Methods for the prevention, detection and removal of software security vulnerabilities
ACM-SE 42 Proceedings of the 42nd annual Southeast regional conference
Official (ISC)2 Guide to the CISSP Exam
Official (ISC)2 Guide to the CISSP Exam
CITC5 '04 Proceedings of the 5th conference on Information technology education
Toward understanding distributed blackhole placement
Proceedings of the 2004 ACM workshop on Rapid malcode
Design of network security projects using honeypots
Journal of Computing Sciences in Colleges
Seeing further: extending visualization as a basis for usable security
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Analysis of traceback techniques
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Detecting identity-based attacks in wireless networks using signalprints
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Information security models and metrics
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Flowtag: a collaborative attack-analysis, reporting, and sharing tool for security researchers
Proceedings of the 3rd international workshop on Visualization for computer security
Puppetnets: misusing web browsers as a distributed attack infrastructure
Proceedings of the 13th ACM conference on Computer and communications security
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
CISA: Certified Information Systems Auditor Study Guide
CISA: Certified Information Systems Auditor Study Guide
| Hi-index | 0.00 |
The focus of this paper will demonstrate the need to clearly define and segregate various user space environments in the enterprise network infrastructure with controls ranging from administrative to technical and still provide the various services needed to facilitate the work space environment and administrative requirements of an enterprise system. Standards assumed are industry practices and associated regulatory requirements with implementations as they apply to the various contextual applications. This is a high level approach to understanding the significance and application of an effective secure network infrastructure. The focus is on end user needs and the associated services to support those needs. Conceptually user space is a virtual area allocated to the end user needs identified with specific services to support those needs by creating a virtual playground. To manage risk, the concept of creating a "security threat gateway (STG)" isolates and secures each user space with its associated services. Emphasis will be placed on the functional managerial process and application of the STG, safeguarding one user space from another, to facilitate the use of the needed services to perform the operational tasks of the organization. When user's needs and associated components are clearly identified, then it is possible for anyone to use this model as a template, to guide them in creating an effective strategy for their own network security. This approach is practical in orientation and application, focusing on a high level perspective and assumes the reader already has a low level technical background for a tactical implementation in mitigating risk to the enterprise network infrastructure.