The Cyber Defense Exercise (CDX) is a four day Information Assurance exercise run by the National Security Agency/Central Security Service (NSA/CSS) to help train federal service academy students in secure network operations. This paper is a collaborative work on the various tools and techniques used and the overall effectiveness of live-attack exercises in teaching information security.

Managed Security Service Provider (MSSP) networks are a form of collaboration where several firms share resources such as diagnostics, prevention tools, and policies to provide security for their computer networks. While decisions to outsource security operations of an organization may seem counterintuitive, there are potential benefits from joining a MSSP network due to pooling of risk and acc...

We examine the implications of a firm outsourcing both (i) security device management which attempts to prevent security breaches and (ii) security monitoring which attempts to detect security breaches to managed security service providers (MSSPs). In the context of security outsourcing, the firm not only faces the traditional moral hazard problem as it cannot observe an MSSP’s prevention or de...

The placement of security functions determines which kinds of data they can protect against which kinds of attackers. Firstly, security functions are classified regarding their sphere of influence, e.g. between end points of communication associations (end-to-end) or end points of transmission lines (link-by-link). Next, we derive and illustrate restrictions and implications that limit the free...

The research effort for a national e-Health interconnection infrastructure and for the needs of supporting design guidelines is in great demand. Additional researches in eHealthcare network services are critical to universal deployment in operational and security service management aspects. This paper presents our solution framework for e-Healthcare interconnection infrastructure, operational m...

The provision of adaptive content to mobile wireless devices has increasingly become very pertinent. Mobile smart phones and other wireless device usage is increasing daily with ground breaking technological developments – in design, style, content and micro-chips performance. Transmission of data in such environments requires absolute security to protect the individual and content. Any interfe...

depicts requirements for signalling interfaces over which Data protection and data security become more significant since telecommunication services and innovative applications based on these services handle an increasing amount of sensitive data. Modern services, e.g. call forwarding, tele-conferencing, and voice mail services use or store personal data to implement individual services. Sensit...

We report on an experience in analyzing the security of the Trust and Security Management (TSM) protocol, an authentication procedure within the OSA/Parlay Application Program Interfaces (APIs) of the Open Service Access and Parlay Group. The experience has been conducted jointly by research institutes experienced in security and industry experts in telecommunication networking. OSA/Parlay APIs...

background: hospitals employing telesurgery need to be evaluated to determine whether they satisfy the international standards. the main goal of this research was to assess the software, hardware, telecommunication equipments, privacy and security methods, and staffing requirements for supporting and executing telesurgery in hospitals affiliated to tehran universities of medical sciences, tehra...