Problems in Diaspora: A Distributed Social Network

Size: px
Start display at page:

Download "Problems in Diaspora: A Distributed Social Network"

Transcription

1 Problems in Diaspora: A Distributed Social Network Yousra Javed ABSTRACT Recently, the notion of distributed social network has been introduced to address the limitations of centralized social networks. These limitations include lack of interoperability with other social networks and inability of the users to have control over their own data. In a distributed social network, every user owns their data by creating their own node (pod) in the distributed network and is able to communicate with any user on any other pod. Diaspora is among the pioneers of distributed social networking services. It is an open source and free software; any person can install it on their own server known as pod and be able to communicate with other users on other servers/pods. There is not enough literature on the design and performance evaluation of Diaspora. In this project, I have studied the internal working of Diaspora and reported the possibility of Denial of Service, Sybil attack and defeating the encryption scheme. Similarly, there is information incompleteness problem in the Relayability mechanism, and, usability issues in Web interface of Diaspora. 1. INTRODUCTION In our daily lives, when we talk to our friends, we don t need to hand our messages to a hub and get them sent over to our friends through that hub. Our virtual lives should work the same way. All the existing social networks such as Facebook, Twitter and LinkedIn are however, centralized and store the user data on a central server. Centralized social networks have numerous problems. First and the most important is lack of privacy and data ownership. The user data is handed over to third parties for personalized advertising. Also, even after deleting the account, the user data remains stored on the central servers. Secondly, these social networks do not allow interoperability with other social networks. Therefore, if a Facebook user wants to communicate with a Twitter user, they are unable to do so and have to create separate accounts on each social network to communicate with their friends on that social network. In order to address these limitations, recently, the idea of distributed social networks came into being. Distributed social networks are 1) open source and free 2) decentralized; they are not owned or run by one central authority 3) Federated; users on one social network are able to communicate with users on another social network Diaspora[1] is an open source software which implements distributed social network. Diaspora aims to provide the users more control over their privacy, and the ownership and dissemination of their information by enabling the users to set up their own server (or pod ) to host content; pods can then interact to share status updates, photographs, and other social data. It allows its users to host their data with a traditional web host, a cloud-based host, an internet service provider (ISP), or a trusted friend s pod. Other popular implementations of distributed social networks include Friendica and StatusNet [4][5]. The Diaspora project started in 2010 and is in its alpha release version. It is fairly new and currently has about 56 pods. Although the developers claim that they are the most private social network to date, preliminary studies of Diaspora have highlighted that there is a potential of numerous problems in its design [8] [9]. In this project, I have studied the Diaspora s architecture in detail and report the problems existing in the Diaspora s federation protocol, possible attacks the code vulnerabilities might lead to and the usability issues in Diaspora s web interface. I chose Diaspora over other distributed social networks because it is the first among these networks and has a relatively better documentation as compared to Friendica and StatusNet. The rest of the project is organized as follows: In Section 2, I discuss the related research work in this domain. In Section 3, I discuss the architecture and working of Diaspora. Section 4 discusses the possible attacks and identified problems in Diaspora. Finally, I conclude the project. 2. RELATED WORK Recently, the distributed social networks have gained some attention in the research community. Hong et al. have surveyed the computer crimes in centralized and distributed social networks [9]. They have highlighted the areas in Diaspora which could possibly have problems. These include bugs in the open source software, technology knowledge requirement by the end-users to install their own servers and trustworthiness of the pod owner. However, they have not discussed in detail about what problems are possible in each of the three categories. Han et al. include social butterfly have provided a social cache based solution to effectively disseminate the data between users on different servers in a distributed social network[7]. Certain friends cache the updates for other friends, and these selected friends act as Social Caches. By utilizing social caches, the social message traffic can be optimized, and the transmission latency and bandwidth usage in the network can be reduced. Researchers have also analyzed Diaspora s open source code to find any existing vulnerabilities [8]. They have

