An investigation into unintentional information leakage through electronic publication
- Forrester, Jock, Irwin, Barry V W
- Authors: Forrester, Jock , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428814 , vital:72538 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Poster/012_Article.pdf
- Description: Organisations are publishing electronic documents on their websites, via email to clients and potentially un-trusted third parties. This trend can be attributed to the ease of use of desktop publishing/editing soft-ware as well as the increasingly connected environment that employ-ees work in. Advanced document editors have features that enable the use of group editing, version control and multi-user authoring. Unfortu-nately these advanced features also have their disadvantages. Metadata used to enable the collaborative features can unintentionally expose confidential data to unauthorised users once the document has been published.
- Full Text:
- Authors: Forrester, Jock , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428814 , vital:72538 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Poster/012_Article.pdf
- Description: Organisations are publishing electronic documents on their websites, via email to clients and potentially un-trusted third parties. This trend can be attributed to the ease of use of desktop publishing/editing soft-ware as well as the increasingly connected environment that employ-ees work in. Advanced document editors have features that enable the use of group editing, version control and multi-user authoring. Unfortu-nately these advanced features also have their disadvantages. Metadata used to enable the collaborative features can unintentionally expose confidential data to unauthorised users once the document has been published.
- Full Text:
In-kernel cryptographic executable verification
- Motara, Yusuf, M, Irwin, Barry V W
- Authors: Motara, Yusuf, M , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429049 , vital:72556 , https://doi.org/10.1007/0-387-31163-7_25
- Description: This paper discusses the problems posed by Trojan horses and unauthorized code, and reviews existing solutions for dealing with them. A technique involving the in-kernel verification of executables is proposed. Its advantages include simplicity, transparency, ease of use and minimal setup time. In addition, the technique has several applications, including assisting with honeypot implementations, incident response and forensic investigations.
- Full Text:
- Authors: Motara, Yusuf, M , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429049 , vital:72556 , https://doi.org/10.1007/0-387-31163-7_25
- Description: This paper discusses the problems posed by Trojan horses and unauthorized code, and reviews existing solutions for dealing with them. A technique involving the in-kernel verification of executables is proposed. Its advantages include simplicity, transparency, ease of use and minimal setup time. In addition, the technique has several applications, including assisting with honeypot implementations, incident response and forensic investigations.
- Full Text:
In-kernel cryptographic executable verification
- Motara, Yusuf, M, Irwin, Barry V W
- Authors: Motara, Yusuf, M , Irwin, Barry V W
- Date: 2005
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429937 , vital:72653 , https://doi.org/10.1007/0-387-31163-7_25
- Description: This paper discusses the problems posed by Trojan horses and unau-thorized code, and reviews existing solutions for dealing with them. A technique involving the in-kernel verification of executables is pro-posed. Its advantages include simplicity, transparency, ease of use and minimal setup time. In addition, the technique has several applications, including assisting with honeypot implementations, incident response and forensic investigations.
- Full Text:
- Authors: Motara, Yusuf, M , Irwin, Barry V W
- Date: 2005
- Subjects: To be catalogued
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/429937 , vital:72653 , https://doi.org/10.1007/0-387-31163-7_25
- Description: This paper discusses the problems posed by Trojan horses and unau-thorized code, and reviews existing solutions for dealing with them. A technique involving the in-kernel verification of executables is pro-posed. Its advantages include simplicity, transparency, ease of use and minimal setup time. In addition, the technique has several applications, including assisting with honeypot implementations, incident response and forensic investigations.
- Full Text:
Securing Real-time multimedia: A brief survey
- Cloran, Russell, Irwin, Barry V W, Terzoli, Alfredo
- Authors: Cloran, Russell , Irwin, Barry V W , Terzoli, Alfredo
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428887 , vital:72543 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Research/020_Article.pdf
- Description: Voice over IP (VoIP) enables cheaper and easier communication but can be less secure than the traditional TDM network. This paper is a guide to securing VoIP networks using current technologies and best practices. Physical and logical segregation of data and multimedia traf-fic is discussed. Current VoIP analysis tools are described with specific reference to their usefulness as a means of evaluating the quality of a secure VoIP system. Protocol enhancements, such as the Secure Re-al-time Transport Protocol and transport layer protection such as of-fered by IPSec, are discussed and evaluated. Finally, various secure VoIP implementation scenarios are discussed, with configurations combining these security solutions presented in the paper.
