Znanstveni radovi

Download radova, Prezentacija i PoC koda je dostupan svima uz besplatnu registraciju.



Tonimir Kišasondi, Željko Hutinski, Vesna Dušak: Reverse engineering unknown protocols

CECIIS conference, 24-26.9 2008

Abstract:
In this work we will present our method for analyzing and reverse engineering unknown or proprietary protocols for the purpose of analyzing the protocol security or gaining more insight into the protocols inner operation. We created a method that can be executed manually or can be packed into a fully automatic algorithm.

Keywords: Reverse engineering, protocol analysis, black box analysis



Danijela Bambir, Željko Hutinski, Vesna Dušak: Systems Security Engineering Capability Maturity Model with Support of Simulation and Knowledge Management

CECIIS conference, 24-26.9 2008

Abstract:
With the increasing reliance of society on information, the protection of that information and related system is becoming extremely relevant. Because of that, security engineering expanded its domain to many areas like financial transactions, contractual agreements, personal information and the Internet. Therefore, then appeared a need for appropriate methods and practices required by various participants in security engineering process. As a result, SSE-CMM was developed, describing the essential characteristics of an organization’s security engineering process. The model consists of five capability levels that address different maturity stages. In this paper it is shown that simulation and knowledge management can be used to support improvement at all five levels of the SSE-CMM. Simulation and KM capabilities at each SSE-CMM level build upon the capabilities of the preceding levels, and match the needs of the security engineering practices at that capability level.


Keywords: SSE-CMM, simulation, knowledge management



Sandro Gerić, Željko Hutinski: Standard Based Service-Oriented Security

Proceedings of the 18th international conference "Information and intelligent systems", Varaždin, Croatia, september 2007, pp. 327 - 335

Abstract:
Service-oriented architecture (SOA) represents a set of principles for designing extensible, federated and interoperable services, and a new evolutional step in the program-applications development as well in the evolution of the information systems concept. Development and increase number of SOA implementations in practice brings out the SOA related security issues that somehow differ from "traditional" information system security principles. Security aspects of Service- Oriented Architectures are usually referred to as Service-Oriented Security. There are different aspects of Service-Oriented Security. Some are oriented and based on technical standards that are used as SOA's foundations; some are oriented towards organizational and legislative issues of SOA's security policy; there are security issues based on inter-organizational cooperation, etc. In this article we address different security standards and protocols that are used in the scope of Service-Oriented Security and we discuss an overview of changes and modifications in the security model components (e.g. ISO/IEC 17799) that should be adapted in order to provide a satisfied level of Service-Oriented Security.


Keywords: SOA, SOS, SOSA, service oriented, security



Sandro Gerić, Željko Hutinski: Service Oriented Security

MIPRO 30th International Convention, Proceedings of Information System Security, Opatija, 2007., pp. 125 - 132.

Abstract:
Service-oriented architecture (SOA) is a set of principles for designing extensible, federated and interoperable services, and it represents a new evolutional spiral in the program-applications development and in the evolution of the information systems concept. Development and increase number of SOA implementations brings out the SOA based information system security issues that somehow differ from "traditional" information system security principles. There are different aspects of security in service-oriented architecture. Some are oriented and based on technical standards that are used for SOA's fundations, some are oriented towards organizational and legislative issues of SOA's security policy, aspects of security issues based on inter-organizational cooperation, etc. In this article we address the question of security threats and risk in using SOA (SOA threat model), different security and risk management options that could be implemented, and we give an overview of a ISO/IEC 17799 security model components that can be used in securing service-oriented architectures.

Keywords: SOA, SOS, service oriented, security



Sandro Gerić, Željko Hutinski: The Use of Expert Systems in Information System Security

The Use of Expert Systems in Information System Security, MIPRO 29th International Convention, Proceedings of Information System Security, Opatija, 2006., pp. 181-186

Abstract:
This paper addresses the possibility of expert system's use in information system security (ISS) and defines a model of an expert system for selection of a security and protective measures. The development and increasing importance of information systems (IS) and their resources in business organizations emphasis the vulnerability of information systems and potential loses for organizations produced by different events that are threat for ISS. Some organizations are solving this problem with unplanned and inefficient use of security measures, but there are organizations that are using and implementing security measures that are appropriate, necessary and in accordance
with other aspects of their organization. In this paper we explain a model how to define a set of security measures with those characteristics with help of an expert systems, that by combining the knowledge base, conclusion mechanism, risk assessment and ability to learn is able to select the necessary and appropriate security measures for ISS improvement


Keywords: Expert systems, ISS, security



Sandro Gerić, Željko Hutinski: Information System Security Threats Classifications

Proceedings of the 17th international conference "Information and intelligent systems", Varaždin, Croatia, september 2006, pp. 239. - 247

Abstract:
Information systems are exposed to different types of security risks. The consequences of information systems security (ISS) breaches can vary from e.g. damaging the data base integrity to physical "destruction" of entire information system facilities, and can result with minor disruptions in less important segments of information systems, or with significant interruptions in information systems
functionality. The sources of security risks are different, and can origin from inside or outside of information system facility, and can be intentional or unintentional. The precise calculation of loses caused by such incidents is often not possible because a number of small scale ISS incidents are never detected, or detected with a significant time delay, a part of incidents are interpreted as an accidental mistakes, and all that results with an underestimation of ISS risks. This paper addresses the different types and criteria of information system security risks (threats) classification and gives an overview of most common classifications used in literature and in
practice. We define a common set of criteria that can be used for information system security threats classification, which will enable the comparison and evaluation of different security threats from different security threats classifications.


Keywords: Information system security, ISS, security risk, threat, classification, criteria.



Sandro Gerić, Željko Hutinski: Managing the security of the information system

MIPRO 28th International Convention, Proceedings of Information System Security, Opatija, 2005., pp. 175-191.

Abstract:
The development and increasing importance of information systems (IS) and their resources in business organizations emphasis the vulnerability of information systems and potential loses for business organizations produced by different events that are threat for information system security – threats like unauthorized intrusion in information system, stealing of information system resources, etc. The paper addresses the problem of information system security management thru risk assessment and use of international standards like ISO17799 and BS7799. This problem is then described as a process of information system security management with its phases and necessary measures to be taken to ensure security of the information system and its resources.

Keywords: ISO17799, Security risk management, security management.