2 pointed out some severe coding errors related to authentication and authorization checking that could lead to other problems. We report the possible attacks that results from their vulnerability findings. 3. DIASPORA ARCHITECTURE This section explains the design of Diaspora social network and how the communication takes place between users. 3.1 Design Diaspora s design consists of distributed personal web servers. Installations of Diaspora s open source software on these servers forms nodes (termed pods ) - the core components of Diaspora. The interaction between these pods creates a distributed social network system. Figure 1(a) shows a basic overview of the Diaspora pods and their communication. Each pod itself can be considered a small social network of trusted users(and therefore have their data on the same server). Each pod is able to communicate with other users on other pods/social networks. Every user on Diaspora can either set up their own pod, or choose one of the existing pods to register their account with. There are approximately 56 Diaspora pods currently available. Figure 1(b) shows a user(you) on pod 1, who has friends in each of the two pods 1 and 2. The data of friend is stored on their own pods. Diaspora somehow works like a peer-to-peer network. The only difference is an individual s data exists only in one or maybe a few pods. In contrast to the P2P network, storing more copies of the same data in different servers is favorable. 3.2 Web Interface and Features The Diaspora features are pretty much a mix of Facebook and Twitter. Currently, the following are supported on Diaspora: Other features including comments/likes/private messages and notifications are similar to Facebook. Figure 2 is a snapshot showing the above mentioned features in Diaspora s web interface. 3.3 Federation Protocol Diaspora s federation protocol is used for communication between the servers. The servers communicate with one another in the following situations: 1. Discovering information about users on another pod 2. Sending information to friends, the users are sharing with Below is an explanation of how the servers communicate in each of these situations User discovery Diaspora pods must be able to discover users on other pods, given the other user s webfinger address [6]. The user s webfinger address is a combination of their username and the pod name. This communication is required when the user is trying to find a friend by name on a pod or when the sender or receiver s public key is to be extracted. The first step is to get the webfinger server address using the host-meta file for the friend to be discovered. This is because, it is not necessary that the friend s webfinger profile is hosted on their pod. The next step is to transform the friend s webfinger address by combining it with the webfinger server address and making a GET request. The webfinger server responds with the friend s webfinger profile. This profile contains the friend s webfinger address, their guid, public key, seed location and an hcard to friend s other profile information. Figure 3 demonstrates an example of user discovery where alice on one pod is trying to discover bob on the other pod Sending and receiving information All the data exchanged between the pods is encrypted to protect the privacy of data even if it is transmitted over HTTP. The encryption and decryption method used in Diaspora is Pretty Good Privacy (PGP). Every user created on a pod is assigned a unique public/private key pair and an ID called guid. The pod encrypts request and response data before they are sent out. When a request or response is received, the data will be decrypted and then passed to users. Salmon slap (part of the Salmon Protocol)[3] is used to construct all the data messages. A salmon slap is comprised of three parts: 1. Encryption header: It contains the encrypted header json object. This object is composed of header encrypted using inner Advanced Encryption Standard (AES) key bundle (using the outer AES key bundle) and encrypted outer key bundle using receiver s Rivest Shamir Adleman (RSA) public key. 2. Payload message: It is encrypted using inner AES key and initialization vector (which are stored in the encryption header). 3. Salmon magic envelope: It consists of the encryption header, payload message and the sender s signature in order for the receiver to verify the sender s identity. This message is sent to the url of receiver s salmon endpoint. This url is constructed by finding the receiver s pod location and their guid by extracting the user s webfinger profile as described in Section Figure 4 shows the procedure of sending message to a user in Diaspora. The receiver first de- Figure 4: Sending a message using Diaspora s Federation Protocol crypts the header and then the payload message to get the information about the sender. This is because, only the payload contains the sender s handle. After getting the sender s

3 (a) Pod Communication Graph (b) User with friends on different pods Figure 1: Diaspora Design Figure 2: Diaspora Web Interface Figure 3: User Discovery

4 Feature Asymmetric friendship Stream My Activity Hashtags Followed Tags Connect Service Table 1: Diaspora Features Details One way friendship. Just like the following feature on Twitter, user A may choose share their data with user B while the other user B might not share their data with user A. This is a combination of Facebook s Wall feature and News feed. Here a user can post status, videos and pictures with intended audience and view posts from other users. This feature allows the user to view all the posts/likes/comments they have made. This feature allows the user to group their friends into categories. It enables the user to share data with a limited audience. It is similar to friend lists in Facebook and circles in Google+ It enables the user to tag a friend in a post in order to notify them about a post just like in Facebook Hashtags enable categorization of the posts so that people with interest in the relevant categories can view these posts too These are categories of interests to the user. Posts related to these categories will appear in the user s stream This feature enables the user to simultaneously post to the status/photo/video to Twitter, Facebook or Tumbler for their friends not on Diaspora. This is done through the APIs of these social networks handle, their public key is extracted using the Webfinger protocol to verify the sender and send back a response. 3.4 Message Semantics Messages are sent to the receiver s pods for each of the following: Notification that a user has begun or ceased sharing with a friend Posts,likes,comments that a user has made on their own posts or one of their friend s posts Conversations (each thread in the inbox has an object representing it) Messages (each individual message in a Conversation) Profile information Retractions of posts,likes,comments Each post has an ID called guid and the sender s handle. If the post is a response e.g., a comment or a like, then the parent post s guid and author s signature is also included in the message. When the originator of the post wants to relay these comments/likes to the rest of the audience, they also include their own signature called parent author signature in the message in order for the receiver to verify that the message is not fake [2] Issues Numerous issues arise because of the notion of users on different servers. These issues should be handled in order for Diaspora to communicate information between the users properly. 1. Local vs Remote delivery Diaspora has the notion of local and remote people. For each pod, its local people are the users in that pod while all the other users not on that pod are considered as remote people. Whenever a user on one pod makes a post which is visible to friends on that pod as well as to friends on other pods, Diaspora should deliver all relevant notifications to local people as well as the remote people. For local people, only the pod s internal database needs to be updated but for remote people the message must be sent over the wire. The local people should be able to see the comment, even if it never reaches the remote people. 2. Relayability There are certain circumstances where the originator of a post is on different pod than the users replying to that post. For example, Bob and Alice live on different pods. if Bob makes a post and Alice comments, all of the people who saw Bob s post should see Alice s response as well. Alice will send a relayable response to Bob, and Bob will determine who needs to see the response, and will relay it accordingly. 3. De-duplication In Diaspora, the sender of the message sends each remote receiver a separate salmon slap. De-duplication is used to avoid storing more than one copies of a message that is visible to multiple users on one pod. For example, Alice and Eve live on the same pod, but Bob lives on a remote pod. Bob makes a post that should be visible to Alice and Eve. Therefore, he prepares two separate messages. When Alice receives her copy of Bob s original message, Alice s pod stores the cleartext in the database. When the second one comes in Eve s pod just makes a note in a local visibilitypermission table, noting that Eve should be able to see the message. However, this is only possible in case the users private keys are stored on the pod, otherwise it will not be possible to decrypt the messages and find out if they have been received multiple times. 4. POSSIBLE ATTACKS This section discusses the possible attacks identified in Diaspora. 4.1 False Reputation (Sybil Attack) Due to the popularity of social networks and the large number of users, most businesses target them to advertise their products and gain user attention. For example, on Facebook, anyone can create a page for their business and ask users to visit their page for the product information. If the users are interested, they might like the page. Other visitors of the page form opinions about the business reputation from the number of fans/likes on the business page. Sybil attack is popular in reputation systems in order to increase the rating of a user/product. The attacker creates multiple false identities and uses them to cast a vote or increase the number of likes. Facebook tries to limit the number of accounts per person by associating a phone number to each number. However, sybil attack is possible in Diaspora because of the following reasons:

