Security architecture Integrating security into the communicating vehicle. Norbert Bissmeyer, Fraunhofer SIT June 18 th 2015

Size: px
Start display at page:

Download "Security architecture Integrating security into the communicating vehicle. Norbert Bissmeyer, Fraunhofer SIT June 18 th 2015"

Transcription

1 Security architecture Integrating security into the communicating vehicle Norbert Bissmeyer, Fraunhofer SIT June 18 th 2015

2 Overview PRESERVE provides a close-to-market V2X Security Architecture (VSA) considering External V2X communication security Onboard communication & data security Public Key Infrastructure (PKI) Privacy protection Abstract V2X security architecture Detailed PRESERVE architecture 2

3 Contribution to Harmonization and Standardization ETSI Internal Security Interfaces conforming to ETSI ITS WG 5 Integration of security in the communication stack according to ETSI EN (Geo Networking) C2C-CC Joint architecture workshop TF PKI, TF TAL, TF Privacy HTG 1 & 3 / HTG 6 Participation as C-ITS experts Status of security standards and needs for harmonization International harmonization of C-ITS Credential Management System (CCMS) 3

4 Applications Road Safety Road Traffic Efficiency Comfort and Mobility FA SA Security Secure Information Secure Communication MF Facilities SF Secure Software Data Consistency and Plausibility Internal Communication Secure Storage Privacy Protection External Communication Management MN Networking & Transport SN Credential Management Security Management Security Entities Management Access Security Analysis Security Policies HSM MI Internal Communication SI Audit Monitoring Policy Storage Policy Management Sec. Storage Crypto Acc. External Communication Logging Policy Enforcement TRNG

5 In- Vehicle PRESERVE Vehicle Security Subsystem Sensors Sensors Sensors ECUs Head Unit CAN Bus Comm. Control Security Event Processor Policy Decision Entity Auth. Security Support Platform Integrity Crypto. Services HW Layer TPM HSM Open SSL Applications V2X Comm. Stack Facilities Layer Network Layer MAC Layer CL External API Convergence Layer CL Internal API Privacy Enforcement Runtime Architecture Secure Communication Communication Layer Pseudonym Manag. ID & Trust Management Security Services Management and Configuration Legend X Y X use service of Y Sevecom Mod. EVITA PRECIOSA Mod. External SW/HW Optional comp.

6 Public Key Infrastructure

7 Public Key Infrastructure ITS G5 Network V2X Security Infrastructure CA certs. Long-term Certificate Authority IP LTC Root Certificate Authority ITS G5 PC 1 PC n Pseudonym Certificate Authority V2X message PC 1 RSU Vehicles 7

8 Results of the PRESERVE Architecture Workshop 2013 Relation of IP and non-ip communication from a security perspective Parallel processing of packets in the communication stack to fully exploit HSM performance Verification-on-demand, certificate omission and their relation to Distributed Congestion Control Meta-data and cross-layer signalling of security information Development of the PKI architecture in more complex ITS settings Design of Misbehavior Detection 8

9 Summary PRESERVE V2X Security Architecture Bridges the gap between the very abstract ETSI reference architecture and specific implementations Conforming with current standards and considers in addition future aspects Stable basis for V2X security implementers and integrators 9

10 BACKUP SLIDES 10

11 Integration of Security Header 11

12 Onboard Meta Data Exchange 12

13 Pseudonym Certificate Refill 13

The relevance of cyber-security to functional safety of connected and automated vehicles

The relevance of cyber-security to functional safety of connected and automated vehicles The relevance of cyber-security to functional safety of connected and automated vehicles André Weimerskirch University of Michigan Transportation Research Institute (UMTRI) February 12, 2014 Introduction

More information

Communications Security for Cooperative Intelligent Transportation Systems (C-ITS)

Communications Security for Cooperative Intelligent Transportation Systems (C-ITS) Communications Security for Cooperative Intelligent Transportation Systems (C-ITS) William Whyte Chief Scientist Security Innovation May 2015 Baseline questions What is connected vehicle communications

