SecurityRatty: tag: creation

Relentless Reflection - What it Means in Risk Management

2008-08-26 17:55:40 by Alex in RiskAnalys.is

...Creation (P), Experiment (D), Analysis (Check), and Act (Revise/New Hypothesis, etc). Well then as such, the Hypothesis creation involves creating a model or creating an expected outcome for data using the currently accepted model So in our industry there is an opportunity for Relentless Reflection in both the Observation and Hypothesis...

Tags: risk management, risk, call risk management, call, relentless reflection, relentless, reflection, risk analyst, risk decision

TrueCrypt's Deniable File System

2008-07-18 06:56:02 by schneier in Schneier on Security

...creation and use of any DFS: even when the file system may be deniable in the pure, mathematical sense, we find that the environment surrounding that file system can undermine its deniability, as well as its contents. Finally, we suggest approaches for overcoming these challenges on modern operating systems like Windows. The students did most...

Tags: truecrypt, deniable file system, file system, truecrypt version, system, truecrypt dfs, deniable, truecrypt disk-encryption software, systems

Speaking of Security Podcast #63

2007-05-22 00:00:00 by Podcast Producers in Speaking of Security, the RSA Blog and Podcast

...creation of the Network and about his transition from Director and Chief Scientist of RSA Laboratories . We also announce that June is Speaking of Security podcast listener appreciation month. Be sure to listen to the podcast during June for opportunities to win special prizes. Next week, we'll take a break for the U.S. Memorial Day holiday,...

Tags: network, emc innovation network, memorial day holiday, june, burt kaliski, director, security blogger, burt talks, rsa laboratories

Laptop stolen from Minnesota Department of Commerce vendor

2007-12-29 00:01:21 by Evan Francen in The Breach Blog

...creation and enforcement of a seperate Vendor/Third-Party Access Policy ( sample ) to our customers that employ vendors The laptop was used to support and test the real estate, abstractors, appraisers and debt collection licensing system and data base used by several states including Minnesota. [Evan] The use of production (real) data for...

Tags: minnesota, minnesota real estate, sensitive personal information, personal information, minnesota department, department, minnesota licensees, real, information

Intellectual Property- what is it and how do we secure it?

2007-12-29 06:43:45 by Editor in Security Links

...creation to fruition are key requirements The Handbook of Intellectual Property provides a one-stop resource covering the main aspects of IP. Whichever aspect you are looking for, the information in this book is bound to be of interest to you It is often not appreciated how much value the effective management of IP can bring to an...

Tags: intellectual property, treaties, international patent treaties, major copyright agreements, agreements, copyright, rights, intellectual property rights, copyright legislation

Skipton Financial Services personal customer data on stolen laptop

2008-01-04 22:21:58 by Evan Francen in The Breach Blog

...creation of a Vendor/Third-Party Security Policy, thorough evaluation before a contract is signed, adding information security language to the contract, and regular reviews of the consultant's information security practices throughout the life of the contract Past Breaches Unknown

Tags: skipton, information includes names, information, information security practices, skipton financial services, financial giant skipton, store confidential information, skipton spokesman, security

Password policies. Once again.

2007-09-04 22:14:00 by Steve Riley in Steve Riley on Security

...creation/disablement/deletion process, incorporating it into HR systems. When a new user is hired, the account is created; when the user departs, the account is disabled; some time later, it's deleted. The HR systems take care of this, not domain or enterprise administrators. I wrote more about this subject in " When you say goodbye to an...

Tags: account, enable account lockout, password, account lockouts, disable account lockout, 42-day default expiration, default, expiration, password expires

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle

...creation of protection profiles where none exist currently as the smart card vendors have done. Solving the latter would require more fundamental policy changes by the governing bodies of Common Criteria, and presumes a solution exists to the former Where Common Criteria arguably does NOT do a reasonable job is in addressing implementation...

Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle

...Creation of fuzzed data (malformed data Will we be format-aware (e.g. most files follow a format)? Context-aware (e.g. order and/or timing of data may be important Will we use existing data (mutation) or generate it from scratch (generation Will the malformations we apply be based on type? Use interesting patterns? Over how many bits/bytes...

Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions

Missing University of Akron portable hard drive

2008-01-14 11:33:26 by Evan Francen in The Breach Blog

...creation to destruction. Confidential information should not be allowed to be stored on removable media unless absolutely necessary, and even then requires additional levels of protection such as encryption. Once confidential information no longer has any business use and is authorized for destruction, it must be destroyed in a manner that is...

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo