Building Security - Explore the Science & Experts | ideXlab

Scan Science and Technology

Contact Leading Edge Experts & Companies

Building Security

The Experts below are selected from a list of 1728 Experts worldwide ranked by ideXlab platform

Gregory Mcgraw – 1st expert on this subject based on the ideXlab platform

  • Four Software Security Findings
    Computer, 2016
    Co-Authors: Gregory Mcgraw

    Abstract:

    Analyzing data from 78 firms using the Building Security In Maturity Model (BSIMM) revealed four truths about software Security that will help firms protect and secure their assets. © 2016 IEEE.

  • Cyber War is Inevitable (Unless We Build Security In)
    Journal of Strategic Studies, 2013
    Co-Authors: Gregory Mcgraw

    Abstract:

    The information systems controlling our critical infrastructure are vulnerable to cyber attack. Cyber war is therefore inevitable unless we improve our cyber defenses. The only way to do this is by Building Security into systems at the design stage.

  • Building Security In maturity model
    2012 Faulkner Information Services, 2011
    Co-Authors: Gregory Mcgraw, Gary Mcgraw, Brian Chess, Sammy Miques

    Abstract:

    The Building Security In Maturity Model (BSIMM) is the result of a multi-year study of real- world software Security initiatives. We present the model as built directly out of data observed in forty-two software Security initiatives, from firms including: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Fannie Mae, Fidelity, Google, Intel, Intuit, Mashery, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, SAP, Scripps Networks Interactive, Sony Ericsson, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, Visa, VMware, Wells Fargo, and Zynga. The BSIMM is a measuring stick for software Security. The best way to use the BSIMM is to compare and contrast your own initiative with the data presented in the BSIMM. You can then identify goals and objectives of your own and look to the BSIMM to determine which further activities make sense for you. The BSIMM data show that high maturity initiatives are well rounded—carrying out numerous activities in all twelve of the practices described by the model. The model also describes how mature software Security initiatives evolve, change, and improve over time.

Gary Mcgraw – 2nd expert on this subject based on the ideXlab platform

  • Software Security and the Building Security in maturity model (BSIMM)
    Journal of Computing Sciences in Colleges, 2015
    Co-Authors: Gary Mcgraw

    Abstract:

    Using the framework described in my book “Software Security: Building Security In” I will discuss and describe the state of the practice in software Security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software Security has made great progress over the last decade. Of the many large-scale software Security initiatives we are aware of, sixty-seven — all household names — are currently included in the BSIMM study. Those companies among the sixty-seven who graciously agreed to be identified include: Adobe, Aetna, Bank of America, Box, Capital One, Comerica Bank, EMC, Epsilon, F-Secure, Fannie Mae, Fidelity, Goldman Sachs, HSBC, Intel, Intuit, JPMorgan Chase & Co., Lender Processing Services Inc., Marks and Spencer, Mashery, McAfee, McKesson, Microsoft, NetSuite, Neustar, Nokia, Nokia Siemens Networks, PayPal, Pearson Learning Technologies, QUALCOMM, Rackspace, Salesforce, Sallie Mae, SAP, Sony Mobile, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, TomTom, Vanguard, Visa, VMware, Wells Fargo, and Zynga. The BSIMM was created by observing and analyzing real-world data from leading software Security initiatives. The BSIMM can help you determine how your organization compares to other real software Security initiatives and what steps can be taken to make your approach more effective.

  • Security fatigue? Shift your paradigm
    Computer, 2014
    Co-Authors: Gary Mcgraw

    Abstract:

    Software Security is the fastest growing paradigm in the IT Security field, and the Building Security in Maturity Model (BSIMM) project offers real-world measurements for assessment.

  • Building Security In maturity model
    2012 Faulkner Information Services, 2011
    Co-Authors: Gregory Mcgraw, Gary Mcgraw, Brian Chess, Sammy Miques

    Abstract:

    The Building Security In Maturity Model (BSIMM) is the result of a multi-year study of real- world software Security initiatives. We present the model as built directly out of data observed in forty-two software Security initiatives, from firms including: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Fannie Mae, Fidelity, Google, Intel, Intuit, Mashery, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, SAP, Scripps Networks Interactive, Sony Ericsson, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, Visa, VMware, Wells Fargo, and Zynga. The BSIMM is a measuring stick for software Security. The best way to use the BSIMM is to compare and contrast your own initiative with the data presented in the BSIMM. You can then identify goals and objectives of your own and look to the BSIMM to determine which further activities make sense for you. The BSIMM data show that high maturity initiatives are well rounded—carrying out numerous activities in all twelve of the practices described by the model. The model also describes how mature software Security initiatives evolve, change, and improve over time.

