Addressing Threats and Security Issues in World Wide Web Technology

Lecture Notes in Computer Science

2005

Self Cite

Abstract. Security incident management is one of the critical areas that offers valuable information to security experts, but still lacks much development. Currently, several security incident database models have been proposed and used. The discrepancies of such databases entail that worldwide incident information is stored in different formats and places and, so, do not provide any means for Computer Security Incident Response Teams (CSIRTs) collaboration. This paper presents an architecture based on advance database techniques, able to collect incident related information from different sources. Our framework enhances the incident management process by allowing the law enforcement units to (a) collect the required evidence from incident data that are spread through a number of different incident management systems; (b) transform, clean, and homogenize them; and, finally, (c) load them to a central database management system. Such architecture can also be beneficial by minimizing the mean time between the appearance of a new incident and its publication to the worldwide community.

“…A vital requirement for any such incident management system is security [12]. Such incident information could become a valuable tool for adversaries all over the world.…”

Section: System Architecturementioning

confidence: 99%

Workflow Based Security Incident Management

Belsis

Simitsis

Lecture Notes in Computer Science

2005

Self Cite

Information Management &Amp; Computer Security

“…First, we identify the protection these mechanisms offer against specific security threats (threat model). Generally, security threats to computer systems fall into the following broad classes (Gritzalis and Spinellis, 1997;Meyer et al, 1995):…”

Section: Review and Comparisonmentioning

confidence: 99%

Security architectures for network clients

Skoularidou

Spinellis

2003

Self Cite

Enumerates and compares a number of security‐enabling architectures for network clients. These architectures, either proposed as methodologies or currently implemented in software and/or hardware, are capable of protecting the client’s software integrity and its environment. The most important methodologies include the reference monitor model, firewalls, and virtual machines. Software implementations are the Java Sandbox, and the code signing concept. Hardware that can be used includes smart cards, and the TCPA/Palladium security initiative. Describes their most important features and provide a review and comparative study based on a number of criteria. Believes that ongoing research can empower these mechanisms for protecting network clients in a more effective way.

“…Several eå orts have been undertaken to address security in the Web, although the primary focus has been at the application level. These eå orts have addressed the issue of protecting the privacy, accuracy and authenticity of transactions conducted over the Internet [4,5].…”

Section: Web Security Issuesmentioning

confidence: 99%

Developing secure Web-based medical applications

Iliadis

Medical Informatics and the Internet in Medicine

et al. 1999

The EUROMED-ETS pilot system offers a number of security functionalities using off-the-shelf available products, in order to protect Web-based medical applications. The basic concept used by the proposed security architecture is the Trusted Third Party (TTP). A TTP is used in order to generate, distribute and revoke digital certificates to medical practitioners and healthcare organizations that wish to communicate securely. Digital certificates and digital signatures are used to provide peer and data origin authentication and access control. The paper demonstrates how TTPs can be used effectively in order to develop medical applications that run securely over the World Wide Web.