وبلاگ بلیان

Electronic Safety and Soundness: Securing Finance in a New Age (World Bank Working Papers)

معرفی کتاب «Electronic Safety and Soundness: Securing Finance in a New Age (World Bank Working Papers)» نوشتهٔ Thomas C Glaessner; Tom Kellermann; Valerie McNevin; Banque mondiale، منتشرشده توسط نشر World Bank Publications در سال 2004. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

'Electronic Safety and Soundness' identifies and discusses four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. First, the monograph defines electronic finance and electronic security (e-security) and explains why these areas require attention. Next, it presents a picture of the emerging global security industry. Then, it develops a risk management framework to assist policymakers and practitioners in understanding the tradeoffs and risks inherent in using an open network infrastructure. The book also provides examples of tradeoffs that may arise with respect to technological innovations, privacy, quality of service, and security in the design of an e-security policy framework. Finally, it outlines issues in four critical and interrelated areas that require attention in the building of an adequate e-security infrastructure. These are: (i) the legal, regulatory, and enforcement framework; (ii) external and internal monitoring of e-security practices; (iii) public-private sector cooperation; and (iv) the business case for practicing layered e-security. This title is intended for policy makers in the area of electronic security and those working with financial services providers. The detailed annexes will be of particular interest to chief information and security officers, and others responsible for securing network systems. 082135759X......Page 1 TABLE OF CONTENTS......Page 5 Foreword......Page 7 Abstract......Page 9 Preface......Page 11 Executive Summary......Page 13 1. Introduction to E-Security......Page 17 2. Policy Framework......Page 29 3. Legal and Regulatory Framework (Pillar 1)......Page 43 4. External Monitoring of E-Security Practices (Pillar 2)......Page 51 5. Certifications, Policies, Standards, and Procedures (Pillar 3)......Page 65 6. Twelve Layers of Security (Pillar 4)......Page 77 Annex A: Selected Public E-Security Incidents......Page 91 Annex B: Types of E-Fraud......Page 99 Annex C: Worldwide E-Security Industry......Page 107 Annex D: Risk Management: A Blueprint for Layered Security......Page 113 Annex E: Identity Management: Authentication and Non-Repudiation......Page 137 Annex F: Wireless Vulnerabilities......Page 155 Glossary......Page 169 References......Page 181 Box 1.1: Money Laundering......Page 25 Box 1.2: Selected Country Case Studies......Page 27 Box 2.1: G8 Principles for Protecting Critical Information Infrastructures 2003......Page 31 Box 2.2: The Electronic Security Industry: Imperfect Competition......Page 32 Box 3.1: Money Transmitters and Internet Service Providers......Page 46 Box 4.1: Principles for Managing Risk in Online Banking......Page 52 Box 4.2: ISO/IEC 13335 Information Technology—Security Techniques—Guidelines for the Management of IT Security GMITS......Page 57 Box 6.1: Instant Messaging......Page 84 Box 6.2: Blended Threats......Page 85 Box 6.3: Survivable System Development......Page 90 Box B.1: Voice-over-IP (VOIP)......Page 101 Box B.2: Case Study: Bugbear.B......Page 102 Box B.3: Identity Theft: Abraham Abdallah......Page 104 Box C.1: Evolution of Technology and International Standards......Page 111 Box D.1: BITs Master Security Criteria......Page 115 Box D.2: The Future of Access Controls......Page 116 Box D.3: Next Generation Instruction Detection System......Page 120 Box D.4: SQL Vulnerability......Page 121 Figure 1.1: E-Finance Penetration: 2000 and Projected Rates for 2005 and 2010......Page 22 Figure 1.2: Number of Incidents Reported by CERT, Worldwide......Page 24 Figure 6.1: Five Layers of Data Flow......Page 79 Table B.1: Potential Losses from a Denial of Service Attack......Page 103 Figure C.1: E-Security Industry and E-Finance......Page 108 Figure E.1: Biometric Iris Scan......Page 143 Figure E.2: Biometric Fingerprint Scan......Page 144 Figure E.3: Access Control Terminal......Page 145 Figure E.4: Biometric Facial Scan......Page 146 Figure E.6: Global Positioning Biometrics......Page 147 Figure E.7: Generation of Digital Signatures......Page 149 Figure E.8: Authentication Using Digital Certificates and Certificate Authorities......Page 150 Figure F.1: A GSM Hack......Page 160 Figure F.2: Diagram of a Virtual Private Network......Page 162 Table 1.1: Global Connectivity Trends......Page 23 Table F.1: The Wide Range of Mobile Services......Page 156 "This Working Paper and its technical annexes identify and discuss four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. Hence, it is intended for those formulating policies in the area of electronic security and those working with financial services providers (such as executives and management). The detailed annexes of this monograph are relevant for chief information and security officers and others who are responsible for securing network systems." --Résumé de l'éditeur "This Working Paper and its technical annexes identify and discuss four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. Hence, it is intended for those formulating policies in the area of electronic security and those working with financial services providers (such as executives and management). The detailed annexes of this monograph are relevant for chief information and security officers and others who are responsible for securing network systems."--Jacket Thomas Glaessner, Tom Kellermann, Valerie Mcnevin. Includes Bibliographical References (p. 169-174).
دانلود کتاب Electronic Safety and Soundness: Securing Finance in a New Age (World Bank Working Papers)