Introduc)on* X.509*Cer)ficates* X.509* By:$Holz,$Braun,$Kammenhuber,$and$Carle$ Presented$by:$William$Garrard$
|
|
- Jody Melton
- 8 years ago
- Views:
Transcription
1 Introduc)on* By:$Holz,$Braun,$Kammenhuber,$and$Carle$ Presented$by:$William$Garrard$! How$secure$is$our$online$communication?$! Transport$Layer$Security$(TLS)/Secure$Sockets$Layer$ (SSL)$infrastructure$! HTTPs$and$IMAPs$protocols$! X.509$Public$Key$Infrastructure$(PKI)$certificates$! Collected$certificates$for$1.5$years$! Estimated$quality$of$current$PKI$deployment$! Found$several$breaks$and$inconsistencies$ $ X.509*! ITUVT$format$standard$for$Public$Key$Certificates$! Issued$by$trusted$Certification$Authorities$(CA)$! Prevents$imposters$in$a$digital$exchange$! Human$factors$within$CA s$! Black$box$process$! Potential$for$mischief$here$! Issued$certificates$are$trusted$completely$! Mozilla$trusts$~150$authorities.$$Do$you?$ X.509*Cer)ficates*! Subject$Line $ $contains$entity$to$which$it$is$issued.$ (DNS$host$name)$! Validity$period$! Public$Key$! Domain$! CrossVreferenced$by$browser$to$domain$being$accessed$! Digital$Signature$
2 X.509*Cer)ficates*! Issued$in$trees,$descending$from$Root$Certificates$! Forms$ trust$chains $! Delegates$identification$work$to$local$registrars$! Creates$points$of$attack$! Do$we$know$the$intermediaries$and/or$trust$them$ too?$! Root$certificates$are$shipped$to$browser$vendors$! Compromised$roots$are$a$major$situation$! Even$so,$users$do$not$seem$to$care$when$alerted$ Scans*! Used$Alexa$Top$1$Million$Hosts$! Active$! Used$OpenSSL$! Attempted$handshake$with$hosts$on$port$443$! Extracted$certificates,$connection$data$where$successful$! Passive$! Took$first$15kB$of$random$handshakes$on$Munich$ research$link$in$first$try$! 400kB$in$second$try$by$parallelizing$the$monitoring$ software$ Dataset*! Data$was$taken$from:$ 1. Active$scans$in$Tuebingen$and$Muenchen,$Germany$ 2. Distributed$nodes$around$the$world$via$PlanetLab$ for$comparison$based$on$location$ 3. Passive$scans$ 4. Other$researchers $work$! Grid$computing$sessions$were$disregarded$when$ possible.$ Related*Work*! Electronic$Frontier$Foundation$(EFF)$and$iSEC$(2010)$! Scanned$IPv4,$extracting$certificates$! Looked$for$weirdly$structures$certificates$! Which$CA s$did$what$! Ristic$(2010)$! Similar$to$EFF/iSec$! Added$to$current$dataset$! Lee,$et$al.$(2007)$! Investigated$cryptography$within$TLS/SSL$! Ignored$Certificates$! Yitek,$et$al.$(2009)$! Investigated$OpenSSL$bug$! Ignored$Certificates$! Scans$performed$by$ Landscape s $authors$lasted$much$longer$than$any$of$ these.$
3 Analysis **! How$many$hosts$allowed$TLS/SSL$connections$on$the$ proper$port?$! 66%$of$all$hosts$! 90%+$of$the$top$1000$! Many$failures$came$from$unknown$protocols$on$443,$ which$turned$out$to$be$plain$http$! Higher$ranked$hosts$lacked$irregular$configurations$! Were$crypto$algorithms$and$keys$strong?$! Most$connections$used$RC4,$AES$with$128$or$256$bit$ keys$! TripleVDES$found$in$about$10%$of$cases$still$! Compared$to$2007$data,$RC4$V128$is$now$most$popular,$ overtaking$aesv256$! Some$(~1V3%)$connections$had$no$encryption$! Likely$grid$traffic,$which$omits$this$for$speed$! How$often$is$the$same$certificate$used$on$multiple$ hosts?$! In$theory$it$should$be$never$! Practical$factors$like$cost$change$this$! Some$(~1/10,000)$certificates$used$for$>$10,000$hosts$! 1%$of$certificates$used$for$~10$hosts$! Many$repeat$offenders$were$hosting$companies$
4 ! Are$Certification$Chains$Valid?$! This$means$a$chain$leads$to$a$root$in$the$browser s$root$ store$! Signatures$and$expiration$dates$all$check$out$! Only$60%$valid$! 18%$Expired$! 25%$SelfVsigned$! Ratios$did$not$change$over$time,$meaning$no$ improvement$! Do$certificates$have$the$correct$host$name?$! Only$18.07%,$when$constrained$by$also$having$a$valid$ chain,$21%$otherwise$! Many$sites$are$not$to$be$used$with$HTTPs$anyway,$so$ this$may$not$be$so$bad$
