Ronda R. Henning

Security service level agreements: quantifiable security for the enterprise?

A popular business paradigm for information systems treats the information infrastructure as a corporate utility. In this model, a fixed Total Cost of Ownership (TCO) is associated with a given workstation, the network infrastructure, user applications, and personnel required for operational support. Related to the TCO model is the Seat Management model, which exploits the economies of standardization and scale to reduce information technology expenses. In both of these models, a defined, measurable, service level is applied as a cost metric, For example, seven days per week, twenty-four hour help desk support is more costly than five clays per week, business hours support. These measurable service levels are defined as Service Level Agreements. Few security services have been specified in terms that are amenable to Service Level Agreements. This raises the question -- can security be adequately expressed in a Service Level Agreement context. This paper looks at a derivation of security related service level agreements for a large enterprise. The possible applications of this approach are presented, as is a discussion of the caveats an information technology organization should consider prior to adopting security service level agreements.

Predictable Surprises

Justifying security expenditures in difficult economic times is problematic at best, career ending at worst. This article provides a methodology to improve the probability of budget success based on risk assessment techniques, proven project management skills, and economics.

Bayesian Fusion of Back Projected Probabilities BFBP: Co-occurrence Descriptors for Tracking in Complex Environments

Among the multitude of probabilistic tracking techniques, the Continuously Adaptive Mean Shift CAMSHIFT algorithm has been one of the most popular. Though several modifications have been proposed to the original formulation of CAMSHIFT, limitations still exist. In particular the algorithm underperforms when tracking textured and patterned objects. In this paper we generalize CAMSHIFT for the purposes of tracking such objects in non-stationary backgrounds. Our extension introduces a novel object modeling technique, while retaining a probabilistic back projection stage similar to the original CAMSHIFT algorithm, but with considerably more discriminative power. The object modeling now evolves beyond a single probability distribution to a more generalized joint density function on localized color patterns. In our framework, multiple co-occurrence density functions are estimated using information from several color channel combinations and these distributions are combined using an intuitive Bayesian approach. We validate our approach on several aerial tracking scenarios and demonstrate its improved performance over the original CAMSHIFT algorithm and one of its most successful variants.

FuzzyFusion: an application architecture for multisource information fusion

The correlation of information from disparate sources has long been an issue in data fusion research. Traditional data fusion addresses the correlation of information from sources as diverse as single-purpose sensors to all-source multi-media information. Information system vulnerability information is similar in its diversity of sources and content, and in the desire to draw a meaningful conclusion, namely, the security posture of the system under inspection. FuzzyFusionTM, A data fusion model that is being applied to the computer network operations domain is presented. This model has been successfully prototyped in an applied research environment and represents a next generation assurance tool for system and network security.

Robust volumetric change detection using mutual information with 3D fractals

We discuss a robust method for quantifying change of multi-temporal remote sensing point data in the presence of affine registration errors. Three dimensional image processing algorithms can be used to extract and model an electronic module, consisting of a self-contained assembly of electronic components and circuitry, using an ultrasound scanning sensor. Mutual information (MI) is an effective measure of change. We propose a multi-resolution 3D fractal algorithm which is a novel extension to MI or regional mutual information (RMI). Our method is called fractal mutual information (FMI). This extension efficiently takes neighborhood fractal patterns of corresponding voxels (3D pixels) into account. The goal of this system is to quantify the change in a module due to tampering and provide a method for quantitative and qualitative change detection and analysis.

An efficient visualization method for analyzing biometric data

We introduce a novel application for biometric data analysis. This technology can be used as part of a unique and systematic approach designed to augment existing processing chains. Our system provides image quality control and analysis capabilities. We show how analysis and efficient visualization are used as part of an automated process. The goal of this system is to provide a unified platform for the analysis of biometric images that reduce manual effort and increase the likelihood of a match being brought to an examiner’s attention from either a manual or lights-out application. We discuss the functionality of FeatureSCOPE™ which provides an efficient tool for feature analysis and quality control of biometric extracted features. Biometric databases must be checked for accuracy for a large volume of data attributes. Our solution accelerates review of features by a factor of up to 100 times. Review of qualitative results and cost reduction is shown by using efficient parallel visual review for quality control. Our process automatically sorts and filters features for examination, and packs these into a condensed view. An analyst can then rapidly page through screens of features and flag and annotate outliers as necessary.

Customer requirements for security in relational database management

This paper presents perspectives on security requirements and security features as viewed by vendors of commercial database products.

Industry and government DBMS security and privacy needs-a comparison

An overview of the database security requirements for both the private and government sectors is presented. It is concluded that both sectors require database management systems (DBMSs) capable of supporting secrecy and integrity policies. However, the government counts secrecy as the more important consideration because its data affects the lives and privacy of every citizen. The private sector considers integrity considerations more important because corrupt data undermines corporate strategies. The primary difference between the two sectors is that a global policy for secrecy in the government sector was well-established before computers came along, and that a similar global integrity policy has never truly existed. In the private sector, individual integrity policies for corporations are a fact of life. Corporate secrecy policies are enforced through physical security measures. The difference between the two sectors is one of scale, not requirements.<<ETX>>