|
162.
|
On the Imbalance of the Security Problem Space and its Expected Consequences
/ Konstantin Beznosov ; Olga Beznosova
[LERSSE-RefJnlPaper-2008-006]
Purpose – This paper aims to report on the results of an analysis of the computer security problem space, to suggest the areas with highest potential for making progress in the attacker-defender game, and to propose questions for future research. [...]
Published in Konstantin Beznosov and Olga Beznosova, "On the Imbalance of the Security Problem Space and its Expected Consequences," Journal of Information Management & Computer Security, Emerald, vol. 15 n.5, September 2007, pp.420-431.:
Transfer from CDS 0.99.7:  PDF;
|
|
163.
|
Guidelines for Designing IT Security Management Tools
/ Pooya Jaferian ; David Botta ; Fahimeh Raja ; Kirstie Hawkey ; et al
[LERSSE-RefConfPaper-2008-030]
An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. [...]
Published in Pooya Jaferian, David Botta, Fahimeh Raja, Kirstie Hawkey, Konstantin Beznosov, "Guidelines for Designing IT Security Management Tools," In CHIMIT '08: Proceedings of the 2008 symposium on Computer Human Interaction for the Management of Information Technology, San Diego, CA, USA, 7:1-7:10, ACM.:
Transfer from CDS 0.99.7: PDF;
|
|
164.
|
A Two-factor Authentication Mechanism Using Mobile Phones
/ Nima Kaviani ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-REPORT-2008-027]
Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. [...]
Published in Nima Kaviani and Kirstie Hawkey and Konstantin Beznosov, "A Two-factor Authentication Mechanism Using Mobile Phones," Tech. Rep. LERSSE-TR-2008-03, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, August 2008:
Transfer from CDS 0.99.7: PDF;
|
|
165.
|
Challenges, Collaborative Interactions, and Diagnosis Performed by IT Security Practitioners: An Empirical Study
/ Rodrigo Werlinger
[LERSSE-THESIS-2008-004]
This thesis investigates four different aspects of information security management: challenges faced by security practitioners, interactive collaborations among security practitioners and other stakeholders, diagnostic work performed by security practitioners during the response to incidents, and factors that impact the adoption of an intrusion detection system in one organization. [...]
Published in Rodrigo Werlinger, "Challenges, Collaborative Interactions, and Diagnosis Performed by IT Security Practitioners: An Empirical Study," MASc thesis, Department of Electrical and Computer Engineering, University of British Columbia, Vancouver, Canada, July 2008. :
Transfer from CDS 0.99.7: PDF;
|
|
166.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2008-005]
As enterprise systems, Grids, and other distributed applications scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges of fragility and poor scalability. [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," IEEE Transactions on Parallel and Distributed Systems, vol. 20 n.2, February 2009, pp.275-288.:
Transfer from CDS 0.99.7: PDF;
|
|
167.
|
Management of IT Security in Organizations: What Makes It Hard?
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-073]
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after security breaches. [...]
Published in Konstantin Beznosov, “Management of IT Security in Organizations: What Makes It Hard?” talk given at the SAP Research, Campus-based Engineering Center, Karlsruhe, Germany, 08 July 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
168.
|
Searching for the Right Fit: Balancing IT Security Management Model Trade-Offs
/ Kirstie Hawkey ; Kasia Muldner ; Konstantin Beznosov
[LERSSE-RefJnlPaper-2008-004]
IT security professionals’ effectiveness in an organization is influenced not only by how usable their security management tools are but also by how well the organization’s security management model (SMM) fits. [...]
Published in Kirstie Hawkey, Kasia Muldner and Konstantin Beznosov, "Searching for the Right Fit Balancing IT Security Management Model Trade-Offs", Special Issue on Useful Computer Security, IEEE Internet Computing Magazine, 12(3), 2008, p. 22-30.:
Transfer from CDS 0.99.7: PDF;
|
|
169.
|
Why (Managing) IT Security is Hard and Some Ideas for Making It Easier
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-072]
The way security mechanisms for distributed applications are engineered today has a number of serious drawbacks. [...]
Published in Konstantin Beznosov, “Why (Managing) IT Security is Hard and Some Ideas for Making It Easier” talk given at the St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, 2 June 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
170.
|
The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-071]
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures, with security enforcement logic obtaining decisions from authorization servers through remote procedure calls. [...]
Published in Konstantin Beznosov, “The Secondary and Approximate Authorization Model and its Application to BLP and RBAC Policies” talk given at the Computer Science Department, IBM Research Laboratory, Rüeschlikon, Switzerland, 5 June 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
171.
|
Toward Understanding the Workplace of IT Security Practitioners
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-070]
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after security breaches. [...]
Published in Konstantin Beznosov, “Toward Understanding the Workplace of IT Security Practitioners” talk given at the Computer Science Department, College University London, 04 July 2008.:
Transfer from CDS 0.99.7: PDF;
|
guest ::
