Software and Cloud Security
|
|
- Joanna Bailey
- 8 years ago
- Views:
Transcription
1 1 Lecture 12: Software and Cloud Security 2 Lecture 12 : Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and modules 3. Trusted software systems 4. Security of cloud environments Page 1 1
2 3 Lecture 12 : Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and modules 3. Trusted software systems 4. Security of cloud environments 4 ISO/OSI Security Services 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Non - repudiation Page 2 2
3 5 Authentication of SW Components SW user Signature SW vendor SW vendor s key Verification? 6 MS Authenticode System VeriSign SW user Microsoft Signature Page 3 3
4 7 Java Signed Applets javakey SW user SW vendor Signature 8 ISO/OSI Security Services 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Non - repudiation Page 4 4
5 9 AC in LAN s OS Security??? UserID 1 0 Standard Operating System Applications Programs Kernel Files Network Page 5 5
6 11 Security Extensions (AC) Applications OS Programs? Kernel Files OK r,w x,d l,c Network 1 2 ISO/OSI Security Services 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Non - repudiation Page 6 6
7 1 3 Encrypted Software Encrypted Applications Encrypted Instructions Encryption Decryption OS Clear Instructions Kernel 1 4 ISO/OSI Security Services 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Non - repudiation Page 7 7
8 1 5 Part of Authentication SW user Signature SW vendor SW vendor s key Verification? 1 6 Signed Software Signed Applications Signed Code Signing Verification OS Verified Code Kernel Page 8 8
9 1 7 ISO/OSI Security Services 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Non - repudiation 1 8 Lecture 12 : Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and modules 3. Trusted software systems 4. Security of cloud environments Page 9 9
10 1 9 Specific Aspects 1. Viruses 2. Worms 3. Trojan Horses 4. Copyrighting 5. Licensing 2 0 Viruses Damages Not harmful Potentially harmful Disastrous Page
11 2 1 Viruses Distribution Viruses Activation Page
12 Subject: Normal letter! Date: 7-July-1993! What are you doing?! Subject: Normal letter! Date: 7-July-1993! What are you doing?! Subject: Normal letter! Date: 7-July-1993! What are you doing?! Subject: Normal letter! Date: 7-July-1993! What are you doing?! Subject: Normal letter! Date: 7-July-1993! What are you doing?! 2 3 E mail Attachments and Port 80 From: dsv.su.se! To: ccvax.ucd.ie! Dear Ahmed:! How are you today?! From: dsv.su.se! To: ccvax.ucd.ie! Dear Ahmed:! How are you today?! From: dsv.su.se! To: ccvax.ucd.ie! Dear Ahmed:! How are you today?! From: dsv.su.se! To: ccvax.ucd.ie! Dear Ahmed:! How are you today?! From: dsv.su.se! To: ccvax.ucd.ie! Dear Ahmed:! How are you today?! 2 4 Viruses Effects Page
13 2 5 Detection and Elimination! Virus characteristics ( Signatures )! Updates from vendor s site! Post factum intervention 2 6 Prevention 1. Authentication 2. Access control 3. Data confidentiality 4. Data integrity 5. Non - repudiation Page
14 2 7 Worms and Trojan Horses 2 8 Software Copyright C C Page
15 2 9 Digital Signature Author C 3 0 Activation User Author s Public Key C Page
16 3 1 Software Licensing TM 3 2 Pay per Use Schemes Apache Software Repository SW module Page
17 3 3 Pay per Use Schemes Apache Shared Execution Application data 3 4 Digital Envelope Authorization TM Page
18 3 5 Digital Envelope Authorization TM User s Public Key 3 6 Digital Envelope Activation TM User s Private Key Page
19 3 7 Lecture 12: Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and modules 3. Trusted software systems 4. Security of mobile agents 3 8 Trusted Software Systems Trusted Software : 1. Functional correctness 2. Correctness of programs underneath Properties : 1. Functional correctness 2. Enforcement of integrity 3. Limited privileges 4. Appropriate security level Page
20 3 9 OS Controls Mutual Suspicion : 1. Bilateral authentication 2. Balanced exchange of proprietary information Confinement : 1. Limitation of accessible system resources 2. Strict (continuous) control of operations Compartmented Environment Access Log 4 0 Administrative Controls Standards for Program Development : 1. Standards for design stage 2. Standards for program/system documentation 3. Standards for programming and source code evaluation (QA) 4. Standards for testing 5. Standards for configuration management Page
