|
The Need for TCPA
|
|
Hits: 0 |
|
Date added: 12/03/2005 |
|
The Trusted Computing Platform Alliance (TCPA) has produced open specifications for a security chip and related software interfaces. The TCPA chip is designed to provide client machines with a minimal but essential hardware base for client side security. Recent papers have attacked the TCPA specification out of ignorance of its goals and capabilities. This paper summarizes what the TCPA chip does, gives examples of important applications of the chip, and shows why these applications are critical to client side security. |
|
|
|
|
|
|
|
|
|
The Design and Evaluation of a Defense System
|
|
Hits: 4 |
|
Date added: 11/30/2007 |
|
The Design and Evaluation of a Defense System
for Internet Worms
Many areas of society have become heavily dependent on services such as transportation facilities, utilities
and so on that are implemented in part by large numbers of computers and communications links. Both past
incidents and research studies show that a well-engineered Internet worm can disable such systems in a fairly
simple way and, most notably, in a matter of a few minutes. This indicates the need for defenses against
worms but their speed rules out the possibility of manually countering worm outbreaks. We present a
platform that emulates the epidemic behavior of Internet active worms. For purposes of experimentation, the
platform has been deployed on a cluster of computers to emulate worm outbreaks in very large networks. A
wide variety of worm properties can be studied and network topologies of interest constructed. A reactive
control system, based on the Willow architecture and the OOPS policy framework, operates on top of the
platform and provides a monitor/analyze/respond approach to deal with infections automatically. The logic
driving the control system is synthesized from a formal specification, which is based on control rules
correlating sensor events. Details of our highly configurable platform, the theory of operation of the Willow
architecture, the features of the specification language, and various experimental performance results are
presented. |
|
|
|
|
|
The Database Hackers Handbook
|
|
Hits: 14 |
|
Date added: 09/09/2006 |
|
This book is aimed at people who are interested in the practical reality of database security. This includes database administrators, network administrators, security auditors, and the broader security research community. The book is unashamedly technical, and the reader is assumed to be familiar with well-known security concepts such as buffer overflows, format string bugs, SQL injection, basic network architecture, and so on. We dip into C, C++, and even assembler source code from time to time, but in general, programming skills aren't necessary in order to understand the material. |
|
|
|
|
|
|
The changing face of web security
|
|
Hits: 2 |
|
Date added: 12/27/2005 |
|
Are we winning or losing the battle of web security? Read this white paper backed by industry figures to ensure you are aware of the facts. |
|
|
|
