Seminar on Computer Security Threats and Counter Measures
|
|
- Neil Mosley
- 7 years ago
- Views:
Transcription
1 Seminar on Computer Security Threats and Counter Measures Hardware Attack Prevention (No execute bit, DEP data execution prevention) Trusted Platform Module Patrick Anagnostaras
2 Summary 1 Hardware attack prevention 2. Trusted Platform Module
3 1.1 No Execute Bit Aims Prevent software from taking over computer inserting their code into another data storage area running their code within this section buffer overflow Prevent from virus, worm and Trojan Horse attacks Blaster Sasser Code Red
4 1.2 No execute bit Technology used in CPU s Segregate areas of memory Storage of processor instruction Storage of data (normaly( only on Harvard architecture processors) NX No NX only store data no executions of processor instructions processor instructions
5 1.3 No Execute Bit Denominations AMD No Execute (NX) Intel Execute Disable Bit (XD) Microsoft Execution Protection
6 1.4 NX Bit hardware background Bit number 63 on the paging table entry of an x86 processor If set to 0 If set to 1 code can be executed from this page no execution possible anything on the page assumed as data Pages must have PAE table format (Physical Address Extension) PAE maps up to 64 GB of physical memory into a 32-bit (4 GB) virtual address space using either 4-KB 4 or 2-MB 2 pages.
7 1.5 First NX Bit compatible processors IBM PowerPC (1992) Sun processors SPARC (1995) AMD Intel Tansmeta: Opteron (2004) Athlon 64 (2004) Itanium (2004) Pentium 4 (2004) Efficeon (2004)
8 1.6 Software emulation of the NX Bit Emulation on operating system Prevents stack and heap memory to be executable Prevents executable memory from being writable Helps prevent buffer overflow
9 1.7 OS technologies of the NX Bit PaX Exec Shield W^X DEP Adamantix,, Hardened Gentoo (october 2000) Fedora Core, Red Hat enterprise (may 2003) OpenBSD operating system Windows Vista, Windows XP SP2, Windows server 2003 SP1 (august 2004)
10 1.8 Comparison of technologies: Overhead Amount of extra CPU procession power required for each technology to function Emulation of NX bit will usually impose a measurable overhead No significant measurable overhead on CPUs supplying a hardware NX bit
11 1.8.1 Comparison of technologies: Checks for two ELF header markings (stack or heap needs to be executable) ecutable) PT-GNU-STACK PT-GNU-HEAP Allows controls to set both binary executables and libraries Executable loads a library requiring restriction relaxed inherit that marking + restriction relaxed. Track upper code segment limit Exec Shield CPUs without NX bit pages below the code segment limit not protected Few cycle of overhead immeasurable
12 1.8.2 Comparison of technologies: PaX technology can emulate NX bit or NX functionnality or use hardware NX bit trampoline emulation Works on x86 CPUs that do not have NX bit Ignore PT-GNU GNU-STACK and PT-GNU GNU-HEAP Supplies 2 methods of NX bit emulation SEGMEXEC PAGEEXEC PaX
13 1.8.3 Comparison of technologies: Impose measurable low overhead ( <1%) Virtual memory mirroring PaX - SEGMEXEC Effect of cutting in two the task s s virtual address space Task access less memory No problems until task requires more than half the normal address space (rare) Restricts the system memory that a program can access
14 1.8.4 Comparison of technologies: Similar to Exec Shield No pages will become executable unless operating system explicitly ly makes them as such Protects pages below the code segment limit Supplies mprotect() restriction prevent programs from marking memory for potential exploit High overhead operation PaX - PAGEEXEC If hardware NX bit used no emulation used no overhead
15 1.8.5 Comparison of technologies: Memory protection W^X Any page in a process address space is either writable or executable ( xor = ^) Stack not executable no execution of arbitrary code injected will cause the program to terminate
16 1.8.6 Comparison of technologies: DEP On windows services by default Configurable through advance properties in the «my computer»
17 1.9 Hardware enforced DEP same design for 32-bit and 64 bit versions of Windows Developers should be aware of DEP behavior Device driver Execution code from the stack DEP is enabled no permission DEP access violation error 0XFC: ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY
18 1.10 Software DEP protection Handling of the NX faults: other technologies terminate the program DEP raises an exception program flow is destroyed in a unrecoverable manner Checks when an exception is thrown Exception is registered function table
19 1.10 Software DEP protection NX supported enabled by default Allows programs to control which pages disallow execution through its API Also through the section headers in a portable executable file Win32 API calls VirtualAlloc[Ex] ] and VirtualProtect[Ex] page protection setting specified by programmer each page individually flagged executable or non-executable
20 1.11 DEP limitations DEP provides no address space layout randomization allows return-to to-lib attack the return address on the stack replaced the address of another function correct portion of the stack is overwritten provide arguments to this function allows attackers to call pre-existing existing functions no need to inject malicious code into a program
21 1.12 DEP software conflicts Causes software problems Old software Drivers compatibility problems Prevent programs to be virtualized correctly Solution disabling DEP features
22 1.14 Examples of DEP on Windows
23 1.13 Windows error reporting signature for a DEP problem
24 1.15 NX Bit attack example: Microsoft s s Xbox CPU had no NX bit buffer overflow 007:Agent Under Fire save game exploit Newer version of XDK set code segment limit to the beginning of the kernel s.data section no code should be after this point No change memory executed below the beginning of the kernel s.data section new version of Xbox with new kernel
25 2. Trusted Module Platform (TPM) 2.1 What is a Trusted Platform Module? 2.2 TPM applications 2.3 Three discussed features of TPM 2.4 TPM architecture 2.5 Example Application (Microsoft Outlook)
26 2.1 What is a Trusted Platform Module? Hardware chip on motherboards Chip is unique for each particular device Used to authenticate hardware device No one played with the hardware No changes to bios Secure generation of cryptographic keys Provide chain of trust
27 2.2 TPM applications BitLocker Drive Encryption: Microsoft Windows Vista Enterprise editions Microsoft Windows Vista Ultimate Linux security module 2006 Laptop TPM available 2008 New Intel s southbridge chipset
28 2.3 Three discussed features of TPM Remote attestation Summary of software on the computer Allow verifying software is not compromised (digital music store) Threat to privacy Sealing Encrypted data decryption only exact same state Same software + same computer very restrictive digital rights management. Binding Encrypt data using TPM endorsement key (unique RSA key put in the chip during production) very restrictive
29 2.4 TPM architecture Endorsement key: Public/private key pair Size : 2048 bits Unique Attestation Identity Key Platform authentication Pseudo anonymous authentication
30 2.5 Example Application (Microsoft Outlook) Verisign TPM Create new key 1 5 Public Key Private Key Outlook 1. Outlook get digital ID launches Verisign website 2. Verisign talk to the TPM hardware 3. TPM generates a new key pair for signing 4. TPM send the public key of above pair to Verisign 5. Verisign signs the public key and returns to Outlook
