SecurityRatty: tag: describes

CEP is to Architecture as SOA is to Architecture

2008-07-25 18:38:29 by Tim Bass in The Complex Event Processing Blog

...describes an architecture, just like SOA describes an architecture and just like EDA describes an architecture For example, you do not buy an SOA. An SOA describes an architectural style of programming via components that are involved as services in a distributed network architecture - a service-oriented, or service-based architecture The...

Relay attacks on card payment: vulnerabilities and defences

2008-01-09 00:01:52 by Steven J. Murdoch in Light Blue Touchpaper

...describes the DNS Rebinding attack and demonstrates tunneling arbitrary TCP streams over a browser Mifare Karsten Nohl and Henryk Plötz describe how they reverse-engineered the Mifare encryption algorithm, Crypto1, and the weaknesses they discovered Steam-Powered Telegraphy Jens Ohlig et al. demonstrate their Internet connected (but not...

Tags: dns, security, cellphone jammer dns, security michael steil, talks, henryk pltz describe, chaos communication congress, annie machon describes, arbitrary tcp streams

Session Hijacking in Wireless Networks

2007-12-19 00:00:00 by Editor in Infosec Writers Latest Security Papers

Manmohan PV submits this paper that describes how one can hijack a session using several tools and how one could avaid this

Tags: session, avaid, tools, manmohan, describes, submits, paper, hijack

Microsoft Hits Back at Atsiv

2007-08-02 22:17:32 by Editor in Cheap Hack

...describes Atsiv, a tool for loading unsigned kernel code in Windows Vista x64 Perhaps I was the one who alerted Microsoft, but it responded tonight pretty strongly. As described by Scott Field, Windows Security Architect, in the Windows Vista Security blog , Microsoft has taken the following actions It (actually VeriSign) has revoked the...

Tags: atsiv, microsoft, detect atsiv, detect, revocation list, revocation, verisign cost, driver loadboot time, verisign

Intellectual Property- what is it and how do we secure it?

2007-12-29 06:43:45 by Editor in Security Links

...describes the correct usage of trademarks and the laws that cover the many different aspects of trademarking If you are looking to correctly classify your trademarks in accordance with the Nice Treaty, which is one of the main treaties governing the world trademark system, then International Trademark Classification: A Guide to the Nice...

Tags: intellectual property, treaties, international patent treaties, major copyright agreements, agreements, copyright, rights, intellectual property rights, copyright legislation

Setting file ACLs with PowerShell part 4

2007-11-29 09:34:00 by Keith Brown in Security Briefs

...describes in his book . You can use this to get a quick listing of enumeration values Security.AccessControl.FileSystemRights] "foo" Cannot convert value "foo" to type "System.Security.AccessControl.FileSystemRights" due to invalid enumeration values. Specify one of the following enumeration values and try again. The possible enumeration...

Tags: values, invalid enumeration values, enumeration, enumeration values, new-object security, object, powershell, invalid cast exception, cast

The New Threat Modeling Process

2007-10-02 01:15:35 by sdl in The Security Development Lifecycle

...describes in this post Essentially, the elements are External entities (anything outside your control Processes (running code Data stores (files, registry entries, shared memory, databases Data flows (which connect all the other elements b. Draw trust boundaries between components. You can do this on a whiteboard, in Visio, or in one of the...

Tags: process, threat, process validation entails, threat model, software process diagram, people, people trust boundaries, love threat, hamster wheel

STRIDE chart

2007-09-11 23:18:00 by sdl in The Security Development Lifecycle

...describes in great detail the STRIDE per element process. His recent posts are " Threat Modeling, Once Again ," " Threat modeling again. Drawing the diagram ," " Threat Modeling Again: STRIDE ," " Threat modeling again, STRIDE mitigations ," " Threat modeling again, what does STRIDE have to do with threat modeling ," " Threat modeling again,...

Tags: threat, stride, windows, windows source code, web site, stride mitigations, code, user, remote internet user

House committee issues report and finds fault with TSA web site

2008-01-15 09:35:53 by Evan Francen in The Breach Blog

...describes, these security breaches can be traced to TSAs poor acquisition practices, conflicts of interest, and inadequate oversight The report finds TSA awarded the website contract without competition TSA gave a small, Virginia-based contractor called Desyne Web Services a no-bid contract to design and operate the redress website....

Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities

Security without a security strategy

2008-02-12 11:49:06 by Editor in Adventures in Security

Many organizations that should know better are still without a guiding security strategy--a strategy that clearly describes how data are to be protected from internal and external threats

Tags:

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo