StrongKey. The industry's first open-source SKMS. Arshad Noor CTO, StrongAuth, Inc. NIST Key Management Workshop 2009
|
|
|
- Curtis Rodgers
- 8 years ago
- Views:
Transcription
1 StrongKey The industry's first open-source SKMS Arshad Noor CTO, StrongAuth, Inc. NIST Key Management Workshop 2009
2 For those viewing via webcast, please submit questions for this presentation to: Thank you.
3 StrongAuth, Inc. 8 year-old, private California company Enterprise Key Management PKI-based Identity Management Open-source key-management related products: CSRTool RSA/ECDSA key-pairs -> P10 -> P12 StrongKey Symmetric Key Management System
4 The problem we solve Define Policy Generate Encrypt Decrypt Escrow Authorize Recover Destroy Define Policy Generate Encrypt Decrypt Escrow Authorize Recover Destroy Define Policy Generate Encrypt Decrypt Escrow Authorize Recover Destroy Define Policy Generate Encrypt Decrypt Escrow Authorize Recover Destroy Define Policy Generate Encrypt Decrypt Escrow Authorize Recover Destroy Define Policy Generate Encrypt Decrypt Escrow Authorize Recover Destroy Audit Audit Audit Audit Audit Audit
5 How we solve it Encrypt Decrypt Encrypt Decrypt SKS Server Define Policy Encrypt Decrypt Generate Protect WAN Escrow Authorize Encrypt Decrypt Recover Destroy Audit SKS Server Encrypt Decrypt Encrypt Decrypt
6 What is an EKMI? A collection of technology, policies and procedures for managing the life-cycle of all cryptographic keys in the enterprise.
7 EKMI Components EKMI PKI A collection of technology, policies and procedures for managing the life-cycle of asymmetric cryptographic keys in the enterprise. SKMS A collection of technology, policies and procedures for managing the life-cycle of symmetric cryptographic keys in the enterprise.
8 Typical SKMS Global SKS Server HSM PKI Global SKS Server HSM HSM Local SKS Server SKCL JKS HSM Local SKS Server Network SKCL SKCL NSS HSM HSM Local SKS Server SKCL TPM SKCL Smartcard
9 The Big Picture Java Application RPG Application C/C++ Application RPGNI JNI SKCL Crypto Module Key Cache 5 Network Application Server 4 DB Server Crypto Module Client Server 1. Client Application makes a request for a symmetric key 2. SKCL makes a digitally signed request to the SKS 3. SKS verifies SKCL request, generates, encrypts, digitally signs & escrows key in DB 4. Crypto HSM provides security for RSA Signing & Encryption keys of SKS 5. SKS responds to SKCL with signed and encrypted symmetric key 6. SKCL verifies response, decrypts key and hands it to the Client Application 7. Native (non-java) applications make requests through Java Native Interface
10 SKCL API public Symkey getsymkey (...) public byte[] encrypttobytes (...) public String encrypttoxml (...) public byte[] decryptbytes (...) public byte[] decryptxml (...) public String getsha1 (...) public String getsha256 (...) public String getsha384 (...) public String getsha512 (...)
![..) public byte[] decryptxml (...) public String getsha1 (.](/docs-images/44/17000126/images/page_10.jpg "..) public String getsha256 (...) public String getsha384 (.")
11 SKMS Security Every request/response is digitally signed Symmetric-key in response is always encrypted Every object in database is digitally-signed including audit trail Symmetric keys in cache are encrypted and digitally-signed Cryptographic code is abstracted FIPS devices are easily integrated SKMS certificates only from closed PKI Administration console does not use UserID and Passwords; only SSL Client Authentication
12 Where should one encrypt? Encryption Library (SKCL) Key Application Network Web Server Application Server Database Operating System Ciphertext Ciphertext Ciphertext
13 Application encryption Who is already encrypting at Layer 7? PABP Application vendors POS Application vendors E-commerce platform vendors E-commerce startups Healthcare companies VoIP service companies Application Development teams who do not control the underlying IT infrastructure
14 Whither SKMS? SKMS will do for symmetric key-management what DNS did for name-service management and DBMS did for data-management DNS DBMS SKMS Abstracts name- Abstracts I/O outside Abstracts cryptography resolution outside application outside application application (JDBC/ODBC libraries) (skcl.jar) (libresolv.so) Abstracts name-space Abstracts data- Abstracts keymanagement outside management outside management outside application application application Is an invisible Is an invisible Will become an infrastructure infrastructure invisible component component infrastructure component
15 Miscellaneous Open-source implementation available since % Java and supported on Linux, Windows, Solaris, OS/400 (client-only) C/C++ libraries available for Linux and Windows (Commercial license) Customers have built PHP and Ruby implementations of SKCL Support forum
16 Conclusion Questions? Contact Information (408)
Enterprise Key Management Infrastructure (EKMI)
Enterprise Key Management Infrastructure (EKMI) Arshad Noor, Chair, EKMI TC arshad.noor@strongauth.com OASIS IDtrust Workshop Barcelona, Spain October 22, 2007 Why do you need EKMI? Avoid going to jail
Provable regulatory compliance!
