You've requested...

Share this with your colleagues:

Computer Weekly 8 November 2011: Read this week's issue of the UK's leading technology publication, with the news, analysis and opinion that matters to IT managers.

If a new window did not open, click here to view this asset.

Download this next:

How to configure Mac OS X Server

 


In the previous article in this series, we showed you how to secure a Mac using the functions built into its operating system, OS X.

 

These functions range from simple password protection and patch management through to full-disk encryption.

 

However, these are not the only security functions available. Indeed, OS X has a whole security and management infrastructure available for administrators called Managed Preferences, which can be managed most easily using OS X Server.

 

Capable of running on any Mac that can run OS X 10.8, it is priced at £13.99 for unlimited client connections, so easily affordable.

 

Apple also sells a customised Mac mini desktop computer with improved storage capabilities, which comes with OS X Server installed for small and medium-sized companies, as well as workgroups, which want a dedicated machine.

 

In this article, we’ll show you just a couple of the security features of OS X Server: global password policies and data loss prevention

 

Contents:

           

  •  Configuring Mac OS X Server for the first time
  • Types of user account
  • Setting up a global password policy
  • Creating a network user
  • Managing preferences
  • Binding clients
  • Next steps

 

 

Click on the button below to download this report

These are also closely related to: "Computer Weekly 8 November 2011: Read this week's issue of the UK's leading technology publication, with the news, analysis and opinion that matters to IT managers."

  • Smart cards: security risks

     

     

    Version 3 of the Java Card smart card specification, released in March 2008, overhauled the technical architecture of the smart card.

     

    The Connected Edition of the specification introduced a significantly enhanced execution environment and a new virtual machine. It includes new network-oriented features, support for web applications with new Servlet APIs, multi-threading and support for applets with extended and advanced capabilities.

     

    Such features add complexity to the smart card platform and the hosted applications, increasing the attack surface and introducing a multitude of vulnerabilities. The security models, testing and risk management programmes must cater for these susceptibilities.

     

    In this article we consider the new features of the Connected Edition and identify some of the security problems that developers need to be aware of.

     

    Click on the button to download this report

     

    Royal Holloway Information Security Thesis Series

  • Protecting against modern password cracking

     

     

    Protecting against modern password cracking

     

    By Yiannis Chrysanthou  and Allan Tomlinson

     

    Attackers are increasingly turning to human psychology and the study of password selection patterns among user groups to develop sophisticated techniques that can quickly and effectively recover passwords.

     

    Passwords are commonly protected by applying a one-way cryptographic algorithm that produces a hash of set length given any password as input. However, cryptography can only protect something to the point where the only feasible attack on the encrypted secret is to try to guess it. When it comes to passwords, guessing can be easy.

     

    Passwords are insecure by nature because they are used to prevent humans from guessing a small secret created by humans themselves.

     

    This article shows that guessing passwords is as easy as creating them: most commonly used passwords are easy to guess and harder passwords are almost never used.

     


     

    Royal Holloway Information Security Thesis Series

     

Find more content like what you just read: