Network/Security Talking Points. ECI Workshop NSF 6-7 Dec 2004
|
|
- Deborah Powers
- 8 years ago
- Views:
Transcription
1 Network/Security Talking Points ECI Workshop NSF 6-7 Dec 2004
2 Major Topics for Discussion Networking Trends : Bigger, Faster Cheaper but it s the software, stupid Security Concerns User Identification Role-based Authorization Data integrity Data Security Privacy
3 Networking in the 21 st Century National 10-gigabit research networks TeraGrid, National LambaRail Internet2 backbone to go beyond 10 Gigabits International connections at 10+ Gbits and growing Shared/distributed datasets can be quite large Networking and application software have a long ways to go to effectively utilize this this resource
4 National Lambda Rail Consortium of GigaPOPs that collectively own 1000 s of miles of fiber Multiple 10-gigabit networks running on this fiber (DWDM) NLR Map Source: John Silvester, Dave Reese, Tom West, CENIC
5 Driving Observations! Aggregate carrying capacity of fiber is doubling faster than yearly! DWDM (long-haul), CWDM (Metro, Campus)! Each fiber carries multiple signals differentiated by color! System network interface increases by O(10) ~ every 5 years! This is on Moore s curve, not on the fiber curve " Over the next decade, the external bandwidth to a collection of machines (cluster) roughly matches their aggregate BW Value of the external network changes Aside: NIC bandwidth approaches memory bandwidth
6 Reality The Clogged (and ossified) Internet < 50Mbps is Common File Transport, NASA EOSDIS Source: Bernard Minster, SIO, UCSD
7 Critical Networking Challenge Observe that networks are getting significantly faster Learn to design software for this future environment MIT Athena Project took this exact approach with X-Windows
8 Security User Identification Globus team proposed 10 years ago that public key cryptography and user credential management was an essential building block for mutually authenticating single sign on grids (GSI) Right technology Too hard for users with the current state of tools (this is improving)
9 How Single Sign On Works (Abbreviated) User requests a public/private key pair from a certificate authority (CA) CA issues pair to user, records the footprint and makes the user responsible for management User creates a grid proxy (time limited) from private key. Proxy can be validated with the user s public key. Proxy is transferred to a site as the identity of the user If the proxy is valid If the site trusts the issuer of the user s certificate If the site can match the valid identity to a local account If the local account is in good standing Then, the user is signed onto the grid resource
10 Identity Management is Step 0 Real-world problems Explicit certificate management by users is untenable Users lose passwords Users lose private/public keypairs Users mistakenly transmit passwords in the clear because private key is on a shared resource (eg. NFS share). Sites read too much into what a certificate Certifies Emerging common solution A grid certificate bank holds private/public keypairs Using only a small number of access mechanisms, the bank will generate a proxy on behalf of the user (e.g. MyProxy or CAS) Users only see username/passwords This is only the initialization step, Grids still have to understand what roles a particular user has.
11 Identity Management Challenge #1 It is easy to build Certificate Authorities (eg. One for NEON, one GEON, one for Teragrid, ) It is more difficult to get other sites to accept the a foreign CA signing policy Identity Trust/Transformation Systems (Eg. Shibboleth) can ease this.?? For all grid based science Build or Buy a CA? Second challenge, what happens when a user has multiple certificates? (E.g. which passport does a dual citizen use to enter a country) Third Challenge what do you read into the identity provided by a certificate?
12 Authorization Identity just says who, not what is allowed Role-based authorization is one essential A dearth of tools of exist in this area
13 Data Integrity How do you validate data that resides in an archive Do not believe that magnetic storage systems (eg. Disk) don t mangle bits. bit rot is real. How do you validate data that is coming from sensors? How do you provide data provenance for derived data?