More information

Vehicular On-board Security: EVITA Project

Vehicular On-board Security: EVITA Project C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security

More information

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded

More information

Securing Wireless Access in Vehicular Environments (WAVE) Infrastructure and Operations Support Systems(OSS) Architecture

Securing Wireless Access in Vehicular Environments (WAVE) Infrastructure and Operations Support Systems(OSS) Architecture IEEE GLOBECOM Design and Developers Forum Securing Wireless Access in Vehicular Environments (WAVE) Infrastructure and Operations Support Systems(OSS) Architecture Tim Weil CISSP, CISA Booz Allen Hamilton

More information

Securing Wireless Access for Vehicular Environments (WAVE)

Securing Wireless Access for Vehicular Environments (WAVE) Securing Wireless Access for Vehicular Environments (WAVE) May 7, 2009 CTST, New Orleans Tim Weil CISSP/CISA Security Architect ITS Engineering Booz Allen Hamilton 0 The concept of VII started upon the

More information

ETSI TC ITS RELEASE PROCESS

ETSI TC ITS RELEASE PROCESS ETSI TC ITS RELEASE PROCESS ITS Workshop Doha 7-9 February 2012 Søren Hess Chairman ETSI TC ITS hess@shess.dk Status of ETSI standardisation M/453 Applicationand Facility Network and transport GeoNetworking

More information

Introduction of Information Security Research Division

Introduction of Information Security Research Division Introduction of Information Security Research Division 2005. 5. 13. Kyo-il Chung, Ph. D. Information Security Infrastructure Research Group Contents Overview - Secure u-it KOREA - Organization of ETRI

More information

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé

More information

Future Directions for Internet of Things Work

Future Directions for Internet of Things Work Future Directions for Internet of Things Work Naming Architecture for Object to Object Communications 77 th IETF Anaheim, March 2010 Gyu Myoung Lee (gmlee@it-sudparis.eu)

More information

Identification of Authenticity Requirements in Systems of Systems by Functional Security Analysis

Identification of Authenticity Requirements in Systems of Systems by Functional Security Analysis Identification of Authenticity Requirements in Systems of Systems by Functional Security Analysis Andreas Fuchs and Roland Rieke {andreas.fuchs,roland.rieke}@sit.fraunhofer.de Fraunhofer Institute for

More information

KVM Security - Where Are We At, Where Are We Going

KVM Security - Where Are We At, Where Are We Going Klaus Heinrich Kiwi Software Engineer LinuxCon Brazil August 31, 2010 KVM Security - Where Are We At, Where Are We Going Klaus Heinrich Kiwi, IBM LTC 2010 IBM Corporation KVM Security - Where Are We At,

More information

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing

More information

Laboratory Exercises V: IP Security Protocol (IPSec)

Laboratory Exercises V: IP Security Protocol (IPSec) Department of Electronics Faculty of Electrical Engineering, Mechanical Engineering and Naval Architecture (FESB) University of Split, Croatia Laboratory Exercises V: IP Security Protocol (IPSec) Keywords:

More information

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

SOFTWARE-DEFINED NETWORKING AND OPENFLOW SOFTWARE-DEFINED NETWORKING AND OPENFLOW Freddie Örnebjär TREX Workshop 2012 2012 Brocade Communications Systems, Inc. 2012/09/14 Software-Defined Networking (SDN): Fundamental Control

More information

CONVERGENCE Glossary (version of 30/10/2012)

CONVERGENCE Glossary (version of 30/10/2012) Glossary (version of 30/10/2012) Term Access Rights Advertise Application Business Scenario CA CCN Cl_Auth_SC Cl_Auth_User_Pw Clean-slate architecture CoApp CoApp Provider CoMid CoMid Provider CoMid Resource

More information

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

More information

Hardware Security for Trustworthy C2X Applications Marko Wolf

Hardware Security for Trustworthy C2X Applications Marko Wolf Hardware Security for Trustworthy C2X Applications Marko Wolf C2C-CC/CAMP Harmonization Workshop, Wolfsburg, Germany, 15.3.2012 Outline 1. Three General Reasons for Automotive Hardware Security Modules

