Скачать 131.5 Kb.
|
Зарубежная периодика по тематике ИПИ РАН Выпуск № 1, январь 2007 г. Материалы подготовлены лаб. 13 Безопасность информационных систем. Сентябрь \ октябрь, том 15, вып. 4. Information Systems Security, Sep/Oct2006, Vol. 15 Issue 4 ISSN: 1065-898X Publisher Information: Auerbach Publications Inc. 345 Park Avenue South, Floor 10 New York New York 10010 United States of America http://www.auerbach-publications.com СТАТЬИ 1. Вопросы безопасности при работе в электронной почте Gmail Gmail and Privacy Issues. By: Freeman, Edward H., p2-6, 5p; Ключевые слова: COMPUTER security, ELECTRONIC mail systems, INTERNET advertising, LEGISLATIVE bodies, ELECTRONIC mail messages, ELECTRONIC commerce, INTERNET industry, INTERNET -- Law & legislation Company/Entity: GOOGLE Inc. Abstract: The article deals with the alleged privacy concerns brought on by Gmail, an online messaging service, and suggests how legislative bodies and individuals should react to this new technology. This new technology has the horrible potential to use electronic mails to create profiles on users based on our most personal and intimate thoughts. The California State Senate passed Senate Bill 1822, popularly known as the anti-Gmail bill. Gmail has fine-tuned the advertising process to minimize advertisements that are inappropriate for a particular user to encourage potential advertisers to use their service. Google Inc. has an ongoinresponsibility to protect the privacy of its users and is now one of the industry leaders in this effort. Author Affiliations: 1Attorney and educational consultant in West Hartford, Connecticut 2. Пять мифов о безопасности беспроводной связи с ЭВМ. The Five Myths of Wireless Security. By: Kindervag, John. p7-16, 10p Ключевые слова: COMPUTER crimes, COMPUTER networks, COMPUTER security, DATA protection, WIRELESS communication systems, INTERNET industry, CYBERTERRORISM, COMPUTER users, WIRELESS Internet Abstract: The article presents the myths regarding wireless communication security which appears from time to time and are usually felt by corporations, clients, and wireless users. It was stated that turning off the broadcast service set identifier will prevent attackers from finding the users' access point. It was assumed that users can restrict access to wireless networks by turning on the media access control address filtering. The letter "E" in WEP, which means wired equivalent privacy, is usually mistaken as encryption. It was always stated that Lightweight Extensible Authentication Protocol is secure. Computer users have adopted the thought that WPA/802.1x/802.11i is the preferred method of securing wireless networks. Author Affiliations: 1Senior security architect at Vigilar, Inc. 3. О степени защищенности, эквивалентной для системы проводной связи, и уязвимости, присущей сетям Wi-Fi. Demonstrating the Wired Equivalent Privacy (WEP) Weaknesses Inherent in Wi-Fi Networks. By: Curran, Kevin; Smyth, Elaine. p17-38, 22p; Ключевые слова: COMPUTER crimes, COMPUTER industry, COMPUTER networks, COMPUTER security, LOCAL area networks (Computer networks), WIRELESS communication systems, INTERNET industry, WIRELESS LANs, IEEE 802.11 (Standard) Abstract: The article focuses on demonstrating the wired equivalent privacy weaknesses which are inherent in wireless fidelity networks. Wireless devices have the option of participating in ad hoc or infrastructure networks. Wired networks have always presented their own security issues but wireless networks introduce a whole new set of rules with their own unique security vulnerabilities. Wireless local area networks suffer from all the security risks associated with their wired counterparts. However, these counterparts also introduce some unique risks of their own. Author Affiliations: 1School of Computing and Intelligent Systems, University of Northern Ireland, U.K. Professor Curran can be reached a2Graduate student in the Internet Technologies Research Group, University of Ulster, Northern Ireland, U.K. 4. Совершенствование безопасности соединений беспроводной связи на короткие дистанции по технологии Bluetooth. Improving Bluetooth Security: What IT Managers and Mobile Device Users Can Do. By: Hernack, Brian. p39-42, 4p; Ключевые слова: COMPUTER crimes, COMPUTER hackers, COMPUTER industry, COMPUTER security, INFORMATION technology, MOBILE communication systems, WIRELESS communication systems, CELLULAR telephone systems, BLUETOOTH technology