• norsk
    • English
  • norsk 
    • norsk
    • English
  • Logg inn
Vis innførsel 
  •   Hjem
  • Faculty of Mathematics and Natural Sciences
  • Department of Informatics
  • Department of Informatics
  • Vis innførsel
  •   Hjem
  • Faculty of Mathematics and Natural Sciences
  • Department of Informatics
  • Department of Informatics
  • Vis innførsel
JavaScript is disabled for your browser. Some features of this site may not work without it.

Assessing and Mitigating Risks in Computer Systems

Netland, Lars-Helge
Doctoral thesis
Thumbnail
Åpne
Errata (51.41Kb)
Paper VII: Published version (226.1Kb)
Paper I: Published version (545.6Kb)
Main thesis (757.1Kb)
Permanent lenke
https://hdl.handle.net/1956/4004
Utgivelsesdato
2008-09-26
Metadata
Vis full innførsel
Samlinger
  • Department of Informatics [738]
Sammendrag
When it comes to non-trivial networked computer systems, bulletproof security is very hard to achieve. Over a system's lifetime new security risks are likely to emerge from e.g. newly discovered classes of vulnerabilities or the arrival of new threat agents. Given the dynamic environment in which computer systems are deployed, continuous evaluations and adjustments are wiser than one-shot e orts for perfection. Security risk management focuses on assessing and treating security risks against computer systems. In this thesis, elements from risk management are applied to two real-world systems to identify, evaluate, and mitigate risks. One of the pinpointed weaknesses is studied in-depth to produce an exploit against the a ected system. In addition, approaches to handle common software security problems are described.
Består av
Paper I: IEEE security & privacy 6(4), Netland, L-H.; Espelid, Y.; Klingsheim, A. N.; Helleseth, H.; Henriksen, J. B:, Open Wireless Networks on University Campuses, pp. 14-20. Copyright 2008 IEEE. Reproduced with permission. Published version. The published version is also available at: http://dx.doi.org/10.1109/MSP.2008.92

Paper II: Hole, K. H.; Klingsheim, A. N.; Netland, L-H.; Espelid, Y.; Tjøstheim, T.; Moen, V., 2008, Risk Assessment of Services in a National Security Infrastructure. Full text not available in BORA.

Paper III: Financial Cryptography and Data Security, Lecture Notes in Computer Science, 5143, Espelid, Y.; Netland, L-H.; Klingsheim, A. N.; Hole, K. H., A Proof of Concept Attack against Norwegian Internet Banking Systems. Copyright 2008 Springer. Full text not available in BORA due to publisher restrictions. The published version is available at: http://dx.doi.org/ 10.1007/978-3-540-85230-8_18

Paper IV: Proceedings of The Ifip Tc 11 23rd International Information Security Conference 278, Espelid, Y.; Netland, L-H.; Klingsheim, A. N.; Hole, K. J., Robbing Banks with Their Own Software - an Exploit against Norwegian Online Banks. Copyright 2008 Springer. Full text not available in BORA due to publisher restrictions. The published version is available at: ttp://dx.doi.org/10.1007/978-0-387-09699-5_5

Paper V: Netland, L-H.; Espelid, Y.; Mughal, K. A., 2008, Security Pattern for Input Validation. Full text not available in BORA.

Paper VI: Espelid, Y.; Netland, L-H.; Mughal, K.; Hole, K. J., 2008, Simplifying Client-Server Application Development with Secure Reusable Components. Full text not available in BORA

Paper VII: Second International Conference on Availability, Reliability and Security, Netland, L-H.; Espelid, Y.; Mughal, K. A., A Reflection-Based Framework for Content Validation, pp697-706. Copyright 2007 IEEE. Reproduced with permission. Published version. The published version is also available at: http://dx.doi.org/10.1109/ARES.2007.19
Utgiver
The University of Bergen
Opphavsrett
The author
Copyright the author. All rights reserved

Kontakt oss | Gi tilbakemelding

Personvernerklæring
DSpace software copyright © 2002-2019  DuraSpace

Levert av  Unit
 

 

Bla i

Hele arkivetDelarkiv og samlingerUtgivelsesdatoForfattereTitlerEmneordDokumenttyperTidsskrifterDenne samlingenUtgivelsesdatoForfattereTitlerEmneordDokumenttyperTidsskrifter

Min side

Logg inn

Statistikk

Besøksstatistikk

Kontakt oss | Gi tilbakemelding

Personvernerklæring
DSpace software copyright © 2002-2019  DuraSpace

Levert av  Unit