5 Each user can create multiple accounts by using the same address on different pods Each user can create multiple pods; each pod is a small social network in itself Existing defenses against Sybil attack involve creating a trusted central authority to verify credentials (e.g., credit card or passport) that are unique to actual human beings. However, Diaspora currently does not have any such mechanism. Neither any phone number is required to be associated with each account. Yu et al. [10] have proposed SybilGuard which leverages the social network among the users to detect the sybil nodes in the network. The underlying idea is that it is hard for the sybil nodes to create trust links with the honest nodes. The resulting network graph has a small quotient cut which is a small set of edges who removal disconnects a large number of nodes from the rest of the graph. To achieve this, each node performs a random route of a certain length. The verifier node then checks the intersection of the random routes of each node with its route. The nodes for which the routes do not intersect are considered as sybil nodes. This defense is more applicable to peer to peer networks in which the sybil nodes try to outvote honest nodes. However, in Diaspora, there is no way of telling which users are honest and with whom the trust links should be build. This is because each pod is a social network in itself and it is not necessary for the users on a pod to have links with users on other pods. Figure 5 illustrates this scenario. The attacker creates an account for a product on the business pod. Then multiple accounts are created on each of the three pods using the same addresses and connections are made between each of these users. The product page is then liked using these accounts (shown in red lines) to increase the rating. Figure 5: Illustration of false reputation (Sybil attack) in Diaspora 4.2 Denial of Service (DoS) Attack A denial of service attack is possible to launch in Diaspora by exploiting its code vulnerabilities [8]. Diaspora is implemented using Ruby on Rails 3.0 Web framework 1. A major vulnerability in Diaspora s code is that the security- sensitive actions on the server used parameters from the HTTP request to identify pieces of data they were to operate on, without checking that the logged-in user was actually authorized to view or operate on that data. Diaspora uses Devise library to handle authentication. However, Devise does 1 not handle authorization. Secondly, Rails by default uses mass update, where update attributes and similar methods accept a hash as input and sequentially call all accessors for symbols in the hash. Figure 6 highlights the code displaying these vulnerabilities. Objects will update both database columns (or their MongoDB analogs) and will call parameter name = for any : parameter name in the hash that has that method defined.the attacker can leverage both these vulnerabilities i.e. unchecked authorization and mass update to meddle with user profiles. An attacker can create an arbitrary number of accounts, changing the owner id on each to collide with a victim s legitimate user ID, and in doing so successfully delink the victim s data from his or her login. This amounts to a denial of service attack, since the victim loses the utility of the Diaspora service. Secondly, ac- Figure 6: Code vulnerabilities cording to Diaspora s federation protocol, the receiver has to perform a three step process before accepting or rejecting a message and cannot directly accept/reject a message. In the first step, the outer AES key bundle in the salmon envelope s header is decrypted using the receiver s public key. In the next step, this key bundle is used to decrypt the other part of the header and get the sender s information and inner AES key bundle that was used to encrypt the payload message. In the third step, the receiver gets the sender s public key and verify the sender s signature in order to accept or reject the message. In Diaspora, the messages can be sent over plain HTTP because the communication is encrypted. Since, the public key of the receiver can be easily acquired using the Webfinger protocol, a malicious pod can exploit this fact to construct messages with fake sender information and signature and flood a specific pod with these messages and deny services to other legitimate users. 4.3 Defeating the encryption scheme Diaspora uses encryption when communicating messages between the users on different pods so that they are not vulnerable to sniffing. This is Diaspora s main feature for preserving privacy. However, using the vulnerabilities identified in the previous section i.e., the combination of unchecked authorization and mass update can be used by the attacker to replace the user s public/private key pair with one the attacker has generated. Hence, the attacker is able to break

