Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Risks and Dangers of Security Extensions
Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.ORCID-id: 0000-0003-0778-4736
2001 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Securing computer systems is an increasing concern as more and more systems are connected together in large networks. Traditional operating system based protection mechanisms have failed to fully meet the demands of this new situation. To overcome some of the shortcomings of these mechanisms new types have been developed with the intention to stop or reduce the impact of the new threats. We would like to call these new mechanisms security extensions, since they are not usually part of the core operating system. However, security extensions often contain sensitive and vital information that also needs to be secured. Usually they are dependent on the security mechanisms of the operating system for their own protection, i.e., they are dependent on the security of a mechanism whose insecurity they are supposed to patch. This is clearly an undesirable situation. We thus argue that security extensions actually add risks and vulnerabilities to the system when the underlying system is insecure or when they are not capable of handling their own security by themselves. In this paper, we discuss and analyze possible vulnerabilities in three types of security extensions, i.e., anti-malware software, firewalls, and intrusion detection systems. We also introduce a crude classification scheme for the different types of risks that the security extensions discussed add to the system.

sted, utgiver, år, opplag, sider
Bratislava, Slovakia, 2001.
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-23118OAI: oai:DiVA.org:kau-23118DiVA, id: diva2:596873
Konferanse
Proceedings of Security and Control of IT in Society-II (IFIP SCITS-II), pages 231-248, Bratislava, Slovakia, June 15-16,2001
Tilgjengelig fra: 2013-01-22 Laget: 2013-01-22 Sist oppdatert: 2018-01-11

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

http://www.cs.kau.se/~stefan/publications/IFIP-SCITS01/paper.pdf

Personposter BETA

Hedbom, HansLindskog, Stefan

Søk i DiVA

Av forfatter/redaktør
Hedbom, HansLindskog, Stefan
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 84 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf