Security in Machine-to-Machine Communication: The role of the Telecommunication Operator

Size: px
Start display at page:

Download "Security in Machine-to-Machine Communication: The role of the Telecommunication Operator"

Transcription

1 Security in Machine-to-Machine Communication: The role of the Telecommunication Operator Cinterion Wireless Modules GmbH 2012, All rights reserved

2 Internet of Things = Increasing need for M2M security Threats in the internet today = Threats in M2M tomorrow Increased Security Threats M2M vulnerabilities Billions of targets online Security breaches in software Decreasing cost of attacks Internet as source of attacks More devices & value Weak embedded Devices OS Connectivity/Availability Internet connected devices We need to prepare today What will be the costs of failed / compromised systems? Please adjust your paranoia level now! Page 2 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

3 Examples of M2M attacks Lack of user authentication: Zoombak tracking device (GPS/GPRS): Can be identified and tracked by non-authorized persons Can even be impersonated! Luxury car stolen in 3 minutes using security loophole: No authentication required to duplicate electronic key! Home automation: garage doors, etc. SIM stolen from South Africa s traffic lights: Not paired to the device, and usable for voice phone calls Weak device security with Internet access: Discovergy Smart Meter: Hacked to transmit meter readings (up to every 2 seconds) via HTTP, unencrypted, without authentication! Internet exposure of dutch water pumps: Could be operated by anyone from a home computer! Unprotected local wireless links: Jamming attacks e.g. preventing remote activation of alarm systems Insulin pump hack Over The Air: Uses unencrypted local radio link Could deliver fatal dosage! Heart monitor hacking: Can be turned off or forced to deliver impulse! Page 3 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

4 Different types of M2M security risks Privacy (e.g. Discovergy Smart Meter Hack): Personal data, relating to an individual, should be accessible only to authorized parties (lawful purpose or user consent) Ensure identification and authentication of involved parties Local processing by devices reduces exposure (e.g. send anonymous data) Fraud (e.g. South African Traffic lights): Unattended devices deployed in unsecured environments are open to attackers Restrict access and services to essential channels only, configure APN Do not transmit ID, password or APN on unprotected channels Use physical or logical pairing between M2M device and SIM/MIM (cf. ETSI TS ) Critical Infrastructure exposure (e.g. Dutch water pump) Resources of attackers can be commensurate to potential damages! Clearly assess liabilities with all actors Minimize risks with adequate security measures at organizational and technical levels Do not forget human factor, and remember that one weak link compromises the whole chain! Page 4 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

5 The network operator in the M2M security ecosystem The main M2M security risks rarely originate from the communication network: Weak application design or unprotected device hardware are most common causes Most M2M applications come from industrial fields which still lack ICT expertize: e.g. energy, automotive, healthcare Yet Telecommunication Operators reputation may be at stake, as affected final users may not make the difference! Play a role in developing the security awareness of M2M customers! Telecommunication Operators have opportunities and tools to assist M2M customers in securing their applications: Monitor connections using keep-alive messages Correlate location data with e.g. GPS tracking Leverage on existing trust provisioning chain (SIM) to deploy applicative security credentials Enable applications to leverage on deployed authentication and identification infrastructures Use OTA remote management for secure deployment of applications, firmware upgrades, etc. Page 5 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

6 How to make a M2M system secure enough Risk Analysis Attack Probability Cost of attack Potential Damage Defense Analysis Detection possible? Prevention possible? Cost of prevention? Physical device tamper-resistance Embedded Secure Element, e.g. SIM Modem security Application communication (e.g. encryption) Network security Application backend server security Page 6 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

7 How secure are elements of M2M communication systems? What makes an application secure? Communication Networks Connected Devices Communication components Security is a chain => all the links must be secured Page 7 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

8 How secure are the networks? Cellular Networks? There are numerous security measures built within cellular networks: User identity is obscured Traffic is encrypted Use of SIM as secure element protecting secrets used for authentication Yes, but... Internet? No security by default! Use e.g. TLS encryption Credentials must be adequately protected (tamper resistance / security certification) > Depends on MNO settings (some 2G algorithms are weak) > Beware of SMS in particular!!! (use encryption and signature) Page 8 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

