|
192.
|
A Study of Security Administration Errors
/ Kartik Markandan
[LERSSE-REPORT-2007-021]
Security administrators prevent security breaches against their infrastructure by using their tools to implement the security policy. [...]
Published in Kartik Markandan, "A Study of Security Administration Errors", Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2006-03, 17 December, 2006, pp.12.:
Transfer from CDS 0.99.7:  PDF;
|
|
193.
|
Towards Understanding IT Security Professionals and Their Tools
/ David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al
[LERSSE-PRESENTATION-2007-062]
It is estimated that organizations worldwide will spend around $100 Billion USD on IT Security in 2007. [...]
Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Sid Fels, Lee Iverson, Brian Fisher, "Towards Understanding IT Security Professionals and Their Tools," CIPS Vancouver Security SIG Meeting, Vancouver, 13 June, 2007, pp.20.:
Transfer from CDS 0.99.7: PDF;
|
|
194.
|
Detecting, Analyzing and Responding to Security Incidents: A Qualitative Analysis
/ Rodrigo Werlinger ; David Botta
[LERSSE-RefConfPaper-2007-024]
This study develops categories of responses to security incidents, based on a grounded theory analysis of interviews with security practitioners, with a focus on the tasks performed during security incidents, and the necessary resources to perform these tasks. [...]
Published in Rodrigo Werlinger,
David Botta, "Detecting, Analyzing and Responding to Security Incidents: A
Qualitative Analysis," in Workshop on Usable IT Security Management (USM'07), July 18, 2007, Pittsburgh, PA, USA.:
Transfer from CDS 0.99.7: PDF;
|
|
195.
|
Understanding IT Security Administration through a Field Study
/ David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al
[LERSSE-REPORT-2007-002]
[LERSSE-REPORT-2007-020]
The security administration of large organizations is exceptionally challenging due to the increasingly large numbers of application instances, resources, and users; the growing complexity and dynamics of business processes; and the spiralling volume of change that results from the interaction of the first two factors. [...]
Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels and Brian Fisher, "Understanding Information Technology Security Administration through a Field Study", Laboratory for Education and Research in Secure Systems Engineering, University of British Columbia, 2007:
Transfer from CDS 0.99.7: PDF;
|
|
196.
|
Towards Understanding IT Security Professionals and Their Tools
/ David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al
[LERSSE-RefConfPaper-2007-023]
We report preliminary results of our ongoing field study of IT professionals who are involved in security management. [...]
Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels, Brian Fisher, "Towards Understanding IT Security Professionals and Their Tools" in Proceedings of the Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, PA, USA, July 18-20, 2007, pp.100-111.:
Transfer from CDS 0.99.7: PDF;
|
|
197.
|
Support for ANSI RBAC in CORBA
/ Konstantin Beznosov ; Wesam Darwish
[LERSSE-REPORT-2007-019]
We describe access control mechanisms of the Common Ob ject Request Broker Architecture (CORBA) and define a configuration of the CORBA protection system in more precise and less ambiguous language than the CORBA Security specification (CORBASec). [...]
Published in Konstantin Beznosov, Wesam Darwish "Support for ANSI RBAC in CORBA," Laboratory for Education and Research in Secure Systems Engineering, Vancouver, Canada, University of British Columbia, technical report LERSSE-TR-2007-01, 26 July, 2007, pp.42.:
Transfer from CDS 0.99.7: PDF;
|
|
198.
|
Cooperative Secondary Authorization Recycling
/ Qiang Wei ; Matei Ripeanu ; Konstantin Beznosov
[LERSSE-RefConfPaper-2007-022]
As distributed applications such as Grid and enterprise systems scale up and become increasingly complex, their authorization infrastructures—based predominantly on the request-response paradigm—are facing challenges in terms of fragility and poor scalability. [...]
Published in Qiang Wei, Matei Ripeanu, and Konstantin Beznosov, "Cooperative Secondary Authorization Recycling," in Proceedings of the 16th Symposium on High Performance Distributed Computing (HPDC'07), June 25–29, 2007, Monterey, California, USA. pp.65-74:
Transfer from CDS 0.99.7: PDF;
|
|
199.
|
On the Imbalance of the Security Problem Space and its Expected Consequences
/ Konstantin Beznosov ; Olga Beznosova
[LERSSE-RefConfPaper-2007-021]
This paper considers the attacker-defender game in the field of computer security as a three-dimensional phenomenon [...]
Published in Konstantin Beznosov, Olga Beznosova "On the Imbalance of the Security Problem Space and its Expected Consequences," To appear in Symposium on Human Aspects of Information Security & Assurance (HAISA), Plymouth, UK, 10 July, 2007, pp.10. :
Transfer from CDS 0.99.7: PDF;
|
|
200.
|
Studying IT Security Professionals: Research Design and Lessons Learned
/ David Botta ; Rodrigo Werlinger ; André Gagné ; Konstantin Beznosov ; et al
[LERSSE-RefConfPaper-2007-020]
The HOT Admin Field Study used qualitative methods to study information technology security administrators. [...]
Published in David Botta, Rodrigo Werlinger, André Gagné, Konstantin Beznosov, Lee Iverson, Sidney Fels, and Brian Fisher, "Studying IT Security Professionals: Research Design and Lessons Learned" position paper at the CHI Workshop on Security User studies: Methodologies and Best Practices, San Francisco, CA, 28 April 2007, 4 pages.:
Transfer from CDS 0.99.7: PDF;
|
|
201.
|
A Security Analysis of the Precise Time Protocol
/ Jeanette Tsang ; Konstantin Beznosov
[LERSSE-PRESENTATION-2006-061]
We present a security analysis of the IEEE 1588 standard, a.k.a [...]
Published in Jeanette Tsang, Konstantin Beznosov, "A Security Analysis of the Precise Time Protocol", presented at the Eighth International Conference on Information and Communications Security (ICICS), Raleigh, North Carolina, USA, 5 December, 2006.:
Transfer from CDS 0.99.7: PDF;
|
guest ::
