Emerging issues on public information management. November 2011 Prof. Bae, Kyoung Yul Sangmyung University
|
|
- Philippa Newton
- 8 years ago
- Views:
Transcription
1 Emerging issues on public information management and information security November 2011 Prof. Bae, Kyoung Yul Sangmyung University
2 01 Introduction Contents Digital Convergence Information Security PKI Conclusion 2/48
3 01 Introduction 3/48
4 Introduction Data & Information & Knowledge Data: Raw, non-summarized and unanalyzed facts and figures Information: Data that have been converted into a meaningful and useful context for the receiver Knowledge: Human understanding of a subject matter that has been acquired through proper study and experience 4/48
5 Introduction What is Digital? Generates, stores, and processes data in terms of two states: positive and non-positive. A digital system uses discrete (discontinuous) values, usually but not always symbolized numerically (hence called "digital") to represent information for input, processing, transmission, storage Digital technology is primarily used with new physical communications media. Electronic transmission was limited to analog technology, which conveys data as electronic signals of varying frequency or amplitude that are added to carrier waves of a given frequency. 5/48
6 What is Digital? Introduction How they handle information How they view information How they process information Digital Immigrant Slow & controlled from limited channels Text before pictures, sounds and video Sequential, linear and logical Digital Natives Quickly from multiple sources Pictures, sounds and video before text Random access to hyperlinks multimedia information 6/48
7 Why Digital? Introduction Audio Digitalization Convergence IT/Service/Network Voice Data DMB, DMC Video Text 가 나 다 라 A B C D Devices Computer Tele Appliancecommuni cation Internet Wireless Broadcast Satellite Contents Entertain ment Education Information Digital Home Media Center MP3, MPEG 7/48
8 02 Digital Convergence 8/48
9 Digital Convergence Digital Convergence Convergence IT Service, Computing Networking, Ubiquity Anytime, Anyplace, Information Devices Any Device, Any Platform, Mobility, Accessability Seamless Broadband High Data Processing Power VVV VVV Real Time Information Processing Intelligence Artificial Intelligence Context Awareness Service VVVVV VVVVVVVVVVVVVV VVVVVVVVV VVVVV VVVVVVVVVVVVVVVVVV VVV VVVVV VVV VV VVVVV VVVVVV VVVV VV VVV VVVVVV V VVVVV VVVVVV VVV VVVVVV VVVVVVV VVVVVVVV VVVVVV VVVVVVVVVVVVVVVV VVVV VV VVVV VVVV 9/48
10 Digital Convergence Digital Convergence 10/48
11 What is ICT? Digital Convergence ICT, a driver of the socioeconomic mega trend leads to fundamental changes in the national society system A key to responding to future uncertainties and crisis Industry Design of 4 th space Employment Environment Real-time analysis and control Energy Interface detecting all 5 senses Nano robot u-life Active information security Communication through senses - Body media Welfare Education ICT Technology 11/48
12 Digital Convergence The application of ICT in interactions between Government and Citizens Government and Businesses Government and Employees Government and Government Publish Interact Transact Integrate Transform Information available online Two-way communication Transaction handled online Process, system and organisational integration Entirely new services delivered cross-agency through a centralized enterprise portal 12/48
13 Digital Convergence Use of ICT in Governance Constraints and Recommendations Constraints Recommendations Inadequate Access to ICT Public Awareness about ICTs Lack of integrated approach Lack of regulatory/legal framework Absence of processes and systems Create one-stop government portal Prioritization of Services Improve ICT access by citizens Emphasize Bangla interface for citizen services Need training and leadership from the government Awareness for the use of Open Source Payment Gateway 13/48
14 Digital Convergence Requirements for E-Government 14/48
15 03 Information Security 15/48
16 Information Security Security Freedom from risk or danger; safety. Freedom from doubt, anxiety, or fear; confidence. Something that gives or assures safety, as: A group or department of private guards: Call building security if a visitor acts suspicious. Measures adopted by a government to prevent espionage, sabotage, or attack. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. etc. 16/48
17 Information Security Data & Network Security? 17/48