1 Secure Cloud Computing 2 Secure Cloud Computing Secure Cloud Storage 3 The first complete security solution that lets you take advantage of Public Clouds while proving compliance to regulations! 4 FEATURES
Alliance Key Manager A Solution Brief for Technical Implementers
KEY MANAGEMENT Alliance Key Manager A Solution Brief for Technical Implementers Abstract This paper is designed to help technical managers, product managers, and developers understand how Alliance Key
Using BroadSAFE TM Technology 07/18/05
Using BroadSAFE TM Technology 07/18/05 Layers of a Security System Security System Data Encryption Key Negotiation Authentication Identity Root Key Once root is compromised, all subsequent layers of security
Savitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
The StrongAuth Key Appliance and the PCI DSS 2.0 Requirements
The StrongAuth Key Appliance and the PCI DSS 2.0 Requirements Version: 1.1 August 12, 2012 StrongAuth, Inc. 10846 Via San Marino Cupertino CA 95014-6333 USA August 2012 StrongAuth, Inc. Proprietary Page
Safeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST
Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
OOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH
OOo Digital Signatures Malte Timmermann Technical Architect Sun Microsystems GmbH About the Speaker Technical Architect in OpenOffice.org/StarOffice development OOo/StarOffice developer since 1991/94 Main
Alliance Key Manager Solution Brief
Alliance Key Manager Solution Brief KEY MANAGEMENT Enterprise Encryption Key Management On the road to protecting sensitive data assets, data encryption remains one of the most difficult goals. A major
Using etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
HSM: A Must Have. Applications are everywhere. www.safenet-inc.com. 2006 SafeNet Inc. All rights reserved.
What is an HSM HSM: A Must Have Applications are everywhere HSM: A Must Have Secrecy, Control, Payment, Rights are all attributes of applications Security & Keys are used HSM: A Must Have Keeping Keys
PrivateServer HSM Integration with Microsoft IIS
PrivateServer HSM Integration with Microsoft IIS January 2014 Document Version 1.1 Notice The information provided in this document is the sole property of Algorithmic Research Ltd. No part of this document
Applying Cryptography as a Service to Mobile Applications
Applying Cryptography as a Service to Mobile Applications SESSION ID: CSV-F02 Peter Robinson Senior Engineering Manager RSA, The Security Division of EMC Introduction This presentation proposes a Cryptography
Cryptographic Key Management
System and Network Engineering Large Installation Administration Project Master of Science Program Academic year 2008 2009 Cryptographic Key Management by Sevickson Kwidama sevickson.kwidama os3.nl Taarik
Key Management Interoperability Protocol (KMIP)
www.oasis-open.org Management Interoperability Protocol (KMIP) Storage Developer s Introduction SNIA Fall 2009 Gordon Arnold, garnold@us.ibm.com Chair, Storage Security Industry Forum 1 2009 Insert Copyright
Alliance Key Manager Cloud HSM Frequently Asked Questions
Key Management Alliance Key Manager Cloud HSM Frequently Asked Questions FAQ INDEX This document contains a collection of the answers to the most common questions people ask about Alliance Key Manager
Is Consumer-Oriented Strong Authentication Finally Here to Stay? Arshad Noor, CTO, StrongAuth, Inc. Professional Strategies S22
Is Consumer-Oriented Strong Authentication Finally Here to Stay? Arshad Noor, CTO, StrongAuth, Inc. Professional Strategies S22 Historical Perspective Password-based authentication invented at least 4-5
Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules
Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules WHITE PAPER Thales e-security www.thalesesec.com/oracle TABLE OF CONTENT Introduction...3 Oracle Database 11g
Citrix MetaFrame XP Security Standards and Deployment Scenarios
Citrix MetaFrame XP Security Standards and Deployment Scenarios Including Common Criteria Information MetaFrame XP Server for Windows with Feature Release 3 Citrix Systems, Inc. Information in this document
Data Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
Security Policy for Oracle Advanced Security Option Cryptographic Module
Security Policy for Oracle Advanced Security Option Cryptographic Module Version 1.0 September 1999 Prepared by Oracle Corporation A. Scope of Document This document describes the security policy for the
Security Policy Revision Date: 23 April 2009
Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure
2014 IBM Corporation
2014 IBM Corporation This is the 27 th Q&A event prepared by the IBM License Metric Tool Central Team (ICT) Currently we focus on version 9.x of IBM License Metric Tool (ILMT) The content of today s session
Credibly secure cloud storage with elfcloud
Credibly secure cloud storage with elfcloud Privacy of private clouds with the cost of the public cloud Datacenter IaaS workshop 2014 / 12.9.2014 Tuomas Tonteri Founder and CEO Abstract elfcloud is a Finland
PrivateServer HSM EKM Provider for Microsoft SQL Server
PrivateServer HSM EKM Provider for Microsoft SQL Server January 2014 Document Version 1.1 Notice The information provided in this document is the sole property of Algorithmic Research Ltd. No part of this
