Contents
November/December 2008

Announcement
IEEE Security & Privacy has begun expanding into a new format. As part of Computing Now, S&P will now give you free access to peer-reviewed articles and departments from all of the IEEE Computer Society's 14 magazines. To sign up for regular updates, visit http://computingnow.computer.org/newsletter.

FEATURES

GUEST EDITORS' INTRODUCTION
Process Control System Security: Bootstrapping a Legacy
Charles C. Palmer and Ron Trellue
Internet connectivity is just one of the concerns that has led to an increased focus on improving cyber security protection in process or industrial control systems. In this special issue, a vendor reviews the concerns and researchers provide recommendations that can lead to improved security.

DEPARTMENTS

ATTACK TRENDS

Five User-Customizable Web Site Security Features
Jeremiah Grossman
Few organizations take full advantage of the value their users can provide toward the security of their Web site. Users who care about the data they’ve entrusted to a Web site are naturally inclined to assist if properly engaged. They can be extremely responsive in raising red flags if and when an incident occurs, probably faster in many cases than an intrusion detection system (IDS). Here, the author offers five user-customizable security features, most of which, if not all, have been seen on the Web, which helps make the Web site more inline with customers’ security expectations.

BASIC TRAINING

Introduction to Microsoft .NET Security
Chengyun Chu
STo build secure applications using the Microsoft .NET Framework, two things are important: understanding the framework and its security features, such as Code Access Security (CAS), and applying .NET secure coding best practices in the development process. This article addresses both these topics.

Table of Contents RSS: Subscribe to our Table of Contents RSS feed and be among the first to find out what's new in each issue. For more information on how to use this feed, click here.