31 Questions?
Defense in Depth: Protecting Against Zero-Day Attacks
Defense in Depth: Protecting Against Zero-Day Attacks Chris McNab FIRST 16, Budapest 2004 Agenda Exploits through the ages Discussion of stack and heap overflows Common attack behavior Defense in depth
More informationSafety measures in Linux
S a f e t y m e a s u r e s i n L i n u x Safety measures in Linux Krzysztof Lichota lichota@mimuw.edu.pl A g e n d a Standard Unix security measures: permissions, capabilities, ACLs, chroot Linux kernel
More informationTrustworthy Computing
Stefan Thom Senior Software Development Engineer and Security Architect for IEB, Microsoft Rob Spiger, Senior Security Strategist Trustworthy Computing Agenda Windows 8 TPM Scenarios Hardware Choices with
More informationSystem Requirements G E N E R A L S Y S T E M R E C O M M E N D A T I O N S
System Requirements General Requirements These requirements are common to all platforms: A DVD drive for installation. If you need to install the software using CD-ROM media, please contact your local
More informationData on Kernel Failures and Security Incidents
Data on Kernel Failures and Security Incidents Ravishankar K. Iyer (W. Gu, Z. Kalbarczyk, G. Lyle, A. Sharma, L. Wang ) Center for Reliable and High-Performance Computing Coordinated Science Laboratory
More informationLecture Overview. INF3510 Information Security Spring 2015. Lecture 4 Computer Security. Meaningless transport defences when endpoints are insecure
Lecture Overview INF3510 Information Security Spring 2015 Fundamental computer security concepts CPU and OS kernel security mechanisms Virtualization Memory Protection Trusted computing and TPM Lecture
More informationUnix Security Technologies: Host Security Tools. Peter Markowsky <peterm[at]ccs.neu.edu>
Unix Security Technologies: Host Security Tools Peter Markowsky Syllabus An Answer to last week s assignment Four tools SSP W^X PaX Systrace Last time You were assigned to get a
More informationBypassing Memory Protections: The Future of Exploitation
Bypassing Memory Protections: The Future of Exploitation Alexander Sotirov alex@sotirov.net About me Exploit development since 1999 Research into reliable exploitation techniques: Heap Feng Shui in JavaScript
More informationPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {hans.loehr,ahmad.sadeghi,marcel.winandy}@trust.rub.de
More informationComparing Free Virtualization Products
A S P E I T Tr a i n i n g Comparing Free Virtualization Products A WHITE PAPER PREPARED FOR ASPE BY TONY UNGRUHE www.aspe-it.com toll-free: 877-800-5221 Comparing Free Virtualization Products In this
More informationCS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study
CS 377: Operating Systems Lecture 25 - Linux Case Study Guest Lecturer: Tim Wood Outline Linux History Design Principles System Overview Process Scheduling Memory Management File Systems A review of what
More informationPGP Command Line Version 10.0 Release Notes
PGP Command Line Version 10.0 Release Notes Thank you for using this PGP Corporation product. These Release Notes contain important information regarding this release of PGP Command Line. PGP Corporation
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 24 Windows and Windows Vista Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Windows and Windows Vista Security
More informationFall 2009. Lecture 1. Operating Systems: Configuration & Use CIS345. Introduction to Operating Systems. Mostafa Z. Ali. mzali@just.edu.
Fall 2009 Lecture 1 Operating Systems: Configuration & Use CIS345 Introduction to Operating Systems Mostafa Z. Ali mzali@just.edu.jo 1-1 Chapter 1 Introduction to Operating Systems An Overview of Microcomputers
More informationBypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken
Bypassing Local Windows Authentication to Defeat Full Disk Encryption Ian Haken Who Am I? Currently a security researcher at Synopsys, working on application security tools and Coverity s static analysis
More informationSoftware security. Buffer overflow attacks SQL injections. Lecture 11 EIT060 Computer Security
Software security Buffer overflow attacks SQL injections Lecture 11 EIT060 Computer Security Buffer overflow attacks Buffer overrun is another common term Definition A condition at an interface under which
More informationWindows 7. Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org
Windows 7 Qing Liu Qing.Liu@chi.frb.org Michael Stevens Michael.Stevens@chi.frb.org 1 Overview 1. Financial Institution s Preliminary Steps 2. User Interface 3. Data Protection 4. User and Group Changes
More informationEugene Tsyrklevich. Ozone HIPS: Unbreakable Windows
Eugene Tsyrklevich Eugene Tsyrklevich has an extensive security background ranging from designing and implementing Host Intrusion Prevention Systems to training people in research, corporate, and military
More informationCreating a More Secure Device with Windows Embedded Compact 7. Douglas Boling Boling Consulting Inc.