6 the existing encryption scheme regardless of how well implemented Diaspora s cryptography. The attacker can read the user s messages at will since they have the private keys. This defeats the core value of Diaspora that the user data will remain safe and in their control. 5. OTHER PROBLEMS This section describes problems regarding incompleteness of information and usability issues in Diaspora s web interface. 5.1 Information Incompleteness Information incompleteness represents the absence of information that is required to make a decision. The Diaspora s federation protocol is vulnerable to scenarios where a user needs to form a decision based on the response of another user. The relayability mechanism is one example, discussed in Section It lets the originator of the post make sure that the remote users are able to see comments by users from other pods. However, consider a scenario in which Alice and Eve are on the same pod, while Bob and Diego are on separate pods. Bob makes a post which is visible to Alice, Eve and Diego. Bob sends a copy of the message to each of the three users. Each user who comments on the post will get a reward amount. However, the amount is calculated based on first come first serve basis. The first person to comment gets the award and so on. Now, if Alice comments on the post, this comment will be immediately available to Eve because they are on the same pod. However, Bob must relay the comment to Diego. If the relayed comment never reaches to Diego because Bob s pod was down or the message got dropped in between, then Diego is unable to calculate his exact reward amount. He might be of the opinion that he made the comment first because Alice s comment never reached him. See Figure 7 Similarly, there might be other cases where Diego s decision is completely be based on Alice s comment and he does not have enough information to form a decision because her comment never reached him. Figure 7: Information Incompleteness in Relayability 5.2 Web Interface If a user shares a post with only a specific number of friends by selecting the aspects they are placed in, then limited appears beneath the post. This is used to preserve the privacy of the audience with which the post has been shared. However, unlike Facebook, where the author of the post is able to look at the privacy settings of a post at any time after it has been created, on Diaspora s current interface, the author is unable to view or change the post settings. This is a drawback because people do not remember their privacy settings. Moreover, the sharing intentions might change over time due to the change in relationships with the post s audience and the author might want to edit the privacy settings to shrink or expand the audience. Currently, the only way to achieve this is by deleting the post and reposting it with the new audience. Currently, the access control in Diaspora is not very fine grained and is based on allowing access control lists only. However, a user might want to add negative rules in the policy. Secondly, in some scenarios it is desirable to introduce exceptions by allowing a complete list and denying a specific friend. This is currently not possible in Diaspora s current interface. 6. CONCLUSION AND FUTURE WORK In this project, I have explored the problems existing in Diaspora s design. Diaspora is among the pioneers of distributed social networking services. The vulnerabilities in the code can be exploited to launch a Denial of Service attack and can defeat the encryption scheme deployed in Diaspora. Moreover, it is easy to create false reputation and launch a Sybil attack by creating multiple fake accounts. Similarly, there is information incompleteness problem in the Relayability mechanism where the remote user is unable to make a decision because the information from the other user never reaches them. There also exist several usability issues in Web interface of Diaspora. These include the inability to view and edit the post settings and lack of fine-grained access control in the form of negative rules and exceptions. 7. REFERENCES [1] Diaspora. https://www.joindiaspora.com/. [2] Federation message semantics. https://github.com/diaspora/diaspora/wiki/ Federation-Message-Semantics. [3] Federation protocol. https://github.com/diaspora/ diaspora/wiki/federation-protocol-overview. [4] Friendica. https://www.friendica.com/. [5] Statusnet. https://www.status.net/. [6] Webfinger protocol. webfinger/wiki/webfingerprotocol. [7] L. I. Lu Han, Badri Nath and S. Muthukrishnan. Social butterfly: Social caches for distributed social networks. In SocialCom/PASSAT, pages 81 86, [8] P. McKenzie. Weapons of mass assignment. Queue, 9(3):40:40 40:48, Mar [9] L. B. P. W. H. M. Pang Chun Hong, Chow Shing Yu and Y. K. Wa. Computer crimes on social network services. Technical report, April [10] H. Yu, M. Kaminsky, P. B. Gibbons, and A. Flaxman. Sybilguard: defending against sybil attacks via social networks. SIGCOMM Comput. Commun. Rev., 36(4): , Aug

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Application Note: Onsight Device VPN Configuration V1.1

