DSM 2007/4

Main topic: Legislation and standards affecting the safety

PUBLISHED: 23.11.2007

06 / INTERVIEW WITH DOUGLAS BALOG
Douglas Balog, vice-president of IBM Systems & Technology Group for Blades & Modular Development, was interviewed by Jaroslav
Dočkal, editor in chief of DSM, at the research centre in Raleigh, North Carolina.

10 / LEGAL COLUMN
SAXINGER CHALUPSKY & PARTNER, V.O.S.
Renowned experts on computer law answer questions related to the obligations of employers that decide to collect biometric data to control the entry of people into their premises. The column also gives an opinion of a lawyer on the legal validity of an electronic document signed by a qualified electronic signature during an action in court.

12 / LEGISLATION AND IT SECURITY STANDARDS
VLADIMÍR SMEJKAL
The article discusses the legal definition of the security of IT and communications systems under Czech law. It analyzes the definition of an information system especially in relation to foreign technical standards. It gives a detailed overview of all valid acts related to IT security in the Czech Republic.

18 / INTEGRATION OF MONITORING AND SLAS
RADEK BĚLINA
The article informs readers about advanced monitoring systems linked with key business services and SLAs. The first part describes the function of extended monitoring, the second links to SLAs, the monitoring of transactions and the use of a monitoring system for infrastructure capacity planning. The author concludes with a summary of the benefits of extended monitoring and shares his experience from real life implementations.

22 / THE SPAM PHENOMENON
ROMAN PAVLÍK
Spam is an extraordinarily widespread nuisance. The article describes the main types of architecture of anti-spam systems, their benefits and disadvantages. It mentions "attractive offers" of vendors that react to increased demand in the market and the frequent mistakes of IT managers when selecting solutions. It is not easy to define, identify or efficiently remove SPAM and the choice of the right solution depends on many aspects. The size of the network is just one of them.

26 / INTERVIEW WITH DAVID LYNAS ON INFORMATION SECURITY
Editor-in-chief, Jaroslav Dočkal, had an opportunity during this year’s Information Security Summit to interview the only non-US expert that received a prestigious award for life-long achievement from the Computer Security Institute.

30 / FROM ROOTKITS TO BOOTKITS
ZDENĚK ŘÍHA
The methods of hiding up-to-date root kits are continuously evolving, so, however, are their detectors. Lately, virtualization (software or hardware aided) has brought new landscape into the game. Virtualized operating systems have only limited capabilities of recognizing what is happening outside their virtual machines. Bootkits, which resemble old-time boot viruses, provide additional opportunities for hiding.

34 / SECURITY WEAKNESSES IN APPLICATIONS
TOMÁŠ ZELLERIN
This article discusses three areas: issues related to the simple and frequently used sign-on algorithm, modern ways of mass "breaking" hashed data (including passwords) and the generation of random numbers and sequences. All these areas can impact, if there are mistakes, the security of the application. And in real life, we see mistakes in all these areas.

38 / NEWS IN SECURITY OF HP-UX
RICHARD MALINA
The article summarizes both new and old security properties of the operating system, HP-UX, that can be found in its latest version. It analyzes individual products, explains their properties and in selected cases compares them with the comparable alternatives of Sun Solaris 10. The article concludes with an attempt to evaluate the overall progress of the HP-UX system.

42 / QUO VADIS ITIL – PART VII
VLADIMÍR KUFNER
The article explains the new qualification scheme for ITIL V3 and summarizes ITIL V3 publications. The author describes how the small changes to the qualification scheme lead to a three-layer and finally to a four-layer scheme. The article also explains the terminology related to the accreditation and certification for ITIL V3 and describes the new qualifications.

46 / D-LINK ON ITS WAY TO 802.11N
ROBERT DRMOLA
The article introduces some of the properties of the not-yet final standard for high-speed wireless networks 802.11n. It also describes practical experience from the operations of a set of products from D-Link that correspond to the current version of the standard. The devices are undoubtedly excellent products, but unfortunately do not have certain functions that would be useful for professional use. Their absence is, however, understandable with regard to the anticipated conditions of use.