More information

Long Term Evolution - LTE. A short overview

Long Term Evolution - LTE. A short overview Long Term Evolution - LTE A short overview LTE Architecture 2 Conformance Test Suite Specification 3 GPP and ETSI product 3GPP TS 32.523-3 Evolved Universal Terrestrial Radio Access (E-UTRA) User Equipment

More information

e-authentication guidelines for esign- Online Electronic Signature Service

e-authentication guidelines for esign- Online Electronic Signature Service e-authentication guidelines for esign- Online Electronic Signature Service Version 1.0 June 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry of Communications

More information

Affording the Upgrade to Higher Speed & Density

Affording the Upgrade to Higher Speed & Density Affording the Upgrade to Higher Speed & Density Ethernet Summit February 22, 2012 Agenda VSS Overview Technology Q&A 2 Corporate Overview World Leader in Network Intelligence Optimization Deployed in 80%

More information

MIF Charter update proposal

MIF Charter update proposal MIF Charter update proposal MIF WG Charter update proposal summary http://www.ietf.org/mail-archive/web/mif/current/msg02125.html Specific deliverables listed MPVD architecture document Requirement for

More information

SWITCHpki long lived grid user certificates

SWITCHpki long lived grid user certificates SWITCHpki long lived grid user certificates PKI meeting in Bern Bern, 15 June 2010 Alessandro Usai alessandro.usai@switch.ch Trust Link Interface! Long lived grid user certificates are now handled by the

More information

Key Management Best Practices

Key Management Best Practices White Paper Key Management Best Practices Data encryption is a fundamental component of strategies to address security threats and satisfy regulatory mandates. While encryption is not in itself difficult

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP) Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic

More information

Management and Web service Management

Management and Web service Management Management and Web service Management This presentation offers work to OASIS completed by IBM with contribution from CA and Talking Blocks The work details a frame of reference for Management Applications,

More information

OS/390 Firewall Technology Overview

OS/390 Firewall Technology Overview OS/390 Firewall Technology Overview Washington System Center Mary Sweat E - Mail: sweatm@us.ibm.com Agenda Basic Firewall strategies and design Hardware requirements Software requirements Components of

More information

ITS Safety, Security and Privacy. Scott Cadzow, i-tour partner, ETSI ITS WG5 Chairman

ITS Safety, Security and Privacy. Scott Cadzow, i-tour partner, ETSI ITS WG5 Chairman ITS Safety, Security and Privacy Scott Cadzow, i-tour partner, ETSI ITS WG5 Chairman 1 ITS Security tutorial agenda ITS security/safety/privacy in context The security process TVRA what we analysed and

More information

ReadyNAS Remote White Paper. NETGEAR May 2010

ReadyNAS Remote White Paper. NETGEAR May 2010 ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that

More information

Some issues in Cross-Layer Architecture in Mobile Ad Hoc Networks

Some issues in Cross-Layer Architecture in Mobile Ad Hoc Networks Some issues in Cross-Layer Architecture in Mobile Ad Hoc Networks Navid Nikaein and Rolf Winter Institut Eurecom Freie Universität Berlin http://manet.eurecom.fr June 31, 2005 1 Importance of a Good Architectural

More information

Cloud Security Overview

Cloud Security Overview UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Security Overview Murat Kantarcioglu Outline Current cloud security techniques Amazon Web services Microsoft Azure Cloud Security Challengers

More information

Enterprise Security Architecture Concepts and Practice

Enterprise Security Architecture Concepts and Practice Enterprise Architecture Concepts and Practice Jim Whitmore whitmore@us.ibm.com Presentation to Open Group Oct 22, 2003 Enterprise Architecture Abstract In the early 90 s IBM Global Services created a Consultancy

More information

PCI Compliance Considerations

PCI Compliance Considerations PCI Compliance Considerations This article outlines implementation considerations when deploying the Barracuda Load Balancer ADC in an environment subject to PCI Data Security Standard (PCI DSS) compliance.