14 Data Security End-to-End Encryption is the only type of encryption that can be reasoned about (transmission security) How do you audit who has accessed/changed data? User (and machine) authorization (eg. Derived from GSI credentials) is critical Can you watermark digital data so that the original source is embedded in the complete set
15 Data Privacy Can outsiders determine who has accessed what on the grid?
CENIC and CALREN An Update
CENIC and CALREN An Update John Silvester Chair of the CENIC Board Vice-Provost for Scholarly Technology, University of Southern California 5 o Workshop RNP2 Gramado, Brasil May 13 th, 2004 CENIC History
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationGT 6.0 GSI C Security: Key Concepts
GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the
More informationSecurity in OSG. Tuesday afternoon, 3:15pm. Igor Sfiligoi <isfiligoi@ucsd.edu> Member of the OSG Security team University of California San Diego
Security in OSG Tuesday afternoon, 3:15pm Igor Sfiligoi Member of the OSG Security team University of California San Diego Logistical reminder It is OK to ask questions - During the
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationScaling TeraGrid Access: A Testbed for Identity Management and Attribute-based Authorization
TERAGRID 2007 CONFERENCE, MADISON, WI 1 Scaling TeraGrid Access: A Testbed for Identity Management and Attribute-based Authorization Von Welch, Ian Foster, Tom Scavo, Frank Siebenlist, Charlie Catlett,
More informationSingle Sign-On: Reviewing the Field
Outline Michael Grundmann Erhard Pointl Johannes Kepler University Linz January 16, 2009 Outline 1 Why Single Sign-On? 2 3 Criteria Categorization 4 Overview shibboleth 5 Outline Why Single Sign-On? Why
More informationGlobus and the Centralized Research Data Infrastructure at CU Boulder
Globus and the Centralized Research Data Infrastructure at CU Boulder Daniel Milroy, daniel.milroy@colorado.edu Conan Moore, conan.moore@colorado.edu Thomas Hauser, thomas.hauser@colorado.edu Peter Ruprecht,
More informationData Movement and Storage. Drew Dolgert and previous contributors
Data Movement and Storage Drew Dolgert and previous contributors Data Intensive Computing Location Viewing Manipulation Storage Movement Sharing Interpretation $HOME $WORK $SCRATCH 72 is a Lot, Right?
More informationGRID COMPUTING Techniques and Applications BARRY WILKINSON
GRID COMPUTING Techniques and Applications BARRY WILKINSON Contents Preface About the Author CHAPTER 1 INTRODUCTION TO GRID COMPUTING 1 1.1 Grid Computing Concept 1 1.2 History of Distributed Computing
More informationThe Importance of High Customer Experience
SoftLayer Investments Drive Growth and Improved Customer Experience A Neovise Vendor Perspective Report 2010 Neovise, LLC. All Rights Reserved. Executive Summary Hosting and datacenter services provider
More informationManaging Credentials with
Managing Credentials with MyProxy Jim Basney National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu http://myproxy.ncsa.uiuc.edu/ What is MyProxy? A service for managing
More informationCloud Computing. Lecture 5 Grid Security 2014-2015
Cloud Computing Lecture 5 Grid Security 2014-2015 Up until now Introduction. Definition of Cloud Computing. Grid Computing: Schedulers Globus Toolkit Summary Grid Security TLS WS-Security Proxy certificates
More informationCredibly secure cloud storage with elfcloud
Credibly secure cloud storage with elfcloud Privacy of private clouds with the cost of the public cloud Datacenter IaaS workshop 2014 / 12.9.2014 Tuomas Tonteri Founder and CEO Abstract elfcloud is a Finland
More informationMemeo C1 Secure File Transfer and Compliance
Overview and analysis of Memeo C1 and SSAE16 & SOX Compliance Requirements Memeo C1 Secure File Transfer and Compliance Comply360, Inc Contents Executive Summary... 2 Overview... 2 Scope of Evaluation...
