|
172.
|
Responding to security incidents: are security tools everything you need?
/ Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-PRESENTATION-2008-069]
Presentation given at FIRST'08 conference [...]
Published in Rodrigo Werlinger, Kirstie Hawkey, Konstantin Beznosov, "Responding to security incidents: are security tools everything you need?", presented at FIRST, Vancouver, Canada, June 23-27, 2008.:
Transfer from CDS 0.99.7:  PDF;
|
|
173.
|
The Challenges of Using an Intrusion Detection System: Is It Worth the Effort?
/ Rodrigo Werlinger ; Kirstie Hawkey ; Kasia Muldner ; Pooya Jaferian ; et al
[LERSSE-RefConfPaper-2008-029]
An intrusion detection system (IDS) can be a key component of security incident response within organizations. [...]
Published in R. Werlinger, K. Hawkey, K. Muldner, P. Jaferian, and K. Beznosov. The challenges of using an intrusion detection system: Is it worth the effort? In Proc. of ACM Symposium on Usable Privacy and Security (SOUPS) , pp 107 - 116 , 2008:
Transfer from CDS 0.99.7: PDF;
|
|
174.
|
Human, Organizational and Technological Challenges of Implementing IT Security in Organizations
/ Rodrigo Werlinger ; Kirstie Hawkey ; Konstantin Beznosov
[LERSSE-RefConfPaper-2008-028]
Our qualitative research provides a comprehensive list of challenges to the practice of IT security within organizations, including the interplay between human, organizational, and technical factors. [...]
Published in R. Werlinger, K. Hawkey, and K. Beznosov. Human, Organizational and Technological Challenges of Implementing IT Security in Organizations. In Proc of. HAISA '08: Human Aspects of Information Security and Assurance, 10 pages), July 2008, pp 35-48.:
Transfer from CDS 0.99.7: PDF;
|
|
175.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-REPORT-2008-026]
As enterprise systems, Grids, and other distributed applications scale up and become increasingly complex, their authorization infrastructures---based predominantly on the request-response paradigm---are facing challenges of fragility and poor scalability. [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," Tech. Rep. LERSSE-TR-2008-02, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, April 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
176.
|
Identifying Differences Between Security and Other IT Professionals: a Qualitative Analysis.
/ Andre Gagne ; Kasia Muldner ; Konstantin Beznosov
[LERSSE-RefConfPaper-2008-027]
We report factors differentiating security and other IT responsibilities. [...]
Published in Andre Gagne, Kasia Muldner, and Konstantin Beznosov. Identifying Differences between Security and other IT Professionals: a Qualitative Analysis. In proceedings of Human Aspects of Information Security and Assurance (HAISA), Plymouth, England, July 2008, pp 69-80.:
Transfer from CDS 0.99.7: PDF;
|
|
177.
|
Authorization Recycling in RBAC Systems
/ Qiang Wei ; Jason Crampton ; Konstantin Beznosov ; Matei Ripeanu
[LERSSE-RefConfPaper-2008-026]
As distributed applications increase in size and complexity, traditional authorization mechanisms based on a single policy decision point are increasingly fragile because this decision point represents a single point of failure and a performance bottleneck. [...]
Published in Qiang Wei, Jason Crampton, Konstantin Beznosov, and Matei Ripeanu. Authorization recycling in RBAC systems. In SACMAT '08: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, Estes Park, Colorado, USA, June 11-13 2008, pp. 63-72. :
Transfer from CDS 0.99.7: PDF;
|
|
178.
|
A Broad Empirical Study of IT Security Practioners
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-068]
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after a security breach [...]
Published in Konstantin Beznosov, "A Broad Empirical Study of IT Security Practioners," talk given at the Coast to Coast Seminar Series, 2008-03-18.:
Transfer from CDS 0.99.7: PDF;
|
|
179.
|
HOT Admin Research Project: Overview and Results to Date
/ Konstantin Beznosov
[LERSSE-PRESENTATION-2008-067]
Security of information technology (IT) has become a critical issue for organizations as they must protect their information assets from unauthorized access and quickly resume business activities after a security breach [...]
Published in Konstantin Beznosov, "HOT Admin Research Project: Overview and Results to Date," presented at the seminar series of GONDWANA (Towards Quantitative Security Metrics) research project, 41 pages, École Polytechnique de Montréal, February 21, 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
180.
|
SQLPrevent: Effective Dynamic Detection and Prevention of SQL Injection Attacks Without Access to the Application Source Code
/ San-Tsai Sun ; Konstantin Beznosov
[LERSSE-REPORT-2008-025]
This paper presents an effective approach for detecting and preventing known as well as novel SQL injection attacks. [...]
Published in San-Tsai Sun and Konstantin Beznosov, "SQLPrevent: Effective dynamic detection and prevention of SQL injection attacks without access to the application source code," Tech. Rep. LERSSE-TR-2008-01, Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, February 2008.:
Transfer from CDS 0.99.7: PDF;
|
|
181.
|
A Two-Factor Authentication System using Mobile Phones
/ Nima Kaviani ; Konstantin Beznosov
[LERSSE-POSTER-2008-003]
The use of untrusted computers to access critical information introduces one of the main challenges in protecting the security of users’ confidential information. [...]
Published in Nima Kaviani, Konstantin Beznosov, "A Two-Factor Authentication System using Mobile Phones", Poster Presentation in the National Privacy and Security Conference, Victoria, Canada, February 2008.:
Transfer from CDS 0.99.7: PDF;
|
guest ::
