Segurança do Software

Promoting Data Protection by Privacy Enhancing Technologies (PETs) - Mai. 2007  152.2 kB

The purpose of this Communication, which follows from the First Report on the implementation of the Data Protection Directive5, is to consider the benefits of PETs, lay down the Commission's objectives in this field to promote these technologies, and set out clear actions to achieve this goal by supporting the development of PETs and their use by data controllers and consumers.

Information Security Awareness Programmes in the EU - Set. 2006  5.6 MB

The uses of Information Communication Technology (ICT) continue to increase in all Member State countries. As in the past, the benefit to businesses and citizens through increased coverage and advances in technology has been countered by an increasing number of information security breaches. The current environment therefore still demands that Member States continue to promote and develop a “culture of security”.

How to Raise Information Security Awareness - Jun.2006  1.3 MB

The Users´s Guide: How Raise Information Security Awareness illustrates the main processes necessary to plan, organise and run information security awareness raising initiatives: plan & assess, execute & manage, evaluate & adjust. Each process is analysed and time-related actions and dependencies are identified. The process modelling presented provides a basis for "kick-starting" the scoping and planning activities as well as the execution and assessment of any programme. The Guide aims to deliver a consistent and robust understanding of major processes and activities among users.

Chung-Kwei: a Pattern-discovery-based System for the Automatic Identification of Unsolicited E-mail Messages (SPAM) - 2004  79.8 kB

Abstract. In this paper, we present Chung-Kwei1, a system for the analysis of electronic messages and the automatic identification of unsolicited email messages (=SPAM). The method uses pattern-discovery as its underlying tool and is another instance of a generic approach that has been the basis of previously successful solutions developed by our group to tackle problems in computational biology such as gene finding and protein annotation. Chung- Kwei can be trained very quickly; as new examples of SPAM become available, the system can re-train itself without interrupting the classification of incoming e-mail. We trained Chung-Kwei on a repository of 87,000 messages, then tested it with a very large collection of 88,000 pieces of SPAM and WHITE email: the current prototype achieved a sensitivity of 96.56% whereas the false positive rate was 0.066%, or one-in-six-thousand. In terms of speed, we are currently capable of classifying 214 messages/second, on a 2.2 GHz Intel-Pentium platform. The Chung-Kwei system is part of SpamGuru, a collaborative antispam filtering solution that is currently under development at IBM Research.

The Ten Most Critical Web Application Security Vulnerabilities - Jan. 2003  335.7 kB

 

Guide to Securing your Web Site for Business - 2003  312.8 kB

VeriSign, Inc., the leading provider of trust services for electronic commerce and communication, offers a cost-effective, proven solution for securely conducting business over the Internet. This proven technology is in use now—by the top e-commerce sites, virtually all of the Fortune 500 companies with a Web presence, and thousands of other leading Web sites. By installing a VeriSign SSL Certificate (available as part of VeriSign's Secure Site Services) on your company's Web server(s), you can securely collect sensitive information online, and increase business by giving your customers confidence that their transactions are safe.

Understanding the Privacy Space - Set. 2002  153.2 kB

Understanding the Privacy Space by Benjamin D. Brunk This paper reports on an ongoing research project focusing on privacy tools, and services available on the Internet. A detailed examination of 133 different privacy-related software tools and services rendered a list of 1,241 features relating to privacy. Based on the data gathered, the ongoing work is to formulate a framework to describe this "privacy space" using grounded theory and content analytic techniques. Here, we discuss some of more interesting preliminary findings garnered from a descriptive statistical analysis of the raw data. This paper discusses what can be learned from a user-centric analysis of this increasingly important class of software tools.

Without Pen and Ink - The use of digital signatures in electronic interaction with and within public administration - Out. 2001  2.6 MB

It is not necessary to understand the “nuts and bolts” of a new technology to benefit from it, but a user must master the applications. Things that look simple to the user are often extremely complex and advanced “behind the scenes”. The introduction and use of digital signatures and accompanying infrastructure involve a number of technological, legal, organisational and administrative challenges. This is a complicated field for public administration to relate to. There is therefore a need for a policy on this area, covering norms for use, basic principles for setting up, introducing and maintaining the infrastructure, and strategies on how public administration should ensure that it works in accordance with assumptions. This report proposes basic elements for such a policy.