9 How secure are connected devices? Cost of Attack Security demand Security demand = Attack probability * Potential damage Page 9 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

10 Examples of device security improvements Goal: increase cost of attacks that are most likely to happen Security Measures Cost of Attack Tamper-resistant enclosure $ $ $ Authenticate via certificates $ $ $ SSL/TLS* encryption Authenticate SMS $ $ $ $ $ $ $ $ $ Protocol & data encryption $ $ $ *SSL = Secure Socket Layer TLS = Transport Layer Security Page 10 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

11 What is modem security? Modem must be secured against manipulation (e.g. firmware reflashing) against reverse engineering (e.g. through diagnostics port) Secure communication between modem and application external interfaces (serial, USB) are vulnerable against tracing / reverse engineering encryption may be an option (but key must be stored securely) Internal application (e.g. Java) Java midlet must be protected against manipulation & reverse engineering Midlet update must be secured File system access must be protected as well Rely on tamper-resistant storage/execution environment, e.g. in SIM/MIM Page 11 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

12 How does a GSM module contribute to application security? Cinterion Module Java Security API Transport Layer Security Jamming Detection Lock SIM, Module, Cell 3GPP Security Firmware & IMEI protection Page 12 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

13 Some frequent M2M threats Attack complexity Attack likelihood Attack Impact Characteristics Countermeasure Application snooping low med/high med Application-level encryption AT Command encryption Lawful interception N/A med med Legal implications Impossible to detect or prevent Application-level encryption Jamming low high med Easy to detect, impossible to prevent Jamming status detection (radio link monitoring) Air interface Interception and decryption med med high Mostly on 2G networks Application-level encryption Encryption status display/check Fake networks ( IMSI Catcher fake BTS) med med high Works in 2G mode only Equipment now affordable Possible to detect & evade Scan frequency spectrum to detect Encryption status display/check Fake networks GSM Layer 3 attacks high low high Device stack dependent May enable code injection! Protocol stack hardening Fake network avoidance Malformed SMS SMS-of-death low med med May crash some devices! SMS application hardening Page 13 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

14 The contribution of standards M2M security is addressed in standardization at several levels Communication Network: euicc work in ETSI SCP for remote change of subscriptions 3GPP SA3 Machine Type Communication enhancements ETSI TISPAN (E2NA) work on Privacy protection M2M Service/Application level: Deployed standards today are by verticals Smart Metering: IEC (consolidation under EC M/441 standardization mandate), Smart Grids: IEC (extensions under EC M/490 mandate) Electric vehicle to Grid communication: ISO (developments under EC M/468 mandate) Industrial Control Systems: IEC Tomorrow vision: Horizontal service platform for M2M application deployments Transport network agnostic concept, developed by ETSI TC M2M since 2009 Requirements (TS ), Architecture (TS ) and Protocols (TS ) Release 1 & 2 provide security on the Gateway to Infrastructure interface Credential Bootstrapping (provisioning or PKI-based) Authentication, Confidentiality, Integrity of M2M connections Diversity of M2M applications (security/cost trade off, possibility to leverage on Access Network features) results in multiple security options (GBA, EAP, TLS based) Now migrating into worldwide onem2m partnership (3GPP partners+ TIA) Will provide bootstrapping and end-to-end security services for M2M applications? Page 14 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

15 Remember Security is about prevention, not cure. Number of attacks on M2M systems will increase, Secure communication design is the insurance M2M operators should educate M2M customers about security risks, as their reputation is at stake M2M device suppliers should raise cost of attacks by simple and cost effective measures. M2M Application owners should use existing expertise and proper consulting Page 15 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

16 Page 16 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE MACHINE-TO-MACHINE ENABLE AND SECURE A CONNECTED LIFE DRIVEN BY GOVERNMENT REGULATIONS, COMPANY AND CONSUMER NEEDS, PRODUCTS ARE TRANSFORMED INTO INTELLIGENT,

More information

The Importance of Secure Elements in M2M Deployments: An Introduction

The Importance of Secure Elements in M2M Deployments: An Introduction The Importance of Secure Elements in M2M Deployments: An Introduction February 2014 Securing the future of mobile services 2 Contents THE IMPORTANCE OF SECURE ELEMENTS IN M2M DEPLOYMENTS... 3 1. INTRODUCTION...

