Publications
​
Application Security Checklist, Bristol Myers Squibb, 2005
The checklist provides a guideline for designing security into an application. It addresses processes, procedures, architecture and good programming practices.
Application Security Test Guidelines, Bristol Myers Squibb, 2005
The Test guidelines are designed to provide guidance on techniques to appropriately test security requirements.
Application Security Requirements, Bristol Myers Squibb, 2004
The requirements are a risk based approach designed to address security in all applications based upon the data sensitivity and business criticality.
Hacker Software Demonstration, DIMACS, Dec. 1996
A discussion and demonstration of state of the art hacker tools including trojan horses, ip spoofers and denial of service attacks.
Wireless Data Communication Security, Bellcore TM-25582, Sept. 1996
The document provides an overview of wireless data communications technologies and the
security implications of each technology.
Defending the UNIX Perimeter, LAN, The Network Solutions Magazine, Oct. 1995
A document discussing the security requirements for a UNIX network.
Cisco Router Security Requirements in IOS 9.X and 10.X, Bellcore TM-24896, Sept. 1995.
The document evaluates the security features of Cisco IOS 9.X and 10.X from the perspective of management access to the router (telnet, SNMP, etc.) and routing traffic requirements (e.g., traffic filtering requirements).
Router Security Requirements, Bellcore TM-24896, March 1995.
The document defines security requirements for routers in data communications networks. Security for router access and routing traffic requirements (e.g., traffic filtering requirements).
Remote Access and Telecommuting Security Checklist, TelcordiaTM-24444, December 1994.
The document provides a security checklist for business partner access, remote site and employee access from home. It addresses remote node and extending the LAN; technologies include personal computer access, terminal access, LAN, PPP, and ISDN access.