izmeklēšanas īpatnības: Monogrāfija. - Rīga: Biznesa augstskola Turība, 2003. - 387 p. ISO/IEC 27002:2005. Information Technology - Security Techniques - Code of Practice for Information Security Management. ISO/IEC, 2005(E). - 125 p. Игнатьев, В. А. Информационная безопасность современного коммерческого предприятия. - Старый Оскол: ТНТ, 2005. - 448 стр. McCarthy L. ITSecurity: Risking the Corporation - Prentice Hall PTR, 2003. - 272 p. Садердинов, А. А. Информационная безопасность предприятия. - Издательский дом "Дашков и К", 2005. - 336 p. Основы управления и аудита
The article presents the aspects of Communication and Information Systems security principles for classified Information Security Management System implemented within the realization of European Defence Agency research and technology projects. In the content of article, author characterised the rules and procedures, resulting from the legal acts, which regulates IT security procedures of classified information processing, obtained during the realisation of research process. Special attention has been focused on the European Defence Agency projects during which common IT security procedures are very important to provide not only the proper level of secrecy but also to ensure confidentiality, integrity and availability of all information processed during the research process.
—scales, knowledge, and norms. Sustainability Science , 5 (2), 171–184. Busbach-Richard, U. (2019). The Case of IT-Security: Anti-Patterns in Policy Making and its Implementation. Book of Abstracts of the First International Conference on Sustainable Development in Business and Economics. Skopje: IBI/IBF. Caragliu, A., Del Bo, C., and Nijkamp, P. (2009). Smart Cities in Europe. Series Research Memoranda 0048. Amsterdam: VU University Amsterdam, Faculty of Economics, Business Administration and Econometrics. Conti, G., Cross, T., Raymond, D. (2015). Pen Testing a City Retrieved
Building an Intrusion Detection System for IT Security Based on Data Mining Techniques
This paper aims to research various data mining techniques applied to solve intrusion detection problems. In general, intrusion detection techniques can be divided into two major categories: misuse detection and anomaly detection. Taking into consideration effectiveness of the anomaly detection technique not only against known types of attacks (like misuse detection does by exploiting signature database) but also against new ones, it has become a topical issue in majority of data and computer security researches.
The techniques discussed in the paper include the Hidden Markov Model (HMM) method for modelling and evaluating invisible events based on system calls, further development of Stephanie Forrest's idea of the fixed-length audit trail patterns, the principle component analysis based method for anomaly intrusion detection with less computation efforts, algorithm based on k-nearest neighbour method, as well as applying association rule algorithm to audit data.
Information Security Aspect of Operational Risk Management
Improving organization means on the one hand searching for adequate product (service) matched to the market, on the other hand shaping the ability to react on risks caused by that activity. The second should consist of identifying and estimating types of risk, and consequently creating solutions securing from possible forms of it's realization (disturbances), following rules of rational choice of security measures as seen in their relation to costs and effectiveness. Activities of creating the security measures should be organized as constantly developing and perfecting and as such they need formal place in organizational structure and rules of management
Today, the state, its organizations and its citizens have become vulnerable to the complexity of complex electronic information systems in the cyberspace of Hungary, without which state operations and the provision and use of different services become unworkable. In addition to the modern economic system, society is not prepared to operate without lost infrastructure, assets or services, so they must clearly be protected especially because the information used and generated in their operation and the data managed represent significant assets.
-to-get-privacy-digital-life-data-monitoring-gathering-amazon-facebook-google , 2018. Accessed: 2019-03-12.  M. Harbach, S. Fahl, and M. Smith. Who’s Afraid of Which Bad Wolf? A Survey of ITSecurity Risk Awareness. In Proceedings of the IEEE 27th Computer Security Foundations Symposium (CSF) , pages 97–110, Vienna, Austria, 2014. IEEE.  Geert H. Hofstede. Cultures and organizations: Software of the mind . McGraw-Hill, London and New York, 1991.  Daniel Kahneman. A Perspective on Judgment and Choice: Mapping Bounded Rationality. The American psychologist , 58:697–720, 2003.  Katherine Karl, Joy Peluchette, and Christopher
Existing anonymity systems sacrifice anonymity for efficient communication or vice-versa. Onion-routing achieves low latency, high bandwidth, and scalable anonymous communication, but is susceptible to traffic analysis attacks. Designs based on DC-Nets, on the other hand, protect the users against traffic analysis attacks, but sacrifice bandwidth. Verifiable mixnets maintain strong anonymity with low bandwidth overhead, but suffer from high computation overhead instead.
In this paper, we present Riffle, a bandwidth and computation efficient communication system with strong anonymity. Riffle consists of a small set of anonymity servers and a large number of users, and guarantees anonymity among all honest clients as long as there exists at least one honest server. Riffle uses a new hybrid verifiable shuffle technique and private information retrieval for bandwidth- and computation-efficient anonymous communication. Our evaluation of Riffle in file sharing and microblogging applications shows that Riffle can achieve a bandwidth of over 100KB/s per user in an anonymity set of 200 users in the case of file sharing, and handle over 100,000 users with less than 10 second latency in the case of microblogging.
Online trackers compile profiles on users for targeting ads, customizing websites, and selling users’ information. In this paper, we report on the first detailed study of the perceived benefits and risks of tracking-and the reasons behind them-conducted in the context of users’ own browsing histories. Prior work has studied this in the abstract; in contrast, we collected browsing histories from and interviewed 35 people about the perceived benefits and risks of online tracking in the context of their own browsing behavior. We find that many users want more control over tracking and think that controlled tracking has benefits, but are unwilling to put in the effort to control tracking or distrust current tools. We confirm previous findings that users’ general attitudes about tracking are often at odds with their comfort in specific situations. We also identify specific situational factors that contribute to users’ preferences about online tracking and explore how and why. Finally, we examine a sample of popular tools for controlling tracking and show that they only partially address the situational factors driving users’ preferences.We suggest opportunities to improve such tools, and explore the use of a classifier to automatically determine whether a user would be comfortable with tracking on a particular page visit; our results suggest this is a promising direction for future work.