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
Key & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
Secure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
Lightweight Security using Identity-Based Encryption Guido Appenzeller
Lightweight Security using Identity-Based Encryption Guido Appenzeller Chief Technology Officer Voltage Security Inc. Identity-Based Encryption (IBE) IBE is a new public key encryption algorithm A number
Overview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
Understanding digital certificates
Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk
Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.
Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0 Accellion, Inc. December 24, 2009 Copyright Accellion, Inc. 2009. May be reproduced only in its original entirety
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt 1 Lecture 11: Network Security Reference: Chapter 8 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice
Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective
Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective Futurex. An Innovative Leader in Encryption Solutions. For over 30 years, more than 15,000 customers worldwide
SecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
Key Management Interoperability Protocol (KMIP)
(KMIP) Addressing the Need for Standardization in Enterprise Key Management Version 1.0, May 20, 2009 Copyright 2009 by the Organization for the Advancement of Structured Information Standards (OASIS).
The Security Framework 4.1 Programming and Design
Tel: (301) 587-3000 Fax: (301) 587-7877 E-mail: info@setecs.com Web: www.setecs.com Security Architecture for Development and Run Time Support of Secure Network Applications Sead Muftic, President/CEO
IoT Security Concerns and Renesas Synergy Solutions
IoT Security Concerns and Renesas Synergy Solutions Simon Moore CTO - Secure Thingz Ltd Agenda Introduction to Secure.Thingz. The Relentless Attack on the Internet of Things Building protection with Renesas
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
Computer System Management: Hosting Servers, Miscellaneous
Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation
Encrypting Data at Rest
Encrypting Data at Rest Ken Beer Ryan Holland November 2014 Contents Contents Abstract Introduction The Key to Encryption: Who Controls the Keys? Model A: You control the encryption method and the entire
Introducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
Alliance AES Encryption for IBM i Solution Brief
Encryption & Tokenization Alliance AES Encryption for IBM i Solution Brief A Complete AES Encryption Solution Alliance AES Encryption for IBM i provides AES encryption for sensitive data everywhere it
Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant
Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV Nadav Elkabets Presale Consultant Protecting Your Data Encrypt Your Data 1 ProtectFile StorageSecure ProtectDB ProtectV Databases File
2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company
IONA Security Platform
IONA Security Platform February 22, 2002 Igor Balabine, PhD IONA Security Architect Copyright IONA Technologies 2001 End 2 Anywhere Agenda IONA Security Platform (isp) architecture Integrating with Enterprise
Crittografia e Enterprise Key Management una sfida possibile da affrontare
Crittografia e Enterprise Key Management una sfida possibile da affrontare Giuseppe Russo Oracle Chief Technologist giuseppe.russo@oracle.com Simone Mola SafeNet Sales Engineer simone.mola@safenet-inc.com
BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2
Symantec Corporation Symantec Enterprise Vault Cryptographic Module Software Version: 1.0.0.2 FIPS 140 2 Non Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.1 Prepared for: Prepared
E-Commerce: Designing And Creating An Online Store
E-Commerce: Designing And Creating An Online Store Introduction About Steve Green Ministries Solo Performance Artist for 19 Years. Released over 26 Records, Several Kids Movies, and Books. My History With
A web-application architecture for Secure Cloud Computing
A web-application architecture for Secure Cloud Computing 1 In the beginning... Your data-center Your mainframe or mini-computer Internal Network Internal Operations Your network Your Operations staff
BBM Protected: Secure enterprise- GrAde MoBIle MeSSAGING
BBM Protected: Secure ENTERPRISE- GRADE mobile messaging All the benefits of BBM with the security of enterprise-grade encryption BBM Protected allows employees to take advantage of the speed, reliability
FIPS 140-2 Non- Proprietary Security Policy. McAfee SIEM Cryptographic Module, Version 1.0
FIPS 40-2 Non- Proprietary Security Policy McAfee SIEM Cryptographic Module, Version.0 Document Version.4 December 2, 203 Document Version.4 McAfee Page of 6 Prepared For: Prepared By: McAfee, Inc. 282
eid Security Frank Cornelis Architect eid fedict 2008. All rights reserved
eid Security Frank Cornelis Architect eid The eid Project > Provides Belgian Citizens with an electronic identity card. > Gives Belgian Citizens a device to claim their identity in the new digital age.