More information

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above CCNA1 V3.0 Mod 10 (Ch 8) 1. How many bits are in an IP C. 64 2. What is the maximum value of each octet in an IP A. 28 55 C. 256 3. The network number plays what part in an IP A. It specifies the network

More information

The Costs of Managed PKI:

The Costs of Managed PKI: The Costs of Managed PKI: In-House Implementation of PKI vs. Traditional Managed PKI vs. ON-Demand PKI A TC TrustCenter Whitepaper Last Updated: February 2008 Introduction Until recently, organizations

More information

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston

Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston Protecting Official Records as Evidence in the Cloud Environment Anne Thurston Introduction In a cloud computing environment, government records are held in virtual storage. A service provider looks after

More information

Building a protocol validator for Business to Business Communications. Abstract

Building a protocol validator for Business to Business Communications. Abstract Building a protocol validator for Business to Business Communications Rudi van Drunen, Competa IT B.V. (r.van.drunen@competa.com) Rix Groenboom, Parasoft Netherlands (rix.groenboom@parasoft.nl) Abstract

More information

API-Security Gateway Dirk Krafzig

API-Security Gateway Dirk Krafzig API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing

More information

X-Road is a platform independent data exchange layer between different databases and information systems.

X-Road is a platform independent data exchange layer between different databases and information systems. What is? is a platform independent data exchange layer between different databases and information systems. Platform independence is achieved by using standardised SOAP protocol. Services services are

More information

Feature Comparison. Windows Server 2008 R2 Hyper-V and Windows Server 2012 Hyper-V

Feature Comparison. Windows Server 2008 R2 Hyper-V and Windows Server 2012 Hyper-V Comparison and Contents Introduction... 4 More Secure Multitenancy... 5 Flexible Infrastructure... 9 Scale, Performance, and Density... 13 High Availability... 18 Processor and Memory Support... 24 Network...

More information

OpenFlow: History and Overview. Demo of OpenFlow@home routers

OpenFlow: History and Overview. Demo of OpenFlow@home routers Affan A. Syed affan.syed@nu.edu.pk Syed Ali Khayam ali.khayam@seecs.nust.edu.pk OpenFlow: History and Overview Dr. Affan A. Syed OpenFlow and Software Defined Networking Dr. Syed Ali Khayam Demo of OpenFlow@home

More information

Universal Flash Storage: Mobilize Your Data

Universal Flash Storage: Mobilize Your Data White Paper Universal Flash Storage: Mobilize Your Data Executive Summary The explosive growth in portable devices over the past decade continues to challenge manufacturers wishing to add memory to their

More information

Looking Ahead The Path to Moving Security into the Cloud

Looking Ahead The Path to Moving Security into the Cloud Looking Ahead The Path to Moving Security into the Cloud Gerhard Eschelbeck Sophos Session ID: SPO2-107 Session Classification: Intermediate Agenda The Changing Threat Landscape Evolution of Application

More information

Vehicular Security Hardware The Security for Vehicular Security Mechanisms

Vehicular Security Hardware The Security for Vehicular Security Mechanisms escrypt GmbH Embedded Security Systemhaus für eingebettete Sicherheit Vehicular Security Hardware The Security for Vehicular Security Mechanisms Marko Wolf, escrypt GmbH Embedded Security Embedded Security

More information

Realization of key technology of Trusted Network Connect based on IF-MAP protocol

Realization of key technology of Trusted Network Connect based on IF-MAP protocol First International Conference on Information Science and Electronic Technology (ISET 2015) Realization of key technology of Trusted Network Connect based on IF-MAP protocol Zelong Wang, Guoyang Cai, Wanzhen

More information

PC Business Banking. Technical Requirements

PC Business Banking. Technical Requirements PC Business Banking Technical Requirements For PC Business Banking Version 7.0 March 2007 Application Overview PC Business Banking (PCBB) is Bank of New Zealand s banking platform for large business/corporate

More information

Cloud-Security: Show-Stopper or Enabling Technology?