More information

WHITE PAPER Security in M2M Communication What is secure enough?

WHITE PAPER Security in M2M Communication What is secure enough? WHITE PAPER Security in M2M Communication What is secure enough? Motivation Wireless Machine-To-Machine (M2M) communication has grown dramatically over the past decade and is still growing rapidly. In

More information

Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application

Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application Introduction Security continues to be a hot topic in all areas of technology, including machine-tomachine (M2M) applications.

More information

GSMA Embedded SIM Specification Remote SIM Provisioning for M2M. A single, common and global specification to accelerate growth in M2M

GSMA Embedded SIM Specification Remote SIM Provisioning for M2M. A single, common and global specification to accelerate growth in M2M GSMA Embedded SIM Specification Remote SIM Provisioning for M2M Purpose of this Reference Messaging Pack Appropriate slides may be selected to be used for within different presentations for multiple audiences

More information

Norton Mobile Privacy Notice

Norton Mobile Privacy Notice Effective: April 12, 2016 Symantec and the Norton brand have been entrusted by consumers around the world to protect their computing devices and most important digital assets. This Norton Mobile Privacy

More information

Mobile Payment Services- Security Risks, Trends and Countermeasures

Mobile Payment Services- Security Risks, Trends and Countermeasures Mobile Payment Services- Security Risks, Trends and Countermeasures Agenda Trends in mobile payments Security risks in mobile payments applications and devices Mitigation strategy through secure SDLC Mobile

More information

Enhancing Web Application Security

Enhancing Web Application Security Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges Multi-vendor Penetration Testing in the Advanced ing Infrastructure: Future Challenges DIMACS Workshop on Algorithmic Decision Theory for the Smart Grid Stephen McLaughlin - Penn State University 1 Data

More information

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M Anvay Lonkar, Marketing Manager M2M Solutions & Services Gemalto M2M FORUM, MILAN, 15 May 2013 Gemalto delivers trusted and convenient digital services to billions

More information

EXPANDING THE ROLE OF THE MOBILE NETWORK OPERATOR IN M2M

EXPANDING THE ROLE OF THE MOBILE NETWORK OPERATOR IN M2M EXPANDING THE ROLE OF THE MOBILE NETWORK OPERATOR IN M2M STRATEGIC WHITE PAPER INTRODUCTION Machine-to-machine (M2M) communications is on the rise. Most mobile network operators (MNOs) are turning to M2M

More information

Defending the Internet of Things

Defending the Internet of Things Defending the Internet of Things Identity at the Core of Security +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Challenge: protecting & managing identity Page 4 Founders of identity

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

GSM and Similar Architectures Lesson 03 GSM System Architecture

GSM and Similar Architectures Lesson 03 GSM System Architecture GSM and Similar Architectures Lesson 03 GSM System Architecture 1 Mobile communication using base station in cellular networks A mobile station, MS, communicates with a GSM public land mobile network (PLMN)

More information

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's: Security.01 Penetration Testing.02 Compliance Review.03 Application Security Audit.04 Social Engineering.05 Security Outsourcing.06 Security Consulting.07 Security Policy and Program.08 Training Services

More information

AMI security considerations

AMI security considerations AMI security considerations Jeff McCullough Introduction Many electric utilities are deploying or planning to deploy smart grid technologies. For smart grid deployments, advanced metering infrastructure

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

Secure Authentication for the Development of Mobile Internet Services Critical Considerations

Secure Authentication for the Development of Mobile Internet Services Critical Considerations Secure Authentication for the Development of Mobile Internet Services Critical Considerations December 2011 V1 Mobile Internet Security Working Group, SIMalliance AGENDA SIMalliance presentation What s

More information

The Shift to Wireless Data Communication

The Shift to Wireless Data Communication The Shift to Wireless Data Communication Choosing a Cellular Solution for Connecting Devices to a WWAN Dana Lee, Senior Product Manager dana.lee@moxa.com Recent developments in the wireless and industrial