More informationEvolution of telecom network infrastructure for broadcast and interactive applications
Evolution of telecom network infrastructure for broadcast and interactive applications Fabio Tassara Business Development Director Alcatel-Lucent Optics Networks 2007 To IP and beyond! European Broadcasting
More informationCertificates in a Nutshell. Jens Jensen, STFC Leader of EUDAT AAI TF
Certificates in a Nutshell Jens Jensen, STFC Leader of EUDAT AAI TF In a nutshell... Mature, Robust, Ubiquitous Have been around for decades Interoperable supported by every OS, every language Used everywhere
More informationDemystifying Wireless for Real-World Measurement Applications
Proceedings of the IMAC-XXVIII February 1 4, 2010, Jacksonville, Florida USA 2010 Society for Experimental Mechanics Inc. Demystifying Wireless for Real-World Measurement Applications Kurt Veggeberg, Business,
More informationMINIMUM SECURITY REQUIREMENTS OF THE PROJECT
HELLENIC ELECTRICITY DISTRIBUTION NETWORK OPERATOR S.A. NOTICE OF CALL FOR TENDERS No ND-xxx PROJECT: Pilot Telemetering and Management System for the Electric Power Supply Demand by Residential and Small
More informationGlobus Toolkit: Authentication and Credential Translation
Globus Toolkit: Authentication and Credential Translation JET Workshop, April 14, 2004 Frank Siebenlist franks@mcs.anl.gov http://www.globus.org/ Copyright (c) 2002 University of Chicago and The University
More informationBoulder Research and Administration Network (BRAN), Front Range GigaPoP (FRGP), Bi-State Optical Network (BiSON)
Boulder Research and Administration Network (BRAN), Front Range GigaPoP (FRGP), Bi-State Optical Network (BiSON) Marla Meehl UCAR/FRGP/BiSON Manager UCAR/NCAR 2014-04-29 1 2 Colorado Network History NSFnet
More informationPRIVACY, SECURITY AND THE VOLLY SERVICE
PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers
More information10G CWDM Conversion Technology
10G CWDM Conversion Technology Simplifying Today s Challenges By Transition Networks Curt Carlson Product Manager curtc@transition.com com Agenda WDM Technology Overview What are the features/benefits
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: University of Lethbridge 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert authoritative and accurate identity attributes to resources
More informationJeff's Crystal Ball, and theisco Extreme Network Infrastructure
Jeff's Crystal Ball (and other related matters) Jeffrey I. Schiller Information Services and Technology Page 1 Introduction Thank you for coming to a session where the agenda wasn't published! I'm going
More informationInca User-level Grid Monitoring
Inca User-level Grid Monitoring Shava Smallen ssmallen@sdsc.edu SC 09 November 17, 2009 Goal: reliable grid software and services for users Over 750 TF Over 30 PB of online and archival data storage Connected
More informationHigh Security Online Backup. A Cyphertite White Paper February, 2013. Cloud-Based Backup Storage Threat Models
A Cyphertite White Paper February, 2013 Cloud-Based Backup Storage Threat Models PG. 1 Definition of Terms Secrets Passphrase: The secrets passphrase is the passphrase used to decrypt the 2 encrypted 256-bit
More informationB U S I N E S S G U I D E
VeriSign Microsoft Office/Visual Basic for Applications (VBA) Code Signing Digital Certificates Realizing the Possibilities of Internet Software Distribution CONTENTS + What Is Developer Code Signing?