RSA BSAFE. Security tools for C/C++ developers. Solution Brief
RSA BSAFE Security tools for C/C++ developers Solution Brief Introduction Built on more than 20 years of expertise in delivering high-quality productsfor implementing strong security controls in software
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Table of Contents 1. Introduction... 5 1.1. Trademarks...
How To Use Aws.Com
Crypto-Options on AWS Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH Amazon.com, Inc. and its affiliates. All rights reserved. Agenda
Why self-signed certificates are much costlier and riskier than working with a trusted security vendor
The Hidden Costs of Self-Signed SSL Certificates Why self-signed certificates are much costlier and riskier than working with a trusted security vendor Introduction Even when business is booming, smart
Automating Data Protection Across the Enterprise. Arshad Noor StrongAuth, Inc.
Automating Data Protection Across the Enterprise Arshad Noor StrongAuth, Inc. The Problem? 200M records 77M records 152M records 1.1M records 130M records And... 110M records 104M records Page 2 What's
What in the heck am I getting myself into! Capitalware's MQ Technical Conference v2.0.1.5
SSL Certificate Management or What in the heck am I getting myself into! Table of Contents What is SSL and TLS? What do SSL and TLS do (and not do)? Keystore and Certificate Lifecycle Certificates Certificate
Draft Middleware Specification. Version X.X MM/DD/YYYY
Draft Middleware Specification Version X.X MM/DD/YYYY Contents Contents... ii 1. Introduction... 1 1.2. Purpose... 1 1.3. Audience... 1 1.4. Document Scope... 1 1.5. Document Objectives... 1 1.6. Assumptions
An Introduction to Key Management for Secure Storage. Walt Hubis, LSI Corporation
Walt Hubis, LSI Corporation SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and literature
FIPS 140-2 Level 1 Security Policy for Cisco Secure ACS FIPS Module
FIPS 140-2 Level 1 Security Policy for Cisco Secure ACS FIPS Module Contents Overview, page 1 Security Requirements, page 2 Cryptographic Module Specification, page 2 Cryptographic Module Ports and Interfaces,
YubiKey Integration for Full Disk Encryption
YubiKey Integration for Full Disk Encryption Pre-Boot Authentication Version 1.2 May 7, 2012 Introduction Disclaimer yubico Yubico is the leading provider of simple, open online identity protection. The
McAfee Firewall Enterprise 8.2.1
Configuration Guide FIPS 140 2 Revision A McAfee Firewall Enterprise 8.2.1 The McAfee Firewall Enterprise FIPS 140 2 Configuration Guide, version 8.2.1, provides instructions for setting up McAfee Firewall
ERserver. iseries. Secure Sockets Layer (SSL)
ERserver iseries Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted
Chapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
Innovations in Digital Signature. Rethinking Digital Signatures
Innovations in Digital Signature Rethinking Digital Signatures Agenda 2 Rethinking the Digital Signature Benefits Implementation & cost issues A New Implementation Models Network-attached signature appliance
Securing Data on Microsoft SQL Server 2012
Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to
Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
PLATFORM ENCRYPTlON ARCHlTECTURE. How to protect sensitive data without locking up business functionality.
PLATFORM ENCRYPTlON ARCHlTECTURE How to protect sensitive data without locking up business functionality. 1 Contents 03 The need for encryption Balancing data security with business needs Principles and
Securing Your Sensitive Data with EKM & TDE. on SQL Server 2008/2012
Securing Your Sensitive Data with EKM & TDE on SQL Server 2008/2012 About The Speaker Founder & CEO of Townsend Security Leading data security expert 30 years IT industry experience Introduction Organizations
Open Source Backup with Amanda
Open Source Backup with Amanda Peninsula Linux Users Group (Jan 2008) Paddy Sreenivasan paddy@zmanda.com Copyright 2007 Zmanda, Inc. All rights reserved. 1 Amanda network backup and recovery Easy to use
Overview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.