More information

Network Test Labs (NTL) Software Testing Services for igaming

Network Test Labs (NTL) Software Testing Services for igaming Network Test Labs (NTL) Software Testing Services for igaming Led by committed, young and dynamic professionals with extensive expertise and experience of independent testing services, Network Test Labs

More information

MACHINE TO MACHINE COMMUNICATIONS. ETSI TC M2M Overview June 2011

MACHINE TO MACHINE COMMUNICATIONS. ETSI TC M2M Overview June 2011 MACHINE TO MACHINE COMMUNICATIONS ETSI TC M2M Overview June 2011 About the ETSI TC M2M ETSI: the European Telecommunication Standards Institute One of the 3 European SDOs (CEN, CENELEC, ETSI). ETSI is

More information

Femtocell: Femtostep to the Holy Grail

Femtocell: Femtostep to the Holy Grail . Femtocell: Femtostep to the Holy Grail... Ravishankar Borgaonkar, Kévin Redon.. Technische Universität Berlin, SecT ravii/kredon@sec.t-labs.tu-berlin.de TROOPERS 2011, 30 March 2011 3G/UMTS femtocells

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Security Goals Services

Security Goals Services 1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;

More information

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011

More information

Dr. György Kálmán gyorgy@mnemonic.no

Dr. György Kálmán gyorgy@mnemonic.no COMMUNICATION AND SECURITY IN CURRENT INDUSTRIAL AUTOMATION Dr. György Kálmán gyorgy@mnemonic.no Agenda Connected systems historical overview Current trends, concepts, pre and post Stuxnet Risks and threats

More information

End User Devices Security Guidance: Apple ios 8

End User Devices Security Guidance: Apple ios 8 GOV.UK Guidance End User Devices Security Guidance: Apple ios 8 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best satisfy

More information

Security Principles. Related to. Handset Theft

Security Principles. Related to. Handset Theft Security Principles Related to Handset Theft Table of Contents TABLE OF CONTENTS...2 GLOSSARY OF TERMS...3 1. INTRODUCTION...4 1.1 IMPORTANCE OF IMEI INTEGRITY...4 1.2 IMPROVED IMEI INTEGRITY PRINCIPLES...4

More information

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

More information

SecureCom Mobile s mission is to help people keep their private communication private.

SecureCom Mobile s mission is to help people keep their private communication private. About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended

More information

Mobile network security report: Poland

Mobile network security report: Poland Mobile network security report: Poland GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin February 2015 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

Table of Contents. Page 2/13

Table of Contents. Page 2/13 Page 1/13 Table of Contents Introduction...3 Top Reasons Firewalls Are Not Enough...3 Extreme Vulnerabilities...3 TD Ameritrade Security Breach...3 OWASP s Top 10 Web Application Security Vulnerabilities

More information

OWASP Top 10 for IoT - Explained

OWASP Top 10 for IoT - Explained OWASP Top 10 for IoT - Explained Table of Contents Introduction... 1 Insecure Web Interface... 2 Insufficient Authentication/Authorization... 3 Insecure Network Services... 3 Lack of Transport Encryption...

More information

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications. www.vidyo.com 1.866.99.VIDYO

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications. www.vidyo.com 1.866.99.VIDYO TECHNICAL NOTE Secure VidyoConferencing SM Protecting your communications 2012 Vidyo, Inc. All rights reserved. Vidyo, VidyoTechnology, VidyoConferencing, VidyoLine, VidyoRouter, VidyoPortal,, VidyoRouter,

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information

Vehicular On-board Security: EVITA Project

Vehicular On-board Security: EVITA Project C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security

More information

Network Security 101 Multiple Tactics for Multi-layered Security

Network Security 101 Multiple Tactics for Multi-layered Security Security and Resilience for Utility Network Communications White Paper Communications networks represent a partial paradox. The very openness and ubiquity that make them powerful can also present a weakness.

