For the second year, SearchSecurity.co.uk is publishing an exclusive series of new articles based on some of the latest and most innovative research in information security. The articles come from new MSc graduates of Royal Holloway University of London (RHUL), and the work is based on the students' Masters theses. The series covers a broad range of topics, from buffer overflows to security awareness programmes, and provides some new insights into some of the most pressing problems in information security today.
- Maximising the effectiveness of information security awareness
- Interdomain routing security (BGP-4)
- Buffer overflows in a Windows environment
- How to help law enforcement live in a world without secure boundaries
- Misuse cases: Earlier and smarter information security
- A virtual programmable trusted platform
- Fuzzing — or how to help computers cope with the unexpected
- Fair digital rights management
- Social and behavioural techniques to boost awareness
Royal Holloway University of London MSc thesis series
Maximising the Effectiveness of Information Security Awareness
Research from two other disciplines - marketing and psychology – could help security professionals instill better awareness amongst their users.
Interdomain Routing Security (BGP-4)
The Border Gateway Protocol (BGP) is the most important protocol for the interconnectivity of the Internet. Royal Holloway authors compare two mechanisms for solving its security weaknesses.
Buffer overflows in a Windows environment
Buffer overflow vulnerabilities are commonly exploited by hackers to gain control of an IT system. Find out what they are, how they work, and how companies can protect themselves—up to a point.
How to help law enforcement live in a world without secure boundaries
Even if you have highly confidential information, you still need to communicate with the outside world, and exchange data safely.
Misuse cases: Earlier and smarter information security
By defining the scenarios in which computer systems could be misused, security professionals can test more thoroughly and close down risk more quickly.
A virtual programmable trusted platform
Architecture proposals for a co-operative model may allow smart card developers to focus solely on the functionality and security of their own code.
Fuzzing — or how to help computers cope with the unexpected
Testing the security of software before implementation can be a hit-and-miss affair, and is unlikely to discover every weakness.
Fair digital rights management
How to find a fair deal for content owners and consumers
Social and behavioural techniques to boost awareness
Security awareness programmes work better when everyone is involved in the process.