Abstract: The article provides several insights on what information technology managers and mobile device users can do to improve Bluetooth security. Hackers are using Bluetooth to attack mobile devices such as mobile phones, personal data assistants (PDA), laptop computers, and handsets. Enterprises and mobile device users should recognize that Bluetooth comes in all shapes and sizes and security risks extend far beyond PDAs and smartphones. Executives should immediately identify any company issued Bluetooth devices and alert other users of known vulnerabilities. Author Affiliations: 1University of Michigan with a degree in computer engineering 5. Применение безопасной радиочастотной идентификации (Radio Frequency Identification): проблемы, методы и контроль. Securing RFID Applications: Issues, Methods, and Controls. By: So, Stuart C. K.; Liu, John J.. p43-50, 8p; Ключевые слова:COMMERCIAL products, ELECTRONIC apparatus & appliances, ELECTRONIC security systems, INFORMATION storage & retrieval systems, RADIO frequency, RADIO frequency identification systems, SECURITY systems, WIRELESS communication systems MASSACHUSETTS Institute of Technology (Cambridge, Mass.) Abstract: The article presents issues, methods, and controls on securing radio frequency identification (RFID) applications. The technology is developed by the Auto-ID Center at the Massachusetts Institute of Technology in Cambridge, Massachusetts and relies on storing and remotely retrieving data using devices called RFID tags and readers. The data stored on an RFID tag is often publicly accessible or product related, such as electronic product code data or product descriptions. The tag is designed in such a way that each associated consumer product can be uniquely identified through an electronic product code and will be broadcasted to any nearby reader. Author Affiliations: 1Computer Systems and Laboratory Officer in the Department of Logistics at The Hong Kong Polytechnic University 2Head and Chair Professor of Maritime Studies in the Department of Logistics at the Hong Kong Polytechnic Universit 6. Приоритетные вопросы безопасности, стоящие перед организацией: чем может помочь правительство? The Top Information Security Issues Facing Organizations: What Can Government Do to Help? Authors:Knapp, Kenneth J.1 Marshall, Thomas E.2 Rainer, Jr., R. Kelly3 Morrow, Dorsey W.A4 p51-58, 8p Ключевые слова: COMPUTER crimes, COMPUTER security, DATA protection, FEDERAL government, INDUSTRIAL management, ONLINE information services, ELECTRONIC information resources -- Access control, CYBERTERRORISM Geographic Terms: UNITED States Abstract: The article reports on means which are to be taken by the U.S. federal government to help solve the top information security problems faced by organizations in the country. The increasing variety of threats and ferociousness of computer attacks and crimes has made the protection of information a complex challenge. Surveys are conducted to tackle upon the issues. The top-ranked issue in the surveys is the top management support. The survey participants are saying that gaining top management support is the most critical issue of an information security program. Governments can also help by creating a legal environment that assists companies and consumers in protecting their valuable information. Author Affiliations: 1Assistant professor of management at the U.S. Air Force Academy, Colorado 2Associate professor of MIS, Department of Management, Auburn University, Alabama 3George Phillips Privett Professor of MIS, Department of Management, Auburn University, Alabama 4General counsel and corporate secretary of (ISC) Безопасность информационных систем. Ноябрь \ Декабрь, том 15, вып. 5. Information Systems Security, Nov/Dec2006, Vol. 15 Issue 5 ISSN: 1065-898X Publisher Information: Auerbach Publications Inc. 345 Park Avenue South, Floor 10 New York New York 10010 United States of America http://www.auerbach-publications.com СТАТЬИ 1. Мета-фишер: Web-роботы и Интернет- мошенничество следующего поколения. MetaFisher: Next-Generation Bots and Phishing. By: Dunham, Ken. Information Systems , p2-6, 5p; Ключевые слова: COMPUTER crimes, COMPUTER networks -- Security measures, COMPUTER security, COMPUTER viruses, WEB sites, INTERNET fraud, PHP (Computer program language), COMPUTER networks -- Remote access, PHISHING Abstract: The article focuses on MetaFisher, which is being said as the next generation phishing element