Creating a More Secure Device with Windows Embedded Compact 7 Douglas Boling Boling Consulting Inc. About Douglas Boling Independent consultant specializing in Windows Mobile and Windows Embedded Compact
More informationData Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationOpal SSDs Integrated with TPMs
Opal SSDs Integrated with TPMs August 21, 2012 Robert Thibadeau, Ph.D. U.S. Army SSDs Must be Opal s We also Studied using the TPM (Trusted Platform Module) with an Opal SSD (Self-Encrypting Drive) 2 Security
More informationIntroduction to Virtual Machines
Introduction to Virtual Machines Introduction Abstraction and interfaces Virtualization Computer system architecture Process virtual machines System virtual machines 1 Abstraction Mechanism to manage complexity
More informationI Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation. Mathias Payer, ETH Zurich
I Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation Mathias Payer, ETH Zurich Motivation Applications often vulnerable to security exploits Solution: restrict application
More informationAdjusting Prevention Policy Options Based on Prevention Events. Version 1.0 July 2006
Adjusting Prevention Policy Options Based on Prevention Events Version 1.0 July 2006 Table of Contents 1. WHO SHOULD READ THIS DOCUMENT... 4 2. WHERE TO GET MORE INFORMATION... 4 3. VERIFYING THE OPERATION
More informationSoftware Execution Protection in the Cloud
Software Execution Protection in the Cloud Miguel Correia 1st European Workshop on Dependable Cloud Computing Sibiu, Romania, May 8 th 2012 Motivation clouds fail 2 1 Motivation accidental arbitrary faults
More informationData Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationGuide to SATA Hard Disks Installation and RAID Configuration
Guide to SATA Hard Disks Installation and RAID Configuration 1. Guide to SATA Hard Disks Installation...2 1.1 Serial ATA (SATA) Hard Disks Installation...2 2. Guide to RAID Confi gurations...3 2.1 Introduction
More informationRecipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory
Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed
More informationTechnical Specification Data
Equitrac Office 4.1 SOFTWARE SUITE Equitrac Office Software Suite Equitrac Office Suite Equitrac Office Small Business Edition (SBE) Applications Any size network with single or multiple accounting and/or
More informationUsing BitLocker As Part Of A Customer Data Protection Program: Part 1
Using BitLocker As Part Of A Customer Data Protection Program: Part 1 Tech Tip by Philip Cox Source: searchsecuritychannel.com As an information security consultant, one of my jobs is to help my clients
More informationSUSE Linux Enterprise 10 SP2: Virtualization Technology Support
Technical White Paper LINUX OPERATING SYSTEMS www.novell.com SUSE Linux Enterprise 10 SP2: Virtualization Technology Support Content and modifications. The contents of this document are not part of the
More informationRPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY
RPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY Syamsul Anuar Abd Nasir Fedora Ambassador Malaysia 1 ABOUT ME Technical Consultant for Warix Technologies - www.warix.my Warix is a Red Hat partner Offers
More informationCopyright 1999-2011 by Parallels Holdings, Ltd. All rights reserved.
Parallels Virtuozzo Containers 4.0 for Linux Readme Copyright 1999-2011 by Parallels Holdings, Ltd. All rights reserved. This document provides the first-priority information on Parallels Virtuozzo Containers
More informationPGP Command Line Version 10.3 Release Notes
PGP Command Line Version 10.3 Release Notes Page 1 of 6 PGP Command Line Version 10.3 Release Notes Thank you for using this Symantec Corporation product. These Release Notes contain important information
More informationDCPS STUDENT OPTION HOME USE PROGRAM SIGN UP INSTRUCTIONS
DCPS STUDENT OPTION HOME USE PROGRAM SIGN UP INSTRUCTIONS Step-by-Step Abstract The Enrollment for Education Solutions agreement between Microsoft and Duval County Public Schools provides a student option
More informationTrustKey Tool User Manual
TrustKey Tool User Manual 1 Table of Contents 1 Introduction... 5 2 TrustKey Product...6 2.1 TrustKey Tool... 6 2.2 TrustKey function modules...7 2.3 TrustKey using environment...7 3 TrustKey Tool Installation...