Cloud-Security: Show-Stopper or Enabling Technology? Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics

More information

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch

DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch DMZ Virtualization Using VMware vsphere 4 and the Cisco Nexus 1000V Virtual Switch What You Will Learn A demilitarized zone (DMZ) is a separate network located in the neutral zone between a private (inside)

More information

PROFESSIONAL SECURITY SYSTEMS

PROFESSIONAL SECURITY SYSTEMS PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security

More information

Windows Server 2008 R2 Hyper-V Server and Windows Server 8 Beta Hyper-V

Windows Server 2008 R2 Hyper-V Server and Windows Server 8 Beta Hyper-V Features Comparison: Hyper-V Server and Hyper-V February 2012 The information contained in this document relates to a pre-release product which may be substantially modified before it is commercially released.

More information

Creating a Future Internet Network Architecture with a Programmable Optical Layer

Creating a Future Internet Network Architecture with a Programmable Optical Layer Creating a Future Internet Network Architecture with a Programmable Optical Layer Abstract: The collective transformational research agenda pursued under the FIND program on cleanslate architectural design

More information

Security in Vehicle Networks

Security in Vehicle Networks Security in Vehicle Networks Armin Happel, Christof Ebert Stuttgart, 17. March 2015 V1.1 2015-04-28 Introduction Vector Consulting Services supports clients worldwide in improving their product development

More information

Trust areas: a security paradigm for the Future Internet

Trust areas: a security paradigm for the Future Internet Trust areas: a security paradigm for the Future Internet Carsten Rudolph Fraunhofer Institute for Secure Information Technology SIT Rheinstrasse 75, Darmstadt, Germany Carsten.Rudolph@sit.fraunhofer.de

More information

Security within a development lifecycle. Enhancing product security through development process improvement

Security within a development lifecycle. Enhancing product security through development process improvement Security within a development lifecycle Enhancing product security through development process improvement Who I am Working within a QA environment, with a focus on security for 10 years Primarily web

More information

Building Robust Security Solutions Using Layering And Independence

Building Robust Security Solutions Using Layering And Independence Building Robust Security Solutions Using Layering And Independence Fred Roeper Neal Ziring Information Assurance Directorate National Security Agency Session ID: STAR-401 Session Classification: Intermediate

More information

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by

More information

Connectivity. SWIFTNet Link 7.0. Functional Overview

Connectivity. SWIFTNet Link 7.0. Functional Overview Connectivity SWIFTNet Link 7.0 Functional Overview December 2010 SWIFTNet Link 7.0 Table of Contents 1 Introduction... 3 2 Enhancements and features... 4 2.1 Message and File Copy... 4 2.2 Message and

More information

How to configure Client side certificate authentication for authorization-only access / Active Sync URL s

How to configure Client side certificate authentication for authorization-only access / Active Sync URL s How to configure Client side certificate authentication for authorization-only access / Active Sync URL s Juniper Networks, Inc. Overview: Authorization-only access is similar to a reverse proxy. Typically,

More information

A Perspective on the Evolution of Mobile Platform Security Architectures

A Perspective on the Evolution of Mobile Platform Security Architectures A Perspective on the Evolution of Mobile Platform Security Architectures Kari Kostiainen Nokia Research Center, Helsinki TIW, June 2011 Joint work with N. Asokan, Jan-Erik Ekberg and Elena Reshetova 1

More information

Network Virtualization Based on Flows

Network Virtualization Based on Flows TERENA NETWORKING CONFERENCE 2009 June 9, 2009 Network Virtualization Based on Flows Peter Sjödin Markus Hidell, Georgia Kontesidou, Kyriakos Zarifis KTH Royal Institute of Technology, Stockholm Outline

More information

CGHub Client Security Guide Documentation

CGHub Client Security Guide Documentation CGHub Client Security Guide Documentation Release 3.1 University of California, Santa Cruz April 16, 2014 CONTENTS 1 Abstract 1 2 GeneTorrent: a secure, client/server BitTorrent 2 2.1 GeneTorrent protocols.....................................