for Internet fraudsters. According to software experts, it utilizes a PHP command and control interface to monitor, update, and control autogenerated bots. Beside these distinguished features, MetaFisher contains sophisticated phishing attacks that dynamically implant HTML into targeted banking sites to steal information from the victim. Information on how MetaFisher is loaded in a computer, how it starts spreading over the network, and upto what extent it can damage Web sites and network infrastructure, is also included in the article. Author Affiliations: 1Director of malicious code for iDEFENSE Inc. 2. Измеряемая безопасность. Measuring Security. By: Kleinfeld, Abe. Nov/Dec2006, Vol. , p7-12, 6p Ключевые слова: BUSINESS enterprises, COMPUTER crimes, COMPUTER hackers, COMPUTER networks -- Security measures, COMPUTER security, SECURITY systems industry Abstract: The article presents the author's comments on the network security issues for any business organization. Computer security has remained a concern at the most priority among CIOs, yet only few have been able to measure the effectiveness of their spending. As the cyber-attacks have increased drastically, companies are rapidly increasing their spending in IT security even as overall IT budgets have remained flat or declined. Author Affiliations: 1President and CEO of nCircle, Inc. 3. Социальный инжиниринг; концепции и решения. Social Engineering: Concepts and Solutions. By: Peltier, Thomas R., p13-21, 9p; Ключевые слова: COMPUTER hackers, COMPUTER networks -- Security measures, COMPUTER security, COMPUTERS -- Access control, DATA protection, ELECTRONIC surveillance, SOCIAL engineering, INTERNET fraud, FIREWALLS (Computer security, Passwords Abstract: The article presents information on the concepts of social engineering and offers tips to avoid the security attacks on hardware/software by the social engineers. Social engineers are the outside hackers who are not working within the diseased organization. According to a study, only 30% of hacking comes from outsiders, while 70% reasons for hacking occurs with the help of company insiders. Several suggestions like implementing help desk system, strict password system, firewalls to restrict unauthorized access from outer network, and implement user-level responsibilities. Author Affiliations: 1Principal of Peltier and Associates. 4. Компромисс по информационной безопасности: перспективы пользователя. Information Security Tradeoffs: The User Perspective. By: Post, Gerald V.; Kagan, Albert. p22-29, 8p; Ключевые слова: COMPUTER networks -- Security measures, COMPUTER security, DATA protection, ELECTRONIC surveillance, INFORMATION services, ACCESS control Abstract: The article presents the authors' comments on the job responsibilities of an information security (IS) practitioner. An IS technician might only be responsible on preventing and recovering from security-related problems. Though, increased monitoring and enhanced use of security controls have led the IS managers to interference and delays of information usage for legitimate users. Author Affiliations: 1Professor of management information systems, Eberhardt School of Business, University of Pacific, Stockton, California 2Professor, Arizona State University, Tempe. 5. Инициативы по внедрению метрик для оценки безопасности. Implementing Security Metrics Initiatives. By: Nichols, Elizabeth A.; Sudbury, Andrew. p30-38, 9p; Ключевые слова: COMPUTER security, DATA protection, INFORMATION services, ORGANIZATIONAL effectiveness, STANDARDIZATION, SOFTWARE measurement Abstract: The article presents the authors' views on how important is a metrics program to maximize the effectiveness of an information security strategy within any organization. However, the security metrics are made secret and are often considered too hard to implement with the end result making it necessary and effective management tool. When security metrics are applied to security performance, they become the expression of the state or quality of a critical aspect of the IT infrastructure. Author Affiliations: 1Founder, board member and CTO for ClearPoint Metrics, Inc. 2Director of security metrics design and best practices for ClearPoint Metrics, Inc. 6. Защита от инсайдерских атак. Securing Against Insider Attacks. By: Lynch, David M., p39-47, 9p; Ключевые слова: BUSINESS communication, COMPUTER networks -- Security measures, COMPUTER security, ELECTRONIC surveillance, INFORMATION technology, INTERNET Abstract: The article presents the author's comments on securing organizational data from the possible insider threats. As the Internet has transposed as the communication framework, most of the organizations have significantly changed the way information technology security is implemented in every business environment. The author suggests to establish necessary security relationships. Regular audit of the network also ensures that the security relationships are being enforced inside the organization. 