Main topic: Problems associated with malware.
6) Interview with Robert Stroud
For two years, DSM published a series of articles written by Vladimír Kufner on ITIL (11 articles from 4/06 till 4/08) This topic is now supplemented by the opinion of a renowned expert – vice-president of CA Service Management, ISACA (Information Systems Audit and Control Association) and ITGI (IT Governance Institute), chair of one of the COBIT committees (Control Objectives for Information and related Technology) and a member of the Executive Committee of itSMF (IT Service Management Forum). He participated as a member of the advisory board on the preparation of the new ITILv3. An interview with Robert Stroud was conducted during his visit to Prague by editor-in-chief of DSM Jaroslav Dočkal.
10) Malware Crisis? Absolutely not!
This article describes the current situation of malware from the point of view of those who fight it. It highlights problems that appeared in recent years and trends that can be expected in the future.
16) Security: Malware Wins 1:0?
The article provides a balanced view on trends in malware from the point of view of both the creators of malware and anti-malware tools. The article describes current ways to create efficient malware and technologies that make malware detection more effective. It also suggests possible future approaches in this area.
20) Java Card – Platform for the Development of Secure Applets
The article presents both existing attacks and problems that can be encountered when programming applets for the Java Card and several possible countermeasures, be they theoretical or practically used that try to moderate or eliminate these attacks.
24) Interview with Uriel Maimon
Uriel Maimon is a Senior Researcher in the Office of the CTO (Chief Technical Officer) of the RSA Security Division of EMC. He originates from Israel, formerly worked as a product manager in RSA where he got by the acquisition of the company, Cyota. Before that he was employed at Zend Technologies and Check Point Software Technologies. He owns two patents.
28) Cloud Computing – Part II
Second in a series of articles analyzing the security advantages and weaknesses of cloud computing from both the overall point of view and the point of view of individual modules. It also describes the efforts of two organizations – the Jericho Forum and the Cloud Security Alliance (CSA) that have been devoting a lot of attention to cloud computing security.
34) ARP as a Weapon
An attack can be realized using the ARP technique of spoofing by which the traffic of network users is diverted to the attacker in order to read the messages or to manipulate network traffic. There are several techniques to protect against an ARP spoofing attack. The article analyzes the following approaches: protected ports, private VLANs, dynamic ARP, inspection, IDS systems and static ARP.
40) Random Data Generated on Mobile Devices
Jan Krhovják, Václav Matyáš
The article goes into the generation of random data for cryptographic purposes on mobile platforms (e.g. mobile phones). Attention is devoted to both secure designs suitable for mobile platforms and the presentation of results of selected experiments.