5 Analysis **! Are$common$names$correct?$! Part$of$the$subject$field$on$a$certificate$! 60k$instances$of$ plesk $(Parallels/Plesk$Virtualization$ and$web$hosting$environment)$! 39k$instances$of$ localhost $! None$of$those$had$valid$chains$! Are$self$signed$certificates $host$names$correct?$! Issued$by$servers$to$themselves$! Useful$for$personal$servers$! Users$need$to$determine$trust$for$themselves$! 97%+$of$names$do$not$match$! plesk $and$ localhost $variants$occur$in$>50%$! Self$signed$certificates$are$not$maintained$! Are$extended$validation$(EV)$certificates$used?$! Designed$to$give$users$more$information$about$who$ they$are$connecting$to$! Only$8.93%$of$top$10,000$! 5.17%$of$top$50,$thanks$to$Google$! How$long$are$certificate$chains?$! Only$counted$intermediate$links,$not$root$and$end$ nodes$! Most$chains$are$<4$$ $$$nodes$in$length$! >50%$of$chains$were$$ $$$of$length$0$
6 ! Are$signature$algorithms$secure?$! MD5,$once$popular,$was$to$begin$a$phase$out$! Occurred$about$17.3%$in$2009$! Dropped$to$7.3%$in$2011$! SHA1$rose$to$make$up$the$difference$! Are$public$keys$strong$enough?$! RSAV768$was$cracked$in$2009$! RSAV1024$margin$is$decreasing$! Between$2009$and$2011,$>1024$bit$keys$rose$20%$in$ frequency,$with$1024$bit$keys$falling$about$that$much$! Are$validity$periods$the$proper$length?$! Longer$periods$make$easier$cracking$through$advances$ in$technology$and$hardware$! Most$are$for$1$year$+0V5$months.$! Others$for$2,3,4,5,10,15,20,$or$30$years$! >5$years$are$very$rare$! Smallest$was$2$hours,$longest$was$8,000$years$! How$do$distinct$intermediate$certificates$compare$to$ distinct$certification$chains?$! Very$broad$at$the$leaves,$shrinks$rapidly$to$the$root$ CA s$! Magnitudes$much$closer$in$top$1$million$than$in$IPv4$! In$general,$this$leads$to$too$great$an$attack$surface$to$ feel$safe$about$
7 ! How$are$certificates$different$by$location?$! Man$in$the$middle$attacks$can$be$launched$by$ swapping$certificates$at$a$few$locations$! Identified$several$thousand$suspicious$hosts,$mainly$in$ China$and$Russia$! Did$not$find$evidence$of$any$attacks$taking$place$! However,$did$not$investigate$all$suspicious$domains$! Overall,$not$many$differences$by$location$! Who$issues$the$most$certificates?$! Entities$issuing$>2000$certificates$made$up$>50%$of$all$ distinct$certificates$issued.$! Are$there$any$duplicate$serial$number$in$certificates$ issued$by$the$same$ca?$! None$were$found$! What$version$of$X.509$is$being$used?$! Version$1$is$outdated$! 13.99%$of$certificates$are$in$Version$1.$$None$were$valid$ chainwise$and$most$were$self$signed.$$most$of$the$ others$were$from$one$russian$company.$ Discussion*! Host$rank$is$inversely$related$to$valid$certificate$ holding$! Number$of$totally$good$certificates$is$low$overall$! Good:$! Valid$chains,$host$names,$chain$length$<3,$no$MD5,$no$ weak$keys,$>1024$bit$keys,$validity$<13$months$! Acceptable:$! Chain$length$<4,$validity$<25$months$! Valid$but$bad:$! All$others$with$correct$chains$and$host$names$
8 Discussion* Discussion*! Comprehensive$analysis$of$the$state$of$X.509$ certificates$in$the$muck$of$the$real$world$! Generated$many$ sobering $findings$! Ended$with$strong$negative$opinion$on$certificate$ system$overall$! Did$not$provide$outline$or$ideas$for$an$alternative$or$ improvements$beyond$fixing$what$was$reported$to$be$ broken$$ Next*Steps*! Analysis$on$the$relative$safety$enjoyed$currently$ versus$the$theoretical$ideal$based$on$current$ technology$and$protocols$! Development$of$a$more$eccentricityVresistant$ certificate$system$from$the$groundvup$ Ques)ons*
Internet!of!Services! Project!IntroducMon!
