- Articles
- Authors
- Blogs
- ISA Server Articles
- Links
- Message Boards
- Newsletter
- RSS
- Security Tests
- Services
- Software
- White Papers
Network Security Library
Network Security Library / Auth. & Access Control
- Whole disk encryption is a must for mobile computers and devices
- Date - Dec 12, 2007
- As more and more employee's use laptops, the chance for information loss increases. Many companies are looking to protect their data assets, and whole disk encryption is becoming more popular.
- Testing Password Safety
- Date - Dec 05, 2007
- Proactive is always better than reactive, especially when trying to secure a corporate network. Learn more about the weaknesses in password security, and how you can audit your network to improve your security level.
- Recipe for Mobile Data Security
- Date - Nov 07, 2007
- The concerns regarding protection of mobile data. Read further to get some helpful insight into protection of the data your laptops contain.
- 5 Key Steps to Defining Your Application-Access Control
- Date - Oct 31, 2007
- This article defines 5 key steps in defining good access control processes.
- How to Improve Business Results through Secure Single Sign-on to SAP
- Date - Oct 17, 2007
- How to improve your company’s business results by improving user and IT productivity, and by avoiding this specific IT security risk within your SAP environment.
- Protecting Digital Assets: Full Disk Encryption White Paper
- Date - Oct 03, 2007
- Full Disk Encryption (FDE) is the safest way to protect digital assets. By encrypting the entire hard drive, data is completely protected without requiring any user interaction, thereby increasing productivity and eliminating user error.
- The Role of Encryption in Document DRM
- Date - Aug 08, 2007
- Document DRM (dDRM) involves controlling both access to and use of (through digital rights restrictions) the content of documents.
- Getting to Secure Internet Identity Management
- Date - Aug 01, 2007
- Microsoft's planned integration of CardSpace with the OpenID project.
- Document DRM: Replacing Encryption as the Standard for Document Protection
- Date - Jul 04, 2007
- In this article, it is argued that dDRM has rendered traditional encryption, as a method for protecting information in documents, obsolete and that dDRM will become the new standard for protecting electronic documents in general.
- Choosing an Enterprise Rights Management System: Architectural Approaches
- Date - May 23, 2007
- Enterprise rights management systems (ERM) attempt to combat data leakage by going a step beyond encryption and adding controls to the use of the content of a document. However, the way that an ERM system approaches this task is vital in retaining the fluid communication characteristic of electronic documents.
- Keystroke Dynamics: Low Impact Biometric Verification
- Date - Jan 24, 2007
- How the effectiveness of biometric solutions are measured, followed by an examination of keystroke dynamics technology.
- Securing the Finacial Services Firm
- Date - Oct 11, 2006
- Firms found in violation of SOX, GLBA, and SEC rules can face stiff fines and potential jail time. The evolution of these government regulations was designed to create a new atmosphere of company accountability and instill a new sense of trust to investors.
- How Securing Digital Identities and Information Can Help Transform Your Business
- Date - Sep 13, 2006
- This paper focuses on how identity and access management solutions can secure digital identities and information in compliance with regulatory guidelines across an extended enterprise.
- Human Factors in Managing IT Security Systems
- Date - Aug 02, 2006
- It doesn't matter how hard you work or how much you spend on IT Security systems, if you are not ever-vigilant of "the human factor" your systems will still be vulnerable to attack!
- Cracking Passwords
- Date - Apr 05, 2006
- Cracking Passwords is an important part of a network security assessment. Many methods and tools are available to crack passwords. This article provides some thought provoking insight into methods to perform a password audit.
- Securing What's at Risk - A Common Sense Approach to Strong Authentication
- Date - Mar 01, 2006
- Online consumers demand personalized unique identities that make them confident about online transactions. This whitepaper outlines issues with managing online identities when faced with increasing threats against these online identities.
- Public Key Infrastructure
- Date - Oct 14, 2004
- Public Key Infrastructure, aka PKI, vaunted as the solution for addressing the network security issues in the cyberspace using cryptographic techniques. This article discusses about how the PKI attempts to address network security threats and issues associated with the PKI.
- PKI FAQ's
- Date - Jun 06, 2003
- The Public Key Infrastructure has emerged as a way of providing confidentiality and accountability when communicating over the web. This FAQ describes the role of digital certificates and signatures, which are components of the PKI, and their effectiveness in securing communication.
- Violating Database - Enforced Security Mechanisms
- Date - Apr 24, 2003
- This paper discusses the feasibility of violating the access control, authentication and audit mechanisms of a running process in the Windows server operating systems. Specifically, it discusses the feasibility of totally disabling application - enforced access control in a running service, taking SQL Server 2000 as a sizeable and meaningful example. Topics relating to "runtime patching" exploits are discussed.