21 4 1 Security in DB Systems All - None Protection of Files/DB Segments Problems: 1. Lack of trust 2. All or nothing not suitable for many situations 3. Rise of timesharing 4. Complexity of access requirements 5. Sensitive file listings 4 2 Alternative Protection Schemes OS Security Extensions Group protection Single permissions 1. Password or other tokens 2. Temporary acquired permissions 3. Per-object and per-user permissions Static vs. dynamic permissions Page
22 4 3 Lecture 12: Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and modules 3. Trusted software systems 4. Security of cloud environment 4 4 Page
23 4 5 Cloud Access Points User Wi-Fi App-1 Internet User CAP AAP App-2 User 3G/4G Web 4 6 Cloud Security Components IDMS PDP CA User Wi-Fi Internet App-1 User CAP/FW SAP AAP User 3G/4G App-2 CAP/FW Cloud Access Point / Firewall SAP Security Access Point (Portal Security ) AAP Application Access Point (Cloud Portal) IDMS Identity Management PDP Policy Decision Point CA Certification Authority Page
24 4 7 Architecture of the OpenStack Platform 4 8 OpenStack Components Page
25 4 9 Cloud Services Models Software as a Service (SaaS) Platform as a Service (PaaS) Infrastructure as a Service (IaaS) SalesForce CRM LotusLive Google App Engine 5 0 Security for Cloud Environment Page
26 5 1 Three Aspects of Security (1) Security services in cloud framework! It deals about all security requirements of cloud framework like auditing, virus scanning and security related to virtualization, security of installed components on virtualized environment, security of hypervisors (2) Security of services! Required to protect sensitive data stored in the cloud environment. it deals normally privacy, confidentiality and integrity of the stored user s data (3) Accessibilities of the data or user s interaction with cloud environment! It deals with availability, authentication, secure communication and authorization issues. In this research activity, we focused to deal issues mentioned in first two areas. 5 2 Open Questions!! How to provide two factor authentication and XACML based access control using smart card and mobile devices in OpenStack?!! How to ensure the protection and integrity of Virtual Machines, its images and live migration to other environment?!! How to ensure the integrity and protection of user-based services which are dynamically loaded in the cloud environment?!! On top of all the above issues the most important is the Key Management and Security of Cryptographic Tokens which should be controlled, only accessible and used by the owner? Page
27 5 3 Components Certification Authority (CA Service) XACML Authorization Service Application -1 Authentication Service IDMS Policy Enforcement Point Application -2 Cloud Access Point Client Client Client Client 5 4 Cloud Central Security Customer HR DB IDMS CA Smart Cards Card Cards Admin Station Admin SAML / PDP Security Admin Cloud Admin Station Auth Internet Internet Cloud Proxy Security Portal Admin Portal Station Admin Cloud VM Internet Web PEP VPN Web User Cloud Station Proxy Cloud VM Docs Page
28 5 5 Lecture 12: Software and Cloud Security Subjects / Topics : 1. Standard ISO/OSI security services 2. Special problems, specific for software components and modules 3. Trusted software systems 4. Security of cloud environments 5 6 Q u e s t i o n s?? Page
Lecture 12: M.Sc. Project Overview
Security for Open Distributed Systems 1 1 Prof. Sead Muftic Lecture 12: M.Sc. Project Overview Security for Cloud and Mobile Environments Cloud Access Points Communication and Applications 2 User Wi-Fi
More informationPage 1. Lecture 1: Introduction to. Introduction to Computer Networks Security. Input file DES DES DES DES. Output file
1 2 Prof. Sead Muftic Matei Ciobanu Morogan Lecture 1: Introduction to Computer s Security Introduction to Computer s Security 4. security services and mechanisms 3 Approach 4 Introduction to Computer
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationOpen Data Center Alliance Usage: Identity Management Interoperability Guide rev. 1.0
sm Open Data Center Alliance Usage: Identity Interoperability Guide rev. 1.0 Open Data Center Alliance Usage: Identity Interoperability Guide Rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary...
