Index. BIOS rootkit, 119 Broad network access, 107
|
|
- Molly Gibson
- 8 years ago
- Views:
Transcription
1 Index A Administrative components, 81, 83 Anti-malware, 125 ANY policy, 47 Asset tag, 114 Asymmetric encryption, 24 Attestation commercial market, 85 facts, 79 Intel TXT conceptual architecture, 85 models, 83 TPM, 84 trusted launch, pools and compliance, 83 local attestations, 80 meaning, 79 Mt. Wilson technology, 87 OpenAttestation, platforms and use models, 79 remote attestations, 80 service components capabilities, 82 endpoint, service and administrative components, 81 overview, 81 TCG defines, 79 transparent, 88 Attestation Identity Key (AIK), 23 Authenticated code module (ACM), 5, 18, 92 types, 18 verification and protection, 18 Autopromotion, 59 B BIOS rootkit, 119 Broad network access, 107 C Cloud computing, 7 8 cloud delivery models hybrid cloud model, Infrastructure as a Service model, 109 Platform as a Service model, 109 private model, public model, Software as a Service model, 109 cloud variants, 106 broad network access, 107 definition, 107 measured service, 107 on-demand self-service, 107 rapid elasticity, 107 resource pooling, 107 compliance datacenter vs. cloud, 105 extended trusted pools asset tag, 114 benefits of tags, geolocation & asset descriptors, geotag, 114 Intel TXT and attestation, 115 Intel TXT models, 110 trusted compute pools trusted launch model,
2 index Common Event Format (CEF), 102 Compliance Cryptographic hash functions, 24 checksums, 25 digital fingerprint, 25 digital signature, 25 message authentication, 25 properties, 25 Cryptography asymmetric encryption, 24 cryptographic hash functions, 24 decryption, 23 encryption, 23 symmetric encryption, 24 D Data-at-rest, 2 Datacenter security cloud delivery models hybrid cloud model, Infrastructure as a Service model, 109 Platform as a Service model, 109 private model, public model, Software as a Service model, 109 cloud variants, 106 broad network access, 107 definition, 107 measured service, 107 on-demand self-service, 107 rapid elasticity, 107 resource pooling, 107 compliance datacenter vs. cloud, 105 extended trusted pools asset tag, 114 benefits of tags, geolocation & asset descriptors, geotag, 114 Intel TXT and attestation, 115 Intel TXT models, 110 trusted compute pools trusted launch model, 110 Data-in-flight, 2 Data-in-use, 3 Dell PowerEdge R410, 39 E Enablement. See also Management and policy tools layer; Operating system or hypervisor enablement basics BIOS and TPM, 92 components, 92 elements, 92 menu structure, 93 OEM platform requirements and opportunities, 92 platform default, 92 security setup screen, 93 extended attestation services, 94 provisioning, 94 reporting and logging capability, 95 trusted computing, 94 updates, 94 layered pyramid model, 89 security applications layer broad security missions, 102 integration, 101 Intel TXT enabled platforms, 102 questions remain, 103 RSA, 102 SIEM and GRC management tools, 91 steps and requirements, 90 trusted launch and pools use model, 91 Endpoint component, 81 F Firmware Interface Table (FIT), 92 G Gathering platform, 81 Geotag, 114 Governance, risk, and compliance (GRC) tools, 90 Guest operating system, 6 130
3 Index H Hash Method of Authentication (HMAC) value, 20, 25 Host operating system, 6 Hypervisor enablement (see Operating system and hypervisor enablement) rootkit, 119 I, J, K Infrastructure as a Service (IaaS) model, 109 Intel Trusted Execution Technology (Intel TXT) attack types, 2 attestation, 9 benefits, 9 cloud computing, 7 cloud service provider/service client, 10 configuration, 4 description, 4 disadvantage, 11 dynamic chain of trust, 5 flexibility, 4 goal, 1, 4 measured launch environment, 6 7 measurement process, 4 roles and responsibilities host operating system, 13 OEM, 12 TPM ownership, 12 sealed storage, 1 security level, 2 server enhancement BIOS inclusion, 11 client and server platforms, 12 processor-based CRTM, 11 RAS features, 11 server architecture complexity, 12 System Management Module code, 12 static chain of trust, 5 third-party software, 13 TPM chip, 4 trusted compute pool, 10 trusted servers, 4 virtualization, 6 Intel TXT attestation, 35 boot sequence, 29 concepts, 26 conceptual architecture, 85 cryptography asymmetric encryption, 24 cryptographic hash functions, 24 decryption, 23 encryption, 23 symmetric encryption, 24 dynamic measurements, 28 launch control policy, 33 MLE element, 34 NV policy data, 35 PCONF, 34 platform supplier and owner policy, 34 protection, 35 measured launch process, 31 measurements, 26 models, 83, 110 operating system, 28 platform configuration, 28 reset attack protection, 33 sealing, 35 secure measurements, 27 static measurements, 27 TPM Attestation Identity Key, 23 interface, 19 nonvolatile random access memory, 22 ownership and access enforcement, 23 platform configuration registers, 21 public and private key, 21 random number generator, 20 RSA asymmetric algorithm, 21 security functions, trusted launch, pools and compliance, 83 Intel TXT capable platform components authenticated code module, 18 BIOS, 17 chipsets, 17 processor, 16 Trusted Platform Module, 17 definition, 16 Intel Virtualization Technology (Intel VT), 38 L Launch control policy (LCP), 61, 80 ACM, 48 ANY, 47 ANY policy specification, 53 autopromotion requirement, 64 considerations, 59 decision matrix, 77 establish trusted pools, 56 flow, 49 generator, 49 host operating systems MLE policy creation tools, 71 OS/VMM vendor, 71 impact of BIOS updates, 73 OS/VMM updates,
4 index Launch control policy (LCP) (cont.) platform configuration changes, 73 SINIT updates, 72 insights, 47 management multiple lists for version control, 74 signed list usage, 74 simplest policy, 75 single policy for server groups, 73 vendor-signed policies, 74 measured launch process, 47 MLE element specification, 52 NV Policy Data, 48 overview, 62 PCONF element specification, 51 PCONF policy, challenges, 70 PcrDump, 69 PCRInfo, 70 remote attestation, 64 specification, 65 policy data structure, 48 prevent interference by platform supplier policy, 56 reduce need for remote attestation, 58 remote attestation, 63 reset attack protection, 59, 64 revoke platform default policy, 54 signed lists, 50 strategies available tools, 76 confidence, 75 PCRs, 76 remote attestation, 76 reset protections, 76 risk, 76 training, 75 trusted pools, 76 TPM access restriction, 64 TPM password, 77 trusted ACM specification, 53 LIST policy, 49 Local attestations, 80 M Management and policy tools layer attestation services, 100 evolutionary enhancement, 99 HyTrust appliance, 99 provisioning, 100 reporting and logging functions, 100 roles, 99 server trust status, 101 trusted compute pools, 97 updates, 100 McAfee epolicy Orchestrator (epo), 102 Measured launch environment, 6 7 code, 6 7, 48, 52 policy, 61 Measured service, 107 Mt. Wilson technology, N Nonvolatile random access memory, 22 NV Policy Data, 48 O OEM platform enablement requirements and opportunities, 92 On-demand self-service, 107 One-party encryption. See Symmetric encryption OpenAttestation, 86 Open-source project, 86 Operating system and hypervisor enablement basic enablement, 96 ISV, 96 key trusted platforms, 96 SINIT module, 96 TCB and LCP, 96 TPM, 96 trust-based reporting and logging capabilities, 97 trusted computing stack, 95 P, Q Physical presence interface, 40 Platform as a Service (PaaS) model, 109 Platform Configuration (PCONF) policy, 61, 64 challenges, 70 PcrDump, 69 PCRInfo, 70 specification, 65 Platform configuration registers (PCRs), 5, 21 Platform default (PD) policy, 54 Platform trust, 117 Provisioning BIOS setup automating BIOS provisioning, 40 enable and activate TPM, 38 enable Intel TXT, 39 enable supporting technology, 38 summary of, 39 create owner s launch control policy (see Launch control policy (LCP)) establish TPM ownership (see Trusted Platform Module (TPM)) steps to provision new platform,
