Informacja

Drogi użytkowniku, aplikacja do prawidłowego działania wymaga obsługi JavaScript. Proszę włącz obsługę JavaScript w Twojej przeglądarce.

Wyszukujesz frazę "Vulnerabilities" wg kryterium: Wszystkie pola


Wyświetlanie 1-2 z 2
Tytuł:
Trust and Risk Assessment Model of Popular Software Based on Known Vulnerabilities
Autorzy:
Janiszewski, M.
Felkner, A.
Olszak, J.
Powiązania:
https://bibliotekanauki.pl/articles/226553.pdf
Data publikacji:
2017
Wydawca:
Polska Akademia Nauk. Czytelnia Czasopism PAN
Tematy:
software vulnerabilities
risk assessment
software management
trust management models
reputation management models
0-day vulnerabilities forecast
risk of information systems
prediction model
Opis:
This paper presents a new concept of an approach to risk assessment which can be done on the basis of publicly available information about vulnerabilities. The presented approach uses also the notion of trust and implements many concepts used in so called trust and reputation management systems (which are widely used in WSN, MANET or P2P networks, but also in ecommerce platforms). The article shows first outcomes obtained from the presented model. The outcomes demonstrate that the model can be implemented in real system to make software management more quantified and objective process, which can have real and beneficial impact on institutional security. In article, however the emphasis was set not on the model itself (which can be easily changed) but on the possibility of finding useful information about vulnerabilities.
Źródło:
International Journal of Electronics and Telecommunications; 2017, 63, 3; 329-336
2300-1933
Pojawia się w:
International Journal of Electronics and Telecommunications
Dostawca treści:
Biblioteka Nauki
Artykuł
Tytuł:
RSA Keys Quality in a Real-world Organizational Certificate Dataset: a Practical Outlook
Autorzy:
Kamiński, Konrad
Mazurczyk, Wojciech
Powiązania:
https://bibliotekanauki.pl/articles/27311954.pdf
Data publikacji:
2023
Wydawca:
Polska Akademia Nauk. Czasopisma i Monografie PAN
Tematy:
certificates
X.509
RSA keys
PKI
vulnerabilities
RSA factorization
Opis:
This research investigates the intricacies of X.509 certificates within a comprehensive corporate infrastructure. Spanning over two decades, the examined enterprise has heavily depended on its internal certificate authority and Public Key Infrastructure (PKI) to uphold its data and systems security. With the broad application of these certificates, from personal identification on smart cards to device and workstation authentication via Trusted Platform Modules (TPM), our study seeks to address a pertinent question on how prevalent are weak RSA keys within such a vast internal certificate repository. Previous research focused primarily on key sets publicly accessible from TLS and SSH servers or PGP key repositories. On the contrary, our investigation provides insights into the private domain of an enterprise, introducing new dimensions to this problem. Among our considerations are the trustworthiness of hardware and software solutions in generating keys and the consequential implications of identified vulnerabilities on organizational risk management. The obtained results can contribute to enhancing security strategies in enterprises.
Źródło:
International Journal of Electronics and Telecommunications; 2023, 69, 4; 803--810
2300-1933
Pojawia się w:
International Journal of Electronics and Telecommunications
Dostawca treści:
Biblioteka Nauki
Artykuł
    Wyświetlanie 1-2 z 2

    Ta witryna wykorzystuje pliki cookies do przechowywania informacji na Twoim komputerze. Pliki cookies stosujemy w celu świadczenia usług na najwyższym poziomie, w tym w sposób dostosowany do indywidualnych potrzeb. Korzystanie z witryny bez zmiany ustawień dotyczących cookies oznacza, że będą one zamieszczane w Twoim komputerze. W każdym momencie możesz dokonać zmiany ustawień dotyczących cookies