Entrust Managed Services PKI Getting an end-user Entrust certificate using Entrust Authority Administration Services Document issue: 2.0 Date of issue: June 2009 Revision information Table 1: Revisions
PrivyLink Internet Application Security Environment *
WHITE PAPER PrivyLink Internet Application Security Environment * The End-to-end Security Solution for Internet Applications September 2003 The potential business advantages of the Internet are immense.
SOOKASA WHITEPAPER SECURITY SOOKASA.COM
SOOKASA WHITEPAPER SECURITY SOOKASA.COM Sookasa Overview Sookasa was founded in 2012 by a team of leading security experts. The company s patented file-level encryption enables enterprises to protect data
Threat Model for Software Reconfigurable Communications Systems
Threat Model for Software Reconfigurable Communications Systems Presented to the Management Group 6 March 007 Bernard Eydt Booz Allen Hamilton Chair, SDR Security Working Group Overview Overview of the
A Strategic Approach to Enterprise Key Management
Ingrian - Enterprise Key Management. A Strategic Approach to Enterprise Key Management Executive Summary: In response to security threats and regulatory mandates, enterprises have adopted a range of encryption
MS-55096: Securing Data on Microsoft SQL Server 2012
MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary
Blaze Vault Online Backup. Whitepaper Data Security
Blaze Vault Online Backup Version 5.x Jun 2006 Table of Content 1 Introduction... 3 2 Blaze Vault Offsite Backup Server Secure, Robust and Reliable... 4 2.1 Secure 256-bit SSL communication... 4 2.2 Backup
Usable Crypto: Introducing minilock. Nadim Kobeissi HOPE X, NYC, 2014
Usable Crypto: Introducing minilock Nadim Kobeissi HOPE X, NYC, 2014 2012 Browsers are an environment that is hostile to cryptography Malleability of the JavaScript runtime. The lack of low-level (system-level)
Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
Mobile Application for Secure Healthcare System
Mobile Application for Secure Healthcare System SABINA YESMIN KTH Information and Communication Technology Master of Science Thesis Stockholm, Sweden 2013 TRITA-ICT-EX-2013:78 Abstract Usage of mobile
CrashPlan Security SECURITY CONTEXT TECHNOLOGY
TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops
How To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information
1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,
A Review of Hardware Security Modules Fall 2010
Page 1 (31) Johan Ivarsson, johan@certezza.net Andreas Nilsson, andreas@certezza.net Certezza AB Stockholm 2010-12-31 A Review of Hardware Security s Fall 2010 Kornhamnstorg 61, 2 tr SE-111 27 Stockholm
Apple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
Protecting Commercial Secure Web Servers From Key-Finding Threats
Protecting Commercial Secure Web Servers From Key-Finding Threats ncipher, Inc. Version 1 ncipher Inc. Contents Introduction: A New Class of Threats 2 Background: Adoption of Public Key Cryptography 2
Payment Transactions Security & Enforcement
Payment Transactions Security & Enforcement A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148
BBM Protected Secure mobile
BBM Protected Secure mobile messaging All the benefits of BBM with the security of enterprise-grade encryption BBM Protected allows employees to take advantage of the speed, reliability and privacy of
<Insert Picture Here> Oracle Security Developer Tools (OSDT) August 2008
Oracle Security Developer Tools (OSDT) August 2008 Items Introduction OSDT 10g Architecture Business Benefits Oracle Products Currently Using OSDT 10g OSDT 10g APIs Description OSDT
PC Business Banking. Technical Requirements
PC Business Banking Technical Requirements For PC Business Banking Version 7.0 March 2007 Application Overview PC Business Banking (PCBB) is Bank of New Zealand s banking platform for large business/corporate
Lecture 9: Application of Cryptography
Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that
SECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
Thales ncipher modules. Version: 1.2. Date: 22 December 2009. Copyright 2009 ncipher Corporation Ltd. All rights reserved.
ncipher modules Integration Guide for IBM Tivoli Access Manager for e-business 6.1 Windows Server 2003 32-bit and 64-bit Windows Server 2008 32-bit and 64-bit Version: 1.2 Date: 22 December 2009 Copyright