More informationIGI Portal architecture and interaction with a CA- online
IGI Portal architecture and interaction with a CA- online Abstract In the framework of the Italian Grid Infrastructure, we are designing a web portal for the grid and cloud services provisioning. In following
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationSecure Federated Light-weight Web Portals for FusionGrid
Secure Federated Light-weight Web Portals for FusionGrid By: D. Aswath, M. Thompson, M. Goode, X. Lee, N. Y. Kim Presented by: Dipti Aswath GCE Workshop 2006 Second International Workshop on Grid Computing
More informationOVERVIEW. IQmedia Networks Technical Brief
IQmedia Networks Technical Brief From enterprise-sized corporations, to simple home-based businesses, all companies have information that is important to their success and that needs to be protected. Data
More informationCabling & Test Considerations for 10 Gigabit Ethernet LAN
Introduction Current communication data rates in local networks range from 10/100 megabits per second (Mbps) in Ethernet to 1 gigabit per second (Gbps) in fiber distributed data interface (FDDI) and Gigabit
More informationConfiguring and Monitoring the Client Desktop Component
Configuring and Monitoring the Client Desktop Component eg Enterprise v5.6 Restricted Rights Legend The information contained in this document is confidential and subject to change without notice. No part
More informationSecuring your Online Data Transfer with SSL
Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does
More informationOutline Introduction to Internet, Intranet and Extranet. What is an Intranet? by Awad. Basic Intranet-enabling Technology [Awad, chapter 4]
Outline Introduction to Internet, and Yan Wang E6A 339 yan.wang@mq.edu.au Internet Ultranet" 1 2 What is an? by Awad Basic -enabling Technology [Awad, chapter 4] A cluster of networked computers within
More informationTHE INTERNET DATA VAULT
THE INTERNET DATA VAULT From enterprise-sized corporations, to simple home-based businesses, all companies have information that is important to their success and that needs to be protected. Data storage
More informationStrategies for the implementation of a Public Key Authentication Framework (PKAF) in Australia
Miscellaneous Publication Strategies for the implementation of a Public Key Authentication Framework (PKAF) in Australia SAA MP75 1996 STRATEGIES FOR THE IMPLEMENTATION OF A PUBLIC KEY AUTHENTICATION FRAMEWORK
More informationSecuring your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.
More informationMobile OTPK Technology for Online Digital Signatures. Dec 15, 2015
Mobile OTPK Technology for Online Digital Signatures Dec 15, 2015 Presentation Agenda The presentation will cover Background Traditional PKI What are the issued faced? Alternative technology Introduction
More informationPKI: Public Key Infrastructure
PKI: Public Key Infrastructure What is it, and why should I care? Conference on Higher Education Computing in Kansas June 3, 2004 Wes Hubert Information Services The University of Kansas Why? PKI adoption
More informationSmart Cards for Payment Systems
White Paper Smart Cards for Payment Systems An Introductory Paper describing how Thales e-security can help banks migrate to Smart Card Technology Background In this paper: Background 1 The Solution 2
More informationENROLMENT GUIDE FOR MCACert
ENROLMENT GUIDE FOR MCACert Congratulations! You are about to become the proud owner of a Digital Signature Certificate issued by SafeScrypt, India s first Licensed Certifying Authority, under the aegis
More informationDr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C
Cunsheng Ding, HKUST Lecture 06: Public-Key Infrastructure Main Topics of this Lecture 1. Digital certificate 2. Certificate authority (CA) 3. Public key infrastructure (PKI) Page 1 Part I: Digital Certificates
More informationPACE Predictive Analytics Center of Excellence @ San Diego Supercomputer Center, UCSD. Natasha Balac, Ph.D.
PACE Predictive Analytics Center of Excellence @ San Diego Supercomputer Center, UCSD Natasha Balac, Ph.D. Brief History of SDSC 1985-1997: NSF national supercomputer center; managed by General Atomics
More informationIVOA Single Sign-On security
IVOA Single Sign-On security Guy Rixon Presentation to ACCIS meeting Caltech, February 2007 Grid of secured services VOSpace App-server Restricted archive IVOA SSO, ACCIS meeting, February 2007 2 Client-server
More informationShibboleth Federation. Manabu Higashida manabu@cmc.osaka-u.ac.jp
On Issuing Grid User Certificates based on MICS profile using Shibboleth Federation 2009/03/03 Manabu Higashida manabu@cmc.osaka-u.ac.jp Outline Motivation On Issuing Grid User Ceritificates based on MICS
More information2 Transport-level and Message-level Security
Globus Toolkit Version 4 Grid Security Infrastructure: A Standards Perspective The Globus Security Team 1 Version 4 updated September 12, 2005 Abstract This document provides an overview of the Grid Security
More informationThe Bus (PCI and PCI-Express)
4 Jan, 2008 The Bus (PCI and PCI-Express) The CPU, memory, disks, and all the other devices in a computer have to be able to communicate and exchange data. The technology that connects them is called the
More informationEconomic issues of (broadband) access networks. C. Courcoubetis
Economic issues of (broadband) access networks Topics Broadband access networks* Economics of deployment* Municipal access networks * WIK Consult: The economics of NGA Economics of access - 2 The importance
More informationUser Manual. For. Digitally Signing of your application
User Manual For Digitally Signing of your application How to Digital Signature In your Application Digital Signature: A digital signature is an electronic form of a signature that can be used to authenticate
More informationKey Management Interoperability Protocol (KMIP)
(KMIP) Addressing the Need for Standardization in Enterprise Key Management Version 1.0, May 20, 2009 Copyright 2009 by the Organization for the Advancement of Structured Information Standards (OASIS).