Application Note: Onsight Device VPN Configuration V1.1 Application Note: Onsight Device VPN Configuration V1.1 Table of Contents OVERVIEW 2 1 SUPPORTED VPN TYPES 2 1.1 OD VPN CLIENT 2 1.2 SUPPORTED PROTOCOLS AND CONFIGURATION 2 2 OD VPN CONFIGURATION 2 2.1

More information

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

More information

Christoph Sorge. February 12th, 2014 Bitcoin minisymposium at KNAW

Christoph Sorge. February 12th, 2014 Bitcoin minisymposium at KNAW Bitcoin s Peer-to-Peer network Christoph Sorge February 12th, 2014 Bitcoin minisymposium at KNAW Clipart source: http://openclipart.org, users Machovka and Keistutis Department of Computer Science What

More information

DoS: Attack and Defense

DoS: Attack and Defense DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches

More information

Cisco EXAM - 300-207. Implementing Cisco Threat Control Solutions (SITCS) Buy Full Product. http://www.examskey.com/300-207.html

Cisco EXAM - 300-207. Implementing Cisco Threat Control Solutions (SITCS) Buy Full Product. http://www.examskey.com/300-207.html Cisco EXAM - 300-207 Implementing Cisco Threat Control Solutions (SITCS) Buy Full Product http://www.examskey.com/300-207.html Examskey Cisco 300-207 exam demo product is here for you to test the quality

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

SOMA Cryptography Whitepaper

SOMA Cryptography Whitepaper SOMA Cryptography Whitepaper Draft date: Nov. 1st, 2015 Contents Overview 2 Secure Transport Layer Protocol 3 AES256 Key Generation 3 Login Data Verification 3 Secure Transport Layer Establishment 4 Data

More information

Bit Chat: A Peer-to-Peer Instant Messenger

Bit Chat: A Peer-to-Peer Instant Messenger Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

ReadyNAS Remote White Paper. NETGEAR May 2010

ReadyNAS Remote White Paper. NETGEAR May 2010 ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that

More information

Peer-to-peer Cooperative Backup System

Peer-to-peer Cooperative Backup System Peer-to-peer Cooperative Backup System Sameh Elnikety Mark Lillibridge Mike Burrows Rice University Compaq SRC Microsoft Research Abstract This paper presents the design and implementation of a novel backup

More information

symmetric key distribution requirements for public key algorithms asymmetric (or public) key algorithms

symmetric key distribution requirements for public key algorithms asymmetric (or public) key algorithms topics: cis3.2 electronic commerce 6 dec 2005 lecture # 18 internet security, part 2 symmetric (single key) and asymmetric (public key) methods different cryptographic systems electronic payment mechanisms

More information

arxiv:1411.6409v1 [cs.cr] 24 Nov 2014

arxiv:1411.6409v1 [cs.cr] 24 Nov 2014 Warp2: A Method of Email and Messaging with Encrypted Addressing and Headers H. Bjorgvinsdottir a P. M. Bentley a,b a University of Uppsala, Uppsala, Sweden b European Spallation Source ESS AB, Box 176,

More information

Enhancing Network Security By Using Social Contacts

Enhancing Network Security By Using Social Contacts Enhancing Network Security By Using Social Contacts Syed Safi Ali Shah Aalto University School of Science Technology safi.shah@aalto.fi Abstract As the popularity of online social networks increases every

More information

VoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan

VoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s

More information

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/ DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Dashlane Security Whitepaper

Dashlane Security Whitepaper Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.

More information

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0 Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust

More information

Chapter 17. Transport-Level Security

Chapter 17. Transport-Level Security Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

More information

Associate Prof. Dr. Victor Onomza Waziri

Associate Prof. Dr. Victor Onomza Waziri BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,

More information

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0

Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0 Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual Document Version 1.0 Table of Contents 1 SWAF... 4 1.1 SWAF Features... 4 2 Operations and User Manual... 7 2.1 SWAF Administrator

More information

How to select the right Marketing Cloud Edition

How to select the right Marketing Cloud Edition How to select the right Marketing Cloud Edition Email, Mobile & Web Studios ith Salesforce Marketing Cloud, marketers have one platform to manage 1-to-1 customer journeys through the entire customer lifecycle

More information

Chapter 6 Electronic Mail Security

Chapter 6 Electronic Mail Security Cryptography and Network Security Chapter 6 Electronic Mail Security Lectured by Nguyễn Đức Thái Outline Pretty Good Privacy S/MIME 2 Electronic Mail Security In virtually all distributed environments,

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

Facebook Smart Card FB 121211_1800

Facebook Smart Card FB 121211_1800 Facebook Smart Card FB 121211_1800 Social Networks - Do s and Don ts Only establish and maintain connections with people you know and trust. Review your connections often. Assume that ANYONE can see any

More information

An Insight into Cookie Security

An Insight into Cookie Security An Insight into Cookie Security Today most websites and web based applications use cookies. Cookies are primarily used by the web server to track an authenticated user or other user specific details. This

