SEARCH RESULTS
 
Showing 1-10 of 132 records
 
Expand article

Basel II Implementation in the Philippines

2006-08-15 01:17:00 by Jomni in Risk Management Quant
 
...implementation of the revised capital adequacy framework. The latest version of the framework is very much in line with Basel II . Major changes that are expected to have significant impact on the ratios would be the addition of an operational risk capital charge and the revision of the risk weight for Philippine government foreign currency...
 
Tags: philippines, basel, bsp philippines, framework, capital adequacy framework, credit risk weight, risk weight, bsp, book exposures
 
 
 
 
Expand article

Case Study: Simplified DR Planning and Implementation

2008-05-05 13:00:00 by Editor in Computerworld Security News
 
Source: Dell & VMWare) LifeLink Foundation needed to provide business continuity and DR of critical transplant related information to multiple locations and needed to manage DR planning and implementation in a hurricane zone. Learn how VMware & EqualLogic worked together to implement two remote sites providing consolidated virtual storage,...
 
Tags: provide business continuity, vmware, critical transplant, hurricane zone, virtual storage, lifelink foundation, implementation, remote sites, multiple locations
 
 
 
 
Expand article

Underhanded Implementation of RC4

2008-06-20 06:56:23 by schneier in Schneier on Security
 
A runner-up in last year's Underhanded C Contest was a flawed implementation of RC4 that eventually just passed plaintext through unencrypted. Plausibly deniable, and very clever The other winners are also clever
 
Tags: implementation, clever, plausibly deniable, rc4, plaintext, runner-up, winners
 
 
 
 
Expand article

More on Application Security Metrics

2008-05-08 20:05:00 by Security Retentive in Security Retentive
 
...Implementation Defects I hadn't gotten good answers up to this point because measuring those internally during the development process is a constantly moving target. If your testing methodology is always changing, then its hard to say whether you're seeing more or fewer defects of a given type than before, especially as a percentage. That is,...
 
Tags: defects, fundamental design defects, fewer defects, architectural defects, implementation defects, security, application, security design, software developers
 
 
 
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...Implementation vulnerabilities software that exposes risk based on implementation deficiencies 3) Deployment vulnerabilities software that was misconfigured in deployment as to expose risk that might have been prevented by other configurations Lets talk about each of these in the context of Common Criteria For classes of products where...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

Mashup of the Titans

2008-06-25 17:29:25 by Gunnar Peterson in 1 Raindrop
 
...implementation errors that result in unwanted access paths will not be noticed during normal use (since normal use usually does not include attempts to exercise improper access paths). As a result, techniques such as line-by-line inspection of software and physical examination of hardware that implements protection mechanisms are necessary....
 
Tags: protection mechanisms, protection mechanisms correctly, information security, information, implements protection mechanisms, information travels, information security people, protection, potential information path
 
 
 
 
Expand article

Notes from IEEE Web 2.0 Security and Privacy Workshop (W2SP2008)

2008-05-27 22:45:00 by Security Retentive in Security Retentive
 
...implementation of most browsers is pretty dicey from a security perspective. There is no clean separation between policy and mechanism. All code operates at the same privilege level. Plugins cannot be constrained in what they can do, etc I haven't seen any analysis yet comparing what MS did with IE7 on Vista in protected mode as compared to...
 
Tags: browser, browser security models, browser project, browser security model, security models, browser security, security, web, security challenges
 
 
 
 
Expand article

Users continue to ignore security policies, while security organizations are overlooking non-technical controls

The Article has images
2007-12-13 12:37:00 by Ryan Shopp in practical risk management
...implementation. It revealed that 6 are technical controls and 4 are non-technical controls. Meanwhile, the second graphic (figure 3 in the article - see below) showed the bottom 10 related to quality of implementation. It revealed that 3 are technical while 7 were non-technical So just running crude number here shows 11 of those 20 were...
 
Tags: non-technical controls, technical controls, security, controls, aka non-technical controls, non-technical, quality, quality security controls, technical
 
 
 
 
Expand article

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle
 
...implementation vulnerabilities and by some estimates as high as 70-80%. (Some cases are questionable and we debate if they are truly implementation issues vs. design issues hence this metric isnt precise, but still useful). I have also heard similar ratios described in casual discussions with other software developers. In other words, most...
 
Tags: security metrics, software security metrics, implementation vulnerabilities, potential implementation vulnerabilities, metrics, secure, software, discretionary security protection, security protection