This guide demonstrates how to secure sensitive data and comply with internal and external audit regulations using Oracle 10g and 11g. It provides the hands-on guidance required to understand the complex options provided by Oracle and the know-how to choose the best option for a particular case. The book presents specific sequences of actions that should be taken to enable, configure, or administer security-related features. It includes best practices in securing Oracle and on Oracle security options and products. By providing specific instructions and examples this book bridges the gap between the individuals who install and configure a security feature and those who secure and audit it.

A How-to Guide for Implementing Algorithms and Protocols Addressing real-world implementation issues, Understanding and Applying Cryptography and Data Security emphasizes cryptographic algorithm and protocol implementation in hardware, software, and embedded systems. Derived from the author’s teaching notes and research publications, the text is designed for electrical engineering and computer science courses. Provides the Foundation for Constructing Cryptographic Protocols The first several chapters present various types of symmetric-key cryptographic algorithms. These chapters examine basic substitution ciphers, cryptanalysis, the Data Encryption Standard (DES), and the Advanced Encryption Standard (AES). Subsequent chapters on public-key cryptographic algorithms cover the underlying mathematics behind the computation of inverses, the use of fast exponentiation techniques, tradeoffs between public- and symmetric-key algorithms, and the minimum key lengths necessary to maintain acceptable levels of security. The final chapters present the components needed for the creation of cryptographic protocols and investigate different security services and their impact on the construction of cryptographic protocols. Offers Implementation Comparisons By examining tradeoffs between code size, hardware logic resource requirements, memory usage, speed and throughput, power consumption, and more, this textbook provides students with a feel for what they may encounter in actual job situations. A solutions manual is available to qualified instructors with course adoptions.

As old as the threat of danger itself, vulnerability management (VM) has been the responsibility of leaders in every human organization, from tribes and fiefdoms right up through modern multinationals. Today, the focus of vulnerability management is still on infrastructure, but as knowledge is power and the lifeblood of any organization is its capacity for quick system-wide response, current emphasis needs to be placed on maintaining the integrity of IT applications, so critical to the real and the virtual infrastructure and productivity of any community or business entity. Written by international security consultant Park Foreman, Vulnerability Management demonstrates a proactive approach. Illustrated with examples drawn from more than two decades of multinational experience, Foreman demonstrates how much easier it is to manage potential weaknesses, than to clean up after a violation. Covering the diverse realms that chief officers need to know and the specifics applicable to singular areas of departmental responsibility, he provides both the strategic vision and action steps needed to prevent the exploitation of IT security gaps, especially those that are inherent in a larger organization. Providing a fundamental understanding of technology risks from an interloper's perspective, this efficiently organized work: Offers the guidance you need to develop and personalize your own VM management program Goes far beyond the obvious to cover those areas often neglected, as well as those that are actually less secure than they might appear Demonstrates a host of proven methods to assess and reduce the potential for exploitation from within and withoutProvides detailed checklists used by the author Throughout history, the best leaders not only responded to manifested threats but anticipated and prepared for potential ones that might overtly or insidiously compromise infrastructure and the capacity for productivity. Great vulnerability management is often hard to quantify, as the best measure of its success is that which never happens.

Spectacular security failures continue to dominate the headlines despite huge increases in security budgets and ever-more draconian regulations. The 20/20 hindsight of audits is no longer an effective solution to security weaknesses, and the necessity for real-time strategic metrics has never been more critical. Information Security Management Metr

Information security cannot be effectively managed unless secure methods and standards are integrated into all phases of the information security life cycle. And, although the international community has been aggressively engaged in developing security standards for network and information security worldwide, there are few textbooks available that

According to the Brookings Institute, an organization's information and other intangible assets account for over 80 percent of its market value. As the primary sponsors and implementers of information security programs, it is essential for those in key leadership positions to possess a solid understanding of the constantly evolving fundamental conc

All too often, a simple lack of understanding of fundamental business concepts is enough to prevent capable scientists and engineers from receiving otherwise deserved promotions. These days, technical merit and hard work alone no longer guarantee upward mobility. For scientists and engineers with aspirations of moving up the corporate ladder a keen

Addressing the rapid evolution of global communications, this book provides step-by-step guidance on how to configure, enact, and manage the process of integrating mobile technology within an organization. The mobile enterprise transition (MET) process presented considers input from the four significant dimensions of an organization - economic, technical, process, and social - making it a well-rounded and complete process. Based on extensive research, literature review, and practical experimentation, this comprehensive text presents emerging best practices, exhaustive case studies, and examples of successful transitions. It also provides detailed references, and a glossary of key terms and commonly used acronyms.

Organization of data warehouses are vital but often ignored aspects of growing enterprises. This work merges technological know-how with managerial practices to show both the business manager and the IT professional how better alignment between data warehouse plans and business strategies can lead to a successful data warehouse adoption that will support the entire infrastructure. More complete than any other text in the field, this resource also addresses the managerial and strategic aspects of data warehouses, offering doable solutions that will allow for the strategic alignment of these warehouses while building them and ensuring that this alignment is sustained.

In early 2007, the Project Management Institute (PMI) piloted the now highly sought after Program Management Professional (PgMP) credential, reflecting the growing trend for organizations to coordinate the work done on numerous stand-alone projects into a cohesive program-type structure. Written by two successful PgMPs, Implementing Program Managem