Author: admini

“We consider MAC to be a key enabling technology to aid government and businesses alike, in being confident they can deliver more services, more quickly, and with better function, without compromising security,” said Marsh.

Gary Barnett, research director at Ovum, said the announcement shows the potential of public-private partnerships. “This is an important announcement that shows how both government and business can take security to the next level”, said Barnett. “The traditional ‘border control’ approach to security will no longer be good enough as organizations, including government, are increasingly obliged to grant access to internal systems to a wider range of external parties.

MAC addresses this issue by applying the ‘need to know’ security principle to operating systems, this means that rogue applications or malicious users are automatically contained and cannot cause damage beyond their immediate context.

SELinux is the first commercially available operating system to implement this sophisticated level of security, and today’s announcement shows how this can be combined with a commercial J2EE application server to form the basis of a complete solution,” added Barnett. Enterprises will also be able to take advantage of the technology, said Doc Shankar, worldwide Linux security lead for IBM. “What we’ve demonstrated here with WebSphere and SELinux can be repeated with other software such as DB2 and business applications. In other words through the use of this technology, any organization will have the ability to contain hackers, provide the necessary confinement for its applications and minimize damage to the enterprise,” said Shankar.

The proof of concept is planned to go live this month at County Durham & Darlington Acute Hospitals NHS Trust and will focus on providing secure system access for the hospital’s new finance system.

http://www.scmagazine.com/uk/news/article/556670/uk+cabinet+office+backs+security+enhanced+linux/

The size of the problem is breathtaking, with 20 million e-mails a minute zipping around the globe and 40 million voicemails left each hour.

And supervisory control and data acquisition networks, used throughout the chemical and utilities industries, were developed years before the Internet and never designed to include computer security.

“Our operations, organizations, laws and policies have not kept pace with this changing technology,” Miller said.

http://www.gcn.com/online/vol1_no1/40663-1.html

The analysis discovered that several threats identified by different names among antivirus vendors are, in fact, very similar, Halvar Flake, head of researcher and founder of Sabre Security, stated in comments to his blog.

On the other hand, Sasser.B and Sasser.D are only 68 percent similar, according to Sabre’s analysis.

http://www.securityfocus.com/brief/200?ref=rss

http://www.fcw.com/article94229-04-28-06-Web