- Full Text:
- Authors: Cloran, Russell , Irwin, Barry V W , Terzoli, Alfredo
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428887 , vital:72543 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Research/020_Article.pdf
- Description: Voice over IP (VoIP) enables cheaper and easier communication but can be less secure than the traditional TDM network. This paper is a guide to securing VoIP networks using current technologies and best practices. Physical and logical segregation of data and multimedia traf-fic is discussed. Current VoIP analysis tools are described with specific reference to their usefulness as a means of evaluating the quality of a secure VoIP system. Protocol enhancements, such as the Secure Re-al-time Transport Protocol and transport layer protection such as of-fered by IPSec, are discussed and evaluated. Finally, various secure VoIP implementation scenarios are discussed, with configurations combining these security solutions presented in the paper.
- Full Text:
Towards a Classification of Intrusion Strength
- Motara, Yusuf M, Irwin, Barry V W
- Authors: Motara, Yusuf M , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428261 , vital:72498 , https://www.researchgate.net/profile/Yusuf-Mota-ra/publication/267206150_Towards_a_Classification_of_Intru-sion_Strength/links/547485820cf245eb436de34e/Towards-a-Classification-of-Intrusion-Strength.pdf
- Description: This paper proposes a new term, “intrusion strength”, for use by the se-curity community and those affected by compromised systems. It justi-fies the usefulness of such a term, proposes a preliminary ranking of intrusion strength factors, and concludes by mentioning the work nec-essary to create a full taxonomy of intrusion strength.
- Full Text:
- Authors: Motara, Yusuf M , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428261 , vital:72498 , https://www.researchgate.net/profile/Yusuf-Mota-ra/publication/267206150_Towards_a_Classification_of_Intru-sion_Strength/links/547485820cf245eb436de34e/Towards-a-Classification-of-Intrusion-Strength.pdf
- Description: This paper proposes a new term, “intrusion strength”, for use by the se-curity community and those affected by compromised systems. It justi-fies the usefulness of such a term, proposes a preliminary ranking of intrusion strength factors, and concludes by mentioning the work nec-essary to create a full taxonomy of intrusion strength.
- Full Text:
Towards an Infrastructural Framework for Secure Electronic Publication
- Forrester, Jock, Irwin, Barry V W
- Authors: Forrester, Jock , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428274 , vital:72499 , https://d1wqtxts1xzle7.cloudfront.net/3456213/No_147_-_Forrester-libre.pdf?1390832679=andresponse-content-disposi-tion=inline%3B+filename%3DTowards_an_Infrastructural_Framework_for.pdfandExpires=1714791785andSignature=TY2i5fIQcyv493crTdmDaMEDLBmnqe-s1yjeJ4OAk~-Syb12yZ1EBj-cJi8jxrmIorji6THEB4kSon43fOBcA5XUwoZ0H1T~LooHIyiqhBymL2ZtszKbFdqu1zZCrCkfR1YYAjUiVaM2BNSyC-P-mtY6S5aFcwztHl43eogmS70AIt0x76p9gIvL3xQsyE-VXBrtOrbkbQweUmgZs80bQDMnS-oou481C0BJyp8y6St6BETLKCaJC~uPYzrHOG1CwVxNZQoz38zJ3pLIzuNmdLcrlts3BbASji3c53MY-CoEGflXljrvzG6f85EBo-Oy9kjyAzvJ9gZmfISayfA-~w__andKey-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: To prevent the accidental, or deliberate, publication of documents contain-ing hidden information the organisation needs to have an Electronic Publi-cation Policy, more importantly though, it needs to have the Technical Infra-structure in place to enforce the policy. This paper outlines such a Technical Infrastructure.