Internet!of!Services! Project!IntroducMon! Prof.!Dr.!Küpper,!S.!Göndör,!S.!Zickau,!M.!Slawik,!et!al.! ServiceIcentric!Networking! Telekom!InnovaMon!Laboratories!and!TU!Berlin! Introduc)on* Project!OrganizaMon!!
More informationPublic Key Infrastructures
Public Key Infrastructures Ralph Holz Network Architectures and Services Technische Universität München November 2014 Ralph Holz: Public Key Infrastructures 1 Part 2: Recent results or: the sorry state
More information!NAVSEC':!A!Recommender!System!for!3D! Network!Security!Visualiza<ons!
!:!A!Recommender!System!for!3D! Network!Security!Visualiza
More informationQuick Start Guide. User Manual. 1 March 2012
Quick Start Guide User Manual 1 March 2012 This document outlines the steps to install SAMLite system into a single box of server and configure it to run for passive collection (domain login script). This
More informationKnowledgebase Article
Company web site: Support email: Support telephone: +44 20 3287-7651 +1 646 233-1163 2 EMCO Network Inventory allows you to manage alternative credentials to use while performing different
More informationThe SSL Landscape. Ralph Holz, Thomas Riedmaier, Lothar Braun, Nils Kammenhuber. Network Architectures and Services Technische Universität München
The SSL Landscape Ralph Holz, Thomas Riedmaier, Lothar Braun, Nils Kammenhuber Network Architectures and Services Technische Universität München Hagenberg, 15 Mar 2012 Ralph Holz, Thomas Riedmaier, Lothar
More informationApogee Design Support Center
Apogee Design Support Center User Manual: Product Screen Explained Product(screen(explained Topics'covered: 1. Introduc+on 2. General 3. Pricing 4. Inventory 5. A:ributes Introduc1on We're?going?to?go?through?the?basic?seAngs?available?when?crea+ng?a?new?product.?
More informationEnabling SSL and Client Certificates on the SAP J2EE Engine
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs SAP AG 1 Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine
More informationHow to Configure Split DNS
How to Configure Split DNS Split DNS is a concept that allows a hostname to resolve to one IP address on the internal network, and another on the external network. An example is the G/On Server if it is
More informationGEMBus as a Service Oriented Pla5orm for Cloud- Based Composable Services
GEMBus as a Service Oriented Pla5orm for Cloud- Based Composable Services Constantinos Marinos NETMODE NTUA cmarinos@netmode.ntua.gr Introduc>on Service Oriented infrastructures can ease the deployment
More informationThe SSL Landscape A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements
The SSL Landscape A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements Ralph Holz, Lothar Braun, Nils Kammenhuber, Georg Carle Technische Universität München Faculty of Informatics
More informationthreads threads threads
AHybridMultithreading/Message-PassingApproachforSolving IrregularProblemsonSMPClusters Jan-JanWu InstituteofInformationScience AcademiaSinica Taipei,Taiwan,R.O.C. Chia-LienChiang Nai-WeiLin Dept.ComputerScience
More informationParallels Plesk Automation
Parallels Plesk Automation Contents Compact Configuration: Linux Shared Hosting 3 Compact Configuration: Mixed Linux and Windows Shared Hosting 4 Medium Size Configuration: Mixed Linux and Windows Shared
More informationMonitoring Network Traffic with Radial Traffic Analyzer
MonitoringNetworkTraffic withradialtrafficanalyzer DanielA.KeimFlorianMansmannJörnSchneidewindTobiasSchreck IEEESymposiumonVisualAnalyticsScienceandTechnology,2006 StefanHeinz SeminarVisualAnalytics SummerTerm2008
More informationTECHNICAL NOTES BrightSign Network Security Statement BrightSign, LLC. 16795 Lark Ave., Suite 200 Los Gatos, CA 95032 408-852-9263 www.brightsign.
TECHNICAL NOTES BrightSign Network Security Statement BrightSign, LLC. 16795 Lark Ave., Suite 200 Los Gatos, CA 95032 408-852-9263 www.brightsign.biz INTRODUCTION For a cloud-based content management and
More information1. If there is a temporary SSL certificate in your /ServerRoot/ssl/certs/ directory, move or delete it. 2. Run the following command:
C2Net Stronghold Cisco Adaptive Security Appliance (ASA) 5500 Cobalt RaQ4/XTR F5 BIG IP (version 9) F5 BIG IP (pre-version 9) F5 FirePass VPS HSphere Web Server IBM HTTP Server Java-based web server (generic)
More informationLecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.
Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution. 1 Opening quote. 2 The topics of cryptographic key management
More informationHowever,duetoboththescaleandthecomplexityoftheInternet,itisunlikelythatameasure-
Part1:AServer-BasedMeasurementInfrastructure NetworkPerformanceMeasurementandAnalysis Y.ThomasHou (ConceptPaper) AsInternettraccontinuestogrowexponentially,itisessentialforboththeusersandserviceproviders
More informationAuthentication Applications
Authentication Applications CSCI 454/554 Authentication Applications will consider authentication functions developed to support application-level authentication & digital signatures Kerberos a symmetric-key
More informationInstallation Guide ARGUS Symphony 1.6 and Business App Toolkit. 6/13/2014 2014 ARGUS Software, Inc.
ARGUS Symphony 1.6 and Business App Toolkit 6/13/2014 2014 ARGUS Software, Inc. Installation Guide for ARGUS Symphony 1.600.0 6/13/2014 Published by: ARGUS Software, Inc. 3050 Post Oak Boulevard Suite
More informationUnderstanding Digital Certificates and Secure Sockets Layer (SSL)
Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?
More informationImprovingRooftopDetectioninAerialImages MarcusA.Maloofy(maloof@apres.stanford.edu) ThroughMachineLearning PatLangleyy(langley@newatlantis.isle.org) ThomasBinfordz(binford@cs.stanford.edu) yinstituteforthestudyoflearningandexpertise
More informationX.509 Certificate Generator User Manual
X.509 Certificate Generator User Manual Introduction X.509 Certificate Generator is a tool that allows you to generate digital certificates in PFX format, on Microsoft Certificate Store or directly on
More informationUnderstanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions
A Fundamental Requirement for Internet Transactions May 2007 Copyright 2007 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationUniversity of Salford, UK Centre for Virtual Environments and Future Media. Carl Moore, Toby Duckworth and David Roberts
University of Salford, UK Centre for Virtual Environments and Future Media Carl Moore, Toby Duckworth and David Roberts Introduc)on Our 3D telepresence system uses multiple camera silhouettes to reconstruct
More informationUnderstanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions
Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions February 2005 All rights reserved. Page i Entrust is a registered trademark of Entrust,
More informationPrivate to Public Overflow between IP Media Gateways
1 of 5 04/10/2013 15:29 Version 02, October 2006 Private to Public Overflow between IP Media Gateways Detailed description Table of contents Steps of an Overflow Overflow to a DID Set Overflow to DID Set
More informationPlesk Control Panel Adding email accounts
Introduction This tutorial covers the procedure for setting up email accounts within your Plesk control panel. Every ProserveUK hosting account has a set limit for email accounts; you can create as many
More informationdomain is known as the high side, and the less secure domain is the low side. Depending on the application, the
Data diodes refer to unidirectional network links used in some high-security network architectures. This paper explains how data diodes are used to secure information and protect against intrusions; it
More information2. Installing GFI LANguard Network Security Scanner
2. Installing GFI LANguard Network Security Scanner System requirements Install GFI LANguard N.S.S on a computer that meets the following requirements: Windows 2000 (SP4), XP (SP2), 2003, 2008, VISTA (SP1),
More informationConsolida9ng Compliance Audits in Order to Improve Efficiency and Improve Risk and Compliance Posture Andrew Williams, Lead, Coalfire
Consolida9ng Compliance Audits in Order to Improve Efficiency and Improve Risk and Compliance Posture Andrew Williams, Lead, Coalfire Professional Strategies S11 2013 Fall Conference Sail to Success CRISC
More informationUte$Pass$July$2014$Storm$Events$ Report'on'Condi,ons
Ute$Pass$July$2014$Storm$Events$ Report'on'Condi,ons Reported(by(the(Coali0on(for(the(Upper(South(Pla7e( CONTENTS Sand(Gulch( ( ( ( ( ( ( ( ( ( 1( Wellington(Gulch( ( ( ( ( ( ( ( ( 4( Upper(Cascade(Drainage(
More informationWHAT IS LOG CORRELATION? Understanding the most powerful feature of SIEM WWW.ALIENVAULT.COM