More information

Achieving PCI Compliance Using F5 Products

Achieving PCI Compliance Using F5 Products Achieving PCI Compliance Using F5 Products Overview In April 2000, Visa launched its Cardholder Information Security Program (CISP) -- a set of mandates designed to protect its cardholders from identity

More information

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability

More information

Mobile network security report: France

Mobile network security report: France Mobile network security report: France GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin February 2015 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top

More information

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile

More information

Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era

Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era Sponsored by Oracle Research Report: Addressing Security Concerns for Connected Devices in the Internet of Things Era Introduction About Survey Respondents The Internet of Things (IoT) and the rise of

More information

SHORT MESSAGE SERVICE SECURITY

SHORT MESSAGE SERVICE SECURITY SHORT MESSAGE SERVICE SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

Closing Wireless Loopholes for PCI Compliance and Security

Closing Wireless Loopholes for PCI Compliance and Security Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop

More information

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored

More information

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS Prof. Dr.-Ing. Georg Sigl Institute for Security in Information Technology Technical University Munich sigl@tum.de Fraunhofer Research Institution

More information

PrivyLink Cryptographic Key Server *

PrivyLink Cryptographic Key Server * WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology

More information

Smartcard Web Server Enabler Architecture

Smartcard Web Server Enabler Architecture Smartcard Web Server Enabler Architecture Candidate Version 1.0 09 Feb 2007 Open Mobile Alliance OMA-AD-Smartcard_Web_Server-V1_0-20070209-C OMA-AD-Smartcard_Web_Server-V1_0-20070209-C Page 2 (17) Use

More information

Mobile network security report: Greece

Mobile network security report: Greece Mobile network security report: Greece GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin October 2012 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

Learning Objectives. attacks. 2. Describe the common security practices of businesses of

Learning Objectives. attacks. 2. Describe the common security practices of businesses of E-Commerce Security Learning Objectives 1. Document the trends in computer and network security attacks. 2. Describe the common security practices of businesses of all sizes. 3. Understand the basic elements

More information

Security and Privacy Challenges in 5G Networks. Georgios Karopoulos Department of Informatics and Telecommunications University of Athens

Security and Privacy Challenges in 5G Networks. Georgios Karopoulos Department of Informatics and Telecommunications University of Athens Security and Privacy Challenges in 5G Networks Georgios Karopoulos Department of Informatics and Telecommunications University of Athens Outline 5G architecture 5G use cases 5G characteristics Security

More information

The Hidden Dangers of Public WiFi

The Hidden Dangers of Public WiFi WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect

More information

GSM security country report: USA

GSM security country report: USA GSM security country report: USA GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin August 2013 Abstract. GSM networks differ widely in their protection capabilities against common attacks.

More information

Decrease your HMI/SCADA risk

Decrease your HMI/SCADA risk Decrease your HMI/SCADA risk Key steps to minimize unplanned downtime and protect your organization. Are you running your plant operations with serious risk? Most industrial applications lack recommended

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

Mobile network security report: Belgium

Mobile network security report: Belgium Mobile network security report: Belgium GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin December 2014 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

M2M / Internet of Things Towards M2M/IoT architecture - Global SDOs activities. Sivabalan Arumugam NEC India Pvt Ltd

M2M / Internet of Things Towards M2M/IoT architecture - Global SDOs activities. Sivabalan Arumugam NEC India Pvt Ltd M2M / Internet of Things Towards M2M/IoT architecture - Global SDOs activities Sivabalan Arumugam NEC India Pvt Ltd Outline Introduction M2M Services across Industry Verticals Why M2M standards? What improvements

More information

CINTERION The global leader in cellular M2M communication. Cinterion Wireless Modules GmbH 2011, All rights reserved

CINTERION The global leader in cellular M2M communication. Cinterion Wireless Modules GmbH 2011, All rights reserved The global leader in cellular M2M communication Cinterion Wireless Modules GmbH 2011, All rights reserved is a Gemalto company Company History Gemalto The company was founded in 1995 as a business unit

More information

Rational AppScan & Ounce Products

Rational AppScan & Ounce Products IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168

More information

Mobile Application Security Sharing Session May 2013

Mobile Application Security Sharing Session May 2013 Mobile Application Security Sharing Session Agenda Introduction of speakers Mobile Application Security Trends and Challenges 5 Key Focus Areas for an mobile application assessment 2 Introduction of speakers

