Skip to main content
SpringerLink
Log in

Information Security

  • Chapter
  • First Online:
Cybercrimes: A Multidisciplinary Analysis

  • 2939 Accesses

Abstract

In the field of information security, it is commonly accepted that security belongs at the lowest possible level of the processing stack [1]. If affirmative, one might ask, why is the issue of application security even being considered? Applications, after all, sit at the very top of the stack. The analog of a house built on a firm foundation is well known and easily understood. If he foundation is unsound, no structure will stand on it for too long. What is less well understood is that the converse is equally true. No matter how strong the foundation, where the house erected on the foundation is flimsy, the overall structure is unsound. The same is true with information security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Gollmann, D. (1999). Computer security. New York, NY: Wiley.

    Google Scholar 

  2. Lohr, S., & Markoff, J. (2006, March 27) Windows is so slow, but why? The New York Times – Technology.

    Google Scholar 

  3. U.S. Department of Defense. (1985) DoD trusted computer security evaluation criteria (The orange book). DoD 5200.28-STD.

    Google Scholar 

  4. Bell, D., & Lapadula, L. (1996). Secure computer system: MITRE technical report 2547. Journal of Computer Security, 4(2/3), 239–263.

    Google Scholar 

  5. Multics. Retrieved April 5, 2003, from http://wombat.doc.ic.ac.uk/foldoc/foldoc.cgi?Multics

  6. Everett, D. B. (2002, November 7). Trusted computing platforms. Proceedings of the Trusted Computer Masterclass Conference, QE2 Conference Centre, London.

    Google Scholar 

  7. Moglen, E. (2002, August 11). Free software matters: Untrustworthy computing. Columbia University Law School. Retrieved from http://emoglen.law.columbia.edu/publications/lu-22.html

  8. Hulme, G. V. (2002, November 25). Trust this: Microsoft tries to secure Windows. Information Week.

    Google Scholar 

  9. Festa, P. (1999, November 23). Study says ‘buffer overflow’ is most common security bug. CNET News.com.

    Google Scholar 

  10. Bardon Data Systems. (2003, April 5). How secure is the Windows operating system? Retrieved from http://www.bardon.com/wp_windows.htm

  11. Malicious Code: Threats & Responses. Retrieved April 3, 2003, from http://www.infosec.spectria.com/av/malcode.html

  12. Malicious Code. Retrieved April 2, 2003, from http://csrc.nist.gov/publications/nistir/threats/section3_3.html

  13. Wikipedia The Free Encyclopedia. (2003, April 2). Virus. Retrieved from http://www.wikipedia.org/wiki/Virus_(biology)

  14. Buffer Overflow. Retrieved April 2, 2003, from http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549024,00.html

  15. Delio, M. (2001, March 12). New kit renews e-mail worm scare. Wired News.

    Google Scholar 

  16. Regan, T. (1999, October 7). Putting the dancing pigs in their cyber-pen. Christian Science Monitor.

    Google Scholar 

  17. Stets, D. (2003, April 3). A new browser could let others tap into your bank account. Retrieved from http://www.iks-jena.de/mitarb/lutz/security/activex.pe.phillynews.html

  18. Abreu, E. M. (2001, August 6). The cost is $1.2 billion, so far. Chandigarh, India: The Tribune.

    Google Scholar 

  19. Evers, J. (2001, September 27). Kournikova worm maker sentenced to community service. IDG News Service.

    Google Scholar 

  20. Evers, J. (2001, September 13). Kournikova virus writer stands trial. IDG News Service.

    Google Scholar 

  21. The Back Orifice ‘Backdoor’ Program. Retrieved March 31, 2003, from http://www.nwinternet.com/~pchelp/bo/bo.html

  22. Industry Canada. (2002, August 25). Government of Canada to review lawful access laws. News Release.

    Google Scholar 

  23. Ian Hopper, D. (2002, April 7). FBI finds increasing reluctance to report computer crimes. The Baton Rouge Sunday Advocate, 167(67).