5 Index trusted host operating system OS/VMM installation, 45 Ubuntu, 45 VMware ESXi, 45 R Random number generator (RNG), 20 Rapid elasticity, 107 Remote attestations, 80 Reporting and logging capability, 95 Resource pooling, 107 Risk management, 118 Root kits, 3 S SDK architecture overview, 87 Security applications layer broad security missions, 102 integration, 101 Intel TXT enabled platforms, 102 questions remain, 103 RSA, 102 Security incident management and analysis tools (SIEM), 90 Service components capabilities, 82 conceptual architecture, 81 endpoint, service and administrative components, 81 overview, 81 Signed BIOS policy, 59 SINIT policy, 61 Software as a Service (SaaS) model, 109 Software development kit (SDK), 86 Symmetric encryption, 24 T, U, V Trusted Boot (TBOOT) module, 31, 45 Trusted Compute Base (TCB), 96 Trusted compute pools (TCP) Trusted computing anti-malware, 125 BIOS rootkit, 119 End-to-End Trust, 124 evolution, 123 guest images, 124 Hypervisor rootkit, 119 IT security toolbox, 119 launch time measurement, private and public cloud computing, 120 protections and assurance cryptographic measurement techniques, 121 ecosystem, 121 GRC, 122 hardware, 120 hypervisor integrity, 121 requirements, 121 virtualized/cloud models, 122 stack integrity asset and location control aspect, 126 datacenter and security, 127 digital certificates, 126 host integrity, 126 McAfee, 125 McAfee MOVE Antivirus, 127 McAfee SiteAdvisor, 126 threats, 122 whitelist approach, 123 Trusted Computing Group (TCG), 3, 79 Trusted launch and pools use model, 91 Trusted launch model, 110 Trusted operating system, 6 Trusted Platform Module (TPM), 17 18, 92 Attestation Identity Key, 23 chip, 4 enable and activate, 38 interface, 19 control protocol, 20 localities, 19 nonvolatile random access memory, 22 ownership and access enforcement, 23 authorization values, 43 definition, 40 establish ownership, 40 local pass-through TPM model, 41 management server model, 42 remote pass-through TPM model, 41 Platform Configuration Registers, 21 public and private key, 21 random number generator, 20 RSA asymmetric algorithm, 21 security functions, W, X, Y, Z Whitelisting,
Trusted Geolocation in The Cloud Technical Demonstration
Trusted Geolocation in The Cloud Technical Demonstration NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation Trusted Geolocation in the Cloud Business Business
More informationTrusted Geolocation in the Cloud. Based on NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation
Trusted Geolocation in the Cloud Based on NIST Interagency Report 7904 - Trusted Geolocation in the Cloud: Proof of Concept Implementation 2 Agenda Definition of cloud computing Trusted Geolocation in
More informationIntel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms
Intel Cloud Builders Guide Intel Xeon Processor 5600 Series Parallels* Security Monitoring and Service Catalog for Public Cloud VPS Services Parallels, Inc. Intel Cloud Builders Guide: Cloud Design and
More informationAccelerate OpenStack* Together. * OpenStack is a registered trademark of the OpenStack Foundation
Accelerate OpenStack* Together * OpenStack is a registered trademark of the OpenStack Foundation Where are your workloads running Ensuring Boundary Control in OpenStack Cloud. Raghu Yeluri Principal Engineer,
More informationBuilding Trust and Compliance in the Cloud with Intel Trusted Execution Technology
WHITE PAPER Intel Trusted Execution Technology Intel Xeon Processor Secure Cloud Computing Building Trust and Compliance in the Cloud with Intel Trusted Execution Technology The Taiwan Stock Exchange Corporation
More informationControl your corner of the cloud.
