SEARCH RESULTS
 
Showing 1-10 of 71 records
 
Expand article

Web Services and XML Security Training at OWASP

2008-08-28 08:55:59 by Gunnar Peterson in 1 Raindrop
 
...principles Tuomas Kivinen, IT Security Specialist, Nordea I liked the class quite a bit. I took it in a "survey mode" where I wanted to learn about topics at a high level, and this was accomplished. It was good to listen to those in the class that were much more familiar with SAO than I John Glazeski, Senior Systems Engineer
 
Tags: security, soa security standards, security standards, soa security, soa, security critical environment, information security, information, application security principles
 
 
 
 
Expand article

New Privacy Policy Wrinkles: Online Behavioral Advertising; and Potential new EU Data Protection Policy

2008-01-31 11:24:31 by Geoffrey Turner in Security & Risk Management
 
...principles, called " Governing Principles For Online Behavioral Advertising " (The Principles are excerpted below). The FTC has suggested that these should be considered for implementation as private sector self-regulation in the same way that earlier online privacy principles had been adopted by the US private sector self-regulation in...
 
Tags: consumer, consumer protection, privacy policy, consumer choice, consumer data, constitutes sensitive data, sensitive data, protection, ftc staff
 
 
 
 
Expand article

Mashup of the Titans

2008-06-25 17:29:25 by Gunnar Peterson in 1 Raindrop
 
...principles with David Gelernter's Manifesto The premise of this mashup is to examine the paper by Saltzer and Schroeder which was written in 1975 and serves as the basis for most information security programs against the Gelernter's manifesto as to where computing is actually going. Each of the eight principles in Saltzer and Schroeder's...
 
Tags: protection mechanisms, protection mechanisms correctly, information security, information, implements protection mechanisms, information travels, information security people, protection, potential information path
 
 
 
 
Expand article

The C-I-A Triad weighed and found wanting

The Article has images
2007-04-12 04:54:18 by Perry Carpenter in Security Renaissance
...principles comprised of six elements The six principles of the Parkerian Hexad are Confidentiality Integrity Availability Possession Authenticity Utility The principles composing the Parkerian Hexad are non-overlapping; meaning that each principle is absolutely necessary to ensure that security is maintained. In addition, each principle may...
 
Tags: information security, information, parkerian hexad, parkerian hexad model, control information, principles, security principles, personal health information, parkerian hexad augments
 
 
 
 
Expand article

"Crawling" Toward SDL

2008-03-06 22:13:00 by sdl in The Security Development Lifecycle
 
...principles of SDL and is ready to roll them out immediately. However, that person usually is faced with competing interests that complicate full adoption: the team is mid-stream in development, short on budget, or management wants to see clear evidence before investing in the changes to support full SDL adoption Since we usually focus on how...
 
Tags: sdl, security, perform security analysis, application security, application, applications security, security issues, issues, non-microsoft sdl engagements
 
 
 
 
Expand article

The ID Divide

2008-06-04 06:34:45 by schneier in Schneier on Security
 
...principles for identification systems Achieve real security or other goals Accuracy Inclusion Fairness and equality Effective redress mechanisms Equitable financing for systems From the Executive Summary: How can these principles be honored in practice? Thats where the "due diligence" process comes into play when considering and implementing...
 
Tags: identification technologies, identification, identification programs, identification systems, due diligence, due diligence insights, process, due diligence process, identification program
 
 
 
 
Expand article

Oh No! Security Metrics!

2008-04-18 12:43:00 by sdl in The Security Development Lifecycle
 
...principles of SDL have indeed significantly improved the products Microsoft engineers create. You improve security by expending effort on improving security. We have seen the evidence of this in the fewer customer updates being released against that code. When applied correctly, the SDL development principles prevent vulnerabilities from...
 
Tags: bugs, implementation bugs, fewer security bugs, fewer, security bugs include, security, metrics, security metrics, security bugs
 
 
 
 
Expand article

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog
 
...principles for operating securely over open networks The COA position paper spends much of its space describing the need for secure, open collaboration as well as principles, processes, standards and frameworks through which the collaboration might be achieved. Most of this doesnt convey much new information to persons who already grasp the...
 
Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum
 
 
 
 
Expand article

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog
 
...principles for operating securely over open networks The COA position paper spends much of its space describing the need for secure, open collaboration as well as principles, processes, standards and frameworks through which the collaboration might be achieved. Most of this doesn???t convey much new information to persons who already grasp...
 
Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum
 
 
 
 
Expand article

Walking with the SDL Part 2