| Registration | Required |
|---|---|
| File size | 141.40kb - Check your internet speed |
| File format | PDF - Download the latest version of Adobe Acrobat Reader |
ZDNet / IT Library / Security / Intrusion - Tampering / Network Security /
Delegating Network Security With More Information
See also
Publisher's description
Network security is gravitating towards more centralized control. Strong centralization places a heavy burden on the administrator who has to manage complex security policies and be able to adapt to users' requests. To be able to cope, the administrator needs to delegate some control back to end-hosts and users, a capability that is missing in today's networks. Delegation makes administrators less of a bottleneck when policy needs to be modified and allows network administration to follow organizational lines. To enable delegation, the paper proposes ident++ - a simple protocol to request additional information from end-hosts and networks on the path of a flow.
Similar whitepapers
Data Classification and Working with Data Stakeholders
Understanding business processes for the many departments within large organizations poses one of the largest challenges that information security professionals face when implementing a DLP solution. Most information security professionals know the primary business of their organization, but they may be unfamiliar with some of the details or lack specific information. Developing a comprehensive data security policy can be difficult in this situation. Asking the correct questions of your data owners will allow you to understand their business and the nature of their critical data so you can develop the necessary policies quickly.
In this live presentation we will discuss data classification and a series of questions that you can provide to data owners to help them help you develop good data loss prevention policies.
Presenter:
Michael Stone, Subject Matter Expert, Data Loss Prevention, Trend Micro
TechNet Webcast: Forefront Client Security and the Microsoft Malware Protection Center (Level 200)
The attendee of this webcast learns how Microsoft Forefront Client Security and Microsoft Malware Protection Center (MMPC) work together to provide industry-leading detection and response times for threats that target desktops, laptops, and server operating systems. The MMPC provides the core malware research and response expertise that supports a range of Microsoft security products and services, including Forefront Client Security. This webcast explains MMPC's leadership in global malware research, response, and protection capabilities and how the unified antivirus and spyware protection in Forefront Client Security benefits customers today and in the future.
36 days ago by Microsoft DownloadThe RSA Authentication Decision Tree:Selecting the Best Authentication Solution for Your Business.
"What is the best authentication solution for my business?" Before making a final selection, organizations must consider their user authentication needs, the threats, and their business objectives. This free RSA whitepaper looks at the Authentication Decision Tree - a tool to help organizations understand, evaluate and select the most appropriate authentication solution..
38 days ago by RSA Security DownloadAssuring User Identities During a Business Disruption.
This RSA white paper examines the importance of maintaining a consistent two-factor authentication policy during a business disruption. In addition, it provides insight into how to develop plans that enable cost-effective, rapid binding of users to their credentials in the event of an emergency - without lowering the security policy, opening the organization up to potential attacks or breaking the IT budget.
38 days ago by RSA Security Download6 Best Practices for Preventing Enterprise Data Loss.
Enterprise data loss' cost businesses nearly $105 billion last year. So, how can companies protect themselves from a data loss catastrophe? This paper from RSA outlines six best practices for corporations seeking to prevent enterprise data loss in order to protect revenue, limit customer attrition, and meet government regulatory requirements.
38 days ago by RSA Security DownloadIs Single Sign-on Right for you Business?
Is Single Sign-on Right for you Business? This Novell webcast discusses the advantages of reducing/eliminating the burden large companies face with remembering many different passwords.
39 days ago by Novell DownloadAssociation for Computing Machinery whitepapers
Harvesting Collective Intelligence
When harvesting collective intelligence, a user wishes to maximize the accuracy and value of the acquired information without spending too much time collecting it. The author empirically studies how people behave when facing these conflicting objectives using data from Yahoo Answers, a community driven question-and-answer site. The paper takes two complementary approaches. The author first studies how users behave when trying to maximize the amount of the acquired information, while minimizing the waiting time. The paper identifies and quantifies how question authors at Yahoo Answers trade of the number of answers they receive and the cost of waiting.
67 days ago by Association for Computing Machinery DownloadSBotMiner: Large Scale Search Bot Detection
This paper studies search bot traffic from search engine query logs at a large scale. Although bots that generate search traffic aggressively can be easily detected, a large number of distributed, low rate search bots are difficult to identify and are often associated with malicious attacks. The paper presents SBotMiner, a system for automatically identifying stealthy, low-rate search bot traffic from query logs. Instead of detecting individual bots, the approach captures groups of distributed, coordinated search bots. Using sampled data from two different months, SBotMiner identifies over 123 million bot-related pageviews, accounting for 3.8% of total traffic. The in-depth analysis shows that a large fraction of the identified bot traffic may be associated with various malicious activities such as phishing attacks or vulnerability exploits.
96 days ago by Association for Computing Machinery DownloadHey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds
Third-party cloud computing represents the promise of out-sourcing as applied to computation. Services, such as Microsoft's Azure and Amazon's EC2, allow users to instantiate Virtual Machines (VMs) on demand and thus purchase precisely the capacity they require when they require it. In turn, the use of virtualization allows third-party cloud providers to maximize the utilization of their sunken capital costs by multiplexing many customer VMs across a shared physical infrastructure.
127 days ago by Association for Computing Machinery DownloadCan They Hear Me Now?: A Security Analysis of Law Enforcement Wiretaps
This paper analyzes the security properties of these inter-faces. It demonstrates that the standard CALEA interfaces are vulnerable to a range of unilateral attacks by the intercept target. In particular, because of poor design choices in the interception architecture and protocols, experiments show it is practical for a CALEA-tapped target to over-whelm the link to law enforcement with spurious signaling messages without degrading her own traffic, effectively pre-venting call records as well as content from being monitored or recorded. It also identifies stop-gap mitigation strategies that partially mitigate some of identified attacks.
127 days ago by Association for Computing Machinery DownloadUsing Identity Credential Usage Logs to Detect Anomalous Service Accesses
For e-commerce companies providing online services, fraudulent access resulting from theft of identity credentials is a serious concern. Such online service providers deploy a variety of defenses and invest significant time and effort to the analysis of a large amount of log data to detect malicious activities and their impact. To reduce this burden, one explores the effectiveness of an anomaly detection based approach that relies on identity credential usage log records. More specifically, one uses an anomaly-based metric to score the risk of each identity credential usage, e.g., a login request. Scores are determined based on categorical attribute values extracted from log records, such as timestamps. The paper utilizes actual log data of login attempts to a university portal to evaluate the effectiveness of this approach.
127 days ago by Association for Computing Machinery DownloadCloud Security Is Not (Just) Virtualization Security
Cloud infrastructure commonly relies on virtualization. Customers provide their own VMs, and the cloud provider runs them often without knowledge of the guest OSes or their configurations. However, cloud customers also want effective and efficient security for their VMs. Cloud providers offering security-as-a-service based on VM introspection promise the best of both worlds: efficient centralization and effective protection. Since customers can move images from one cloud to another, an effective solution requires learning what guest OS runs in each VM and securing the guest OS without relying on the guest OS functionality or an initially secure guest VM state.
127 days ago by Association for Computing Machinery Download