More information

Cisco Connected Grid Security for Field Area Network

Cisco Connected Grid Security for Field Area Network White Paper Cisco Connected Grid Security for Field Area Network Introduction Utilities all over the world are undergoing significant transition in their grid from transmission to consumption. Regulatory

More information

Visonic PowerManage Pre-Installation Requirements and Specifications

Visonic PowerManage Pre-Installation Requirements and Specifications Visonic Ltd. 24 Habarzel Street. P.O.Box 22020 Tel-Aviv 69710, Israel Tele: +972 3 645 6789 Fax: +972 3 645 6788 www.visonic.com Visonic PowerManage Pre-Installation Requirements and Specifications Preface

More information

Security by Design WHITE PAPER

Security by Design WHITE PAPER Security by Design WHITE PAPER Trilliant helps leading utilities and energy retailers achieve their smart grid visions through the Trilliant Communications Platform, the only communications platform purpose-built

More information

Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway

Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration

More information

Application Security in the Software Development Lifecycle

Application Security in the Software Development Lifecycle Application Security in the Software Development Lifecycle Issues, Challenges and Solutions www.quotium.com 1/15 Table of Contents EXECUTIVE SUMMARY... 3 INTRODUCTION... 4 IMPACT OF SECURITY BREACHES TO

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

Embedded Java & Secure Element for high security in IoT systems

Embedded Java & Secure Element for high security in IoT systems Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product

More information

Security in Vehicle Networks

Security in Vehicle Networks Security in Vehicle Networks Armin Happel, Christof Ebert Stuttgart, 17. March 2015 V1.1 2015-04-28 Introduction Vector Consulting Services supports clients worldwide in improving their product development

More information

M2M Solutions. Jose Rabello M2M Solution Sales Manager LATAM Gemalto Telecom Forum 2013

M2M Solutions. Jose Rabello M2M Solution Sales Manager LATAM Gemalto Telecom Forum 2013 M2M Solutions Jose Rabello M2M Solution Sales Manager LATAM Gemalto Telecom Forum 2013 Does M2M look complex? 2 Moving from classic to connected machine system NEW INFORMATION = + New business model New

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview

More information

How to hack your way out of home detention

How to hack your way out of home detention How to hack your way out of home detention About me William @Amm0nRa Turner @Assurance Disclaimer: I own this system (and 0wn it) The following information is for academic purposes only Don t use this

More information

REVIEWER FOR AY FORESEC CERTIFIED IN NETWORKING SECURITY

REVIEWER FOR AY FORESEC CERTIFIED IN NETWORKING SECURITY REVIEWER FOR AY 2013-2014 FORESEC CERTIFIED IN NETWORKING SECURITY Instruction: Select the letter of the correct answer. 1. You have been asked to develop an audit plan for your company. You have been

More information

A Cryptographically Secure On-chip Firewall for Memory Address Space Control

A Cryptographically Secure On-chip Firewall for Memory Address Space Control A Cryptographically Secure On-chip Firewall for Memory Address Space Control Roberto Rivoir Director of Security Development Rambus France IoT & Security Innovation Day Sophia Antipolis, France 26 November

More information

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems WHITE PAPER Intel vpro Technology Embedded Host-based Configuration in Intelligent Systems Easy activation of Intel vpro technology remote manageability without trade-offs in security, functionality, and

More information

WHITEPAPER. Smart Grid Security Myths vs. Reality

WHITEPAPER. Smart Grid Security Myths vs. Reality Smart Grid Security Myths vs. Reality WHITEPAPER Understanding Threats and How to Combat Them Building the smart grid requires a unified network platform to interconnect all the devices within the electric

More information

Mobile network security report: Norway

Mobile network security report: Norway Mobile network security report: Norway GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin August 2014 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

Security in cellular-radio access networks

Security in cellular-radio access networks Security in cellular-radio access networks Ravishankar Borgaonkar, Oxford University 5G Security Workshop Stockholm, Sweden 11 May 2016 Outline Radio Access Network Layered Security Emerging low cost attacks