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationCryptoNET: Security Management Protocols
CryptoNET: Security Management Protocols ABDUL GHAFOOR ABBASI, SEAD MUFTIC CoS, School of Information and Communication Technology Royal Institute of Technology Borgarfjordsgatan 15, SE-164 40, Kista,
More informationGENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET
http:// GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET Manisha Dawra 1, Ramdev Singh 2 1 Al-Falah School of Engg. & Tech., Vill-Dhauj, Ballabgarh-Sohna Road, Faridabad, Haryana (INDIA)-121004
More informationCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company
More informationCertified Cloud Computing Professional VS-1067
Certified Cloud Computing Professional VS-1067 Certified Cloud Computing Professional Certification Code VS-1067 Vskills Cloud Computing Professional assesses the candidate for a company s cloud computing
More informationAddressing Security for Hybrid Cloud
Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015 Cloud is rapidly
More informationSecuring Oracle E-Business Suite in the Cloud
Securing Oracle E-Business Suite in the Cloud November 18, 2015 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation Agenda The
More informationEntrust IdentityGuard Comprehensive
Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust
More informationidash Infrastructure to Host Sensitive Data: HIPAA Cloud Storage and Compute
integrating Data for Analysis, Anonymization, and SHaring idash Infrastructure to Host Sensitive Data: HIPAA Cloud Storage and Compute Claudiu Farcas, Antonios Koures Outline Infrastructure Overview Typical
More informationBlending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access
Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Vikas Jain Director, Product Management Intel Corporation Jesper Tohmo CTO, Nordic Edge (an Intel company) Session ID:
More informationEnterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere
Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere White Paper 7KH#&KDOOHQJH Virtual Private Networks (VPNs) provides a powerful means of protecting the privacy and integrity
More informationWhite Paper The Identity & Access Management (R)evolution
White Paper The Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 A New Perspective on Identity & Access Management Executive Summary Identity & Access Management
More informationProf. Sead Muftic Feng Zhang. Lecture 10: Secure E-mail Systems
Prof. Sead Muftic Feng Zhang Lecture 10: Secure E-mail Systems Lecture 10 : Secure E mail Systems Subjects / Topics : 1. Secure E mail systems 2. Secure, Trusted, Authorized and Reliable E Mail System
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationBringing Cloud Security Down to Earth. Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com
Bringing Cloud Security Down to Earth Andreas M Antonopoulos Senior Vice President & Founding Partner www.nemertes.com Agenda About Nemertes Cloud Dynamics and Adoption Assessing Risk of Cloud Services
More informationHow to Grow and Transform your Security Program into the Cloud
How to Grow and Transform your Security Program into the Cloud Wolfgang Kandek Qualys, Inc. Session ID: SPO-207 Session Classification: Intermediate Agenda Introduction Fundamentals of Vulnerability Management
More informationSecuring The Cloud. Russ Fellows, Managing Partner - Evaluator Group Inc.
Securing The Cloud Russ Fellows, Managing Partner - Evaluator Group Inc. SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationSAP Secure Operations Map. SAP Active Global Support Security Services May 2015
SAP Secure Operations Map SAP Active Global Support Security Services May 2015 SAP Secure Operations Map Security Compliance Security Governance Audit Cloud Security Emergency Concept Secure Operation
More informationCloud Security. Let s Open the Box. Abu Shohel Ahmed ahmed.shohel@ericsson.com NomadicLab, Ericsson Research
t Cloud Security Let s Open the Box t Abu Shohel Ahmed ahmed.shohel@ericsson.com NomadicLab, Ericsson Research Facts about Ericsson Ericsson is a world-leading provider of telecommunication equipment and
More informationHolger Reinhardt IBM Deutschland Research & Development GmbH holger.reinhardt@de.ibm.com. Cloud Appliances. 2010-03-07 2010 IBM Corporation
Holger Reinhardt IBM Deutschland Research & Development GmbH holger.reinhardt@de.ibm.com Cloud Appliances 2010-03-07 Disclaimer This document represents the author's views and opinions. It does not necessarily
More informationA Survey on Cloud Security Issues and Techniques
A Survey on Cloud Security Issues and Techniques Garima Gupta 1, P.R.Laxmi 2 and Shubhanjali Sharma 3 1 Department of Computer Engineering, Government Engineering College, Ajmer Guptagarima09@gmail.com
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationCloud-Security: Show-Stopper or Enabling Technology?
Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics
More informationSecurity aspects of e-tailing. Chapter 7
Security aspects of e-tailing Chapter 7 1 Learning Objectives Understand the general concerns of customers concerning security Understand what e-tailers can do to address these concerns 2 Players in e-tailing
More informationSecure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
More informationAccess Management Analysis of some available solutions
Access Management Analysis of some available solutions Enterprise Security & Risk Management May 2015 Authors: Yogesh Kumar Sharma, Kinshuk De, Dr. Sundeep Oberoi Access Management - Analysis of some available
More informationSecuring and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable
More informationIBM Campaign Version-independent Integration with IBM Engage Version 1 Release 3 April 8, 2016. Integration Guide IBM
IBM Campaign Version-independent Integration with IBM Engage Version 1 Release 3 April 8, 2016 Integration Guide IBM Note Before using this information and the product it supports, read the information
More informationArkansas Department of Information Systems Arkansas Department of Finance and Administration
Arkansas Department of Information Systems Arkansas Department of Finance and Administration Title: Electronic Signature Standard Document Number: SS 70 011 Effective Date: Act 722 of 2007 requires state
More informationDavid.Balka@chi.frb.org 2009 STREAM FRBC
Virtualization ti Dave Balka David.Balka@chi.frb.org Examination Elements Architecture Management Processes Integrity Availability Security 2 Datacenter Consolidation 3 What is Virtualization A framework
More informationAuditing the Security and Management of Smart Devices. ISACA Dallas Meeting February 13, 2014
Securely Manage your devices, applications and data. Deploy your corporate policies on smart devices. Comply with Regulatory Laws. Auditing the Security and Management of Smart Devices ISACA Dallas Meeting
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationCS 356 Lecture 28 Internet Authentication. Spring 2013
CS 356 Lecture 28 Internet Authentication Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationgoberlin a Trusted Cloud Marketplace for Governmental and Commercial Services
goberlin a Trusted Cloud Marketplace for Governmental and Commercial Services Data Protection and Security Considerations in an egovernment Cloud in Germany Dr. Klaus-Peter Eckert Public Sector Cloud Forum
More informationT-SYSTEMS Cloud STORY
Michael Moritz Lead Enterprise Architect Cloud Computing Cloud & Partner Sales - CTO Office T-Systems International GmbH Agenda Cloud Challenges T-Systems Cloud Strategy 2 Agenda Cloud Challenges T-Systems
More informationVendor Risk Assessment Questionnaire
Vendor Risk Assessment Questionnaire VENDOR INFORMATION: Vendor Name: Vendor Address: Vendor Contact Name: Vendor Contact Phone No: Vendor Contact Email: DATA SENSITIVITY What is the nature of data that
More informationRoadmap to Solving Enterprise Mobility
Roadmap to Solving Enterprise Mobility OUTLINE Enterprise Mobility Problem Start with email and device security Workspace is the right solution for existing assets How to build new apps? Bringing it all
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationAndroid Security. Device Management and Security. by Stephan Linzner & Benjamin Reimold
Android Security Device Management and Security by Stephan Linzner & Benjamin Reimold Introducing Stephan Linzner Benjamin Reimold Consultant, Software Engineer Mobile Developer Founder of Stuttgart GTUG
More informationManaged Servers ASA Extract FY14
Managed Servers ASA Extract FY14 1.0 Service Summary 1.1 Name Managed Servers 1.7 Mission/Vision UW IT currently manages over 900 managed servers for various owners and functions. There are 2 primary types
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More informationWhat you need to know about Office 365
What you need to know about Office 365 Phoenix ISACA Dede Alexiadis Imperva Skyfence Agenda Microsoft Office 365 basics Anytime Anywhere Let the data flow Risk and Governance Deployment Considerations
More informationCommercially Proven Trusted Computing Solutions RSA 2010
Commercially Proven Trusted Computing Solutions RSA 2010 Hardware Self-Encrypting Drives (SEDs) Unique Security Features Encryption below the file system Hardware root-of-trust for encryption Tamper resistant
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationHP AppPulse Mobile. Whitepaper: Privacy, Security, and Overhead. Document Release Date: September 2014 (v1.0)