WHAT IS LOG CORRELATION? Understanding the most powerful feature of SIEM WWW.ALIENVAULT.COM IT S ALWAYS IN THE LOGS. 84% of Organizations that had their security breached in 2011, had evidence of the breach
More informationOwner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de
Owner of the content within this article is www.isaserver.org Written by Marc Grote www.it-training-grote.de Microsoft Forefront TMG Using the BranchCache feature in Forefront TMG SP1 Abstract In this
More information8.0 for LINUX UNIX. What s New Document. Expand 2.1. Learn more at www.swsoft.com/plesk/expand
8.0 for LINUX UNIX What s New Document Expand 2.1 Learn more at www.swsoft.com/plesk/expand Published: December 2006 Revised: December 2006 Key Themes This new release of SWsoft Plesk Expand provides our
More informationJuniper Networks Secure Access. Initial Configuration User Records Synchronization
Juniper Networks Secure Access Initial Configuration User Records Synchronization 1 This document explain how to setup User records Synchronization between different clusters or stand alone units. Active/
More informationSSL BEST PRACTICES OVERVIEW
SSL BEST PRACTICES OVERVIEW THESE PROBLEMS ARE PERVASIVE 77.9% 5.2% 19.2% 42.3% 77.9% of sites are HTTP 5.2% have an incomplete chain 19.2% support weak/insecure cipher suites 42.3% support SSL 3.0 83.1%
More informationEnable SSL for Apollo 2015
Enable SSL for Apollo 2015 [1] Obtain proper SSL certificate *.pfx (contains both certificate and private keys) For example, the pfx file contains both certificate and private keys, also the ascii file
More informationBrocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1
PKI Tutorial Jim Kleinsteiber February 6, 2002 Page 1 Outline Public Key Cryptography Refresher Course Public / Private Key Pair Public-Key Is it really yours? Digital Certificate Certificate Authority
More informationAnalysis of the HTTPS Certificate Ecosystem
Analysis of the HTTPS Certificate Ecosystem, James Kasten, Michael Bailey, J. Alex Halderman University of Michigan HTTPS and TLS How does HTTPS and the CA ecosystem fit into our daily lives? Nearly all
More informationCer$ficates- as- an- Insurance (CaaI): Incen$vizing Accountability in SSL/TLS
Cer$ficates- as- an- Insurance (CaaI): Incen$vizing Accountability in SSL/TLS Stephanos Matsumoto (CMU/ETH Zurich) Raphael M. Reischuk (ETH Zurich) Workshop on the Security of Emerging Network Technologies
More informationPlesk Automation Billing Module for Parallels Plesk Automation:
Parallels Plesk Automation Billing Module for Parallels Plesk Automation: Q3 2014 Key Features and Benefits www.parallels.com Table of Contents Introduction... 3 Parallels Plesk Automation Billing Features
More informationSecure Web Service - Hybrid. Policy Server Setup. Release 9.2.5 Manual Version 1.01
Secure Web Service - Hybrid Policy Server Setup Release 9.2.5 Manual Version 1.01 M86 SECURITY WEB SERVICE HYBRID QUICK START USER GUIDE 2010 M86 Security All rights reserved. 828 W. Taft Ave., Orange,
More informationConfigure AlwaysOn Failover Cluster Instances (SQL Server) using InfoSphere Data Replication Change Data Capture (CDC) on Windows Server 2012
Configure AlwaysOn Failover Cluster Instances (SQL Server) using InfoSphere Data Replication Change Data Capture (CDC) on Windows Server 2012 Introduction As part of the SQL Server AlwaysOn offering, AlwaysOn
More informationConfiguring Email Notification for Business Glossary
Configuring Email Notification for Business Glossary 1993-2016 Informatica LLC. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording
More informationWeb Security: Encryption & Authentication
Web Security: Encryption & Authentication Arnon Rungsawang fenganr@ku.ac.th Massive Information & Knowledge Engineering Department of Computer Engineering Faculty of Engineering Kasetsart University, Bangkok,
More informationSoftware License Monitoring
Software License Monitoring Module Objectives In the Software License Monitoring section you will learn: Use Cases for the Software License Monitoring Features and Functionality of Software License Monitoring
More informationParallels Plesk Automation
