http://www.infosecwriters.com/ Papers submitted by security professionals are published on the site and archived for readers. Categories include cryptography, E-mail security, exploitation, firewalls, forensics, honeypots, IDS, malware & wireless security. http://blogs.law.harvard.edu/tech/rss en-us staticreply@yahoo.com reso@infosecwriters.com Fri, 09 May 2008 00:00:08 EDT http://www.infosecwriters.com/texts.php?op=display&id=621 Akash Shrivastava The aim of this paper, written by Akash Shrivastava, is to identify relevant threats and vulnerabilities in the Web Application and build a Security Framework to help in designing a secure Web Application. Fri, 09 May 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=620 Brett Pladna This paper, written by Brett Pladna, will try to demonstrate the importance of computer forensics by describing procedures, tools and differences in the use for individuals/small organizations vs. large organizations. Thu, 08 May 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=619 Anoop MS The paper discusses the hardware and software security requirements in an embedded device that are involved in the transfer of secure digital data. The paper gives an overview on the security processes like encryption/decryption, key agreement, digital signatures and digital certificates that are used to achieve data protection during data transfer. The paper also discusses the security requirements in the device to prevent possible physical attacks to expose the secure data such as secret keys from the device. The paper also briefs on the security enforced in a device by the use of proprietary security technology and also discusses the security measures taken during the production of the device. Wed, 07 May 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=618 Brian Donadio Brian Donadio contributes his paper which provides information on secure methods of sending and receiving E-Mail over the Internet. Sun, 04 May 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=617 Frank Isaacs This paper, written by Frank Isaacs, discusses different methods of deploying VNC with an emphasis on the security considerations of each method, and the tradeoffs associated with the convenience of each method. Wed, 30 Apr 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=616 Jeff S. Drake This paper, written by Jeff Drake, outlines some basic security issues and concerns as they relate to Linux server security and tools and techniques that can be implemented to harden the system. Mon, 28 Apr 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=615 Daniel James Daniel James and William J. Sparks discusses virtualization, the benefits, security and financial imapact. Tue, 08 Apr 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=614 Robin Waddell Link Robin Link submits this paper on the personal information vulnerable over wireless retail networks and how PCI plays a part in all of it. Tue, 25 Mar 2008 00:00:00 EDT http://www.infosecwriters.com/texts.php?op=display&id=613 Samuel Sotillo This document, written by Samuel Sotillo, presents an overview on some security issues that affect the Extensible Authentication Protocol as defined by the IETF RFC 3748. Sun, 09 Mar 2008 00:00:00 EST http://www.infosecwriters.com/texts.php?op=display&id=612 Daniel James Daniel James submits this study on the different types of malware and how to protect against them. Tue, 26 Feb 2008 00:00:00 EST