Chapter 1 of 5 Control your corner of the cloud. From the halls of government to the high-rise towers of the corporate world, forward-looking organizations are recognizing the potential of cloud computing
More informationNIST Interagency Report 7904 (Draft) Trusted Geolocation in the Cloud: Proof of Concept Implementation (Draft)
NIST Interagency Report 7904 (Draft) Trusted Geolocation in the Cloud: Proof of Concept Implementation (Draft) Erin K. Banks Michael Bartock Kevin Fiftal David Lemon Karen Scarfone Uttam Shetty Murugiah
More informationOne-Stop Intel TXT Activation Guide
One-Stop Intel TXT Activation Guide DELL* PowerEdge 12G Server Systems Intel Trusted Execution Technology (Intel TXT) for Intel Xeon processor-based servers is commonly used to enhance platform security
More informationChapter 5 Boundary Control in the Cloud: Geo-Tagging and Asset Tagging
Chapter 5 Boundary Control in the Cloud: Geo-Tagging and Asset Tagging Chapters 3 and 4 focused on platform boot integrity, trusted compute pools, and the attestation architecture. They covered the reference
More informationOne-Stop Intel TXT Activation Guide
One-Stop Intel TXT Activation Guide HP Gen8 Family Based Server Systems Intel Trusted Execution Technology (Intel TXT) for Intel Xeon processor-based servers is commonly used to enhance platform security
More informationIntel Trusted Execution Technology
white paper Intel Trusted Execution Technology Intel Trusted Execution Technology Hardware-based Technology for Enhancing Server Platform Security Executive Summary A building is only as good as its foundation.
More informationCreating a More Secure Datacenter and Cloud
Chapter 7 Creating a More Secure Datacenter and Cloud Every cloud has its silver lining but it is sometimes a little difficult to get it to the mint. Don Marquis This book has discussed the utilities and
More informationopportunity Mechanisms to Protect Data in the Open Cloud
Open Source on Intel white paper OpenStack* Intel Xeon processors Intel Trusted Execution Technology Intel Advanced Encryption Standard New Instructions Mechanisms to Protect Data in the Open Cloud Intel
More informationProtecting Virtual Endpoints with McAfee Server Security Suite Essentials
Sponsored by McAfee Protecting Virtual Endpoints with McAfee Server Security Suite Essentials December 2013 A SANS Analyst Whitepaper Written by Dave Shackleford Capability Sets for Virtualization Security
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationProtecting Data with Short- Lived Encryption Keys and Hardware Root of Trust. Dan Griffin DefCon 2013
Protecting Data with Short- Lived Encryption Keys and Hardware Root of Trust Dan Griffin DefCon 2013 Time-Bound Keys Announcements New tool: TimedKey.exe New whitepaper: Trusted Tamperproof Time on Mobile
More informationAttestation: Proving Trustability
Chapter 4 Attestation: Proving Trustability In the last few chapters we have looked at the first stages in a process toward establishing trust between systems. First, the establishment of roots of trust
More informationSwisscom Cloud. Building a secure cloud. SIGS, 09.09.2014 Christof Jungo
Swisscom Cloud Building a secure cloud SIGS, 09.09.2014 Christof Jungo Cloud What is changing? 2 Enterprise Datacenter High secure tier 3 & 4 Server typ Processor architecture: various Baremetal & virtual
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationCisco Trust Anchor Technologies
Data Sheet Cisco Trust Anchor Technologies Overview Cisco Trust Anchor Technologies provide the foundation for trustworthy systems across Cisco. The Cisco Trust Anchor and a Secure Boot check of signed
More informationData Center Connector for vsphere 3.0.0
Product Guide Data Center Connector for vsphere 3.0.0 For use with epolicy Orchestrator 4.6.0, 5.0.0 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationCLOUD SECURITY: Secure Your Infrastructure
CLOUD SECURITY: Secure Your Infrastructure 1 Challenges to security Security challenges are growing more complex. ATTACKERS HAVE EVOLVED TECHNOLOGY ARCHITECTURE HAS CHANGED NIST, HIPAA, PCI-DSS, SOX INCREASED
More informationPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {hans.loehr,ahmad.sadeghi,marcel.winandy}@trust.rub.de
More informationIntel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms
Intel Cloud Builders Guide Intel Xeon Processor Servers Enhanced Cloud Security with HyTrust* and VMware* Intel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms Enhanced Cloud Security
More informationCan PCI DSS Compliance Be Achieved in a Cloud Environment?
