Security concepts and frameworks

Security

Reply 1: Security in the News

The rapid advances in automated biometrics that take into account personal recognition attributes to define the level of application access and functionality is an emerging state-of-the-art area that combines constraint technologies and electronics. These advanced biometrics are predicated on increasing the level of accuracy, real-time performance and security that can be delivered via Web-based applications anytime, anywhere. The value of biometrics in security management continues to also be quantified from a monetary standpoint as well, with the Return on Investment (ROI) achieved orders of magnitude higher that comparable security technologies. Biometrics that also align to role-based analytics and reporting continue to show potential, as enterprise continue to move to widely distributed operations globally. The biometrics-based advances in enterprise systems access will make it possible to view highly confidential reports through mobile devices and smart phones.

Reference

Fons, M.M., Fons, F.F., & Canto, E.E. (2012). Biometrics-based consumer applications driven by reconfigurable hardware architectures. Future Generation Computer Systems, 28(1), 268-286. http://petrus.upc.es/emsy/Journal_Future_Generation_Computer_Systems_10.pdf

Reply 2:

The many practical and pragmatic approaches both people and companies can take to safeguard their privacy and security online are discussed with specific attention paid to social networks. The fact that many colleges and universities monitor social networking sites is brought up in the comments and the original text (Zeltser, 2011). With so many variations in how social networks are used today, there needs to be a series of key success factors or best practices that guide both people and organizations to attain the highest level benefit from them while also guarding their identity from being stolen or misused. There are many approaches hackers use to gain personal information, with phishing being the most predominant, is also mentioned as an area that needs greater monitoring over time. The set of guidelines for protecting ones' identity and social networking accounts are very relevant and are worth reviewing periodically, as the author of the comment points out.

Reference

Zeltser, L. (September 2011). Social Networking Safety. OUCH! The Monthly Security Awareness Newsletter for Computer Users. Retrieved September 18, 2011 from http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201109_en.pdf

Reply 3:

The SpyEye Hacking Toolkit ingeniously is being promoted online as an Android application that will guard against exactly what it does, which is steal online logins and passwords. What makes this application so state-of-the-art and unique is that it uses an Android client application on smart phones and other devices running the operating system to transmit data to the command and control (C2) server. The hackers then have the ability to capture logins and passwords and without the user's knowledge, transmit them to the server completely independent of any action taken by the user (Keizer, 2011). While this threat is most predominant in Europe and Australia, the potential exists for it to become global in scope within days due to the pervasive distribution of Android applications. As the astute analysis in the post states, it is a very good idea to have malware and spyware applications including Lookout and AVG installed on all smartphone and mobile devices running the Android operating system. The point of making sure software sources are trusted and applications are installed only from legitimate sites is also extremely important to alleviate the potential security risks. Finally the best advice of all, not accessing mobile banking at all from your Android-powered device, is the best deterrent of all.