More information

NVMe TM and PCIe SSDs NVMe TM Management Interface

NVMe TM and PCIe SSDs NVMe TM Management Interface TM and SSDs TM Interface Peter Onufryk Sr. Director, Product Development PMC-Sierra Austin Bolen Storage Development Principal Engineer Dell Special thanks to the TM Interface Workgroup members for contributions

More information

Software Datapath Acceleration for Stateless Packet Processing

Software Datapath Acceleration for Stateless Packet Processing June 22, 2010 Software Datapath Acceleration for Stateless Packet Processing FTF-NET-F0817 Ravi Malhotra Software Architect Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, CoreNet, the Energy Efficient Solutions

More information

Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal

Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal Standardizing PKI in Higher Education Apple PKI and Universal Hi-Ed Spec proposal Shawn Geddis Security Consulting Engineer, Apple Enterprise geddis@apple.com 703-264-5103 1 Agenda A View of Apples PKI

More information

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile

More information

Data Communication Networks and Converged Networks

Data Communication Networks and Converged Networks Data Communication Networks and Converged Networks The OSI Model and Encapsulation Layer traversal through networks Protocol Stacks Converged Data/Telecommunication Networks From Telecom to Datacom, Asynchronous

More information

Understanding and Configuring Spanning Tree Protocol (STP) on Catalyst Switches

Understanding and Configuring Spanning Tree Protocol (STP) on Catalyst Switches Understanding and Configuring Spanning Tree Protocol (STP) on Catalyst Switches Document ID: 5234 Contents Introduction Prerequisites Requirements Components Used Conventions Background Theory Network

More information

EAGLE EYE IP TAP. 1. Introduction

EAGLE EYE IP TAP. 1. Introduction 1. Introduction The Eagle Eye - IP tap is a passive IP network application platform for lawful interception and network monitoring. Designed to be used in distributed surveillance environments, the Eagle

More information

Safety and security related features in AUTOSAR

Safety and security related features in AUTOSAR Safety and security related features in Dr. Stefan Bunzel Spokesperson (Continental) Co-Authors: S. Fürst, Dr. J. Wagenhuber (BMW), Dr. F. Stappert (Continental) Automotive - Safety & Security 2010 22

More information

Implementing the Application Control Engine Service Module

Implementing the Application Control Engine Service Module Course: Implementing the Application Control Engine Service Module Duration: 4 Day Hands-On Lab & Lecture Course Price: $ 2,995.00 Learning Credits: 30 Hitachi HiPass: 4 Description: Implementing the Application

More information

CumuLogic Load Balancer Overview Guide. March 2013. CumuLogic Load Balancer Overview Guide 1

CumuLogic Load Balancer Overview Guide. March 2013. CumuLogic Load Balancer Overview Guide 1 CumuLogic Load Balancer Overview Guide March 2013 CumuLogic Load Balancer Overview Guide 1 Table of Contents CumuLogic Load Balancer... 3 Architectural Overview of CumuLogic Load Balancer... 4 How to Use

More information

SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features

SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features Dirk Olderdissen Solution Expert, Regional Presales EMEA SAP Brought to you by the Customer Experience Group 2014 SAP

More information

RIOT CONTROL The Art of Managing Risk for Internet of Things

RIOT CONTROL The Art of Managing Risk for Internet of Things RIOT CONTROL The Art of Managing Risk for Internet of Things Kim Singletary McAfee Session ID: Session Classification: Advanced Intro What is IoT and why is it different? What are the risks? What are the

More information

End-to-End Reconfigurability (E 2 R II)

End-to-End Reconfigurability (E 2 R II) End-to-End Reconfigurability (E 2 R II) Management and Control of Adaptive Communications Systems Dr. Didier Bourse Dr. Markus Muck ETSI Worksop 09.02.07 Sophia Antipolis E 2 R II ETSI Workshop (09.02.07

More information

Features Security. File Versioning. Intuitive User Interface. Fast and efficient Backups

Features Security. File Versioning. Intuitive User Interface. Fast and efficient Backups IBackup Professional provides a secure, efficient, reliable, cost effective and easy to use Internet based backup solution with additional emphasis on security and data retention. IBackup Professional

More information

www.basho.com Technical Overview Simple, Scalable, Object Storage Software

www.basho.com Technical Overview Simple, Scalable, Object Storage Software www.basho.com Technical Overview Simple, Scalable, Object Storage Software Table of Contents Table of Contents... 1 Introduction & Overview... 1 Architecture... 2 How it Works... 2 APIs and Interfaces...