More informationEnabling SSL and Client Certificates on the SAP J2EE Engine
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs SAP AG 1 Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine
More informationFCC Healthcare Connect Fund
FCC Healthcare Connect Fund Network Plan Brazos Valley Council of Governments Created April 29, 2015 1. Network Plan Narrative The CoGnet consortium consists of health care delivery entities that operate
More informationUsing the MyProxy Online Credential Repository
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu What is MyProxy? Independent Globus Toolkit add-on
More informationTRUST RELATIONSHIPS AND SINGLE SIGN-ON IN GRID BASED DATA WAREHOUSES
TRUST RELATIONSHIPS AND SINGLE SIGN-ON IN GRID BASED DATA WAREHOUSES Xiaoyu Li a and Maree Pather b a Department of Information Technology, Nelson Mandela Metropolitan University b Department of Applied
More informationC20.0001 Information Systems for Managers Fall 1999
New York University, Leonard N. Stern School of Business C20.0001 Information Systems for Managers Fall 1999 Networking Fundamentals A network comprises two or more computers that have been connected in
More informationUnderstanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions
A Fundamental Requirement for Internet Transactions May 2007 Copyright 2007 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationBroadband Cable Service Deployment at WorldCall Telecom - Pakistan. Hassan Zaheer Manager Operations Broadband Division
Broadband Cable Service Deployment at WorldCall Telecom - Pakistan Hassan Zaheer Manager Operations Broadband Division Broadband Cable Cable services provides Intelligent network Mix of IP and MPEG Multiple
More informationINTRODUCTION AND HISTORY
INTRODUCTION AND HISTORY EMV is actually younger than we all may think as it only became available, as a specification that could be implemented, in 1996. The evolution of EMV can be seen in the development
More informationNet Optics Learning Center Presents The Fundamentals of Passive Monitoring Access
Net Optics Learning Center Presents The Fundamentals of Passive Monitoring Access 1 The Fundamentals of Passiv e Monitoring Access Copy right 2006 Net Optics, Inc. Agenda Goal: Present an overview of Tap
More informationVon Welch February 3, 2012
Globus Online Security Review Von Welch February 3, 2012 1 Introduction This document represents a cybersecurity risk assessment of the Globus Online File Transfer service and associated Website service.
More informationWhat Does Communication (or Telecommunication) Mean?
