Solange Ghernaouti-Hélie - Academia.edu (original) (raw)

Uploads

Papers by Solange Ghernaouti-Hélie

Abstract—Quantum cryptography is a promising solution towards absolute security in long term cryp... more Abstract—Quantum cryptography is a promising solution towards absolute security in long term cryptosystems. While the use of quantum cryptography in fiber optical networks gets significant advances, research on the application of quantum cryptography in mobile wireless network is still premature. In this paper, we analyze the interests of using quantum cryptography in 802.11 wireless networks, and propose a scheme integrating quantum cryptography in 802.11i security mechanisms for the distribution of the encryption keys. The use of an apparatus network to provide alternative line-of-sight paths is also discussed. Index Terms—802.11i, quantum cryptography, network security. I.

Sécurité et stratégie

La recente revelation de postes de commande de drones americains infectes par un virus constitue ... more La recente revelation de postes de commande de drones americains infectes par un virus constitue une enieme alerte. Si ce genre d’intrusion ne s’est, a ce jour, pas solde par une atteinte majeure a la surete d’un Etat, la plus grande vigilance est requise. Solange Ghernaouti-Helie, professeur a l’universite de Lausanne, presente dans cet article les diverses formes d’expression de conflits qui peuvent se manifester dans le cyberespace et met en exergue le role que peuvent jouer les civils, y compris les hacktivistes, dans la force de frappe informatique d’un pays. L’article donne un eclairage sur les notions de cyberguerre et de cyberdefense, sur les moyens de prevention comme de reaction et souleve le probleme de l’identification de l’origine des cyberattaques. Une reflexion sur les aspects legaux relatifs a la cyberguerre et a la cybercriminalite conclut cet article en identifiant le besoin d’une approche holistique de la cybersecurite, basee sur une cooperation de tous les acteurs et une collaboration internationale efficace.

Information Security Evaluation

Information Security Evaluation

Cet ouvrage offre un panorama global, pedagogique et concis des aspects techniques, organisationn... more Cet ouvrage offre un panorama global, pedagogique et concis des aspects techniques, organisationnels et juridiques du monde de la securite informatique, de la securite des reseaux (Internet notamment), et de la securite des telecoms (GSM, UMTS...). Partant des enjeux et des menaces lies a la securite informatique, il passe en revue les concepts permettant la maitrise des risques et la mise en oeuvre de solutions de securite. De nombreuses references et annexes ainsi que plus de 100 exercices corriges font de ce livre un veritable outil de formation et de travail. Cette troisieme edition integre les nouveaux developpements et savoir-faire en matiere de management et d'ingenierie de la securite de l'information, tous les exercices corriges ont ete revus et actualises.

Information Security Evaluation

Ercim News, 2012

44 years ago Charles P. Lickson in a well-known paper "Privacy and the computer age" (I... more 44 years ago Charles P. Lickson in a well-known paper "Privacy and the computer age" (IEEE Spectrum, October 1968, pp. 58-63) began his abstract with the prediction "By the year 2000, Americans could have computers and robots in the home - and virtually no privacy". Now, in 2012, we could say better "virtually no privacy and a lot of cybercrimes".

The concept of security metrics is a very important aspect for information security management. S... more The concept of security metrics is a very important aspect for information security management. Security metrics are tools to facilitate decision making and to improve performance and accountability. The aim of information security is to ensure business continuity and minimise business damage by preventing and minimising the impact of security incidents. In that way security is not only a technical matter. In a security metrics generation perspective, organizations must take into consideration all information security dimensions including technical, organizational, human and conformity aspects in order to be competitive whilst providing stakeholders detailed information about the complete structure of the organizations’ information security and risk treatment processes. This paper discusses ways to identify the right metrics to measure security preparedness and awareness within an organization.

Privacy is a real concern for e-services users. Cyber crime, as the justice and police investigat... more Privacy is a real concern for e-services users. Cyber crime, as the justice and police investigations increase needs, affectS effective eprivacy solutions. Internet privacy challenges, issues and threats are presented. Benefits and limits of existing privacy solutions and the P3P project (W3C) are analyzed. Recommendations are proposed to preserve privacy and satisfy security objectives for organizations by their improving their E-privacy policy documents.

