A Unified Architecture For Automatic Software Updates
- White, Dominic, Irwin, Barry V W
- Authors: White, Dominic , Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428800 , vital:72537 , https://citeseerx.ist.psu.edu/document?repid=rep1type=pdfdoi=6e1cd9269a0c5532faf7a23f82995fcfa39e59bd
- Description: This paper attempts to address the issue of hardening the internal secu-rity of an organisation’s network by easing its patch management. Tradi-tionally security has been modeled on a" hard outer shell" approach, with a firewall protecting the otherwise vulnerable internal network. With the advent of worms using such techniques as social engineering to by-pass the organisational firewall and installing trojans, this approach is no longer sufficient. As a result of these new attacks, emphasis should be placed on improving the security of the internal network. Most research agrees that prompt patching of security vulnerabilities would significantly reduce the vulnerability of these machines. However, this requires sys-tem administrators not only to keep abreast of the flood of patches, but to ensure they are deployed to every machine, in what could be a very large network. These difficulties are worsened by problems the patches themselves often create. This is a difficult task and the failure of system administrators to perform it is echoed in the recent spate of worm at-tacks, with some taking advantage of vulnerabilities for which patches had been released up to six months earlier.
- Full Text:
- Date Issued: 2004
- Authors: White, Dominic , Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428800 , vital:72537 , https://citeseerx.ist.psu.edu/document?repid=rep1type=pdfdoi=6e1cd9269a0c5532faf7a23f82995fcfa39e59bd
- Description: This paper attempts to address the issue of hardening the internal secu-rity of an organisation’s network by easing its patch management. Tradi-tionally security has been modeled on a" hard outer shell" approach, with a firewall protecting the otherwise vulnerable internal network. With the advent of worms using such techniques as social engineering to by-pass the organisational firewall and installing trojans, this approach is no longer sufficient. As a result of these new attacks, emphasis should be placed on improving the security of the internal network. Most research agrees that prompt patching of security vulnerabilities would significantly reduce the vulnerability of these machines. However, this requires sys-tem administrators not only to keep abreast of the flood of patches, but to ensure they are deployed to every machine, in what could be a very large network. These difficulties are worsened by problems the patches themselves often create. This is a difficult task and the failure of system administrators to perform it is echoed in the recent spate of worm at-tacks, with some taking advantage of vulnerabilities for which patches had been released up to six months earlier.
- Full Text:
- Date Issued: 2004
A unified patch management architecture
- White, Dominic, Irwin, Barry V W
- Authors: White, Dominic , Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428312 , vital:72502 , https://d1wqtxts1xzle7.cloudfront.net/49200003/A_Unified_Patch_Management_Architecture20160928-23008-tl6zi6-libre.pdf?1475130102=andresponse-content-disposi-tion=inline;+filename=A_Unified_Patch_Management_Architecture.pdfandExpires=1714792674andSignature=JMVkFUbxZO5SzFTdhoeVBJk99hD~p5HQhSlLP0sgvU6p6hRRILz8dWwB9M1OPLXDnqYG3RLWyomwNweZtQpFuFwMgyx-EV~7TA0wkCAfzQr0N9YoOjbwcbHA5Fse1c3zFw7rtpwUYoEPyO17TWplLI7IkVArlotnG~3AWf1AKVmhWQ2gvfXAEi361XRwOFlC1d2XLiKQhVTafh7OrAuGt7EDUKuczw1K4u7YZxi5I7ty~704aTvILlKoVkBpVnYC1U3sVmj8BixFhY84MYD~YvM6ym3bVkitE1iDrpFjH40nR8QF5jpkOurB~aikFgNmB1WNXo8kHbyRAjciZQOYhOg__andKey-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: This paper attempts to address the issue of harden-ing the internal security of an organisation’s network by easing its patch management. A unified architecture to aid with this process is proposed, with the view towards the implementation of an open source, cross platform tool to solve this problem.
- Full Text:
- Date Issued: 2004
- Authors: White, Dominic , Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428312 , vital:72502 , https://d1wqtxts1xzle7.cloudfront.net/49200003/A_Unified_Patch_Management_Architecture20160928-23008-tl6zi6-libre.pdf?1475130102=andresponse-content-disposi-tion=inline;+filename=A_Unified_Patch_Management_Architecture.pdfandExpires=1714792674andSignature=JMVkFUbxZO5SzFTdhoeVBJk99hD~p5HQhSlLP0sgvU6p6hRRILz8dWwB9M1OPLXDnqYG3RLWyomwNweZtQpFuFwMgyx-EV~7TA0wkCAfzQr0N9YoOjbwcbHA5Fse1c3zFw7rtpwUYoEPyO17TWplLI7IkVArlotnG~3AWf1AKVmhWQ2gvfXAEi361XRwOFlC1d2XLiKQhVTafh7OrAuGt7EDUKuczw1K4u7YZxi5I7ty~704aTvILlKoVkBpVnYC1U3sVmj8BixFhY84MYD~YvM6ym3bVkitE1iDrpFjH40nR8QF5jpkOurB~aikFgNmB1WNXo8kHbyRAjciZQOYhOg__andKey-Pair-Id=APKAJLOHF5GGSLRBV4ZA
- Description: This paper attempts to address the issue of harden-ing the internal security of an organisation’s network by easing its patch management. A unified architecture to aid with this process is proposed, with the view towards the implementation of an open source, cross platform tool to solve this problem.
