Using NGSCB to Mitigate Existing Software Threats (original) (raw)
Related papers
2004
The proposed open computing platform solves the security problems of conventional platforms through an efficient migration of existing operating systems, a Security Software Layer and hardware functionalities offered by Trusted Computing. In the sense of multilateral security, this platform allows the enforcement of security policies of different parties. Consequently, the platform enables the realisation of various innovative business models, particularly in the area of Digital Rights Management while averting the potential risks of Trusted Computing platforms regarding privacy issues. State of the art
SECURING INFORMATION SYSTEMS A NEW APPROACH
Increasing threat intrusions to enterprise computing systems have led to a formulation of guarded enterprise systems. The approach was to put in place steel gates and prevent hostile entities from entering the enterprise domain. The current complexity level has made the fortress approach to security implemented throughout the defence, banking, and other high trust industries unworkable. The alternative security approach presented in this paper is the result of a concentrated fourteen year program of pilots and research. Its distributed approach has no need for passwords or accounts and derives from a set of tenets that form the basic security model requirements. At each step in the process it determines identities and claims for access and privileges. These techniques are resilient, secure, extensible, and scalable. They are currently being implemented for a major enterprise, and are a candidate for other enterprise security approaches. This paper discusses the Enterprise Level Security architecture, a web-based security architecture designed to select and incorporate technology into a cohesive set of policies and rules for an enterprise information system. The paper discusses the history, theoretical underpinnings, implementation decisions, current status, and future plans for expansion of capabilities and scale.
As software applications are becoming more compound and distributed, need for security is increasing in every field. With the increasing complexity software, developers are facing hard challenges in delivering software which fulfills customer's requirements but what if the software is not secure enough. It cannot be enough capable of handling the security threats and attacks in the real world. Hence, there is a need to focus on security, even now when customer's priority is having the secure software. In this paper software security is being focussed with the challenges which developer faces when employing it in software development. Software securities with its important terms are being discussed in this research. They are a generous of non-functional requirement, alongside with such characteristics as enactment and reliability, durability, availability. In this paper, there is a discussion about software security, security types, and its issues of upcoming threats of information technology territory and security contributions. This paper also describes challenges, problems of security in recent years.