- Full Text:
- Authors: Forrester, Jock , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428274 , vital:72499 , https://d1wqtxts1xzle7.cloudfront.net/3456213/No_147_-_Forrester-libre.pdf?1390832679=andresponse-content-disposi-tion=inline%3B+filename%3DTowards_an_Infrastructural_Framework_for.pdfandExpires=1714791785andSignature=TY2i5fIQcyv493crTdmDaMEDLBmnqe-s1yjeJ4OAk~-Syb12yZ1EBj-cJi8jxrmIorji6THEB4kSon43fOBcA5XUwoZ0H1T~LooHIyiqhBymL2ZtszKbFdqu1zZCrCkfR1YYAjUiVaM2BNSyC-P-mtY6S5aFcwztHl43eogmS70AIt0x76p9gIvL3xQsyE-VXBrtOrbkbQweUmgZs80bQDMnS-oou481C0BJyp8y6St6BETLKCaJC~uPYzrHOG1CwVxNZQoz38zJ3pLIzuNmdLcrlts3BbASji3c53MY-CoEGflXljrvzG6f85EBo-Oy9kjyAzvJ9gZmfISayfA-~w__andKey-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: To prevent the accidental, or deliberate, publication of documents contain-ing hidden information the organisation needs to have an Electronic Publi-cation Policy, more importantly though, it needs to have the Technical Infra-structure in place to enforce the policy. This paper outlines such a Technical Infrastructure.
- Full Text:
Transmitting rdf graph deltas for a cheaper semantic web
- Cloran, Russell, Irwin, Barry V W
- Authors: Cloran, Russell , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428288 , vital:72500
- Description: The Resoure Description Format is set to become the format to fulfill the vision of the Semantic Web. If RDF is widely to be used as a data representation framework, it would be advantageous to support the transmission differences in RDF graphs, enabling small and therefore possibly more frequent updates. This paper discusses the tools re-quired to enable transmission of graph differences, and the work need-ed to complete this toolset.
- Full Text:
- Authors: Cloran, Russell , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428288 , vital:72500
- Description: The Resoure Description Format is set to become the format to fulfill the vision of the Semantic Web. If RDF is widely to be used as a data representation framework, it would be advantageous to support the transmission differences in RDF graphs, enabling small and therefore possibly more frequent updates. This paper discusses the tools re-quired to enable transmission of graph differences, and the work need-ed to complete this toolset.
- Full Text:
Trust on the Web
- Cloran, Russell, Irwin, Barry V W
- Authors: Cloran, Russell , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428900 , vital:72544 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Full/025_Article.pdf
- Description: This paper forms a backdrop for work investigating trust on the semantic web. With the mass of information currently available on the web, and the low barrier to entry for the publication of information on the web, it can be difficult to classify the au-thority of information found on the web. We use a case study of a suspected phish-ing scam in South Africa to examine the methods an advanced user may use to veri-fy the authenticity of a web site and the information it published. From this case study, we see that a website which is legitimate may easily appear to be a scam, because of the manner in which information is presented and the failure to use es-tablished industry best practices. We discuss a number of ways in which doubt may have been eliminated. We then discuss how a distributed trust system, as favoured by many researchers in trust on the semantic web, may have been implemented in this case to prove the authenticity of the site without the traditional means involv-ing the high cost of a digital certificate from a recognised Certificate Authority.
- Full Text:
- Authors: Cloran, Russell , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428900 , vital:72544 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Full/025_Article.pdf
- Description: This paper forms a backdrop for work investigating trust on the semantic web. With the mass of information currently available on the web, and the low barrier to entry for the publication of information on the web, it can be difficult to classify the au-thority of information found on the web. We use a case study of a suspected phish-ing scam in South Africa to examine the methods an advanced user may use to veri-fy the authenticity of a web site and the information it published. From this case study, we see that a website which is legitimate may easily appear to be a scam, because of the manner in which information is presented and the failure to use es-tablished industry best practices. We discuss a number of ways in which doubt may have been eliminated. We then discuss how a distributed trust system, as favoured by many researchers in trust on the semantic web, may have been implemented in this case to prove the authenticity of the site without the traditional means involv-ing the high cost of a digital certificate from a recognised Certificate Authority.
- Full Text:
Unlocking the armour: enabling intrusion detection and analysis of encrypted traffic streams
- Authors: Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428845 , vital:72540
- Description: In the interests of maintaining end to end security, increasing volumes of information are being encrypted while in transit. Many organisations and users will make use of secure encrypted protocols for information interchange given an option. The very security that is provided by these transport protocols, such as IPSEC, HTTPS and SSH also acts against the security monitoring of an organisation’s traffic. Intrusion detection systems are no longer easily able to inspect the payload of encrypted protocols. Similarly these protocols can potentially be difficult for securi-ty and network administrators to debug, validate and analyse. This pa-per discusses the need for a means of a trusted third party being able to unpack encrypted data traversing a network and a proposes an ar-chitecture which would enable this to be achieved through the extrac-tion and sharing of the appropriate encipherment tokens, based on the assumption that an organisation has legitimate access to one side of a communication entering or exiting its network. This problem also has particular relevance to honey-net research and for investigators trying to perform real-time monitoring of an intruder which is making use of such a protected protocol. A proof of concept implementation of the proposed architecture is also discussed.
- Full Text:
- Authors: Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428845 , vital:72540
- Description: In the interests of maintaining end to end security, increasing volumes of information are being encrypted while in transit. Many organisations and users will make use of secure encrypted protocols for information interchange given an option. The very security that is provided by these transport protocols, such as IPSEC, HTTPS and SSH also acts against the security monitoring of an organisation’s traffic. Intrusion detection systems are no longer easily able to inspect the payload of encrypted protocols. Similarly these protocols can potentially be difficult for securi-ty and network administrators to debug, validate and analyse. This pa-per discusses the need for a means of a trusted third party being able to unpack encrypted data traversing a network and a proposes an ar-chitecture which would enable this to be achieved through the extrac-tion and sharing of the appropriate encipherment tokens, based on the assumption that an organisation has legitimate access to one side of a communication entering or exiting its network. This problem also has particular relevance to honey-net research and for investigators trying to perform real-time monitoring of an intruder which is making use of such a protected protocol. A proof of concept implementation of the proposed architecture is also discussed.
- Full Text:
Wireless Network Visualization Using Radio Propagation Modelling
- Janse van Rensburg, Johanna, Irwin, Barry V W
- Authors: Janse van Rensburg, Johanna , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428859 , vital:72541 , https://d1wqtxts1xzle7.cloudfront.net/81589186/Papers_5CJanse_van_Rensburg_Wireless_Radio_Prop-libre.pdf?1646243170=esponse-content-disposi-tion=inline%3B+filename%3DWireless_Network_Visualization_Using_Rad.pdfExpires=1714748958Signature=OF69CzUsXIaE9WuVUQ~p01LV8Fdm4EOpX1eudE3qomWEWQ9jngy36AuZ38dZEAfIhWWFgO7byMtmx8hOUE3uYjjqLLGziqWV05r~K2n~DdSHAO1x2omrK53ew3lSW2AJ677zsqOIcRb-yVr7kE2PbAw1QolptUWQVI2YpAHEKdg5EQXm2iAW~FrQ7ljJxuwZTKaVLoubxj4HRLwJxTPIS9iN9nHn3sNKyIojfG6duWnCQ0dpkIKiKWTY6HVioBQCiN1vSdLUagXnTeRthoOFGyfo2kd3XG1Pi3tttIwFviPCh5H1297BCpMruY-h6XjSnPBGgAG33dOnkClBFnyAKg__Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: Wireless technologies have had an enormous impact on networking in re-cent years. It can create new business oppurtunities and allow users to communicate and share data in a new fashion. Wireless Networks de-crease installation costs, reduce the deployment time of a network and overcome physical barrier problems inherent in wiring. Unfortunately this flexibility comes at a price. The deployment, installation and setup of a WLAN is not a simple task and a number of factors need to be considered. Wireless Networks are notorious for being insecure due to signal spill, ad-hoc unauthorized access points and varying encryption strengths and standards. RF (Radio Frequency) interference and physical barriers sup-press a signal. In addition the channel frequencies each access point will be using in order to provide maximum roaming but minimum inter access point interference need to be considered. It is a complex balancing act to take these factors into account while still maintaining coverage, perfor-mance and security requirements. In this paper the benefits and feasibility of a model will be discussed that will enable the network administrator to visualize the coverage footprint of their wireless network when the above factors are taken into consideration. The program will be able to predict the strength, propagation and unwanted spill of signals which could compro-mise the security of an organisation prior to the deployment of a WLAN. In addition the model will provide functionality to visualize a signal from audit data once the WLAN is operational. The end result will be a program that can aid in the configuration, installation and management of a secure WLAN.
