IS Security Links

The combination of space, time, and strength that must be considered as the basic elements of this theory of defense makes this a fairly complicated matter. Consequently, it is not easy to find a fixed point of departure. -- On War, Carl von Clausewitz --

[HOME]

[Security Architecture]

(ISC)2

ISACA

INDEX:
[Links in China] [Laws & Regulations] [STANDARDS] [Emergency Response Centers] [Organizations] [Internet]

Links in China

State Council Information Office Information Security Section (Chinese)

The Ministry of Information Industry (Chinese)

Laws & Regulations (Chinese)

From the Web site of The State Council Information Office Information Security Section

Internet Information Services Regulations October 2000

Reports on Environment Science & Technology by Embassy EST Section and Consulates, The American Embassy in China

Green Hacker

一個非商業性的民間技術組織,主要面向網絡技術愛好者,會員均對黑客技術有濃厚興趣。

The Bad Boy Club

Law & Regulations

The Hong Kong Personal Data (Privacy) Ordinance

The Hong Kong Government Data Protection Act 1988

The legislation contained on this web site is subject to Crown Copyright protection. It may be reproduced free of charge provided that it is reproduced accurately and that the source and copyright status of the material is made evident to users.

China - Laws & Regulations (Chinese)

From the Web site of The State Council Information Office Information Security Section

China - Internet Information Services Regulations October 2000

Reports on Environment Science & Technology by Embassy EST Section and Consulates, The American Embassy in China

Standards

The Hong Kong University of Science and Technology
Internet Security Handbook, Edition 2

HK Information Technology Services Department IT Infrastructure and Standards IT Security
Guidelines on IT Security

BSI (British Standards Institute)
BS 7799

IETF (Internet Engineering Task Force)
Site Security Handbook

COBIT
The Information Systems Audit and Control Association (ISACA)

FISCAM (Federal Information System Controls Audit Manual)
GAO/AIMD-12.19.6, January 1999

GASSP
Generally Accepted System Security Principles sponsored by the International Information Security Foundation (I2SF)

NIST (National Institute of Standards and Technology)
Principles and Practices for Securing IT Systems

SysTrustTM
Principles and Criteria for Systems Reliability (AICPA), Version 2.0

Emergency Response Centres

Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT/CC)

The objective of HKCERT/CC is to provide a centralized contact on computer and network security incident reporting and response for local enterprises and Internet users in case of security incidents. It will coordinate response and recovery actions for reported incidents, help monitoring and disseminating information on security related issues, and provide advice on preventive measures against security threats.

National Infrastructure Protection Centre

The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity. The NIPC provides timely warnings of international threats, comprehensive analysis and law enforcement investigation and response.

Organization

International Information Systems Security Certification Consortium (ISC)2

The home page for the organization that actually sponsors and conducts the CISSP examinations. (ISC)2's only functions are issuing and maintaining certifications, and conducting review seminars on the Common Body of Knowledge.

Information Systems Audit and Control Association (ISACA)

Founded in 1969, ISACA sponsors international conferences, administers the globally respected CISA (Certified Information Systems Auditor) designation earned by more than 26,000 professionals worldwide, and develops globally applicable information systems (IS) auditing and control standards.

Razor

BindView's RAZOR is a worldwide team of cutting-edge security researchers. We are dedicated to advancing the state of the art in securing networks and computers. RAZOR develops the art by identifying new security holes and disclosing our results publicly, so that all may benefit from our research.

SecurityFocus

Numerous types of information, for free, to the internet community in the hopes that computer security will be improved through user education. The site is divided into several sections, called Focus Areas. Each Focus Area is centered on a particular subtopic of computer security, be it a specific operating system, vendor, or facet of security management.

SecurtiTeam

A central Security web site containing all the newest security information from various mailing lists, hacker channels and our own tools and knowledge.

Internet

The World Wide Web Consortium

The World Wide Web Consortium (W3C) develops interoperable technologies (specifications, guidelines, software, and tools) to lead the Web to its full potential as a forum for information, commerce, communication, and collective understanding.

The Internet Corporation of Assigned Names and Numbers

The Internet Corporation for Assigned Names and Numbers (ICANN) is a technical coordination body for the Internet. Created in October 1998 by a broad coalition of the Internet's business, technical, academic, and user communities, ICANN is assuming responsibility for a set of technical functions previously performed under U.S. government contract by The Internet Assigned Numbers Authority (IANA) and other groups.

Internet Mail Consortium

The Internet Mail Consortium is the only international organization focused on cooperatively managing and promoting the rapidly-expanding world of electronic mail on the Internet. The goals of the IMC include greatly expanding the role of mail on the Internet into areas such as commerce and entertainment, advancing new Internet mail technologies, and making it easier for all Internet users, particularly novices, to get the most out of this growing communications medium.