More information

An Open Policy Framework for Cross-vendor Integrated Governance

An Open Policy Framework for Cross-vendor Integrated Governance An Open Policy Framework for Cross-vendor Integrated Governance White Paper Intel SOA Expressway An Open Policy Framework for Cross-vendor Integrated Governance Intel SOA Expressway delivers a pluggable

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

Mobility, AAA, Security, Privacy : How can we support Real-World Network Mobility?

Mobility, AAA, Security, Privacy : How can we support Real-World Network Mobility? NEXT GENERATION NETWORKING 2011 Multi-Service Network Workshop 7-8 July 2011, Cosener s House, Abingdon, UK Mobility, AAA, Security, Privacy : How can we support Real-World Network Mobility? Panagiotis

More information

BROADCOM SDN SOLUTIONS OF-DPA (OPENFLOW DATA PLANE ABSTRACTION) SOFTWARE

BROADCOM SDN SOLUTIONS OF-DPA (OPENFLOW DATA PLANE ABSTRACTION) SOFTWARE BROADCOM SDN SOLUTIONS OF-DPA (OPENFLOW DATA PLANE ABSTRACTION) SOFTWARE Network Switch Business Unit Infrastructure and Networking Group 1 TOPICS SDN Principles Open Switch Options Introducing OF-DPA

More information

F5 BIG-IP V9 Local Traffic Management EE0-511. Demo Version. ITCertKeys.com

F5 BIG-IP V9 Local Traffic Management EE0-511. Demo Version. ITCertKeys.com F5 BIG-IP V9 Local Traffic Management EE0-511 Demo Version Question 1. Which three methods can be used for initial access to a BIG-IP system? (Choose three.) A. Serial console access B. SHH access to the

More information

Cisco Integrated Services Routers Performance Overview

Cisco Integrated Services Routers Performance Overview Integrated Services Routers Performance Overview What You Will Learn The Integrated Services Routers Generation 2 (ISR G2) provide a robust platform for delivering WAN services, unified communications,

More information

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12.

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12. Table of Contents Scope of the Document... 1 [Latest Official] ADYTON Release 2.12.9... 1 ADYTON Release 2.12.4... 1 ADYTON Release 2.9.3... 3 ADYTON Release 2.7.7... 3 ADYTON Release 2.6.2... 4 ADYTON

More information

HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R

HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R HughesNet Broadband VPN End-to-End Security Enabled by the HN7700S-R HughesNet Managed Broadband Network Services include a high level of end-toend security utilizing a robust architecture designed by

More information

OpenMTC. M2M Solutions for Smart Cities and the Internet of Things. www.open-mtc.org info@open-mtc.org

OpenMTC. M2M Solutions for Smart Cities and the Internet of Things. www.open-mtc.org info@open-mtc.org OpenMTC M2M Solutions for Smart Cities and the Internet of Things www.open-mtc.org info@open-mtc.org 2. March März 2, 2013 Understanding M2M Machine-to-Machine (M2M) is a paradigm in which the end-to-end

More information

SSL Inspection Step-by-Step Guide. June 6, 2016

SSL Inspection Step-by-Step Guide. June 6, 2016 SSL Inspection Step-by-Step Guide June 6, 2016 Key Drivers for Inspecting Outbound SSL Traffic Eliminate blind spots of SSL encrypted communication to/from the enterprise Maintaining information s communication

More information

Samsung Security Solutions

Samsung Security Solutions Print with confidence Samsung Security Solutions For Every Business A4 to A3 Mono to Colour MFPs to Printers Samsung Security Features You may not realise it, but every business can benefit from security.

