By Topic

IEEE Security & Privacy

Issue 1 • Date Jan.-Feb. 2013

Filter Results

Displaying Results 1 - 25 of 25
  • Front Cover

    Publication Year: 2013, Page(s): c1
    Request permission for commercial reuse | PDF file iconPDF (1634 KB)
    Freely Available from IEEE
  • IEEE Symposium on Security and Privacy

    Publication Year: 2013, Page(s): c2
    Request permission for commercial reuse | PDF file iconPDF (769 KB)
    Freely Available from IEEE
  • Table of Contents

    Publication Year: 2013, Page(s):1 - 2
    Request permission for commercial reuse | PDF file iconPDF (838 KB)
    Freely Available from IEEE
  • Enlightened Security: Shedding Light on What Works and Why

    Publication Year: 2013, Page(s):3 - 4
    Request permission for commercial reuse | PDF file iconPDF (350 KB) | HTML iconHTML Multimedia Media
    Freely Available from IEEE
  • Masthead

    Publication Year: 2013, Page(s): 5
    Request permission for commercial reuse | PDF file iconPDF (241 KB)
    Freely Available from IEEE
  • Security, Privacy, Policy, and Dependability Roundup

    Publication Year: 2013, Page(s):6 - 7
    Request permission for commercial reuse | PDF file iconPDF (261 KB) | HTML iconHTML
    Freely Available from IEEE
  • Silver Bullet Talks with Per-Olof Persson

    Publication Year: 2013, Page(s):8 - 10
    Request permission for commercial reuse | PDF file iconPDF (468 KB) | HTML iconHTML
    Freely Available from IEEE
  • A View from the C-Suite

    Publication Year: 2013, Page(s):11 - 12
    Request permission for commercial reuse | PDF file iconPDF (858 KB) | HTML iconHTML
    Freely Available from IEEE
  • Implementing Effective Controls in a Mobile, Agile, Cloud-Enabled Enterprise

    Publication Year: 2013, Page(s):13 - 14
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (350 KB) | HTML iconHTML

    In today's enterprise, security teams that call for security to be "everyone's responsibility" and "built in, not bolted on" are struggling to protect their businesses in the face of consumerization, mobility, cloud, and agile business environments. This article offers tangible techniques to turn these clichés into reality while considering the cultural and trust barriers that hinder the i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Authentication at Scale

    Publication Year: 2013, Page(s):15 - 22
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (466 KB) | HTML iconHTML

    Like many in the industry, the authors believe passwords and simple bearer tokens, such as cookies, are no longer sufficient to keep users safe. Google employs a base level of sophisticated server-side technologies, such as SSL and risk analysis, to protect users with plain old passwords; however, it's also investing in client-side technologies, such as strong authentication with two-step verifica... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • From the Enterprise Perimeter to a Mobility-Enabled Secure Cloud

    Publication Year: 2013, Page(s):23 - 31
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (949 KB) | HTML iconHTML

    The enterprise perimeter has exhibited gradual trust degradation owing to a succession of connectivity decisions involving Web, email, virtual private networking, exceptions, and mobile networks as well as a succession of threats including malware and advanced persistent threats (APTs). The author proposes restoring trust to the enterprise by focusing protection strategies on a set of prioritized ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Human Element of Information Security

    Publication Year: 2013, Page(s):32 - 35
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (905 KB) | HTML iconHTML

    Information security has long hinged on trusted insiders' ability to make good decisions. However, modifying human behavior through training is difficult; some battle-worn security executives might even dismiss it as impossible. Although foundational controls such as antivirus, data leak protection, and firewalls are important, they're far from sufficient. The sharp rise in "knowability" of people... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Event Monitoring in a Distributed Systems Environment

    Publication Year: 2013, Page(s):36 - 43
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1274 KB) | HTML iconHTML

    Today, organizations depend much more on IT than they did in the past. Services such as internal portals, email communication, and financial and HR systems rely on computers to move businesses forward. These systems are under pressure to be securer than ever to protect organizations' operational environment. One aspect to consider in this situation is IT security event management. This article pre... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using Cloud Computing to Implement a Security Overlay Network