HP AppPulse Mobile Whitepaper: Privacy, Security, and Overhead Document Release Date: September 2014 (v1.0) Introduction Introduction In mobile applications, user experience isn t everything; it s the
More informationGuide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid)
The World Internet Security Company Solutions for Security Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid) Wherever Security relies on Identity,
More informationSECURE YOUR DATA EXCHANGE WITH SAFE-T BOX
SECURE YOUR DATA EXCHANGE SAFE-T BOX WHITE PAPER Safe-T. Smart Security Made Simple. 1 The Costs of Uncontrolled Data Exchange 2 Safe-T Box Secure Data Exchange Platform 2.1 Business Applications and Data
More informationIONA Security Platform
IONA Security Platform February 22, 2002 Igor Balabine, PhD IONA Security Architect Copyright IONA Technologies 2001 End 2 Anywhere Agenda IONA Security Platform (isp) architecture Integrating with Enterprise
More informationCISCO IOS NETWORK SECURITY (IINS)
CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
More informationBlackBerry Device Software. Protecting BlackBerry Smartphones Against Malware. Security Note
BlackBerry Device Software Protecting BlackBerry Smartphones Against Malware Security Note Published: 2012-05-14 SWD-20120514091746191 Contents 1 Protecting smartphones from malware... 4 2 System requirements...
More informationSecure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved.
Secure your Privacy www.jrsys.com.tw CNN 2013/7/16 8:25PM Man Middle In The I got your ID/Password! Mobile Secure Secure sensitive access data Random Login Web Authentication One Secure Time Channel Password
More informationPerformance Management for Cloud-based Applications STC 2012
Performance Management for Cloud-based Applications STC 2012 1 Agenda Context Problem Statement Cloud Architecture Key Performance Challenges in Cloud Challenges & Recommendations 2 Context Cloud Computing
More informationEUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationDesign and Implementation Guide. Apple iphone Compatibility
Design and Implementation Guide Apple iphone Compatibility Introduction Security in wireless LANs has long been a concern for network administrators. While securing laptop devices is well understood, new
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationThe Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions
The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions Radomir Vranesevic Director and IT Architect Oracle Certified Master, CISSP Fusion Professionals 1 Agenda Introduction
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationStrategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security
Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities
More informationUsing SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP
Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationCloud Data Security. Sol Cates CSO @solcates scates@vormetric.com
Cloud Data Security Sol Cates CSO @solcates scates@vormetric.com Agenda The Cloud Securing your data, in someone else s house Explore IT s Dirty Little Secret Why is Data so Vulnerable? A bit about Vormetric
More informationWindows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org
Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes
More informationComparative study of security parameters by Cloud Providers
Comparative study of security parameters by Cloud Providers Manish Kumar Aery 1 Faculty of Computer Applications, Global Infotech Institute of IT & Management (LPUDE) aery.manish1@gmail.com, Sumit Gupta
More informationAppPulse Mobile. Whitepaper: Overhead, Privacy, and Security. March 2016
AppPulse Mobile Whitepaper: Overhead, Privacy, and Security March 2016 Legal Notices Warranty The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty
More informationAngel Dichev RIG, SAP Labs
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine SSL
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationAvatier Identity Management Suite
Avatier Identity Management Suite Migrating AIMS Configuration and Audit Log Data To Microsoft SQL Server Version 9 2603 Camino Ramon Suite 110 San Ramon, CA 94583 Phone: 800-609-8610 925-217-5170 FAX:
More informationOpen Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0
sm Open Data Center Alliance Usage: Infrastructure as a Service (IaaS) Privileged User Access rev. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Related Usage Models... 5 Reference Framework...