18 Information Security Security Trend Exclusive systems Big, host types C/S types PC, Internet Mobile & Ubiquitous Users Role of information systems Direction of IT security PC Internet Mobile/ Ubiquitous E-commerce Economic infrastructure Lifelines for society, economy, and daily life Safe/reliable society Personal use Small/medium enterprises National security, calculation use Protection of military data. Reliability of systems Efficient work style, competitiveness Availability for critical infrastructure Network security for e-commerce Availability for IT systems in corporations Security for e-government Large enterprises Banking, transportation, energy sectors Government /48
19 Information Security Information Security Scope 19/48
20 Information Security Security Paradigm Technical Control S/W security Access control, Information Security Technical Hacking Physical Control H/W security Physical Intrusion Managing Control Human security Effluence of information 20/48
21 Information Security Technical Control Fundamental Defense IPS (Intrusion Prevention System) Secure Operating System Multilevel Security Data security Data Encryption DRM Watermarking 21/48
22 Information Security Physical Control Lock, DVR, guard Physical Security Systems Biometrics Bio Smartcard 22/48
23 Information Security Managing Security 23/48
24 Information Security Security for Network Communications Confidentiality Integrity Authentication Interception Modification Forgery Is Private? Has been altered? Who am I dealing with? Non-Repudiation Access Control Availability Not SENT! Claim Who sent/received it? Unauthorised access Have you privilege? Denial of Service Wish to access!! 24/48
25 Information Security DRM 25/48
26 Information Security DRM 26/48
27 Information Security Long Term Digital Signature For assuming paper documents and electronic documents, the same and specific period is required. (For example 10 years) 27/48
28 04 PKI 28/48
29 PKI Security for Network Communications organization Exclusive line/wired or Wireless Customer information Web server DB server user Internet firewall IPS AP server firewall Internet internal staff Subscriber section Data interception Malware execution Communication network section Data bugging Data alteration Web server section Application server section Data processing error Inadequate Inadequate access control, security settings authorization Inadequate patch Inadequate authentication management Intranet, user section Inadequate access control 29/48
30 PKI On the Internet, Nobody knows you re a dog 30/48
31 PKI PKI Breach of personal profile and credit card information at transaction Breach of personal profile in shared computer Cyber stealing Hacking on cyber securities & bank account / Stock price manipulation ID and password stealing Need of Strong Security Protection With PKI technology 31/48
32 PKI PKI Solution 32/48
33 PKI PKI Solution 33/48
34 PKI PKI Solution 34/48
35 Information Security PKI Structure A system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. Security Services Threat Solution Root-CA Certificate Authority (CA) Authenticity Confidentiality Integrity Non-repudiation Unauthorized User Data Leakage Data Forgery Repudiation Digital Signature Encryption Digital Signature Digital Signature C Certificate R CRL Management Y T Operation O Management G Registration Authority (RA) R A P Certificate Y P U B L I C Management K E Y Registrarion Issue Revoke Renew Individual Corporation Server S/MiME 35/48
36 Information Security PKI Functions When to apply PKI techniques in each business unit, Security functions (Authentication, Integrity, Confidentiality, Non-repudiation) are applied as follows Problem Matched security method Protection Technology Difficult to verify user Authentication of identity Digital Signature Technology (User authentication) Easy to make forgery or modification on contents Guarantee Integrity Digital Signature Technology (Message authentication) Breach information Repudiate transactions Confidentiality Non-repudiation Encryption Technology (Message authentication) Digital Signature Technology (Message authentication) 36/48
37 Information Security Government PKI & National PKI 37/48
38 PKI Government PKI & National PKI Mutual Recognition Accredited CA National Root CA (KISA) Certification issuance / Management Accredited CA Certification issuance / Management Accredited CA Government Root CA (GCMA) Certification issuance / Management Certification issuance / Management Accredited CA E-Government Service Provider E-Government Service Provider Subscriber Subscriber 38/48
39 PKI Government PKI & National PKI 39/48
40 PKI Government PKI & National PKI 40/48