royal holloway Can Compliance Be Achieved in a Cloud Environment? Organisations are considering whether to run -based systems in a cloud environment. The security controls in the cloud may be sufficient
More informationSee Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.
Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,
More informationIntel Cloud Builders Guide: Cloud Design and Deployment on Intel Platforms
Intel Cloud Builders Guide Intel Xeon Processor-based Servers Enhancing Cloud Platform Security with Enomaly ECP* HAE and Dell PowerEdge* Servers Intel Cloud Builders Guide: Cloud Design and Deployment
More informationSeven Steps to Building Security in the Cloud - keyword Overview
SEPTEMBER 2011 Planning Guide Cloud Security Seven Steps for Building Security in the Cloud from the Ground Up Why you should read this document: This guide provides practical information to help you integrate
More informationDell Client BIOS: Signed Firmware Update
Dell Client BIOS: Signed Firmware Update An Implementation and Deployment Guide to NIST SP800-147 BIOS Protections for Dell Client BIOS Rick Martinez Dell Client BIOS This white paper is for informational
More informationMcAfee Public Cloud Server Security Suite
Installation Guide McAfee Public Cloud Server Security Suite For use with McAfee epolicy Orchestrator COPYRIGHT Copyright 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766,
More informationMcAfee Security Architectures for the Public Sector
White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed
More informationPrivate Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04
Private Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04 F. John Krautheim 1 Dhananjay S. Phatak Alan T. Sherman 1 Cyber
More informationEmbedded Trusted Computing on ARM-based systems
1 / 26 Embedded Trusted Computing on ARM-based systems Martin Schramm, M.Eng. 10.04.2014 Agenda 2 of 26 martin.schramm@th-deg.de Embedded computing platforms have become omnipresent intend to alleviate
More informationHyTrust Addendum to the VMware Product Applicability Guide. For. Federal Risk and Authorization Management Program (FedRAMP) version 1.
HyTrust Product Applicability Guide For Federal Risk and Authorization Management Program (FedRAMP) VMware Compliance Reference Architecture Framework to the VMware Product Applicability Guide For Federal
More informationBuilding Blocks Towards a Trustworthy NFV Infrastructure
Building Blocks Towards a Trustworthy NFV Infrastructure IRTF NFVRG Adrian L. Shaw Hewlett-Packard Laboratories / July 22 nd, 2015 1 Why security and trust? Big requirement for critical
More informationTPM Key Backup and Recovery. For Trusted Platforms
TPM Key Backup and Recovery For Trusted Platforms White paper for understanding and support proper use of backup and recovery procedures for Trusted Computing Platforms. 2006-09-21 V0.95 Page 1 / 17 Contents
More informationLecture Embedded System Security Dynamic Root of Trust and Trusted Execution
1 Lecture Embedded System Security Dynamic Root of Trust and Execution Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2014 Dynamic Root
More informationSecurity in the Cloud
solution brief Cloud Computing Security in the Cloud Intel Xeon Processor E5-4600/2600/2400/1600 Intel Technologies Enable More Secure Business Computing in the Cloud Would you like to begin transforming
More informationAlliance Key Manager Solution Brief
Alliance Key Manager Solution Brief KEY MANAGEMENT Enterprise Encryption Key Management On the road to protecting sensitive data assets, data encryption remains one of the most difficult goals. A major
More informationAcronym Term Description
This glossary contains definitions of terms created by TCG, or terms that have a particular meaning in trusted computing, or terms that cause particular confusion in trusted computing. Acronym Term Description
More informationMcAfee Web Gateway Administration Intel Security Education Services Administration Course Training
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
More informationOn the security of Virtual Machine migration and related topics
Master thesis On the security of Virtual Machine migration and related topics Ramya Jayaram Masti Submitted in fulfillment of the requirements of Master of Science in Computer Science Department of Computer
More informationHow to Secure Infrastructure Clouds with Trusted Computing Technologies
How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3.