What Does Communication (or Telecommunication) Mean? The term communication (or telecommunication) means the transfer of some form of information from one place (known as the source of information) to
More informationCommScope Intelligent Building Infrastructure Solutions (IBIS)
SYSTIMAX Solutions CommScope Intelligent Building Infrastructure Solutions (IBIS) Questions & Answers Q. What is an Intelligent Building? A. An intelligent building can be defined as one which provides
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationTop Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America
1 Top Ten Security and Privacy Challenges for Big Data and Smartgrids Arnab Roy Fujitsu Laboratories of America 2 User Roles and Security Concerns [SKCP11] Users and Security Concerns [SKCP10] Utilities:
More informationUnderstanding Digital Certificates and Wireless Transport Layer Security (WTLS)
Understanding Digital Certificates and Wireless Transport Layer Security (WTLS) Author: Allan Macphee January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What
More informationGSI Credential Management with MyProxy
GSI Credential Management with MyProxy GGF8 Production Grid Management RG Workshop June 26, 2003 Jim Basney jbasney@ncsa.uiuc.edu http://myproxy.ncsa.uiuc.edu/ MyProxy Online repository of encrypted GSI
More informationLocal-Area Network -LAN
Computer Networks A group of two or more computer systems linked together. There are many [types] of computer networks: Peer To Peer (workgroups) The computers are connected by a network, however, there
More informationEnd-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich
End-to-End Security in Wireless Sensor (WSNs) Talk by Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless
More informationWHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords
WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline
More informationSecure Data Transfer
Secure Data Transfer INSTRUCTIONS 3 Options to SECURELY TRANSMIT DATA 1. FTP 2. WinZip 3. Password Protection Version 2.0 Page 1 Table of Contents Acronyms & Abbreviations...1 Option 1: File Transfer Protocol
More informationFour Advantages an Online International Payments Platform Gives Your Business
Improving Foreign Exchange and International Payments for Your Business Four Advantages an Online International Payments Platform Gives Your Business July 2009 US As every business has noticed the financial
More informationWhite paper. The Big Data Security Gap: Protecting the Hadoop Cluster
The Big Data Security Gap: Protecting the Hadoop Cluster Introduction While the open source framework has enabled the footprint of Hadoop to logically expand, enterprise organizations face deployment and
More informationISM/ISC Middleware Module
ISM/ISC Middleware Module Lecture 13: Security for Middleware Applications Dr Geoff Sharman Visiting Professor in Computer Science Birkbeck College Geoff Sharman Sept 07 Lecture 13 Aims to: 2 Show why
More informationSecureAge SecureDs Data Breach Prevention Solution
SecureAge SecureDs Data Breach Prevention Solution In recent years, major cases of data loss and data leaks are reported almost every week. These include high profile cases like US government losing personal
More informationAngel Dichev RIG, SAP Labs
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine SSL
More informationExtended Validation SSL Certificates
Extended Validation SSL Certificates A NEW STANDARD TO INSPIRE TRUST, improve confidence and increase sales... INDEX 1. Extended Validation (EV) SSL Certificates solving a trust problem 2. Traditional
More informationDeploying EFS: Part 1
Security Watch Deploying EFS: Part 1 John Morello By now, everyone has heard reports about personal or sensitive data being lost because of laptop theft or misplacement. Laptops go missing on a regular
More informationALFA FINANCIAL L.L.C. Licensed and Regulated by the Central Bank of the U.A.E.
ALFA FINANCIAL L.L.C Licensed and Regulated by the Central Bank of the U.A.E. Making a world of trading opportunities accessible to you ALFA Financial L.L.C was set up to give portfolio, how to control
More informationAuthentication Project Report
Authentication Project Report Simplified Access to Computer Systems Stuart Anderson for AuthProject Warren Anderson (Co-chair) Dave Barker Sam Finn Scott Koranda Jeff Minelli Tom Nash (Co-chair) Shannon
More informationThe Role of Digital Certificates in Contemporary Government Systems: the Case of UAE Identity Authority
The Role of Digital Certificates in Contemporary Government Systems: the Case of UAE Identity Authority Dr. Ali M. Al-Khouri Emirates Identity Authority, Abu Dhabi, United Arab Emirates Abstract Digital
More informationThe Health Insurance Portability and Accountability Act - HIPAA - Using BeAnywhere on a HIPAA context