41 PKI PKI in e-government Applications Regional Administration - Service for counties - Access with certificates Taxation - National Tax Agency - Access with certificates National Financing Information System - Based on Internet banking, etc Electric document system - Interoperable with other systems Petition Service - Identify oneself online by certificates e-government Applications Public Key Infrastructure (PKI Center) Education Administration System -Teachers can assess with cert. Personal Management inside Government - All employees inside Government 4 Major Insurances data exchange - Labor, Medical care, Pension, Industrial disaster - Internet access with certificate Digital Signature & Seal -Distribute certificates -Develop and enhance system adopting certificates E-Supply (G2B) - Online bidding with certificate Enhance computerization - Sharing national resource information 41/48
42 PKI Services PKI Public Services Housing subscription deposit system, Education, Medical information, e-bidding ('06) Housing subscription, the year-end tax adjustment, NEIS, National health Insurance, etc. 42/48
43 PKI Services PKI Mobile Banking Mobile banking service with certificate ('07~) Transferring a certificate from PC to mobile phone Generating electronic signature in mobile phone 43/48
44 PKI in Korea PKI Establishing a reliable u-authentication System Extending the authentication means to Biometric, OTP with PKI certificate Extending the authentication object to devices Developing new PKI business model 44/48
45 PKI General PKI Issues PKI technologies have been matured However, lack of killer applications Long term signature retention is necessary Stable standards are needed for signature verification capability over long term period PKI supports high assurance security Many applications will reside on web services Trusted validation authority Out source validation service from client 45/48
46 05 Conclusion 46/48
47 Conclusion Integrated Computing 47/48
48 Thank You Do not squander time; for that s the stuff life is made of. - Benjamin Franklin 48/48
PKI, Digital Signature and. July 2011 Prof. Bae, Kyoung Yul Sangmyung University
PKI, Digital Signature and e-government July 2011 Prof. Bae, Kyoung Yul Sangmyung University 01 Introduction Contents 02 03 04 05 06 Digital Bangladesh Information Security PKI &Digital Signature PKI Services
More informationICT and Broadband in Korea. September 2011 Prof. Bae, Kyoung Yul Sangmyung University
ICT and Broadband in Korea September 2011 Prof. Bae, Kyoung Yul Sangmyung University Contents 01 Digital Convergence 02 03 04 05 06 Information Communication Technology Broadband Network Mobile Network
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationGE Measurement & Control. Cyber Security for NEI 08-09
GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationMobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager
Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords Mika Devonshire Associate Product Manager 1 Agenda 2 What is Cybersecurity? Quick overview of the core concepts 3 Cybercrime
More informationHKUST CA. Certification Practice Statement
HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 2.1 Date : 12 November 2003 Prepared by : Information Technology Services Center Hong Kong University of
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationName: Position held: Company Name: Is your organisation ISO27001 accredited:
Third Party Information Security Questionnaire This questionnaire is to be completed by the system administrator and by the third party hosting company if a separate company is used. Name: Position held:
More informationDr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C
Cunsheng Ding, HKUST Lecture 06: Public-Key Infrastructure Main Topics of this Lecture 1. Digital certificate 2. Certificate authority (CA) 3. Public key infrastructure (PKI) Page 1 Part I: Digital Certificates
More informationThe Security Scenario 2005: The Future of Information Security
The Security Scenario 2005: The Future of Information Security Notes accompany this presentation. Please select Notes Page view. These materials can be reproduced only with Gartner s official approval.
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationSeamless ICT Infrastructure Security.
Seamless ICT Infrastructure Security. Integrated solutions from a single source. Effective protection requires comprehensive measures. Global networking has practically removed all borders in the exchange
More informationHow To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device
Ten Tips for Managing Risks on Convergent Networks The Risk Management Group April 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze,
More informationHow To Secure Cloud Computing
Next Generation Cloud Computing Issues and Solutions Jeon SeungHwan 1, Yvette E. Gelogo 1 and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon,
More informationCertification Practice Statement
FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification
More information7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.
Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationContent Protection and Security Considerations for 5G KILROY HUGHES 2015.08.20
Content Protection and Security Considerations for 5G KILROY HUGHES 2015.08.20 5G Content Protection and Security Topics 1. Is that a computer in your pocket? (or, are you just happy to see me? Mae West)
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationwww.softforum.co Home Network Security and PKI Role
Home Network Security and PKI Role Definition of Home Network at is considered Home Network here? ome Network is the network where all digitalized appliances are connected -By networking home devices provide
More informationSERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security
International Telecommunication Union ITU-T Y.2740 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2011) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS
More informationModule 1: Facilitated e-learning
Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationThe Information Security Problem
Chapter 10 Objectives Describe the major concepts and terminology of EC security. Understand phishing and its relationship to financial crimes. Describe the information assurance security principles. Identify
More informationSecurity Threats on National Defense ICT based on IoT
, pp.94-98 http://dx.doi.org/10.14257/astl.205.97.16 Security Threats on National Defense ICT based on IoT Jin-Seok Yang 1, Ho-Jae Lee 1, Min-Woo Park 1 and Jung-ho Eom 2 1 Department of Computer Engineering,
More informationSecurity Goals Services
1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;
More informationBachelor of Information Technology (Network Security)
Bachelor of Information Technology (Network Security) Course Structure Year 1: Level 100 Foundation knowledge subjects SEMESTER 1 SEMESTER 2 ITICT101A Fundamentals of Computer Organisation ITICT104A Internetworking
More informationUnderstanding Digital Signature And Public Key Infrastructure
Understanding Digital Signature And Public Key Infrastructure Overview The use of networked personnel computers (PC s) in enterprise environments and on the Internet is rapidly approaching the point where
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationBuilding The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord
Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against
More informationA Robust Multimedia Contents Distribution over IP based Mobile Networks
, pp. 283-288 http://dx.doi.org/10.14257/ijseia.2015.9.9.24 A Robust Multimedia Contents Distribution over IP based Mobile Networks Ronnie D. Caytiles, Seungyong Shin and Byungjoo Park * Multimedia Engineering
More informationMAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013
MAESON MAHERRY 3 Factor Authentication and what it means to business. Date: 21/10/2013 Concept of identity Identity and Access Management Authoritive Identity Source User Identity Feed and Role Management
More information2012 Data Breach Investigations Report
2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information
More informationPart III-a. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part III-a Contents Part III-a Public-Key Infrastructure (PKI) Definition of a PKI and PKI components PKI Trust Models Digital Certificate, X.509 Certificate Management and Life Cycle Public Key Infrastructure
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationSecurity aspects of e-tailing. Chapter 7
Security aspects of e-tailing Chapter 7 1 Learning Objectives Understand the general concerns of customers concerning security Understand what e-tailers can do to address these concerns 2 Players in e-tailing
More informationMidterm Solutions. ECT 582, Prof. Robin Burke Winter 2004 Take home: due 2/4/2004 NO LATE EXAMS ACCEPTED
Midterm Solutions ECT 582, Prof. Robin Burke Winter 2004 Take home: due 2/4/2004 NO LATE EXAMS ACCEPTED Name: 1) Alice wants to send Bob a digitally-signed piece of email from her desktop computer to his.
More informationBiometric Authentication Platform for a Safe, Secure, and Convenient Society
472 Hitachi Review Vol. 64 (2015), No. 8 Featured Articles Platform for a Safe, Secure, and Convenient Society Public s Infrastructure Yosuke Kaga Yusuke Matsuda Kenta Takahashi, Ph.D. Akio Nagasaka, Ph.D.
More informationPKI - current and future
PKI - current and future Workshop for Japan Germany Information security Yuichi Suzuki yuich-suzuki@secom.co.jp SECOM IS Laboratory Yuichi Suzuki (SECOM IS Lab) 1 Current Status of PKI in Japan Yuichi
More informationInternet Banking Internal Control Questionnaire
Internet Banking Internal Control Questionnaire Completed by: Date Completed: 1. Has the institution developed and implemented a sound system of internal controls over Internet banking technology and systems?
More informationHuman Factors in Information Security
University of Oslo INF3510 Information Security Spring 2014 Workshop Questions Lecture 2: Security Management, Human Factors in Information Security QUESTION 1 Look at the list of standards in the ISO27000
More informationLecture VII : Public Key Infrastructure (PKI)
Lecture VII : Public Key Infrastructure (PKI) Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 Problems with Public
More informationAccredited Certification Services on Cloud Environment. SungEun Moon KOSCOM mse@koscom.co.kr. 17 September, 2012
Accredited Certification Services on Cloud Environment SungEun Moon KOSCOM mse@koscom.co.kr 17 September, 2012 Index Existing Accredited Certificate Use and Enhanced Security Measure Accredited Certificate
More informationIngate Firewall/SIParator SIP Security for the Enterprise
Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...
