Various technical bodies have devised methodologies to guide testers to the selection, design, and implementation of the most appropriate security testing procedures for various contexts. Their general applicability is obviously regarded as a necessary and positive feature, but its consequence is the need for a complex adaptation phase to the specific systems under test. In this work, we aim to...

Security protocols are concurrent processes that communicate using cryptography with the aim of achieving various security properties. Recent work on their formal verification has brought procedures and tools for deciding trace equivalence properties (e.g., anonymity, unlinkability, vote secrecy) for a bounded number of sessions. However, these procedures are based on a naive symbolic explorati...

With the growth of attacks and hacking activities, the organizations are becoming more security conscience. The scope has changed from technical problem to a business problem within an organization. High cost is incurred to implement security policy and procedures and is viewed as an investment. However, in the quest of getting secure, the organizations hastily employ hackers to exploit the vul...

Distribution Statement A. Approved for public release. Distribution is unlimited. DESTRUCTION NOTICE For classified documents, follow the procedures in DOD 5220.22M, National Industrial Security Program Operating Manual (NISPOM), Chapter 5, Section 7, or DOD 5200.1-R, Information Security Program Regulation, Chapter IX. For unclassified, limited documents, destroy by any method that will preven...

the prominent features of national security in today's world are dimension change and its nature, taking place dramatically and with high speed. in this respect and in comparison to other areas, what is taken place in regard to information technology is more important. havingsecurity in virtual space is an important subject that is recently taken into account in strategic studies. the natu...

security policy-making in critical regions is one of the main concerns of the research centers and academic institutes. security-building in the regions like the caucasus is important because the historical roots of conflict could be seen in the policies of various countries. whenever some manifestations of authoritarianism can be seen, some countries are in the state of cooperative action. how...

To protect the information assets of organizations, many different standards and guidelines have been proposed. Among them, International standard ISO 17799 is one of the most prominent international efforts on information security. This standard provides both an authoritative statement on information security and the procedures to be adopted by organizations to ensure information security. Sec...

In a public key infrastructure trust model, a trust is transferred along a set of certificates, issued by certificate authorities (CAs) considered as trustfully third parties, providing a trust chain among its entities. In order to deserve this trustworthiness, a CA should to apply the rigorous procedures for generating keys, checking the identities, and following reliable security practices. A...

Groupware Task Analysis (GTA) is applied for the redesign of a commercial security system. The problem is the confidentiality of the knowledge on the task domain. The system is the actual security systems in use in companies, AND, obviously, none of them is eager to have details of its security management situation and security procedures being made available to outsiders, even if these are emp...

LIS researchers who seek to perform country-comparative and / or trend analyses have to account for the fact that in some LIS datasets income variables were reported net of taxes and social security contributions, while in other datasets income variables were reported gross of taxes and social security contributions. In this technical paper we discuss, develop, and evaluate two ‘netting down pr...