More informationKaspersky Endpoint Security 10 for Windows. Deployment guide
Kaspersky Endpoint Security 10 for Windows Deployment guide Introduction Typical Corporate Network Network servers Internet Gateway Workstations Mail servers Portable media Malware Intrusion Routes Viruses
More informationSecure Network Communications FIPS 140 2 Non Proprietary Security Policy
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Symantec Overview Advanced threat protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware
More informationMicrosoft Office Outlook 2013: Part 1
Microsoft Office Outlook 2013: Part 1 Course Specifications Course Length: 1 day Overview: Email has become one of the most widely used methods of communication, whether for personal or business communications.
More informationWindows Server Virtualization & The Windows Hypervisor
Windows Server Virtualization & The Windows Hypervisor Brandon Baker Lead Security Engineer Windows Kernel Team Microsoft Corporation Agenda - Windows Server Virtualization (WSV) Why a hypervisor? Quick
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationHULFT7e for i5os(ver.7.3.0) Effective on 3 Apr. 2013. HULFT7e for UNIX-M(Ver.7.3.0) HULFT7e for UNIX-L(Ver.7.3.0) Effective on 3 Apr.
HULFT7e for i5os(ver.7.3.0) Effective on 3 Apr. 2013 OS Remarks i5/os V5R3 i5/os V5R4 IBM i 6.1 IBM i 6.1.1 IBM i 7.1 HULFT7e for UNIX-M(Ver.7.3.0) HULFT7e for UNIX-L(Ver.7.3.0) Effective on 3 Apr. 2013
More informationGuidelines on use of encryption to protect person identifiable and sensitive information
Guidelines on use of encryption to protect person identifiable and sensitive information 1. Introduction David Nicholson, NHS Chief Executive, has directed that there should be no transfers of unencrypted
More information90% of data breaches are caused by software vulnerabilities.
90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with
More informationIn order to enable BitLocker, your hard drive must be partitioned in a particular manner.
ENABLE BITLOCKER ON WINDOWS VISTA - WITHOUT A TPM Requirements: You must be running Vista Enterprise or Vista Ultimate to enable BitLocker. Any other version of Vista is not compatible. It is recommended
More informationSage Grant Management System Requirements
Sage Grant Management System Requirements You should meet or exceed the following system requirements: One Server - Database/Web Server The following system requirements are for Sage Grant Management to
More informationSymantec NetBackup Enterprise Server and Server 7.x OS Software Compatibility List
Symantec NetBackup Enterprise Server and Server 7.x OS Software Compatibility List Created on December 20, 2013 Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and
More informationDigital Rights Management Demonstrator
Digital Rights Management Demonstrator Requirements, Analysis, and Design Authors: Andre Osterhues, Marko Wolf Institute: Ruhr-University Bochum Date: March 2, 2007 Abstract: This document describes a
More informationHow to Secure Infrastructure Clouds with Trusted Computing Technologies
How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3.