Parallels Plesk Automation Copyright Notice Parallels IP Holdings GmbH Vordergasse 59 CH-Schaffhausen Switzerland Phone: +41 526320 411 Fax: +41 52672 2010 Global Headquarters 500 SW 39th Street, Suite
More information2016 Gateway Health Certification
2016 Onboarding 2016 Gateway Health Certification Welcome to the 2016 Gateway Health Certification 1. Open the email you received from your up-line, it should look similar to this and contain your Agent
More informationThe Concept of Trust in Network Security
En White Paper Date: August 2000 Version: 1.2 En is a registered trademark of En, Inc. in the United States and certain other countries. En is a registered trademark of En Limited in Canada. All other
More informationParallels Business Automation - Standard
Parallels Parallels Business Automation - Standard Release Notes Release 4.0 (c) 1999-2010 Printed: 12/27/2010 ISBN: N/A Parallels 13755 Sunrise Valley Drive Suite 600 Herndon, VA 20171 USA Tel: +1 (703)
More informationA Distributed Active Response Architecture for Preventing SSH Dictionary Attacks
A Distributed Active Response Architecture for Preventing SSH Dictionary Attacks J. Lane Thames Georgia Institute of Technology lane.thames@gatech.edu Randal Abler Georgia Institute of Technology randal.abler@gatech.edu
More informationComodo Web Application Firewall for Plesk Software Version 2.11
2 Comodo Web Application Firewall for Plesk Software Version 2.11 Administrator Guide Guide Version 2.11.071315 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1. Comodo
More informationMapRoad - Pavement Management System (PMS) Local Government Management Agency (LGMA)
Project Title: Client: Project Work Package: MapRoad - Pavement Management System (PMS) Local Government Management Agency (LGMA) Support / Project Management Document Title: MapRoad - PMS - Ticket Tracker
More informationCloud Computing ECPE 293A. Introduc1on
Cloud Computing ECPE 293A Introduc1on 2 3 Introductions Introduce yourself Name Undergrad major Interests Hardware which area? SoAware which area? 4 = Looking at pictures of clouds with computers 5 Cloud
More informationCase 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8
Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138 Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 2 of 138 Domain Name: CELLULARVERISON.COM Updated Date: 12-dec-2007
More informationCrystal Reports. For Visual Studio.NET. Reporting Off ADO.NET Datasets
Crystal Reports For Visual Studio.NET Reporting Off ADO.NET Datasets 2001 Crystal Decisions, Inc. Crystal Decisions, Crystal Reports, and the Crystal Decisions logo are registered trademarks or trademarks
More informationRTI v3.3 Lightweight Deep Diagnostics for LoadRunner
RTI v3.3 Lightweight Deep Diagnostics for LoadRunner Monitoring Performance of LoadRunner Transactions End-to-End This quick start guide is intended to get you up-and-running quickly analyzing Web Performance
More informationParallels Plesk Panel
Parallels Plesk Panel Copyright Notice Parallels Holdings, Ltd. c/o Parallels International GMbH Vordergasse 49 CH8200 Schaffhausen Switzerland Phone: +41 526320 411 Fax: +41 52672 2010 Copyright 1999-2011
More informationIntroduction to Network Security Key Management and Distribution
Introduction to Network Security Key Management and Distribution Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2015
More informationEXAMPLE OF ELIGIBLE AND INELIGIBLE COURSES
Non-FEWA Continuing Education Coursework Form Candidates seeking CFLC certification may submit non-fewa continuing education coursework for approval provided they meet the objectives of the CFLC Core Program
More informationPublic Key Infrastructure
UT DALLAS Erik Jonsson School of Engineering & Computer Science Public Key Infrastructure Murat Kantarcioglu What is PKI How to ensure the authenticity of public keys How can Alice be sure that Bob s purported
More informationKEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1
KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE Mihir Bellare UCSD 1 The public key setting Alice M D sk[a] (C) Bob pk[a] C C $ E pk[a] (M) σ $ S sk[a] (M) M, σ Vpk[A] (M, σ) Bob can: send encrypted data
More informationWe begin with a number of definitions, and follow through to the conclusion of the installation.