- Security: Access Control
- Date - Oct 16, 2002
- Autentification and autorisation
- Keeping Secrets in Hardware: The Microsoft XBox Case Study
- Date - Jun 07, 2002
- Differentiating Between Access Control Terms
- Date - Oct 06, 2001
- SubDomain: Parsimonious Server Security
- Date - Feb 18, 2001
- The Development of Destination-Specific Biometric Authentication
- Date - Apr 15, 2000
- Protocol Interactions and the Chosen Protocol Attack
- Date - Apr 11, 2000
- Reaction Attacks Against Several Public-Key Cryptosystems
- Date - Apr 11, 2000
- Simple Active Attack Against TCP
- Date - Apr 11, 2000
- The Newton Channel
- Date - Apr 08, 2000
- Oblivious Key Escrow
- Date - Apr 05, 2000
- Protocol Failure in the Escrowed Encryption Standard
- Date - Apr 05, 2000
- Performance Comparison of the AES Submissions
- Date - Apr 05, 2000
- Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure
- Date - Apr 05, 2000
- Self-Study Course in Block Cipher Cryptanalysis
- Date - Apr 04, 2000
- The boomerang attack
- Date - Apr 04, 2000
- Public Key Cryptosystems, Certiciates and Certification Authorities
- Date - Feb 27, 2000
- Attacks on Copyright Marking Systems - Paper
- Date - Feb 27, 2000
- Attacks on copyright marking systems - Slides
- Date - Feb 27, 2000
- Steganalysis: The Investigation of Hidden Information
- Date - Feb 27, 2000
- Biometrics: Uses and Abuses
- Date - Feb 26, 2000
- Authenticating Secure Tokens Using Slow Memory Access
- Date - Feb 26, 2000
- Can We Eliminate Revocation Lists?
- Date - Feb 26, 2000
- PSS: Provably secure encoding method for digital signatures.
- Date - Feb 26, 2000
- A New Family of Authentication Protocols
- Date - Feb 26, 2000
- Improving System Security via Proactive Password Checking
- Date - Feb 26, 2000
- Location-Based Authentication: Grounding Cyberspace for Better Security
- Date - Feb 26, 2000
- Proof-Carrying Authentication
- Date - Feb 26, 2000
- Kerberos: An Authentication Service for Open Network Systems.
- Date - Feb 26, 2000
- Limitations of the Kerberos Authentication System
- Date - Feb 26, 2000
- Breaking Up Is Hard to Do: Modeling Security Threats for Smart Cards
- Date - Feb 26, 2000
- Design Principals for Tamper-Resistant Smart Card Processors
- Date - Feb 26, 2000
- Hand-Held Computers Can Be Better Smart Cards
- Date - Feb 26, 2000
- High-Bandwidth Encryption with Low-Bandwidth Smartcards
- Date - Feb 26, 2000
- Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations
- Date - Feb 20, 2000
- Proxy-Based Authorization and Accounting for Distributed Systems
- Date - Feb 20, 2000
- Security Analyses of Network Time Services
- Date - Feb 20, 2000
- User-Friendly Access Control for Public Network Ports
- Date - Feb 20, 2000
- Decentralized Trust Management
- Date - Feb 20, 2000
- Compliance-Checking in the PolicyMaker Trust-Management System
- Date - Feb 20, 2000
- The Role of Trust Management in Distributed Systems Security
- Date - Feb 20, 2000
- Trust Management and Network-Layer Security Protocols
- Date - Feb 20, 2000
Network Security Library topic
| [ | 26 | ] | Anti Spam | [ | 12 | ] | Anti Virus | [ | 44 | ] | Auditing |
| [ | 60 | ] | Auth. & Access Control | [ | 3 | ] | Content Management | [ | 103 | ] | Cryptography |
| [ | 12 | ] | Disaster Recovery | [ | 36 | ] | Firewalls & VPN's | [ | 6 | ] | Forensics |
| [ | 41 | ] | Harmless hacking book | [ | 1 | ] | Honeypots | [ | 14 | ] | Information Warfare |
| [ | 26 | ] | Intrusion Detection | [ | 7 | ] | Law | [ | 3 | ] | Managed Security Solutions |
| [ | 50 | ] | Misc | [ | 24 | ] | Mobile Code | [ | 32 | ] | NCSC&DoD Rainbow series |
| [ | 13 | ] | NetWare | [ | 31 | ] | Network Security | [ | 4 | ] | Patch Management |
| [ | 3 | ] | Phishing | [ | 38 | ] | Policy & Standards | [ | 25 | ] | Privacy |
| [ | 21 | ] | Software Engineering | [ | 2 | ] | Trojans | [ | 2 | ] | Underground |
| [ | 82 | ] | Unix Security | [ | 19 | ] | Web Security | [ | 39 | ] | Windows Security |
| [ | 6 | ] | Wireless Security |
Featured Links*
Become a WindowSecurity.com member!
Discuss your security issues with thousands of other network security experts. Click here to join!