley is high, the cost of non-compliance is even higher. Fortunately, today's robust identity management (IdM) solutions are reducing the overall cost of compliance providing automated processes to maintain a comprehensive audit trail of historical user privileges, including when, why, and through which systems information was accessed. Any IT decision maker who's seeking an end-to-end security solution that supports regulatory compliance will benefit from informative white paper from Oracle.

Websense Security Labs Security Trends Report 2006 2006-04-24 08:03:54

Websense Security Labs researches today's advanced internet threats, focusing on malicious websites, phishing, and other emerging threats associated with spyware, keylogging, and instant messaging and peer-to-peer use. This report summarizes findings for the second half of 2005 and presents projections for the upcoming period.

The three dimensions of endpoint security 2006-04-24 06:40:19

With the proliferation of personally-owned IT gagdgets in the workplace, IT security needs to evolve to address the three-dimensions of endpoint security - data, devices and desktops.

E-CRIME & WEB THREATS 2006-04-24 08:08:25

Businesses are now facing a new type of information security threat whose characteristics are less widespread in number, more insidious, better-targeted, financially-motivated and driven by organised crime. This is no longer the domain of teenage hackers, but hardened criminals for whom information-based crime offers bigger rewards and less risk than crime in the physical world. Their target is information - confidential corporate or personal data - that can be sold for profit or used for fraud or extortion. This trend toward "hacking for profit" has been signalled by respected sources such as the SANS™ Institute (United States), the National Hi-Tech Crime Unit (United Kingdom) and Websense Security Labs™ (global).

SSL in High-Security Browsers 2006-04-20 08:59:26

Declaring war on security exploits, browser providers are collaborating with industry experts to make their products more secure. A new breed of high-security browsers, including Firefox, Opera, and the upcoming Microsoft Internet Explorer 7, give users clear indications of a site's trustworthiness. With an average online order value of Ł75 and rising abandonment rates, e-commerce sites stand to gain or lose veritably depending on how users perceive them through these new browsers.

Detecting Critical Nodes for MANET Intrusion Detection Systems 2006-04-14 National Institute of Standards and Technology

Ad hoc routing protocols have been designed to efficiently reroute traffic when confronted with network congestion, faulty nodes, and dynamically changing topologies. The common design goal of reactive, proactive, and hybrid ad hoc routing protocols is to faithfully route packets from a source node to a destination node while maintaining a satisfactory level of service in a resource-constrained environment. Detecting malicious nodes in an open ad hoc network in which participating nodes have no previous security associations presents a number of challenges not faced by traditional wired networks.

Tags: Mobile - Wireless Communications, Intrusion Detection Systems

Compliance in the Mobile Enterprise 2006-08-02 06:14:47 iAnywhere Solutions

At a time when state, local, and federal regulators are demanding higher data protection standards, accelerating mobile trends—such as use of smart phones, basic logistical applications, and tiny storage devices—are multiplying the possible security breaches that IT organizations face. To add to the complexity, those risks differ depending on the employee's job description, from sales people to clinicians, all the way up to executives. Yet, few companies realize that mobile security management is not simply an extension of existing end-user management. Download this paper to learn how to create and implement effective mobile user policies and how to evaluate management applications that may make the tasks easier.

Oracle Software Security Assurance Process 2006-07-04 03:56:39 Oracle

The Oracle Software Security Assurance Process ensures that Oracle's products are as secure as the company can build them at all stages of the software lifecycle: initial design, in development, and following release to customers. The process is extensive and constantly evolving. Oracle's products have included security mechanisms as core product capabilities for decades. The Oracle Software Security Assurance Process has evolved over the company's history and will continue to evolve as it identifies new technology and processes to find security vulnerabilities, improve the strength of its security mechanisms, and provide ongoing protection to its customers.

NetSafeGuard Intrusion Detection System Blueprint 2006-03-24 Science Technology Institute

This paper contains specifications of an integrated Network Security framework. This framework provides a complete security for computer systems against various computer threats such as virus, internet worms, spywares, intrusion attempts and spamming emails. The current systems available in the market suffer from high false alarm rates, and cannot detect unknown attacks because of the sophisticated and dynamic nature of malicious activities. This project aims to improve the system robustness, and detection accuracy of the decision engine, in order to overcome such inefficiency. Beside this major focus, there are a wide range of supporting services provided to boost the effectiveness of system, in terms of functionalities and usability.

Tags: Intrusion Detection Systems,

SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address 2006-03-22 Purdue University

A buffer overflow attack is perhaps the most common attack used to compromise the security of a host. This attack can be used to change the function return address and redirect execution to the attacker's code. This paper presents a hardware-based solution, called SmashGuard, to protect against all known forms of attack on the function return addresses stored on the program stack. With each function call instruction, the current return address is pushed onto a hardware stack. A return instruction compares its address to the return address from the top of the hardware stack. An exception is raised to signal the mismatch.

Jump to 1 2 3 4 5 6 7 [8] 9 10

What's important from our sponsors

10 million IT Folks can't be wrong with their server choice.

HP ProLiant ML110 G5

The reliable server
that costs as little as a PC, the ideal solution for an SMB.

HP ProLiant DL380 G5

Harness immense computing power your business needs today to succeed.

HP ProLiant DL385 G5

Delivers time-tested features like Pre-Failure Notification and Remote Access Management.

Sponsored by

Cutting-edge technology from premium sponsors

Oracle Technology Solutions for Midsize Businesses

Oracle's Vision for an Enterprise Performance Management System

Improve employee productivity with an out-of-the-box employee portal

HP ProLiant ML110 G5 from $999
Click here for the reliable server that cost as little as a PC.

DBOptimizer
Discover, Diagnose & Optimise poor performing SQL…Fast!