Owl-Hosted Server Version 0.9x HOW TO Set up Owl using cpanel Introduction Much of the documentation for the installation of Owl Intranet Knowledgebase assumes a knowledge of servers, and that the installation
More informationTREATMENT PLAN DOMAINS: For each goal, please complete each of the following domains:
Section 24 Provider Agency: Date of Individual Treatment Plan: DOB: Age: TREATMENT PLAN DOMAINS: For each goal, please complete each of the following domains: Describe what the child will do in observable
More informationConfiguration Worksheets for Oracle WebCenter Ensemble 10.3
Configuration Worksheets for Oracle WebCenter Ensemble 10.3 This document contains worksheets for installing and configuring Oracle WebCenter Ensemble 10.3. Print this document and use it to gather the
More informationNSBA: Small Business Congress. Sam Hodges Founder & Managing Director, Funding Circle
NSBA: Small Business Congress Sam Hodges Founder & Managing Director, Funding Circle Disclaimer This document provides general and preliminary information about Funding Circle s (FC) commercial lending
More informationE-Signatures. Chris Reed. Professor of Electronic Commerce Law
E-Signatures Chris Reed Professor of Electronic Commerce Law Centre for Commercial Law Studies, Queen Mary University of London Of counsel, Lawrence Graham Agenda Rethinking the concept of signature e-signature
More informationDNS Service Implementation and Changeover
DNS Service Implementation and Changeover White Paper Nixu Software Oy Ltd A Nixu Group Company Keilaranta 15 FI-02150 Espoo Finland www.nixusoftware.com Importing Zone Data to Nixu NameSurfer The zone
More informationCertificates and network security
Certificates and network security Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 Outline X.509 certificates and PKI Network security basics: threats and goals Secure socket layer
More informationSecure Sockets Layer (SSL) / Transport Layer Security (TLS)
Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Brad Karp UCL Computer Science CS GZ03 / M030 19 th November 2014 What Problems Do SSL/TLS Solve? Two parties, client and server, not previously
More informationMeasuringWebPerformanceintheWideArea 111CummingtonSt,Boston,MA2215 PaulBarfordandMarkCrovella ComputerScienceDepartment BostonUniversity fbarford,crovellag@cs.bu.edu BU-CS-99-4 April26,1999 andcontinuedgrowthmakethisadicultquestiontoanswer.wedescribethewideareaweb
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationCA XOsoft Replication for Windows
CA XOsoft Replication for Windows Microsoft SQL Server Operation Guide r12.5 This documentation and any related computer software help programs (hereinafter referred to as the Documentation ) is for the
More informationSetting Up Your Assisted Service Plan Dedicated Server
Setting Up Your Assisted Service Plan Dedicated Server An informative and perky introduction to your dedicated server with Assisted Service Plan This Quick Start Guide answers that nagging What s next?
More informationCA ARCserve and CA XOsoft r12.5 Best Practices for protecting Microsoft Exchange
CA RECOVERY MANAGEMENT R12.5 BEST PRACTICES CA ARCserve and CA XOsoft r12.5 Best Practices for protecting Microsoft Exchange Overview Benefits The CA Advantage The CA ARCserve Backup Support and Engineering
More informationIntroduc)on to the IoT- A methodology
10/11/14 1 Introduc)on to the IoTA methodology Olivier SAVRY CEA LETI 10/11/14 2 IoTA Objec)ves Provide a reference model of architecture (ARM) based on Interoperability Scalability Security and Privacy
More informationITCertMaster. http://www.itcertmaster.com. Safe, simple and fast. 100% Pass guarantee! IT Certification Guaranteed, The Easy Way!
ITCertMaster Safe, simple and fast. 100% Pass guarantee! http://www.itcertmaster.com IT Certification Guaranteed, The Easy Way! Exam : E20-895 Title : Backup Recovery - Avamar Expert Exam for Implementation
More information1. Introduction Page3 2. Windows Cluster Page3 2.1 High availability Cluster Page3 2.2 Shared Storage Device Page4 2.3 Active Passive Mode Page4
Index 1. Introduction Page3 2. Windows Cluster Page3 2.1 High availability Cluster Page3 2.2 Shared Storage Device Page4 2.3 Active Passive Mode Page4 3 Boundary conditions Page4 4. Installation of Kyocontrol
More informationNGASI Shared-Runtime Manager Administration and User Guide. 1999-2010 WebAppShowcase DBA NGASI
NGASI Shared-Runtime Manager Administration and User Guide 2 NGASI Shared-Runtime Manager Table of Contents Part I Introduction 4 0 1 Overview... 4 2 Requirements... 4 Part II Administrator 6 1 Login...
