Moses Dlamini scite author profile

a b s t r a c tInformation security has evolved from addressing minor and harmless security breaches to managing those with a huge impact on organisations' economic growth. This paper investigates the evolution of information security; where it came from, where it is today and the direction in which it is moving. It is argued that information security is not about looking at the past in anger of an attack once faced; neither is it about looking at the present in fear of being attacked; nor about looking at the future with uncertainty about what might befall us. The message is that organisations and individuals must be alert at all times. Research conducted for this paper explored literature on past security issues to set the scene. This is followed by the assessment and analysis of information security publications in conjunction with surveys conducted in industry. Results obtained are compared and analysed, enabling the development of a comprehensive view regarding the current status of the information security landscape. Furthermore, this paper also highlights critical information security issues that are being overlooked or not being addressed by research efforts currently undertaken. New research efforts are required that minimise the gap between regulatory issues and technical implementations. ª 2008 Elsevier Ltd. All rights reserved. IntroductionIn the early days of computing, security breaches mainly included viruses and worms that would flash a message or advertisement on the screen without causing any serious damage to the information or systems being used. However, rare cases of attacks with the potential to harm information did occur, such as the Friday 13th virus which was set to erase all the information on infected disk drives on a certain Friday 13th late in the 1980s (Denning, 1991). As times changed, attacks also changed. Since the turn of the century, information security breaches have gained an unprecedented potential to impact negatively on businesses' reputation, profitability, customer confidence and overall economic growth (Romer and White, 2006). Cybertrust (2005) argues that this problem is two-fold: firstly it is due to the increase in economic and political uncertainty and secondly to the pressure from consumers and regulatory bodies.As an example, a security breach such as the leakage of credit card information can imply an enormous damage to card payment companies due to the cancellation and re-issuing of compromised cards. This could also cost millions of dollars in penalties to regulatory compliance bodies. The case of a gang of Europeans who cloned 32 000 credit cards worth £17 million was reported in the Computer Fraud & Security News (2007) as the biggest (yet) uncovered credit card fraud. This is just a glimpse of losses related to today's threats.It is therefore very important for companies to notice that their strength in attaining and sustaining competitiveness in the highly volatile, demanding and uncertain markets lies in

show abstract

CBAC4C: conflict‐based VM isolation control for cloud computing

Dlamini

Eloff

Venter

et al. 2021

Int Trans Operational Res

View full text Add to dashboard Cite

For businesses to benefit from the many opportunities of cloud computing, they must first address a number of security challenges, such as the potential leakage of confidential data to unintended third parties. An inter‐VM (where VM is virtual machine) attack, also known as cross‐VM attack, is one threat through which cloud‐hosted confidential data could be leaked to unintended third parties. An inter‐VM attack exploits vulnerabilities between co‐resident guest VMs that share the same cloud infrastructure. In an attempt to stop such an attack, this paper uses the principles of logical analysis to model a solution that provides physical separation of VMs belonging to conflicting tenants based on their levels of conflict. The derived mathematical model is founded on scientific principles and implemented using four conflict‐aware VM placement algorithms. The resultant algorithms consider a tenant's risk appetite and cost implications. The model offers guidance to VM placement and is validated using a proof of concept. A cloud simulation tool was used to test and evaluate the effectiveness and efficiency of the model. The findings reflect that the introduction of the proposed model introduced a time lag in the time it took to place VM instances. On top of this, it was also discovered that the number and size of the VM instances has an effect on the VM placement performance. The findings further illustrate that the conflict tolerance level of a VM has a direct impact on the time it took to place.

show abstract

CBAC4C: Conflict Based Allocation Control for Cloud

Dlamini

Eloff

2014

View full text Add to dashboard Cite

Economics of Information Security

Dlamini¹

2004

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Moses Dlamini

Information security: The moving target

CBAC4C: conflict‐based VM isolation control for cloud computing

CBAC4C: Conflict Based Allocation Control for Cloud

Economics of Information Security

Contact Info

Product

Resources

About