More information

YouServ: A Web Hosting and Content Sharing Tool for the Masses

YouServ: A Web Hosting and Content Sharing Tool for the Masses YouServ: A Web Hosting and Content Sharing Tool for the Masses Roberto Bayardo IBM Almaden Research Center Joint work with Rakesh Agrawal, Daniel Gruhl, and Amit Somani Goal Allow people to easily share

More information

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide Network Security [2] Public Key Encryption Also used in message authentication & key distribution Based on mathematical algorithms, not only on operations over bit patterns (as conventional) => much overhead

More information

ETHERNET ENCRYPTION MODES TECHNICAL-PAPER

ETHERNET ENCRYPTION MODES TECHNICAL-PAPER 1 ETHERNET ENCRYPTION MODES TECHNICAL-PAPER The CN series encryption platform is designed to secure information transmitted over a number of network protocols. The CN series encryptors secure Ethernet

More information

Computer Security and Privacy

Computer Security and Privacy Computer Security and Privacy 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Guidelines for Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures

More information

Hushmail Express Password Encryption in Hushmail. Brian Smith Hush Communications

Hushmail Express Password Encryption in Hushmail. Brian Smith Hush Communications Hushmail Express Password Encryption in Hushmail Brian Smith Hush Communications Introduction...2 Goals...2 Summary...2 Detailed Description...4 Message Composition...4 Message Delivery...4 Message Retrieval...5

More information

DDoS Vulnerability Analysis of Bittorrent Protocol

DDoS Vulnerability Analysis of Bittorrent Protocol DDoS Vulnerability Analysis of Bittorrent Protocol Ka Cheung Sia kcsia@cs.ucla.edu Abstract Bittorrent (BT) traffic had been reported to contribute to 3% of the Internet traffic nowadays and the number

More information

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO In The Next 15 Minutes, You May Know What is PGP? Why using PGP? What can it do? How did it evolve? How does it work? How to work it? What s its limitation?

More information

Reviewer s Guide Kaspersky Internet Security for Mac

Reviewer s Guide Kaspersky Internet Security for Mac Reviewer s Guide Kaspersky Internet Security for Mac 1 Protection for Mac OS X The main window shows all key features such as Scan, Update, Safe Money, and Parental Control in a single place. The current

More information

Computer System Management: Hosting Servers, Miscellaneous

Computer System Management: Hosting Servers, Miscellaneous Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation

More information

Comparing Two Models of Distributed Denial of Service (DDoS) Defences

Comparing Two Models of Distributed Denial of Service (DDoS) Defences Comparing Two Models of Distributed Denial of Service (DDoS) Defences Siriwat Karndacharuk Computer Science Department The University of Auckland Email: skar018@ec.auckland.ac.nz Abstract A Controller-Agent

More information

Security Issues In Cloud Computing and Countermeasures

Security Issues In Cloud Computing and Countermeasures Security Issues In Cloud Computing and Countermeasures Shipra Dubey 1, Suman Bhajia 2 and Deepika Trivedi 3 1 Department of Computer Science, Banasthali University, Jaipur, Rajasthan / India 2 Department

More information

Exploiting Foscam IP Cameras. contact@rampartssecurity.com

Exploiting Foscam IP Cameras. contact@rampartssecurity.com Exploiting Foscam IP Cameras contact@rampartssecurity.com Contents 1. Introduction... 2 2. Finding the Cameras... 3 2.1 Scanning the Address Space... 3 2.1.1 Results from Live Scan... 3 2.2 The Foscam

More information

SCRIBE ONLINE SECURITY

SCRIBE ONLINE SECURITY SCRIBE ONLINE SECURITY This document provides an overview of Scribe Online s Security. SCRIBE ONLINE Scribe Online is an Integration Platform as a service, allowing you to quickly and easily integrate

More information

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0 APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

More information

What is network security?

What is network security? Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation. eblvd enables secure, cloud-based access to a PC or server over the Internet. Data, keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, yielding "as good as

More information

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key Friends and Enemies Security Outline Encryption lgorithms Protocols Message Integrity Protocols Key Distribution Firewalls Figure 7.1 goes here ob, lice want to communicate securely Trudy, the intruder

More information

Network Security Protocols

Network Security Protocols Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination

More information

Comprehensive Anti-Spam Service

Comprehensive Anti-Spam Service Comprehensive Anti-Spam Service Chapter 1: Document Scope This document describes how to implement and manage the Comprehensive Anti-Spam Service. This document contains the following sections: Comprehensive

More information

Dashlane Security Whitepaper

Dashlane Security Whitepaper Dashlane Security Whitepaper March 2016 1. General Security Principles a. Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password

More information

Chapter 10. Cloud Security Mechanisms

Chapter 10. Cloud Security Mechanisms Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based

More information

Maginatics Security Architecture

Maginatics Security Architecture Maginatics Security Architecture What is the Maginatics Cloud Storage Platform? Enterprise IT organizations are constantly looking for ways to reduce costs and increase operational efficiency. Although

