Home About us Contact
|
Home About us Contact | ||
|
|
||
Security Controls (security + control)
Selected AbstractsA Cumulative Sum scheme for monitoring frequency and size of an eventQUALITY AND RELIABILITY ENGINEERING INTERNATIONAL, Issue 6 2010Zhang Wu Abstract This article proposes a Cumulative Sum (CUSUM) scheme, called the TC-CUSUM scheme, for monitoring a negative or hazardous event. This scheme is developed using a two-dimensional Markov model. It is able to check both the time interval (T) between occurrences of the event and the size (C) of each occurrence. For example, a traffic accident may be defined as an event, and the number of injured victims in each case is the event size. Our studies show that the TC-CUSUM scheme is several times more effective than many existing charts for event monitoring, so that cost or loss incurred by an event can be reduced by using this scheme. Moreover, the TC-CUSUM scheme performs more uniformly than other charts for detecting both T shift and C shift, as well as the joint shift in T and C. The improvement in the performance is achieved because of the use of the CUSUM feature and the simultaneous monitoring of T and C. The TC-CUSUM scheme can be applied in manufacturing systems, and especially in non-manufacturing sectors (e.g. supply chain management, health-care industry, disaster management, and security control). Copyright © 2009 John Wiley & Sons, Ltd. [source] Security Maintenance Mediation: a technology for preventing unintended security breachesCONCURRENCY AND COMPUTATION: PRACTICE & EXPERIENCE, Issue 1 2004Roger (Buzz) KingArticle first published online: 4 DEC 200 Abstract Web-resident information is becoming ,smarter', in the sense that emerging technology will support the annotation of it with ontological terms, which will be used to locate and reuse information. This will pose a great security risk in the form of unintended breaches (as distinct from deliberate invasions). Web-resident information will be far more readily available and relevant, thus causing inadvertent releases of secure information to potentially cause it to be diffusely spread across the Internet. Then as this information is iteratively transformed and integrated with other information, it will become irretrievable and potentially used in a myriad of unpredictable ways. The problem is that ontological annotations, while making information more understandable in its original form, do not provide a means for easily capturing the complex semantics of information that has been transformed via abstraction, aggregation, and integration. This demands the development of a semantically rich way of specifying ,views' of Web information, to which security controls can be attached. Also needed is a way for users of secure information to easily and voluntarily blend,and thereby propagate,security controls as information is transformed. Information mediators designed by collaborative teams of experts are proposed as the vehicle for wrapping information, so that at each step of reuse, high-level views and their corresponding integrity controls can be made easily accessible to trusted users who will then be able to ensure their proper maintenance. Copyright © 2004 John Wiley & Sons, Ltd. [source] Using the Bell Labs security framework to enhance the ISO 17799/27001 information security management systemBELL LABS TECHNICAL JOURNAL, Issue 3 2007Andrew R. McGee The global information technology (IT) industry recognizes the need for standards to improve the quality and consistency of security for IT products and services. As such, the International Organization for Standardization/ International Electrotechnical Commission (ISO/IEC) 27000 series is focusing on the requirements, security controls, and implementation guidance for an organization's information security management system (ISMS). This guidance establishes general principles that can be used in various industries and government; however, standardized techniques are also needed to identify, implement, and operate security controls as part of the ISMS life cycle. The Bell Labs Security Framework identifies both the minimal and differentiating security controls by decomposing an IT product or service into a layered hierarchy of equipment and facilities groupings and examining the types of activities that occur at each layer in a standardized manner. Furthermore, the Bell Labs Security Framework security dimensions provide the necessary mechanisms to implement and operate the selected controls. The Bell Labs Security Framework enhances the ISO/IEC 27000 series by providing a comprehensive end-to-end approach to implementing IT security. © 2007 Alcatel-Lucent. [source] | ||||||||||