- Full Text:
- Date Issued: 2004
Decryption of Wire-level Network Protocols for Forensic Inspection
- Authors: Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428339 , vital:72504 , https://www.researchgate.net/profile/Barry-Irwin/publication/327622612_Decryption_of_Wire-lev-el_Network_Protocols_for_Forensic_Inspection/links/5b9a1220299bf14ad4d6a3b1/Decryption-of-Wire-level-Network-Protocols-for-Forensic-Inspection.pdf
- Description: With the increased use of encrypted transport protocols, the problem of debugging and monitoring the contents of these protocols has in-creased in complexity. This work proposes the development of a unified means of access to the plaintext, through the use of privileged access to the encryption keys, based on the assumption that an administrator has legitimate access to one side of a communication, and is thereby able to gain access to the encryption tokens.
- Full Text:
- Date Issued: 2004
- Authors: Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428339 , vital:72504 , https://www.researchgate.net/profile/Barry-Irwin/publication/327622612_Decryption_of_Wire-lev-el_Network_Protocols_for_Forensic_Inspection/links/5b9a1220299bf14ad4d6a3b1/Decryption-of-Wire-level-Network-Protocols-for-Forensic-Inspection.pdf
- Description: With the increased use of encrypted transport protocols, the problem of debugging and monitoring the contents of these protocols has in-creased in complexity. This work proposes the development of a unified means of access to the plaintext, through the use of privileged access to the encryption keys, based on the assumption that an administrator has legitimate access to one side of a communication, and is thereby able to gain access to the encryption tokens.
- Full Text:
- Date Issued: 2004
Lessons Learned In The Global Deployment Of An Open Source Security Solution
- Authors: Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428830 , vital:72539 , https://digifors.cs.up.ac.za/issa/2004/Proceedings/Research/023.pdf
- Description: This paper covers the lessons learned, and the challenges facing the deployment of an Open Source derivative firewall and Virtual Private Network (VPN) solution into the established commercially driven Tele-communications arena. The lessons learned and issues discussed are drawn from the author’s own experiences having worked for a global Wireless Application Service Provider over a three year period. Focus is placed on the issues surrounding the integration of the open source equipment with that of the established global Telecommunications players, where compliance to existing network standards was a re-quirement for connectivity. Major stumbling blocks to the acceptance and success of the open source product were the concerns expressed by the Telecommunications Operators relating to interoperability and troubleshooting facilities when interfaced to their existing commercially available equipment and existing rigid telecommunications networks. The processes resulting in the initial decision to utilise an open source solution in preference to commercial offerings are also explored. An open source solution was found to offer higher flexibility and functionali-ty and greater return on investment whilst maintaining a significantly re-duced cost in comparison to commercial solutions available.
- Full Text:
- Date Issued: 2004
- Authors: Irwin, Barry V W
- Date: 2004
- Language: English
- Type: text , article
- Identifier: http://hdl.handle.net/10962/428830 , vital:72539 , https://digifors.cs.up.ac.za/issa/2004/Proceedings/Research/023.pdf
- Description: This paper covers the lessons learned, and the challenges facing the deployment of an Open Source derivative firewall and Virtual Private Network (VPN) solution into the established commercially driven Tele-communications arena. The lessons learned and issues discussed are drawn from the author’s own experiences having worked for a global Wireless Application Service Provider over a three year period. Focus is placed on the issues surrounding the integration of the open source equipment with that of the established global Telecommunications players, where compliance to existing network standards was a re-quirement for connectivity. Major stumbling blocks to the acceptance and success of the open source product were the concerns expressed by the Telecommunications Operators relating to interoperability and troubleshooting facilities when interfaced to their existing commercially available equipment and existing rigid telecommunications networks. The processes resulting in the initial decision to utilise an open source solution in preference to commercial offerings are also explored. An open source solution was found to offer higher flexibility and functionali-ty and greater return on investment whilst maintaining a significantly re-duced cost in comparison to commercial solutions available.
- Full Text:
- Date Issued: 2004
- «
- ‹
- 1
- ›
- »