- Full Text:
- Authors: Janse van Rensburg, Johanna , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428859 , vital:72541 , https://d1wqtxts1xzle7.cloudfront.net/81589186/Papers_5CJanse_van_Rensburg_Wireless_Radio_Prop-libre.pdf?1646243170=esponse-content-disposi-tion=inline%3B+filename%3DWireless_Network_Visualization_Using_Rad.pdfExpires=1714748958Signature=OF69CzUsXIaE9WuVUQ~p01LV8Fdm4EOpX1eudE3qomWEWQ9jngy36AuZ38dZEAfIhWWFgO7byMtmx8hOUE3uYjjqLLGziqWV05r~K2n~DdSHAO1x2omrK53ew3lSW2AJ677zsqOIcRb-yVr7kE2PbAw1QolptUWQVI2YpAHEKdg5EQXm2iAW~FrQ7ljJxuwZTKaVLoubxj4HRLwJxTPIS9iN9nHn3sNKyIojfG6duWnCQ0dpkIKiKWTY6HVioBQCiN1vSdLUagXnTeRthoOFGyfo2kd3XG1Pi3tttIwFviPCh5H1297BCpMruY-h6XjSnPBGgAG33dOnkClBFnyAKg__Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: Wireless technologies have had an enormous impact on networking in re-cent years. It can create new business oppurtunities and allow users to communicate and share data in a new fashion. Wireless Networks de-crease installation costs, reduce the deployment time of a network and overcome physical barrier problems inherent in wiring. Unfortunately this flexibility comes at a price. The deployment, installation and setup of a WLAN is not a simple task and a number of factors need to be considered. Wireless Networks are notorious for being insecure due to signal spill, ad-hoc unauthorized access points and varying encryption strengths and standards. RF (Radio Frequency) interference and physical barriers sup-press a signal. In addition the channel frequencies each access point will be using in order to provide maximum roaming but minimum inter access point interference need to be considered. It is a complex balancing act to take these factors into account while still maintaining coverage, perfor-mance and security requirements. In this paper the benefits and feasibility of a model will be discussed that will enable the network administrator to visualize the coverage footprint of their wireless network when the above factors are taken into consideration. The program will be able to predict the strength, propagation and unwanted spill of signals which could compro-mise the security of an organisation prior to the deployment of a WLAN. In addition the model will provide functionality to visualize a signal from audit data once the WLAN is operational. The end result will be a program that can aid in the configuration, installation and management of a secure WLAN.
- Full Text:
XML digital signature and RDF
- Cloran, Russell, Irwin, Barry V W
- Authors: Cloran, Russell , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428874 , vital:72542 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Poster/026_Article.pdf
- Description: The XML Signature working group focuses on the canonicalisation of XML, and the syntax used to sign an XML document. This process focuses on the semantics intro-duced by the XML language itself, but ignores semantics which a particular applica-tion of XML may add. The Resource Description Framework (RDF) is a language for representing information about resources on the Web. RDF has a number of possi-ble serialisations, including an XML serialisation (RDF/XML), popularly used as the format for exchanging RDF data. In general, the order of statements in RDF is not important, and thus the order in which XML tags occur in RDF/XML can vary greatly whilst still preserving semantics. This paper examines some of the issues surround-ing the canonicalisation of RDF/XML and the signing of it, discussing nesting, node identifiers and the ordering of nodes. Existing RDF serialisation formats are consid-ered as case studies of partially canonical RDF formats.
- Full Text:
- Authors: Cloran, Russell , Irwin, Barry V W
- Date: 2005
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428874 , vital:72542 , https://digifors.cs.up.ac.za/issa/2005/Proceedings/Poster/026_Article.pdf
- Description: The XML Signature working group focuses on the canonicalisation of XML, and the syntax used to sign an XML document. This process focuses on the semantics intro-duced by the XML language itself, but ignores semantics which a particular applica-tion of XML may add. The Resource Description Framework (RDF) is a language for representing information about resources on the Web. RDF has a number of possi-ble serialisations, including an XML serialisation (RDF/XML), popularly used as the format for exchanging RDF data. In general, the order of statements in RDF is not important, and thus the order in which XML tags occur in RDF/XML can vary greatly whilst still preserving semantics. This paper examines some of the issues surround-ing the canonicalisation of RDF/XML and the signing of it, discussing nesting, node identifiers and the ordering of nodes. Existing RDF serialisation formats are consid-ered as case studies of partially canonical RDF formats.
- Full Text:
- «
- ‹
- 1
- ›
- »