Red Tape

Fri
11
Sep

Best Practices: Indian Information Act (Amendment) 2008/2011

Contributed by Rohit Kr. Sharma

The Information Technology (Amendment) Bill, 2008 (Bill No.96-F of 2008) was passed by the both houses of parliament on December, 2008 and received the accent of the president on 5th February, 2009 and became operational as the Information Technology(Amendment) Act, 2008 (ITAA, 2008) notified with effect from 27/10/2009 and is now become operational. Many significant changes have been introduced in the IT Amendment Act, 2008. Post this there were two more amendments were issues in 2011, a) The Intermediary responsibility and b) Cyber Café Guidelines as Amendments in ITAA (amendments) 2011.

This document is in PDF format. To view it click here.

Wed
09
Sep

BEYOND TOP SECRET

Contributed by Hal Walter

Tue
08
Sep

Security Best Practice: Host Naming & URL Conventions

Contributed by Gunter Ollmann

A consideration often neglected by many organisations when rolling out new servers or developing web-based applications that will be accessible by Internet clients and customers is that of host and URL naming conventions. There are a number of simple steps that can be taken to strengthen the security of an environment or application making it more resilient to several popular attack vectors. By understanding how an attacker can abuse poorly thought out naming conventions, and by instigating a few minor changes, it is possible to positively increase the defence-in-depth stature of an environment.

This document is in PDF format. To view it click here.

Wed
02
Sep

Authentication and Access Control Best Practices for Healthcare Systems

Contributed by Lamaris Davis

Tue
01
Sep

An Approach To Web Application Threat Modeling

Contributed by Akash Shrivastava

In present internet computing environment one or the other form of security has become a requirement for all web applications. Importance of Confidentiality, Integrity and Privacy is increasing day by day and security has become vital in internet technology. To design a secure web application, it is very important to analyze and model the potential threats.

Threat modeling is a procedure for optimizing Network/ Application/ Internet Security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Red Tape