    Google Scholar 

  24. Netgage, Inc. (2003, April 5). Law, investigation, and ethics. Retrieved from http://www.gonetgage.com/CISSP/legal.pdf

  25. KEYKatcher. Retrieved April 2, 2003, from http://www.chatworker.com/surge.htm

  26. KeyKey. Retrieved April 2, 2003, from http://www.cyber-007.com/keykey/screenshots.htm

  27. Rivest, R. (2001). RSA security response to weaknesses in key scheduling algorithm of RC4. Retrieved from http://www.rsa.com/rsalabs/technotes/wep.html

  28. Verton, D. (2001, July 16). Flaws in wireless security detailed. Computerworld.

    Google Scholar 

  29. Retrieved April 5, 2003, from http://www.warchalking.org/

  30. Retrieved from http://www.netstumbler.com

  31. Retrieved from http://www.ethereal.com/

  32. Katz, J. (2000, May 15). Script kiddies – Who are these guys? Time Europe, 155(19).

    Google Scholar 

  33. Computer Security Institute. (2002, April 7). Cybercrime bleeds U.S. corporations, survey shows; financial losses from attacks climb for third year in a row. Retrieved from http://www.gocsi.com/press/20020407.html

  34. CERT Coordination Center. (2001, June 4). Denial of service attacks.

    Google Scholar 

  35. CERT Advisory CA-2000-01. (2000, January 3). Denial-of-service developments.

    Google Scholar 

  36. Distributed Denial of Service (DDoS) Attacks/tools. Retrieved April 3, 2003, from http://staff.washington.edu/dittrich/misc/ddos/

  37. Lyman, J. (2002, August 16). The trouble with software patches. Retrieved from http://www.newsfactor.com/perl/story/19023.html

  38. Munro, N. (2002, January 4). Feds take minimal role in patching holes in cyberspace. National Journal.

    Google Scholar 

  39. Kanish, B. (2003, April 2). An overview of computer viruses and antivirus software. Retrieved from http://www.hicom.net/~oedipus/virus32.html#update

  40. Molly Wood and CNET staff. (2000, July 13). The virus zoo: What’s out there and how to avoid it.

    Google Scholar 

  41. JavaTM Security. Retrieved from http://java.sun.com/security/

  42. Microsoft COM Technologies. (1999, March 30). ActiveX controls. Retrieved from http://www.microsoft.com/com/tech/ActiveX.asp

  43. McLain, F. (2003, April 6). ActiveX, or how to put nuclear bombs in web pages. Retrieved from http://www.halcyon.com/mclain/ActiveX/welcome.html

  44. Network Working Group. (1999, January). RFC 2246, The TLS protocol. Internet Engineering Task Force.

    Google Scholar 

  45. Network Working Group. (1995, August). RFC 1825, security architecture for the Internet protocol. Internet Engineering Task Force.

    Google Scholar 

  46. The Ontario (Canada) Fire Code, §1.2.1.2.

    Google Scholar 

  47. Graham, R. (2000, March 21). FAQ: Network intrusion detection systems. Retrieved from http://www.robertgraham.com/pubs/network-intrusion-detection.html

  48. Virtual Private Network Consortium. Retrieved from http://www.vpnc.org/

  49. The SOS Information Security Policies. Retrieved from http://www.information-security-policies-and-standards.com/infopolicies.htm

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Houston, USA

    Richard Stanley

Authors
  1. Richard Stanley
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Joel Drive 917, Tyler, 75703, Texas, USA

    Sumit Ghosh

  2. Babbitt Rd 10, Mendham, 07945-1802, New Jersey, USA

    Elliot Turrini

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Stanley, R. (2011). Information Security. In: Ghosh, S., Turrini, E. (eds) Cybercrimes: A Multidisciplinary Analysis. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13547-7_5

Download citation

Publish with us

Policies and ethics

Search

Navigation