C++Builder 2009
RAD visual development meets C++ power – download it now!

Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.

Country Report: India

Technology for national gains

SMBs post big potential for tech vendors

India's IT services sector refreshes itself

More from CNET Networks Asia Pacific

CNET Networks International Sites

About ZDNet Asia |

About CNET Networks Asia Pacific |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Title	Date Added	Company
Attestation of Identity Information	2006-11-10 14:17:30	Oracle
This Oracle white paper discusses the fundamental premise of attestation and the role of identity management in achieving cost-effective, sustainable compliance. Attestation is the requirement that management periodically certifies that only appropriate individuals have accessed sensitive information. While the cost of complying with the provisions of regulations like Sarbanes Oxley is high, the cost of non-compliance is even higher. Fortunately, today's robust identity management (IdM) solutions are reducing the overall cost of compliance providing automated processes to maintain a comprehensive audit trail of historical user privileges, including when, why, and through which systems information was accessed. Any IT decision maker who's seeking an end-to-end security solution that supports regulatory compliance will benefit from informative white paper from Oracle.
Websense Security Labs Security Trends Report 2006	2006-04-24 08:03:54
Websense Security Labs researches today's advanced internet threats, focusing on malicious websites, phishing, and other emerging threats associated with spyware, keylogging, and instant messaging and peer-to-peer use. This report summarizes findings for the second half of 2005 and presents projections for the upcoming period.
The three dimensions of endpoint security	2006-04-24 06:40:19
With the proliferation of personally-owned IT gagdgets in the workplace, IT security needs to evolve to address the three-dimensions of endpoint security - data, devices and desktops.
E-CRIME & WEB THREATS	2006-04-24 08:08:25
Businesses are now facing a new type of information security threat whose characteristics are less widespread in number, more insidious, better-targeted, financially-motivated and driven by organised crime. This is no longer the domain of teenage hackers, but hardened criminals for whom information-based crime offers bigger rewards and less risk than crime in the physical world. Their target is information - confidential corporate or personal data - that can be sold for profit or used for fraud or extortion. This trend toward "hacking for profit" has been signalled by respected sources such as the SANS™ Institute (United States), the National Hi-Tech Crime Unit (United Kingdom) and Websense Security Labs™ (global).
SSL in High-Security Browsers	2006-04-20 08:59:26
Declaring war on security exploits, browser providers are collaborating with industry experts to make their products more secure. A new breed of high-security browsers, including Firefox, Opera, and the upcoming Microsoft Internet Explorer 7, give users clear indications of a site's trustworthiness. With an average online order value of Ł75 and rising abandonment rates, e-commerce sites stand to gain or lose veritably depending on how users perceive them through these new browsers.
Detecting Critical Nodes for MANET Intrusion Detection Systems	2006-04-14	National Institute of Standards and Technology
Ad hoc routing protocols have been designed to efficiently reroute traffic when confronted with network congestion, faulty nodes, and dynamically changing topologies. The common design goal of reactive, proactive, and hybrid ad hoc routing protocols is to faithfully route packets from a source node to a destination node while maintaining a satisfactory level of service in a resource-constrained environment. Detecting malicious nodes in an open ad hoc network in which participating nodes have no previous security associations presents a number of challenges not faced by traditional wired networks. Tags: Mobile - Wireless Communications, Intrusion Detection Systems
Compliance in the Mobile Enterprise	2006-08-02 06:14:47	iAnywhere Solutions
At a time when state, local, and federal regulators are demanding higher data protection standards, accelerating mobile trends—such as use of smart phones, basic logistical applications, and tiny storage devices—are multiplying the possible security breaches that IT organizations face. To add to the complexity, those risks differ depending on the employee's job description, from sales people to clinicians, all the way up to executives. Yet, few companies realize that mobile security management is not simply an extension of existing end-user management. Download this paper to learn how to create and implement effective mobile user policies and how to evaluate management applications that may make the tasks easier.
Oracle Software Security Assurance Process	2006-07-04 03:56:39	Oracle
The Oracle Software Security Assurance Process ensures that Oracle's products are as secure as the company can build them at all stages of the software lifecycle: initial design, in development, and following release to customers. The process is extensive and constantly evolving. Oracle's products have included security mechanisms as core product capabilities for decades. The Oracle Software Security Assurance Process has evolved over the company's history and will continue to evolve as it identifies new technology and processes to find security vulnerabilities, improve the strength of its security mechanisms, and provide ongoing protection to its customers.
NetSafeGuard Intrusion Detection System Blueprint	2006-03-24	Science Technology Institute
This paper contains specifications of an integrated Network Security framework. This framework provides a complete security for computer systems against various computer threats such as virus, internet worms, spywares, intrusion attempts and spamming emails. The current systems available in the market suffer from high false alarm rates, and cannot detect unknown attacks because of the sophisticated and dynamic nature of malicious activities. This project aims to improve the system robustness, and detection accuracy of the decision engine, in order to overcome such inefficiency. Beside this major focus, there are a wide range of supporting services provided to boost the effectiveness of system, in terms of functionalities and usability. Tags: Intrusion Detection Systems,
SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address	2006-03-22	Purdue University
A buffer overflow attack is perhaps the most common attack used to compromise the security of a host. This attack can be used to change the function return address and redirect execution to the attacker's code. This paper presents a hardware-based solution, called SmashGuard, to protect against all known forms of attack on the function return addresses stored on the program stack. With each function call instruction, the current return address is pushed onto a hardware stack. A return instruction compares its address to the return address from the top of the hardware stack. An exception is raised to signal the mismatch.

Security

Featured Whitepapers

Member Login

10 million IT Folks can't be wrong with their server choice.

Oracle Technology Solutions for Midsize Businesses

Country Report: India