More informationQTS Leverages HyTrust to Build a FedRAMP Compliant Cloud
CASE STUD QTS Leverages HyTrust to Build a FedRAMP Compliant Cloud The technology and expertise provided by HyTrust dramatically simplified the process of preparing for our FedRAMP certification. HyTrust
More informationCloud Security Specialist Certification Self-Study Kit Bundle
Cloud Security Specialist Certification Bundle CloudSchool.com CLOUD CERTIFIED Technology Professional This certification bundle provides you with the self-study materials you need to prepare for the exams
More informationLong Distance Workload Migration
Long Distance Workload Migration Secure Data Access and Movement Between Clouds Mark Lesher Sr. Director EMC 2 Cloud Infrastructure Solutions September 10 1 Drivers for Long Distance Workload Migration
More informationCloud Computing Security Requirements
Issues in Cloud Security Private, Public, Hybrid Abstract This white paper discusses the major computer security issues confronting an organization when moving to the cloud. Even for small companies, migrating
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationCloud & Security. Dr Debabrata Nayak Debu.nayak@huawei.com
Cloud & Security Dr Debabrata Nayak Debu.nayak@huawei.com AGENDA General description of cloud Cloud Framework Top issues in cloud Cloud Security trend Cloud Security Infrastructure Cloud Security Advantages
More informationSECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com
SECURING HEALTH INFORMATION IN THE CLOUD Feisal Nanji, Executive Director, Techumen feisal@techumen.com Conflict of Interest Disclosure Feisal Nanji, MPP, CISSP Has no real or apparent conflicts of interest
More informationData Center Connector 3.0.0 for OpenStack
Product Guide Data Center Connector 3.0.0 for OpenStack For use with epolicy Orchestrator 5.1.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee,
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationSecuring Data on Microsoft SQL Server 2012
Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to
More informationPrivate Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04
Private Virtual Infrastructure: A Model for Trustworthy Utility Cloud Computing UMBC Computer Science Technical Report Number TR-CS-10-04 F. John Krautheim 1 Dhananjay S. Phatak Alan T. Sherman 1 Cyber
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationCloud: Where are we now? Gerald Gerry Seaman Cloud Marketing Manager Intel - Data Center Group Enterprise High Performance Group
Cloud: Where are we now? Gerald Gerry Seaman Cloud Marketing Manager Intel - Data Center Group Enterprise High Performance Group Why is Intel Talking Cloud? Service and Policy Management Analytics Cloud
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework Information Security Agenda 1 Manage security policy 2 Information security management system procedure Agenda 3 Manage
More informationImproving OpenStack* Hybrid Cloud Security
SOLUTION BRIEF Intel Trusted Execution Technology Hybrid Security Improving OpenStack* Hybrid Security Together, Intel, Mirantis, and IBM SoftLayer demonstrate how Intel Trusted Execution Technology, attestation,
More informationTrusted Computing. Insecure PCs. Foundations for secure e-commerce (bmevihim219)
Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyán associate professor BME Híradástechnikai Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu, buttyan@crysys.hu
More informationMS-55096: Securing Data on Microsoft SQL Server 2012
MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary
More informationA Virtualized Linux Integrity Subsystem for Trusted Cloud Computing
A Virtualized Linux Integrity Subsystem for Trusted Cloud Computing Stefan Berger Joint work with: Kenneth Goldman, Dimitrios Pendarakis, David Safford, Mimi Zohar IBM T.J. Watson Research Center 09/21/2011
More informationSecure Data Management in Trusted Computing
1 Secure Data Management in Trusted Computing Ulrich Kühn Deutsche Telekom Laboratories, TU Berlin Klaus Kursawe (KU Leuven) Stefan Lucks (U Mannheim) Ahmad-Reza Sadeghi (RU Bochum) Christian Stüble (RU