More information

GSM and UMTS security

GSM and UMTS security 2007 Levente Buttyán Why is security more of a concern in wireless? no inherent physical protection physical connections between devices are replaced by logical associations sending and receiving messages

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring A White Paper from the Experts in Business-Critical Continuity TM Executive Summary With continued efforts to reduce overhead,

More information

Tactical Survival Tips Internet of Things (IoT) Systems

Tactical Survival Tips Internet of Things (IoT) Systems SESSION ID: SBX1-R05 Tactical Survival Tips Internet of Things (IoT) Systems ^ Brian Witten Senior Director, IoT Symantec Corporation @WittenBrian How to Protect Connected Things 2 IoT betters our lives

More information

USB Portable Storage Device: Security Problem Definition Summary

USB Portable Storage Device: Security Problem Definition Summary USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides

More information

Mobile network security report: Netherlands

Mobile network security report: Netherlands Mobile network security report: Netherlands GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin July 2014 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

CALLUP Roam Home SMS. Product Description

CALLUP Roam Home SMS. Product Description CALLUP Roam Home SMS Product Description Table of Contents 1. Overview... 3 1.1. About CALLUP... 3 1.2. About CanVAS... 3 1.3. About Roam Home SMS... 3 1.4. Roam Home SMS High Level Features... 4 2. Solution

More information

Xerox SMart esolutions. Security White Paper

Xerox SMart esolutions. Security White Paper Xerox SMart esolutions Security White Paper 1 Xerox SMart esolutions White Paper Network and data security is one of the many challenges that businesses face on a daily basis. Recognizing this, Xerox Corporation

More information

IBM. Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise. zenterprise System. SC Level 01b

IBM. Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise. zenterprise System. SC Level 01b IBM zenterprise System Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise SC28-6927-01 IBM zenterprise System Integrating the Hardware Management Console

More information

Potential Targets - Field Devices

Potential Targets - Field Devices Potential Targets - Field Devices Motorola Field Devices: Remote Terminal Units ACE 3600 Front End Devices ACE IP Gateway ACE Field Interface Unit (ACE FIU) 2 Credential Cracking Repeated attempts to

More information

GSM security country report: Germany

GSM security country report: Germany GSM security country report: Germany GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin December 2013 Abstract. GSM networks differ widely in their protection capabilities against common attacks.

More information

Information Technology Security Policy for IBTS

Information Technology Security Policy for IBTS Information Technology Security Policy for IBTS Pakistan Stock Exchange Limited Table of contents Information Technology Security Policy for IBTS 1- INTRODUCTION AND SCOPE... 3 2- CHARTER OF THE DOCUMENT...

More information

Application Security Testing. Indian Computer Emergency Response Team (CERT-In)

Application Security Testing. Indian Computer Emergency Response Team (CERT-In) Application Security Testing Indian Computer Emergency Response Team (CERT-In) OWASP Top 10 Place to start for learning about application security risks. Periodically updated What is OWASP? Open Web Application

More information

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2 Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3

More information

The relevance of cyber-security to functional safety of connected and automated vehicles

The relevance of cyber-security to functional safety of connected and automated vehicles The relevance of cyber-security to functional safety of connected and automated vehicles André Weimerskirch University of Michigan Transportation Research Institute (UMTRI) February 12, 2014 Introduction

More information

Chapter 7 Information System Security and Control

Chapter 7 Information System Security and Control Chapter 7 Information System Security and Control Essay Questions: 1. Hackers and their companion viruses are an increasing problem, especially on the Internet. What can a digital company do to protect

More information

SecurityMetrics Vision whitepaper

SecurityMetrics Vision whitepaper SecurityMetrics Vision whitepaper 1 SecurityMetrics Vision: Network Threat Sensor for Small Businesses Small Businesses at Risk for Data Theft Small businesses are the primary target for card data theft,

More information

Security Threats on National Defense ICT based on IoT

Security Threats on National Defense ICT based on IoT , pp.94-98 http://dx.doi.org/10.14257/astl.205.97.16 Security Threats on National Defense ICT based on IoT Jin-Seok Yang 1, Ho-Jae Lee 1, Min-Woo Park 1 and Jung-ho Eom 2 1 Department of Computer Engineering,

More information