More information

III. Our Proposal ASOP ROUTING ALGORITHM. A.Position Management

III. Our Proposal ASOP ROUTING ALGORITHM. A.Position Management Secured On-Demand Position Based Private Routing Protocol for Ad-Hoc Networks Ramya.R, Shobana.K, Thangam.V.S ramya_88@yahoo.com, k shobsi@yahoo.co.in,thangam_85@yahoo.com Department of Computer Science,

More information

Securing your Online Data Transfer with SSL

Securing your Online Data Transfer with SSL Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does

More information

Chapter 7: Network security

Chapter 7: Network security Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Lecture 9: Application of Cryptography

Lecture 9: Application of Cryptography Lecture topics Cryptography basics Using SSL to secure communication links in J2EE programs Programmatic use of cryptography in Java Cryptography basics Encryption Transformation of data into a form that

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

Measurabl, Inc. Attn: Measurabl Support 1014 W Washington St, San Diego CA, 92103 +1 619.719.1716

Measurabl, Inc. Attn: Measurabl Support 1014 W Washington St, San Diego CA, 92103 +1 619.719.1716 Measurabl, Inc. ( Company ) is committed to protecting your privacy. We have prepared this Privacy Policy to describe to you our practices regarding the Personal Data (as defined below) we collect from

More information

Blue Jeans Network Security Features

Blue Jeans Network Security Features Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users

More information

Rights Management Services

Rights Management Services www.css-security.com 425.216.0720 WHITE PAPER Microsoft Windows (RMS) provides authors and owners the ability to control how they use and distribute their digital content when using rights-enabled applications,

More information

Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.

More information

Lab 8.3.1.2 Configure Basic AP Security through IOS CLI

Lab 8.3.1.2 Configure Basic AP Security through IOS CLI Lab 8.3.1.2 Configure Basic AP Security through IOS CLI Estimated Time: 30 minutes Number of Team Members: Students will work in teams of two. Objective In this lab, the student will learn the following

More information

Using PI to Exchange PGP Encrypted Files in a B2B Scenario

Using PI to Exchange PGP Encrypted Files in a B2B Scenario Using PI to Exchange PGP Encrypted Files in a B2B Scenario Applies to: SAP Net Weaver Process Integration 7.1 (SAP PI 7.1). For more information, visit the SOA Management homepage. Summary This document

More information

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Anti-Phishing Best Practices for ISPs and Mailbox Providers Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing

More information

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network. Elements of Email Email Components There are a number of software components used to produce, send and transfer email. These components can be broken down as clients or servers, although some components

More information

Secure Sockets Layer

Secure Sockets Layer SSL/TLS provides endpoint authentication and communications privacy over the Internet using cryptography. For web browsing, email, faxing, other data transmission. In typical use, only the server is authenticated

More information

SWFP: Secure Web Feed Protocol

SWFP: Secure Web Feed Protocol SWFP: Secure Web Feed Protocol Frédérick Giasson fred [at] fgiasson.com Abstract SWFP ensures the secure broadcasting of web feeds content over a local network or the Internet. The protocol is built to

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Chapter 4 Virtual Private Networking

Chapter 4 Virtual Private Networking Chapter 4 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the FVL328 Firewall. VPN tunnels provide secure, encrypted communications between

More information

Wireless Networks. Welcome to Wireless

Wireless Networks. Welcome to Wireless Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)

More information

How Kontiki Takes Live Video Broadcasting to the Next Level

How Kontiki Takes Live Video Broadcasting to the Next Level How Kontiki Takes Live Video Broadcasting to the Next Level Executive Summary Today, there is a huge pent up demand for live video in the enterprise for everything from executive & CEO updates to marketing

More information

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1

EXAM questions for the course TTM4135 - Information Security May 2013. Part 1 EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

More information

Network Security Fundamentals

Network Security Fundamentals APNIC elearning: Network Security Fundamentals 27 November 2013 04:30 pm Brisbane Time (GMT+10) Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security IPv6

More information

Denial of Service Attacks, What They are and How to Combat Them

Denial of Service Attacks, What They are and How to Combat Them Denial of Service Attacks, What They are and How to Combat Them John P. Pironti, CISSP Genuity, Inc. Principal Enterprise Solutions Architect Principal Security Consultant Version 1.0 November 12, 2001

More information

The Elements of Cryptography

The Elements of Cryptography The Elements of Cryptography (March 30, 2016) Abdou Illia Spring 2016 Learning Objectives Discuss Cryptography Terminology Discuss Symmetric Key Encryption Discuss Asymmetric Key Encryption Distinguish

More information

Receiving Secure Email from Citi For External Customers and Business Partners

Receiving Secure Email from Citi For External Customers and Business Partners Citi Secure Email Program Receiving Secure Email from Citi For External Customers and Business Partners Protecting the privacy and security of client information is a top priority at Citi. Citi s Secure

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10)

APNIC elearning: Network Security Fundamentals. 20 March 2013 10:30 pm Brisbane Time (GMT+10) APNIC elearning: Network Security Fundamentals 20 March 2013 10:30 pm Brisbane Time (GMT+10) Introduction Presenter/s Nurul Islam Roman Senior Training Specialist nurul@apnic.net Specialties: Routing &

More information

INSTANT MESSAGING SECURITY

INSTANT MESSAGING SECURITY INSTANT MESSAGING SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part

More information

Introduction to Computer Networks

Introduction to Computer Networks Introduction to Computer Networks Chen Yu Indiana University Basic Building Blocks for Computer Networks Nodes PC, server, special-purpose hardware, sensors Switches Links: Twisted pair, coaxial cable,

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

Security Analysis of Mobile Phones Used as OTP Generators

Security Analysis of Mobile Phones Used as OTP Generators Security Analysis of Mobile Phones Used as OTP Generators Håvard Raddum, Lars Hopland Nestås, and Kjell Jørgen Hole Department of Informatics, University of Bergen Havard.Raddum@ii.uib.no, lma029@student.uib.no,

More information

KASPERSKY DDoS PROTECTION. Protecting your business against financial and reputational losses with Kaspersky DDoS Protection

KASPERSKY DDoS PROTECTION. Protecting your business against financial and reputational losses with Kaspersky DDoS Protection KASPERSKY DDoS PROTECTION Protecting your business against financial and reputational losses A Distributed Denial of Service (DDoS) attack is one of the most popular weapons in the cybercriminals arsenal.

More information

A Privacy Preserving of Composite Private/Public Key in Cloud Servers

A Privacy Preserving of Composite Private/Public Key in Cloud Servers A Privacy Preserving of Composite Private/Public Key in Cloud Servers O Sri Nagesh PhD Scholar, Department of CSE, Lingaya s University, Faridabad ABSTRACT Security is a term used to provide secrecy of

More information

83-10-41 Types of Firewalls E. Eugene Schultz Payoff

83-10-41 Types of Firewalls E. Eugene Schultz Payoff 83-10-41 Types of Firewalls E. Eugene Schultz Payoff Firewalls are an excellent security mechanism to protect networks from intruders, and they can establish a relatively secure barrier between a system

More information

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY) E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system

More information

Network Service, Systems and Data Communications Monitoring Policy

Network Service, Systems and Data Communications Monitoring Policy Network Service, Systems and Data Communications Monitoring Policy Purpose This Policy defines the environment and circumstances under which Network Service, Systems and Data Communications Monitoring

More information

Exchange Web Services [EWS] support in The Bat! v7

Exchange Web Services [EWS] support in The Bat! v7 Exchange Web Services [EWS] support in The Bat! v7 User Guide for TBBETA 7/17/2015 Page 1 of 17 Contents EWS support in The Bat! version 7... 2 New Wizard: Creating a new account... 2 Step 1... 2 Step

More information

High Security Online Backup. A Cyphertite White Paper February, 2013. Cloud-Based Backup Storage Threat Models

High Security Online Backup. A Cyphertite White Paper February, 2013. Cloud-Based Backup Storage Threat Models A Cyphertite White Paper February, 2013 Cloud-Based Backup Storage Threat Models PG. 1 Definition of Terms Secrets Passphrase: The secrets passphrase is the passphrase used to decrypt the 2 encrypted 256-bit

More information

Web Presence Security

Web Presence Security Web Presence Security Web Presence Security 2 Getting your business online is about reaching out and connecting with millions of potential customers, buyers, and partners. Building a website is the most

More information

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002 INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before

More information

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08

Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 Firewall Cracking and Security By: Lukasz Majowicz Dr. Stefan Robila 12/15/08 What is a firewall? Firewalls are programs that were designed to protect computers from unwanted attacks and intrusions. Wikipedia

More information

Clearswift Information Governance

Clearswift Information Governance Clearswift Information Governance Implementing the CLEARSWIFT SECURE Encryption Portal on the CLEARSWIFT SECURE Email Gateway Version 1.10 02/09/13 Contents 1 Introduction... 3 2 How it Works... 4 3 Configuration

More information

Multimedia Networking and Network Security

Multimedia Networking and Network Security CMPT371 12-1 Multimedia Networking and Network Security 1 Multimedia Networking and Network Security This note is based on Chapters 7 and 8 of the text book. Outline of multimedia networking Multimedia

More information

Protocol Rollback and Network Security

Protocol Rollback and Network Security CSE 484 / CSE M 584 (Spring 2012) Protocol Rollback and Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee,

More information

THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE

THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE Frankie Tvrz¹ and Marijke Coetzee² 1 Department of Business Information Technology 2 Academy for Information Technology University of Johannesburg

More information

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.

E-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc. Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter

More information

VPN Technologies: Definitions and Requirements

VPN Technologies: Definitions and Requirements VPN Technologies: Definitions and Requirements 1. Introduction VPN Consortium, January 2003 This white paper describes the major technologies for virtual private networks (VPNs) used today on the Internet.

More information