More informationOCR LEVEL 3 CAMBRIDGE TECHNICAL
Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT NETWORKED SYSTEMS SECURITY J/601/7332 LEVEL 3 UNIT 28 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 NETWORKED SYSTEMS SECURITY
More informationThe DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions
The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions May 3, 2004 TABLE OF CONTENTS GENERAL PKI QUESTIONS... 1 1. What is PKI?...1 2. What functionality is provided by a
More informationInformation Security Policy
Information Security Policy Steve R. Hutchens, CISSP EDS, Global Leader, Homeland Security Agenda Security Architecture Threats and Vulnerabilities Design Considerations Information Security Policy Current
More informationDevice-based Secure Data Management Scheme in a Smart Home
Int'l Conf. Security and Management SAM'15 231 Device-based Secure Data Management Scheme in a Smart Home Ho-Seok Ryu 1, and Jin Kwak 2 1 ISAA Lab., Department of Computer Engineering, Ajou University,
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationHANDBOOK 8 NETWORK SECURITY Version 1.0
Australian Communications-Electronic Security Instruction 33 (ACSI 33) Point of Contact: Customer Services Team Phone: 02 6265 0197 Email: assist@dsd.gov.au HANDBOOK 8 NETWORK SECURITY Version 1.0 Objectives
More informationSecure Web Access Solution
Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...
More informationCyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist
Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended
More informationVirginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101
Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationPromotion on Information Security Certification Programs
Promotion on Information Security Certification Programs 2015. 6. 23 Wan S. Yi Ph.D., CISSP. ISC2 APAC Korea Internet & Security Agency 1 KISA Introduction 2 Certification Concept 3 Certification Ⅰ. KISA
More informationOpen Data Center Alliance Usage: Provider Assurance Rev. 1.1
sm Open Data Center Alliance Usage: Provider Assurance Rev. 1.1 Legal Notice This Open Data Center Alliance SM Usage:Provider Assurance is proprietary to the Open Data Center Alliance, Inc. NOTICE TO USERS
More informationAutomation Suite for. 201 CMR 17.00 Compliance
WHITEPAPER Automation Suite for Assurance with LogRhythm The Massachusetts General Law Chapter 93H regulation 201 CMR 17.00 was enacted on March 1, 2010. The regulation was developed to safeguard personal
More informationSECURITY ISSUES INTERNET WORLD WIDE WEB FOR THE AND THE
SECURITY ISSUES FOR THE INTERNET AND THE WORLD WIDE WEB - Internet connections: a back door into the enterpre. - Internet security incidents. - Viruses and how they spread. - The internet as a hacker s
More informationSecure Authentication for the Development of Mobile Internet Services Critical Considerations
Secure Authentication for the Development of Mobile Internet Services Critical Considerations December 2011 V1 Mobile Internet Security Working Group, SIMalliance AGENDA SIMalliance presentation What s
More informationSecurity Overview. BlackBerry Corporate Infrastructure
Security Overview BlackBerry Corporate Infrastructure Published: 2015-04-23 SWD-20150423095908892 Contents Introduction... 5 History... 6 BlackBerry policies...7 Security organizations...8 Corporate Security
More informationVendor Questionnaire
Instructions: This questionnaire was developed to assess the vendor s information security practices and standards. Please complete this form as completely as possible, answering yes or no, and explaining
More informationSound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
More informationSECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014
SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationDigital identity: Toward more convenient, more secure online authentication
Digital identity: Toward more convenient, more secure online authentication For more than four decades, the familiar username/password method has been the basis for authentication when accessing computer-based
More informationREGISTRATION AUTHORITY (RA) POLICY. Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A.
REGISTRATION AUTHORITY (RA) POLICY Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. INDEX Contenido 1. LEGAL FRAMEWORK... 4 1.1. Legal Base...