More information

Application Note 28. Configuring VLAN Tagging (802.1q) Tech. Support

Application Note 28. Configuring VLAN Tagging (802.1q) Tech. Support Application Note 28 Configuring VLAN Tagging (802.1q) Tech. Support September 2016 Contents 1 Introduction... 2 1.1 Outline... 2 1.2 Assumptions... 3 1.3 Corrections... 3 1.4 Version... 4 2 Configuration...

More information

EIIF DAS/RSD Replacement Prototype Initiative EI2F

EIIF DAS/RSD Replacement Prototype Initiative EI2F EIIF DAS/RSD Replacement Prototype Initiative 1 Introduction The Data Acquisition System/Remote Status Display (DAS/RSD) system is an AOS initiative that brought together Monitor and Control (M&C) functions

More information

Are Second Generation Firewalls Good for Industrial Control Systems?

Are Second Generation Firewalls Good for Industrial Control Systems? Are Second Generation Firewalls Good for Industrial Control Systems? Bernie Pella, CISSP Schneider Electric Cyber Security Services bernie.pella@schneider-electric.com Firewall Overview Firewalls provide

More information

About the VM-Series Firewall

About the VM-Series Firewall About the VM-Series Firewall Palo Alto Networks VM-Series Deployment Guide PAN-OS 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 http://www.paloaltonetworks.com/contact/contact/

More information

Bricata Next Generation Intrusion Prevention System A New, Evolved Breed of Threat Mitigation

Bricata Next Generation Intrusion Prevention System A New, Evolved Breed of Threat Mitigation Bricata Next Generation Intrusion Prevention System A New, Evolved Breed of Threat Mitigation Iain Davison Chief Technology Officer Bricata, LLC WWW.BRICATA.COM The Need for Multi-Threaded, Multi-Core

More information

Connect for new business opportunities

Connect for new business opportunities Connect for new business opportunities The world of connected objects How do we monitor the carbon footprint of a vehicle? How can we track and trace cargo on the move? How do we know when a vending machine

More information

Reducing Configuration Complexity with Next Gen IoT Networks

Reducing Configuration Complexity with Next Gen IoT Networks Reducing Configuration Complexity with Next Gen IoT Networks Orama Inc. November, 2015 1 Network Lighting Controls Low Penetration - Why? Commissioning is very time-consuming & expensive Network configuration

More information

DreamFactory Security Whitepaper Customer Information about Privacy and Security

DreamFactory Security Whitepaper Customer Information about Privacy and Security DreamFactory Security Whitepaper Customer Information about Privacy and Security DreamFactory Software publishes rich applications for salesforce.com. All of our products for salesforce use the DreamFactory

More information

CIP R1.5 Spring CIP Audit Workshop. April 14, 2016 Scott Pelfrey, CISA, CISSP, GISP, MBA Senior Technical Auditor

CIP R1.5 Spring CIP Audit Workshop. April 14, 2016 Scott Pelfrey, CISA, CISSP, GISP, MBA Senior Technical Auditor CIP-005-5 R1.5 Spring CIP Audit Workshop April 14, 2016 Scott Pelfrey, CISA, CISSP, GISP, MBA Senior Technical Auditor CIP-005-5 Part 1.5 Learning Objectives Terminology Discussion of IPS/IDS & firewall

More information

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture Deploying Cisco ASA VPN Solutions Volume 1 Course Introduction Learner Skills and Knowledge Course Goal and Course Flow Additional Cisco Glossary of Terms Your Training Curriculum Evaluation of the Cisco

More information

Complying with PCI Data Security

Complying with PCI Data Security Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring

More information

A Data Centric Approach for Modular Assurance. Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011

A Data Centric Approach for Modular Assurance. Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011 A Data Centric Approach for Modular Assurance The Real-Time Middleware Experts Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011 Gabriela F. Ciocarlie Heidi Schubert

More information