More informationAcronym Term Description
This glossary contains definitions of terms created by TCG, or terms that have a particular meaning in trusted computing, or terms that cause particular confusion in trusted computing. Acronym Term Description
More informationIntroduction to BitLocker FVE
Introduction to BitLocker FVE (Understanding the Steps Required to enable BitLocker) Exploration of Windows 7 Advanced Forensic Topics Day 3 What is BitLocker? BitLocker Drive Encryption is a full disk
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationA Comparison of VMware and {Virtual Server}
A Comparison of VMware and {Virtual Server} Kurt Lamoreaux Consultant, MCSE, VCP Computer Networking and Consulting Services A Funny Thing Happened on the Way to HP World 2004 Call for speakers at the
More informationHow To Write A Test Drive For Kaspersky Anti Virus 6.0 For Windows Server (For Windows)
Kaspersky Anti-Virus >> Enterprise Proof of Concept (PoC) Request Form Dear Kaspersky Lab Prospect, To facilitate the proof of concept (PoC) process, we require the following form which documents your
More informationTimbuktu Pro for Windows, version 8
Timbuktu Pro for Windows, version 8 Release Notes, version 8.6.8 May 2010 This document contains important information about Timbuktu Pro for Windows, version 8. If you have additional questions, consult
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More information4.1 Introduction 4.2 Explain the purpose of an operating system 4.2.1 Describe characteristics of modern operating systems Control Hardware Access
4.1 Introduction The operating system (OS) controls almost all functions on a computer. In this lecture, you will learn about the components, functions, and terminology related to the Windows 2000, Windows
More informationGuide to SATA Hard Disks Installation and RAID Configuration
Guide to SATA Hard Disks Installation and RAID Configuration 1. Guide to SATA Hard Disks Installation... 2 1.1 Serial ATA (SATA) Hard Disks Installation... 2 2. Guide to RAID Configurations... 3 2.1 Introduction
More informationSecurity for Mac Computers in the Enterprise
Security for Mac Computers in the Enterprise October, 2012 Mountain Lion 10.8 Contents Introduction 3 Service and App Protection 4 Gatekeeper 4 Digital Signatures and Developer IDs 4 App Sandboxing 5 Mandatory
More informationSecure Storage. Lost Laptops
Secure Storage 1 Lost Laptops Lost and stolen laptops are a common occurrence Estimated occurrences in US airports every week: 12,000 Average cost of a lost laptop for a corporation is $50K Costs include
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationAdobe LiveCycle ES Update 1 System Requirements Adobe LiveCycle ES Foundation-based solution components
Adobe LiveCycle ES Update 1 System Requirements Adobe LiveCycle ES Foundation-based solution s LiveCycle Barcoded Forms ES LiveCycle e Business Activity ty Monitoring ES LiveCycle Content Services ES LiveCycle
More informationSystem Configuration and Order-information Guide ECONEL 100 S2. March 2009
System Configuration and Orderinformation Guide ECONEL 100 S2 March 2009 Front View DVDROM Drive 5 inch Bay Floppy Disk Drive Back View Mouse Keyboard Serial Port Display 10/100/1000BASET Connector Inside
More informationUNCLASSIFIED CPA SECURITY CHARACTERISTIC SOFTWARE FULL DISK ENCRYPTION. Version 1.1. Crown Copyright 2011 All Rights Reserved
11590282 CPA SECURITY CHARACTERISTIC SOFTWARE FULL DISK ENCRYPTION Version 1.1 Crown Copyright 2011 All Rights Reserved CPA Security Characteristics for software full disk encryption Document History [Publish
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
More informationBitLocker Drive Encryption Hardware Enhanced Data Protection. Shon Eizenhoefer, Program Manager Microsoft Corporation
BitLocker Drive Encryption Hardware Enhanced Data Protection Shon Eizenhoefer, Program Manager Microsoft Corporation Agenda Security Background BitLocker Drive Encryption TPM Overview Building a BitLocker
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationAttacking Host Intrusion Prevention Systems. Eugene Tsyrklevich eugene@securityarchitects.com
Attacking Host Intrusion Prevention Systems Eugene Tsyrklevich eugene@securityarchitects.com Agenda Introduction to HIPS Buffer Overflow Protection Operating System Protection Conclusions Demonstration
More informationVirtualization for Cloud Computing
Virtualization for Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF CLOUD COMPUTING On demand provision of computational resources