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationWhitepaper on AuthShield Two Factor Authentication with ERP Applications
Whitepaper on AuthShield Two Factor Authentication with ERP Applications By INNEFU Labs Pvt. Ltd Table of Contents 1. Overview... 3 2. Threats to account passwords... 4 2.1 Social Engineering or Password
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationSecurity Threat Risk Assessment: the final key piece of the PIA puzzle
Security Threat Risk Assessment: the final key piece of the PIA puzzle Curtis Kore, Information Security Analyst Angela Swan, Director, Information Security Agenda Introduction Current issues The value
More informationExecutive Summary. Architectural Overview WHITE PAPER
WHITE PAPER Securing Your Cloud-Based Data Integration A Best Practices Checklist A Report on Secure Integration Techniques Targeted at the Information Technology Executive Prepared by Mercury Consulting,
More informationRealizing the Benefits of Hybrid Cloud. Anand MS Cloud Solutions Architect Microsoft Asia Pacific
Realizing the Benefits of Hybrid Cloud Anand MS Cloud Solutions Architect Microsoft Asia Pacific Agenda Key drivers for Hybrid Cloud Unified Cloud Strategy Example Use Cases How to get there Hybrid Cloud:
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...
More informationWhite Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution
White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution Federation and Attribute Based Access Control Page 2 Realization of the IAM (R)evolution Executive Summary Many organizations
More informationData Centers and Cloud Computing
Data Centers and Cloud Computing CS377 Guest Lecture Tian Guo 1 Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Case Study: Amazon EC2 2 Data Centers
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationCLOUD COMPUTING & WINDOWS AZURE
CLOUD COMPUTING & WINDOWS AZURE WORKSHOP Overview This workshop is an introduction to cloud computing and specifically Microsoft s public cloud offering in Windows Azure. Windows Azure has been described
More informationGUJARAT TECHNOLOGICAL UNIVERSITY
GUJARAT TECHNOLOGICAL UNIVERSITY Seminar on Intrusion Detection for Hypervisor- Based Cloud Computing Infrastructure by Dr. Rajeev Agrawal, North Carolina A&T State University, USA GTU s PG Research Center
More informationHosted Microsoft Exchange Client Setup & Guide Book
Hosted Microsoft Exchange Client Setup & Guide Book Section 1 Microsoft Outlook Web Access (OWA) access directions Section 2 Windows Mobile Phone ActiveSync setup & configuration Section 3 - Apple iphone
More informationNetwork Security Protocols
Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination
More informationMANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013
MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY EMEA Webinar July 2013 Protecting the Enterprise Full Footprint Mobile user Application access management & Application security Enterprise headquarters
More informationHosted Microsoft Exchange Client Setup & Guide Book
Hosted Microsoft Exchange Client Setup & Guide Book Section 1 Microsoft Outlook Web Access (OWA) access directions Section 2 Windows 10 Mail App setup & configuration Section 3 Windows Mobile Phone ActiveSync
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationSecure Identity in Cloud Computing
Secure Identity in Cloud Computing Michelle Carter The Aerospace Corporation March 20, 2013 The Aerospace Corporation 2013 All trademarks, service marks, and trade names are the property of their respective
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationSecurity and Privacy in Cloud Computing
Security and Privacy in Cloud Computing Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 2 02/01/2010 Threats, vulnerabilities, and enemies Goal Learn the cloud computing threat model
More informationImplementing Microsoft Azure Infrastructure Solutions
Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently
More informationOpen Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0
sm Open Data Center Alliance Usage: Cloud Based Identity Governance and Auditing REV. 1.0 Table of Contents Legal Notice... 3 Executive Summary... 4 Purpose... 5 Reference Framework... 5 Context... 6 Applicability...
More informationXerox Mobile Print Cloud
September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United
More informationSAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES
SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES Sead Muftic 1, Feng Zhang 1 1Department of Computer and System Sciences, Royal Institute of Technology, Stockholm, Sweden
More information