More informationCymon.io. Open Threat Intelligence. 29 October 2015 Copyright 2015 esentire, Inc. 1
Cymon.io Open Threat Intelligence 29 October 2015 Copyright 2015 esentire, Inc. 1 #> whoami» Roy Firestein» Senior Consultant» Doing Research & Development» Other work include:» docping.me» threatlab.io
More informationHow to configure Enterprise Cloud
How to configure Enterprise Cloud Note: Before configuring Enterprise Cloud on GajShield, make sure you have Cloud license. Important: Below configuration can be used in all type of browsing mode. When
More informationConfiguring Security for FTP Traffic
2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP
More informationCloudFlare Installation Guide for Plesk Panel 11.x and 10.4.4
CloudFlare Installation Guide for Plesk Panel 11.x and 10.4.4 Part I: Part II: CloudFlare Integration for the Hoster CloudFlare Installation for Customer / Site Owner Part III: Notes and FAQs IMPORTANT:
More informationParallels Plesk Panel
Parallels Plesk Panel Copyright Notice Parallels Holdings, Ltd. c/o Parallels International GMbH Vordergasse 49 CH8200 Schaffhausen Switzerland Phone: +41 526320 411 Fax: +41 52672 2010 Copyright 1999-2011
More informationSSL Guide. (Secure Socket Layer)
SSL Guide (Secure Socket Layer) To find basic information about network and advanced network features of your Brother machine: uu Network User's Guide. To download the latest manual, please visit the Brother
More informationCS455 - Lab 10. Thilina Buddhika. April 6, 2015
Thilina Buddhika April 6, 2015 Agenda Course Logistics Quiz 8 Review Giga Sort - FAQ Census Data Analysis - Introduction Implementing Custom Data Types in Hadoop Course Logistics HW3-PC Component 1 (Giga
More informationAPS Windows Servers Argonne National Laboratory is managed by The University of Chicago for the U.S. Department of Energy
APS Windows Servers Steve Potempa December 13, 2005 Argonne National Laboratory is managed by The University of Chicago for the U.S. Department of Energy Microsoft Windows Active Directory Authentication
More informationStartup Guide for Multi Domain Windows Hosting 7/20/11
Startup Guide for Multi Domain Windows Hosting Table of contents 1. Features 2. Plans and Price 3. Sign up for Multi Domain Windows Hosting 4. Set up your Multi Domain Windows Hosting Set price Display
More informationDedicated Hosting. The best of all worlds. Build your server to deliver just what you want. For more information visit: imcloudservices.com.
Dedicated Hosting The best of all worlds. Build your server to deliver just what you want. Only pay for what you use with no long term contracts. High availability, your server is in the cloud. Dedicated
More informationSideload Windows Store Apps in Windows 8
Sideload Windows Store Apps in Windows 8 1. Introduction Windows Store apps bring a new dimension to the user experience, supporting multitouch and traditional keyboard and mouse user input. Organizations
More informationCopyright 2015 http://itfreetraining.com
This video will install Active Directory Federation Services on Windows Server 2012. In a previous video, an enterprise CA was installed and configured. This video will use that enterprise CA to issue
More informationILTA 2013 - HAND 6B. Upgrading and Deploying. Windows Server 2012. In the Legal Environment
ILTA 2013 - HAND 6B Upgrading and Deploying Windows Server 2012 In the Legal Environment Table of Contents Purpose of This Lab... 3 Lab Environment... 3 Presenter... 3 Exercise 1 Add Roles and Features...
More informationThis presenta,on covers the essen,al informa,on about IT services and facili,es which all new students will need to get started.
This presenta,on covers the essen,al informa,on about IT services and facili,es which all new students will need to get started. 1 Most of the informa,on is covered in more depth on the Informa,on Services
More informationData Management in the Cloud: Limitations and Opportunities. Annies Ductan
Data Management in the Cloud: Limitations and Opportunities Annies Ductan Discussion Outline: Introduc)on Overview Vision of Cloud Compu8ng Managing Data in The Cloud Cloud Characteris8cs Data Management
More informationCreating a master/slave DNS server combination for your Grid Infrastructure
Creating a master/slave DNS server combination for your Grid Infrastructure When doing a Grid Infrastructure installation, a DNS server is needed to resolve addresses for the cluster- scan addresses. In
More informationFORM FOR CHANGING.VN REGISTRAR (Transfer Out)
Fax: (858) 571-8497 : Transfer.VN@DotVN.com Fax: (858) 571-8497 : Transfer.VN@DotVN.com 1. Domain ( DN ) FORM FOR CHANGING.VN REGISTRAR (Transfer Out) Only one Domain request per Form All Transfer-out
More informationRSA Keys with Common Factors
RSA Keys with Common Factors Joppe W. Bos Cryptography group extreme Computing Group, Microsoft Research 1 / 19 Outline 2 / 19 Public-Key Cryptography 3 / 19 Cryptanalysis of Public-Key Cryptography Popular
More informationSecure Client Applications
Secure Client Applications Networking Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 26 June 2014 Common/Reports/secure-client-apps.tex, r900 1/26 Acronyms
More informationHadoopRDF : A Scalable RDF Data Analysis System
HadoopRDF : A Scalable RDF Data Analysis System Yuan Tian 1, Jinhang DU 1, Haofen Wang 1, Yuan Ni 2, and Yong Yu 1 1 Shanghai Jiao Tong University, Shanghai, China {tian,dujh,whfcarter}@apex.sjtu.edu.cn
More information