    Publication Year: 2013, Page(s):44 - 53
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (585 KB) | HTML iconHTML

    This article proposes and analyzes a general cloud-based security overlay network that can be used as a transparent overlay network to provide services such as intrusion detection systems, antivirus and antispam software, and distributed denial-of-service prevention. The authors analyze each of these in-cloud security services in terms of resiliency, effectiveness, performance, flexibility, contro... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Targeted Cyberattacks: A Superset of Advanced Persistent Threats

    Publication Year: 2013, Page(s):54 - 61
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (828 KB) | HTML iconHTML

    Targeted cyberattacks play an increasingly significant role in disrupting the online social and economic model, not to mention the threat they pose to nation-states. A variety of components and techniques come together to bring about such attacks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Going Bright: Wiretapping without Weakening Communications Infrastructure

    Publication Year: 2013, Page(s):62 - 72
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1039 KB) | HTML iconHTML

    Mobile IP-based communications and changes in technologies, including wider use of peer-to-peer communication methods and increased deployment of encryption, has made wiretapping more difficult for law enforcement, which has been seeking to extend wiretap design requirements for digital voice networks to IP network infrastructure and applications. Such an extension to emerging Internet-based servi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Help! Is There a Trustworthy-Systems Doctor in the House?

    Publication Year: 2013, Page(s):73 - 77
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (532 KB) | HTML iconHTML

    A multidisciplinary PhD in trustworthy systems can combine knowledge and practices from computer science, information systems, software engineering, and information technology. Such a program will create individuals who can lead teams of specialists that can address the varied functional and protection challenges of information systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Mobile Security: A Look Ahead

    Publication Year: 2013, Page(s):78 - 81
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (431 KB) | HTML iconHTML

    Fueled by widespread adoption of employee-owned devices in the workplace and the explosion of mobile applications, mobile device security is under heavy debate in both the academic and industry security communities. Businesses and government agencies are struggling to find some sense of control at a time when employee-owned devices now access some of the most sensitive data in an organization. Var... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Behavioral Targeting: A European Legal Perspective

    Publication Year: 2013, Page(s):82 - 85
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (679 KB) | HTML iconHTML

    Behavioral targeting, or online profiling, is a hotly debated topic. Much of the collection of personal information on the Internet is related to behavioral targeting, although research suggests that most people don't want to receive behaviorally targeted advertising. The World Wide Web Consortium is discussing a Do Not Track standard, and regulators worldwide are struggling to come up with answer... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Threat in the Cloud

    Publication Year: 2013, Page(s):86 - 89
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (567 KB) | HTML iconHTML

    If we're going to stick all the cryptographic services in cloud-based virtual machines, how secure can we expect them to be? The answer is-unfortunately-not very. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Promises and Challenges of Continuous Monitoring and Risk Scoring

    Publication Year: 2013, Page(s):90 - 93
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (948 KB) | HTML iconHTML

    Continuous monitoring and risk scoring is a comprehensive process of maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Two of the most salient aspects of CMRS are continuous data collection through automated feeds and analysis of that data to assess and score risks. CMRS attracts growing interest due to its pote... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Times, They Are a Changin'

    Publication Year: 2013, Page(s):94 - 95
    Request permission for commercial reuse | PDF file iconPDF (652 KB) | HTML iconHTML
    Freely Available from IEEE
  • Identity as Privacy

    Publication Year: 2013, Page(s): 96
    Request permission for commercial reuse | PDF file iconPDF (278 KB) | HTML iconHTML
    Freely Available from IEEE
  • Corporate Affiliate Program [Advertisement]

    Publication Year: 2013, Page(s): c3
    Request permission for commercial reuse | PDF file iconPDF (18091 KB)
    Freely Available from IEEE
  • Magazine Subscribe [Advertisement]

    Publication Year: 2013, Page(s): c4
    Request permission for commercial reuse | PDF file iconPDF (1536 KB)
    Freely Available from IEEE

Aims & Scope

The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Shari Lawrence Pfleeger
shari.l.pfleeger@dartmouth.edu