Syazilawati Mohamed – 3rd expert on this subject based on the ideXlab platform

  • CSIE (6) – Design of Fusion Classifiers for Voice-Based Access Control System of Building Security
    2009 WRI World Congress on Computer Science and Information Engineering, 2009
    Co-Authors: Syazilawati Mohamed, Wahyudi Martono

    Abstract:

    Secure Buildings are currently protected from unauthorized access by a variety of devices. Nowadays, there are many kinds of devices to guarantee the Building Security such as PIN pads, keys both conventional and electronic, identity cards, cryptographic and dual control procedures. In this paper, voice-based biometric system is introduced for access control. The ability to verify the identity of a person by analyzing his/her speech, or speaker verification, is an attractive and relatively unobtrusive means of providing Security for admission into an important or secured place. An individual’s voice cannot be stolen, lost, forgotten, guessed, or impersonated with accuracy. In the field of speaker verification, the main objective is to achieve the highest possible classification accuracy. The proposed system focused on combining the classification scores. In score fusion, each feature set is modeled separately, and the output score of the classifiers are combined to give the overall match score. Furthermore, for each classifier score, an a priori weight is set based on the level of confidence of the feature set and the classifier. The classifiers involved in this work are Gaussian Mixture Models (GMMs), Multilayer Feedforward Network (MFN) and Support Vector Machines (SVMs). Experimental result confirms that in terms of false acceptance rate (FAR) and false rejection rate (FRR), the Fusion Classifiers is effective to use in the proposed system.

  • Design of Fusion Classifiers for Voice-Based Access Control System of Building Security
    2009 WRI World Congress on Computer Science and Information Engineering, 2009
    Co-Authors: Syazilawati Mohamed, Wahyudi Martono

    Abstract:

    Secure Buildings are currently protected from unauthorized access by a variety of devices. Nowadays, there are many kinds of devices to guarantee the Building Security such as PIN pads, keys both conventional and electronic, identity cards, cryptographic and dual control procedures. In this paper, voice-based biometric system is introduced for access control. The ability to verify the identity of a person by analyzing his/her speech, or speaker verification, is an attractive and relatively unobtrusive means of providing Security for admission into an important or secured place. An individualpsilas voice cannot be stolen, lost, forgotten, guessed, or impersonated with accuracy. In the field of speaker verification, the main objective is to achieve the highest possible classification accuracy. The proposed system focused on combining the classification scores. In score fusion, each feature set is modeled separately, and the output score of the classifiers are combined to give the overall match score. Furthermore, for each classifier score, an a priori weight is set based on the level of confidence of the feature set and the classifier. The classifiers involved in this work are Gaussian mixture models (GMMs), multilayer feedforward network (MFN) and support vector machines (SVMs). Experimental result confirms that in terms of false acceptance rate (FAR) and false rejection rate (FRR), the fusion classifiers is effective to use in the proposed system.

  • A Comparison of Gaussian Mixture and Artificial Neural Network Models for Voiced-based Access Control System of Building Security
    INTERNATIONAL SYMPOSIUM OF INFORMATION TECHNOLOGY 2008 VOLS 1-4 PROCEEDINGS: COGNITIVE INFORMATICS: BRIDGING NATURAL AND ARTIFICIAL KNOWLEDGE, 2008
    Co-Authors: Winda Astuti, Syazilawati Mohamed

    Abstract:

    Secure Buildings are currently protected from unauthorized access by a
    variety of devices. Nowadays, there are many kinds of devices to
    guarantee the Building Security such as PIN pods, keys both conventional
    and electronic, identity cards, cryptographic and dual control
    procedures. However, these conventional devices can be stolen,
    forgotten, lost, guessed or impersonated with accuracy. Biometric system
    based on behavioral and/or physiological characteristics of person
    becomes popular as an alternative method to overcome the problem of
    conventional method In this paper, voice-based biometric system is
    introduced for access control of Building Security. The ability to
    verify the identity of a person by analyzing his/her speech, or speaker
    verification, is an attractive and relatively unobtrusive means of
    providing Security for admission into an important or secured place. An
    individual’s voice cannot be stolen, lost, forgotten, guessed, or
    impersonated with accuracy. In the proposed system, the access may be
    authorized simply by means of an enrolled user speaking into a
    microphone attached to the system. The proposed system then will decide
    whether to accept or reject the user’s identity claim or possibly to
    report insufficient confidence and request additional input before
    making the decision. Two approaches are adopted and evaluated to model
    the authorized persons, namely classical Gaussian Mixture Model (GMM)
    and artificial neural network (ANN). Experimental result confirms that
    in terms of false acceptance rate (FAR) and false rejection rate (FRR),
    the proposed voice-based access control with ANN model is better than
    that with GMM.