More informationTechnical Brief: Virtualization
Technical Brief: Virtualization Technology Overview Tempered Networks automates connectivity and network security for distributed devices over trusted and untrusted network infrastructure. The Tempered
More informationSoftware Execution Protection in the Cloud
Software Execution Protection in the Cloud Miguel Correia 1st European Workshop on Dependable Cloud Computing Sibiu, Romania, May 8 th 2012 Motivation clouds fail 2 1 Motivation accidental arbitrary faults
More informationTECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS
TECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS BUSINESS BENEFITS Use of the Certified Partner seal and the Secured by RSA brand on product packaging and advertising Exposure in the Secured by RSA
More informationOpal SSDs Integrated with TPMs
Opal SSDs Integrated with TPMs August 21, 2012 Robert Thibadeau, Ph.D. U.S. Army SSDs Must be Opal s We also Studied using the TPM (Trusted Platform Module) with an Opal SSD (Self-Encrypting Drive) 2 Security
More informationCertification Report
Certification Report EAL 2 Evaluation of with Gateway and Key Management v2.9 running on Fedora Core 6 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria
More informationHi and welcome to the Microsoft Virtual Academy and
Hi and welcome to the Microsoft Virtual Academy and 2012 Microsoft Corporation 1 the start of the Windows 8 Security Insights training. My name is Milad Aslaner I m part of the Premier Field Engineering
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,
More informationWhen your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.
Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using
More informationTNC: Open Standards for Network Security Automation. Copyright 2010 Trusted Computing Group
TNC: Open Standards for Network Security Automation Copyright 2010 Trusted Computing Group Agenda Introduce TNC and TCG Explanation of TNC What problems does TNC solve? How does TNC solve those problems?
More informationIntel Cloud Builders Guide to Cloud Design and Deployment on Intel Platforms
Intel Cloud Builders Guide Intel Xeon Processor-based Servers Power Management & Security within Open Source Private Cloud with Intel & OpenStack Intel Cloud Builders Guide to Cloud Design and Deployment
More informationTCG Based Approach for Secure Management of Virtualized Platforms State-of-the-art
SICS Technical Report T2010:05 ISSN 1100-3154 TCG Based Approach for Secure Management of Virtualized Platforms State-of-the-art (June 05, 2010) Mudassar Aslam, Christian Gehrmann {Mudassar.Aslam, Christian.Gehrmann}@sics.se
More informationChapter 4 Application, Data and Host Security
Chapter 4 Application, Data and Host Security 4.1 Application Security Chapter 4 Application Security Concepts Concepts include fuzzing, secure coding, cross-site scripting prevention, crosssite request
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationUsing BroadSAFE TM Technology 07/18/05
Using BroadSAFE TM Technology 07/18/05 Layers of a Security System Security System Data Encryption Key Negotiation Authentication Identity Root Key Once root is compromised, all subsequent layers of security
More informationMcAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course
McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course The McAfee Firewall Enterprise System Administration course from McAfee University is a fast-paced,
More informationIntel Service Assurance Administrator. Product Overview
Intel Service Assurance Administrator Product Overview Running Enterprise Workloads in the Cloud Enterprise IT wants to Start a private cloud initiative to service internal enterprise customers Find an
More informationUsing BitLocker As Part Of A Customer Data Protection Program: Part 1
Using BitLocker As Part Of A Customer Data Protection Program: Part 1 Tech Tip by Philip Cox Source: searchsecuritychannel.com As an information security consultant, one of my jobs is to help my clients
More informationIntel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms
EXECUTIVE SUMMARY Intel Cloud Builder Guide Intel Xeon Processor-based Servers Red Hat* Cloud Foundations Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms Red Hat* Cloud Foundations
More informationSecurity Model for VM in Cloud
Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationVMware ESXi 3.5 update 2
VMware ESXi 3.5 update 2 VMware ESXi 3.5 Exec Summary What is it? What does it do? What is unique? Who can use it? How do you use it? Next generation, thin hypervisor for FREE Partitions servers to create
More informationHardware-Assisted Workspace Virtualization RingCube vdesk on Intel Core vpro Processors
Hardware-Assisted Workspace Virtualization RingCube vdesk on Intel Core vpro Processors About the Authors Dr. Charlton Barreto Platform Architect Intel Corporation Charlton Barreto is a member of Intel
More informationIntel Active Management Technology Embedded Host-based Configuration in Intelligent Systems
WHITE PAPER Intel vpro Technology Embedded Host-based Configuration in Intelligent Systems Easy activation of Intel vpro technology remote manageability without trade-offs in security, functionality, and
More informationUsing the TPM to Solve Today s Most Urgent Cybersecurity Problems
Using the to Solve Today s Most Urgent Cybersecurity Problems May 20, 2014 10:00AM PDT 2 Stacy Cannady, Technical Marketing Trustworthy Computing, Cisco Stacy Cannady, CISSP, is technical marketing - Trustworthy
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationProperty Based TPM Virtualization
Property Based Virtualization Marcel Winandy Joint work with: Ahmad Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security Chair for System Security Ruhr University Bochum, Germany Sirrix
More informationIntel Cyber Security Briefing: Trends, Solutions, and Opportunities. Matthew Rosenquist, Cyber Security Strategist, Intel Corp
Intel Cyber Security Briefing: Trends, Solutions, and Opportunities Matthew Rosenquist, Cyber Security Strategist, Intel Corp Legal Notices and Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationMcAfee MOVE / VMware Collaboration Best Practices
McAfee MOVE / VMware Collaboration Best Practices Christie J. Karrels Sales Engineer Federal DoD January 11, 2013 1 P a g e Contents Introduction... 3 Traditional Anti-Malware vs. Optimized Anti-Malware...
More informationXerox Next Generation Security: Partnering with McAfee White Paper
Xerox Next Generation Security: Partnering with McAfee White Paper 1 Background Today s MFPs are complex embedded systems. They contain, among other things, full scale operating systems, embedded web servers,
More informationCloud security and OpenStack Primož Cigoj Laboratorij za odprte sisteme in mreže IJS-E5. www.kc-class.eu
Cloud security and OpenStack Primož Cigoj Laboratorij za odprte sisteme in mreže IJS-E5 www.kc-class.eu 1 1 Outline Cloud computing General overview Deployment and service models Security issues Threats
More informationIntel Trusted Execution Technology (Intel TXT)
Intel Trusted Execution Technology (Intel TXT) Software Development Guide Measured Launched Environment Developer s Guide July 2015 Revision 012 Document: 315168-012 You may not use or facilitate the use
More informationTopics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.
Cloud Computing Topics 1. What is the Cloud? 2. What is Cloud Computing? 3. Cloud Service Architectures 4. History of Cloud Computing 5. Advantages of Cloud Computing 6. Disadvantages of Cloud Computing
More informationKeywords Cloud Storage, Error Identification, Partitioning, Cloud Storage Integrity Checking, Digital Signature Extraction, Encryption, Decryption
Partitioning Data and Domain Integrity Checking for Storage - Improving Cloud Storage Security Using Data Partitioning Technique Santosh Jogade *, Ravi Sharma, Prof. Rajani Kadam Department Of Computer
More informationJANUARY 2013. Industry Brief
JANUARY 2013 Industry Brief Securing the Cloud for Financial Institutions An Overview of Cloud Security Issues Facing the Financial Services Industry and Intel Technologies for Securing the Financial Cloud
More information