7. Защита внутренних ресурсов системы с использованием защитной технологии Firewall для приложений. Protecting Your Internal Resources with Intranet Application Firewalls. By: Murphy, Alan. p48-53, 6p; Ключевые слова: COMPUTER networks, COMPUTER networks -- Security measures, COMPUTER security, DATA protection, DATA transmission systems, INFORMATION networks, INTRANETS (Computer networks), NETWORK computers, FIREWALLS (Computer security) Abstract: The article presents information about the web application firewalls (WAFs) that are used to prevent unauthorized access from outside the Intranet of any organization. WAFs are rapidly becoming the key aspect of end-to-end computer network security. Web applications over Internet ports 80 and 443 are some of the logical steps to restrict access from the outside to the resources on the inside. How the WAFs sit between the network firewall and the destination application to secure the internal network has been explained in the article. Author Affiliations: 1Product management engineer, F5 Networks. |
Инструкция для пользователей системы дистанционного обучения нглу Регистрация студентов и слушателей. Слушатели могут самостоятельно зарегистрироваться в системе при наличии у них доступа к электронной... |
Биология и экология Аттаб Mуртада Имад, Удмуртский государственный университет, mortadaamad25@gmail com |
||
Бугурусланского района Московская, 52 «а», г. Бугуруслан, Оренбургская обл., 461630, тел./факс (35352) 2-38-85 e-mail: sp br2012@gmail com |
Построение модели радиоканала случайного доступа с предварительной... Российский университет дружбы народов,, ivan, isaybasay17@gmail com |
||
Алгоритм формирования педагогической нагрузки на основе анализа и... Казахский университет экономики, финансов и международной торговли (Казуэфмт), г. Астана, Казахстан |
«актуальные вопросы модернизации: экономика, образование, управление и право» Желающие принять участие в конференции (с публикацией в сборнике научных трудов) должны направить до 14 октября 2014 г регистрационную... |
||
Разработка симулятора радиоканала случайного доступа с процедурой... Российский университет дружбы народов,, ivan, vladislav ten93@gmail com |
Название доклада Рабочий язык конференции – русский. Статьи, оформленные в соответствии с данным шаблоном, принимаются по электронной почте до 30... |
||
Исх. №84/297 от «04» мая 2016 года Сведения о заявителе: : Общество с ограниченной ответственностью «cтрой-сити», юридический адрес: 115230,г. Москва Хлебозаводский... |
Правила внесения исправлений в pdf файлы Для работы с электронной корректурой авторам высылается по электронной почте pdf-файл верстки статьи. Файлы можно прочитать и отредактировать... |
||
Инструкци я по охране труда при работе с искровым дефектоскопом К самостоятельной работе с искровым дефектоскопом допускаются монтеры эхз, обученные правилам техники безопасности при работе с дефектоскопом,... |
Инструкци я по охране труда при работе с искровым дефектоскопом К самостоятельной работе с искровым дефектоскопом допускаются монтеры эхз, обученные правилам техники безопасности при работе с дефектоскопом,... |
||
Общие вопросы по пп1318 Общие вопросы по пп 851 Российской Федерации (со стороны Заказчика) и ООО «РуНетСофт» (со стороны Исполнителя), в период с 03. 02. 2014 г по 10. 05. 2014... |
Проценты по разным закупкам считаются отдельно, они разные (так уж... Если хотите получить полный прайс на какую-либо продукцию, пишите akkura13@gmail com |
||
Техническая поддержка Вопросы и предложения задавайте по электронной... Цифровой детектор движения (движение детектируется в 16-ти независимых квадрантах по 4 на вход). Один аларм-вход/выход (“сухие” контакты... |
Edward T. Hall. The Silent Language. New York: Doubleday and Co., 1959. P. 43-81 Аскольдов С. А. Концепт и слово Лихачев Д. С. Концептосфера русского языка Степанов Ю. С. Концепт Edward T. Hall. The Silent Language.... |
Поиск |