More informationFull Compliance Contents
Full Compliance for and EU Annex 11 With the regulation support of Contents 1. Introduction 2 2. The regulations 2 3. FDA 3 Subpart B Electronic records 3 Subpart C Electronic Signatures 9 4. EU GMP Annex
More informationSECURITY CONSIDERATIONS FOR LAW FIRMS
SECURITY CONSIDERATIONS FOR LAW FIRMS Enterprise Risk Management Professional consulting firm that specializes in cyber security Founded in 1998 in Miami, Florida Serves more than 150 clients, locally,
More informationMobile Office Security Requirements for the Mobile Office
Mobile Office Security Requirements for the Mobile Office S.Rupp@alcatel.de Alcatel SEL AG 20./21.06.2001 Overview Security Concepts in Mobile Networks Applications in Mobile Networks Mobile Terminal used
More informationTELSTRA RSS CA Subscriber Agreement (SA)
TELSTRA RSS CA Subscriber Agreement (SA) Last Revision Date: December 16, 2009 Version: Published By: Telstra Corporation Ltd Copyright 2009 by Telstra Corporation All rights reserved. No part of this
More informationUnderstanding Cyber Defense A Systems Architecture Approach
NDIA 12th Annual Systems Engineering Conference, San Diego, CA, 26-29 Oct 2009 Understanding Cyber Defense A Systems Architecture Approach Tom McDermott Director of Research Georgia Tech Research Institute
More informationNeutralus Certification Practices Statement
Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX...1 1.0 INTRODUCTION...3 1.1 Overview...3 1.2 Policy Identification...3 1.3 Community & Applicability...3 1.4 Contact Details...3
More informationPKI: Public Key Infrastructure
PKI: Public Key Infrastructure What is it, and why should I care? Conference on Higher Education Computing in Kansas June 3, 2004 Wes Hubert Information Services The University of Kansas Why? PKI adoption
More information2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.
Purpose and Scope The purpose of this policy is to define the roles and responsibilities on implementing the Homeland Security Presidential Directive 12 (HSPD-12) Logical Access Control (LAC) throughout
More informationUseful Tips for Reducing the Risk of Unauthorized. Access for Laser Beam Printers and Small-Office MFPs
Useful Tips for Reducing the Risk of Unauthorized Access for Laser Beam Printers and Small-Office MFPs (LBP and MF series) Important: System administrators are advised to read. Overview and Use of this
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationTechnical Standards for Information Security Measures for the Central Government Computer Systems
Technical Standards for Information Security Measures for the Central Government Computer Systems April 21, 2011 Established by the Information Security Policy Council Table of Contents Chapter 2.1 General...
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationSSL Overview for Resellers
Web Security Enterprise Security Identity Verification Services Signing Services SSL Overview for Resellers What We ll Cover Understanding SSL SSL Handshake 101 Market Opportunity for SSL Obtaining an
More informationNew York State Electronic Signatures and Records Act
PIANY Doc. No. 31174 New York State Electronic Signatures and Records Act The information contained within this Resource kit was made available by the New York State Department of State Division of Administrative
More information9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500
INFO 1500 9. Information Assurance and Security, Protecting Information Resources 11. ecommerce and ebusiness Janeela Maraj Tutorial 9 21/11/2014 9. Information Assurance and Security, Protecting Information
More informationHIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations
HIPAA 203: Security An Introduction to the Draft HIPAA Security Regulations Presentation Agenda Security Introduction Security Component Requirements and Impacts Administrative Procedures Physical Safeguards
More informationIs Your IT Environment Secure? November 18, 2015. Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting
Is Your IT Environment Secure? November 18, 2015 Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting Clark Schaefer Consulting Serving elite and emerging companies with practical solutions
More information6 Steps to SIP trunking security. How securing your network secures your phone lines.
6 Steps to SIP trunking security How securing your network secures your phone lines. The myths about SIP trunking can be misleading. There are stories that SIP has set off a cyber crime wave of corporate
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationEUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationUseful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important
Useful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important System administrators are advised to read. Overview and Use of this Guide Objectives This guide provides additional
More informationVOICE OVER IP SECURITY
VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More information資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系
資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 Outline Infosec, COMPUSEC, COMSEC, and Network Security Why do we need Infosec and COMSEC? Security
More informationDigital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government
Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government Briefing W. Frisch 1 Outline Digital Identity Management Identity Theft Management
More informationResearch Article. Research of network payment system based on multi-factor authentication
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationE-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.
Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter
More information