Abstract—Quantum cryptography is a promising solution towards absolute security in long term cryp... more Abstract—Quantum cryptography is a promising solution towards absolute security in long term cryptosystems. While the use of quantum cryptography in fiber optical networks gets significant advances, research on the application of quantum cryptography in mobile wireless network is still premature. In this paper, we analyze the interests of using quantum cryptography in 802.11 wireless networks, and propose a scheme integrating quantum cryptography in 802.11i security mechanisms for the distribution of the encryption keys. The use of an apparatus network to provide alternative line-of-sight paths is also discussed. Index Terms—802.11i, quantum cryptography, network security. I.

Sécurité et stratégie

La recente revelation de postes de commande de drones americains infectes par un virus constitue ... more La recente revelation de postes de commande de drones americains infectes par un virus constitue une enieme alerte. Si ce genre d’intrusion ne s’est, a ce jour, pas solde par une atteinte majeure a la surete d’un Etat, la plus grande vigilance est requise. Solange Ghernaouti-Helie, professeur a l’universite de Lausanne, presente dans cet article les diverses formes d’expression de conflits qui peuvent se manifester dans le cyberespace et met en exergue le role que peuvent jouer les civils, y compris les hacktivistes, dans la force de frappe informatique d’un pays. L’article donne un eclairage sur les notions de cyberguerre et de cyberdefense, sur les moyens de prevention comme de reaction et souleve le probleme de l’identification de l’origine des cyberattaques. Une reflexion sur les aspects legaux relatifs a la cyberguerre et a la cybercriminalite conclut cet article en identifiant le besoin d’une approche holistique de la cybersecurite, basee sur une cooperation de tous les acteurs et une collaboration internationale efficace.

Information Security Evaluation

Information Security Evaluation

Cet ouvrage offre un panorama global, pedagogique et concis des aspects techniques, organisationn... more Cet ouvrage offre un panorama global, pedagogique et concis des aspects techniques, organisationnels et juridiques du monde de la securite informatique, de la securite des reseaux (Internet notamment), et de la securite des telecoms (GSM, UMTS...). Partant des enjeux et des menaces lies a la securite informatique, il passe en revue les concepts permettant la maitrise des risques et la mise en oeuvre de solutions de securite. De nombreuses references et annexes ainsi que plus de 100 exercices corriges font de ce livre un veritable outil de formation et de travail. Cette troisieme edition integre les nouveaux developpements et savoir-faire en matiere de management et d'ingenierie de la securite de l'information, tous les exercices corriges ont ete revus et actualises.

Information Security Evaluation

Ercim News, 2012

44 years ago Charles P. Lickson in a well-known paper "Privacy and the computer age" (I... more 44 years ago Charles P. Lickson in a well-known paper "Privacy and the computer age" (IEEE Spectrum, October 1968, pp. 58-63) began his abstract with the prediction "By the year 2000, Americans could have computers and robots in the home - and virtually no privacy". Now, in 2012, we could say better "virtually no privacy and a lot of cybercrimes".

The concept of security metrics is a very important aspect for information security management. S... more The concept of security metrics is a very important aspect for information security management. Security metrics are tools to facilitate decision making and to improve performance and accountability. The aim of information security is to ensure business continuity and minimise business damage by preventing and minimising the impact of security incidents. In that way security is not only a technical matter. In a security metrics generation perspective, organizations must take into consideration all information security dimensions including technical, organizational, human and conformity aspects in order to be competitive whilst providing stakeholders detailed information about the complete structure of the organizations’ information security and risk treatment processes. This paper discusses ways to identify the right metrics to measure security preparedness and awareness within an organization.

Privacy is a real concern for e-services users. Cyber crime, as the justice and police investigat... more Privacy is a real concern for e-services users. Cyber crime, as the justice and police investigations increase needs, affectS effective eprivacy solutions. Internet privacy challenges, issues and threats are presented. Benefits and limits of existing privacy solutions and the P3P project (W3C) are analyzed. Recommendations are proposed to preserve privacy and satisfy security objectives for organizations by their improving their E-privacy policy documents.