The Health Insurance Portability and Accountability Act - HIPAA - Using BeAnywhere on a HIPAA context About HIPAA The Health Insurance Portability and Accountability Act (HIPAA), passed by Congress in
More informationBringing Federated Identity to Grid Computing. Dave Dykstra dwd@fnal.gov CISRC16 April 6, 2016
Bringing Federated Identity to Grid Computing Dave Dykstra dwd@fnal.gov CISRC16 April 6, 2016 Outline Introduction & motivation Background Grid security & job management InCommon, CILogon, and SAML ECP
More informationInstall and configure SSH server
Copyright IBM Corporation 2009 All rights reserved Install and configure SSH server What this exercise is about... 1 What you should be able to do... 1 Introduction... 1 Part 1: Install and configure freesshd
More informationSecurity Considerations
Concord Fax Security Considerations For over 15 years, Concord s enterprise fax solutions have helped many banks, healthcare professionals, pharmaceutical companies, and legal professionals securely deliver
More informationNetwork Performance Optimisation and Load Balancing. Wulf Thannhaeuser
Network Performance Optimisation and Load Balancing Wulf Thannhaeuser 1 Network Performance Optimisation 2 Network Optimisation: Where? Fixed latency 4.0 µs Variable latency
More informationClickShare Network Integration
ClickShare Network Integration Application note 1 Introduction ClickShare Network Integration aims at deploying ClickShare in larger organizations without interfering with the existing wireless network
More informationWeb Traffic Capture. 5401 Butler Street, Suite 200 Pittsburgh, PA 15201 +1 (412) 408 3167 www.metronomelabs.com
Web Traffic Capture Capture your web traffic, filtered and transformed, ready for your applications without web logs or page tags and keep all your data inside your firewall. 5401 Butler Street, Suite
More informationRemote Deposit Terms of Use and Procedures
Remote Deposit Terms of Use and Procedures Use of American National Bank Fox Cities (Bank) Remote Deposit service is subject to the following Terms of Use and Procedures. Bank reserves the right to update
More informationPrivate Industry Role in Next Generation Internet. Bob Aiken. NGI Project Leader DOE er.doe..doe.gov Large Scale Networking Working Group June 1997
Private Industry Role in Next Generation Internet Bob Aiken NGI Project Leader DOE aiken@er er.doe..doe.gov Large Scale Networking Working Group June 1997 NGI: Foundation for the Future Points to Remember
More informationMaximizing Server Storage Performance with PCI Express and Serial Attached SCSI. Article for InfoStor November 2003 Paul Griffith Adaptec, Inc.
Filename: SAS - PCI Express Bandwidth - Infostor v5.doc Maximizing Server Storage Performance with PCI Express and Serial Attached SCSI Article for InfoStor November 2003 Paul Griffith Adaptec, Inc. Server
More informationMore effective protection for your access control system with end-to-end security
More effective protection for your access control system with end-to-end security By Jeroen Harmsen The first article on end-to-end security appeared as long ago as 1981. The principle originated in ICT
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: University of Victoria Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationSecuring your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.
Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate A STEP-BY-STEP GUIDE to test, install and use a thawte Digital Certificate on your MS IIS Web
More informationIn this section of notes you will learn the rudiments of networking, the components of a network and how to secure a network
Computer networking In this section of notes you will learn the rudiments of networking, the components of a network and how to secure a network What This Section Will And Will Not Cover What we will talk
More informationOverview of Requirements and Applications for 40 Gigabit and 100 Gigabit Ethernet
Overview of Requirements and Applications for 40 Gigabit and 100 Gigabit Ethernet Version 1.1 June 2010 Authors: Mark Nowell, Cisco Vijay Vusirikala, Infinera Robert Hays, Intel 1. This work represents
More informationShibboleth : An Open Source, Federated Single Sign-On System David E. Martin martinde@northwestern.edu
Shibboleth : An Open Source, Federated Single Sign-On System David E. Martin martinde@northwestern.edu International Center for Advanced Internet Research Outline Security Mechanisms Access Control Schemes
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationWeb Email DNS Peer-to-peer systems (file sharing, CDNs, cycle sharing)
1 1 Distributed Systems What are distributed systems? How would you characterize them? Components of the system are located at networked computers Cooperate to provide some service No shared memory Communication
More information