More informationRed Hat. www.redhat.com. By Karl Wirth
Red Hat Enterprise Linux 5 Security By Karl Wirth Abstract Red Hat Enterprise Linux has been designed by, and for, the most security-conscious organizations in the world. Accordingly, security has always
More informationSecureAge SecureDs Data Breach Prevention Solution
SecureAge SecureDs Data Breach Prevention Solution In recent years, major cases of data loss and data leaks are reported almost every week. These include high profile cases like US government losing personal
More informationVMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D
ware and CPU Virtualization Technology Jack Lo Sr. Director, R&D This presentation may contain ware confidential information. Copyright 2005 ware, Inc. All rights reserved. All other marks and names mentioned
More informationSoftware-based TPM Emulator for Linux
Software-based TPM Emulator for Linux Semester Thesis Mario Strasser Department of Computer Science Swiss Federal Institute of Technology Zurich Summer Semester 2004 Mario Strasser: Software-based TPM
More informationMicrosoft Windows Apple Mac OS X
Products Snow License Manager Snow Inventory Server, IDP, IDR Client for Windows Client for OSX Client for Linux Client for Unix Oracle Scanner External Data Provider Snow Distribution Date 2014-02-12
More informationBackground. TPMs in the real world. Components on TPM chip TPM 101. TCG: Trusted Computing Group. TCG: changes to PC or cell phone
CS 155 Spring 2006 Background TCG: Trusted Computing Group Dan Boneh TCG consortium. Founded in 1999 as TCPA. Main players (promotors): (>200 members) AMD, HP, IBM, Infineon, Intel, Lenovo, Microsoft,
More informationGuide to SATA Hard Disks Installation and RAID Configuration
Guide to SATA Hard Disks Installation and RAID Configuration 1. Guide to SATA Hard Disks Installation...2 1.1 Serial ATA (SATA) Hard Disks Installation...2 2. Guide to RAID Configurations...3 2.1 Introduction
More informationSage CRM Technical Specification
Sage CRM Technical Specification Client Software This document outlines the recommended minimum software and hardware requirements for running Sage CRM. Please note that while the document refers to Sage
More informationSymantec Protection Suite Small Business Edition
Easy-to-use, all-in-one suite designed for small businesses Overview Suite Small Business is an easyto-use, all-in-one suite that secures your critical business assets and information against today s complex
More informationBypassing Browser Memory Protections in Windows Vista
Bypassing Browser Memory Protections in Windows Vista Mark Dowd & Alexander Sotirov markdowd@au1.ibm.com alex@sotirov.net Setting back browser security by 10 years Part I: Introduction Thesis Introduction
More informationSystem Requirements. SAS Profitability Management 2.21. Deployment
System Requirements SAS Profitability Management 2.2 This document provides the requirements for installing and running SAS Profitability Management. You must update your computer to meet the minimum requirements
More informationMicrosoft Windows Apple Mac OS X
Products Snow License Manager Snow Inventory Server, IDP, IDR Client for Windows Client for OS X Client for Linux Client for Unix Oracle Scanner External Data Provider Snow Distribution Date 2014-04-02
More informationx64 Servers: Do you want 64 or 32 bit apps with that server?
TMurgent Technologies x64 Servers: Do you want 64 or 32 bit apps with that server? White Paper by Tim Mangan TMurgent Technologies February, 2006 Introduction New servers based on what is generally called
More informatione-config Data Migration Guidelines Version 1.1 Author: e-config Team Owner: e-config Team
Data Migration was a one-time optional activity to migrate the underlying portfolio database in e- config and was only needed during the e-config Upgrade that was rolled out on January 21, 2013. This document
More information================================================================== CONTENTS ==================================================================
Disney Epic Mickey 2 : The Power of Two Read Me File ( Disney) Thank you for purchasing Disney Epic Mickey 2 : The Power of Two. This readme file contains last minute information that did not make it into
More informationRelease Notes for Open Grid Scheduler/Grid Engine. Version: Grid Engine 2011.11
Release Notes for Open Grid Scheduler/Grid Engine Version: Grid Engine 2011.11 New Features Berkeley DB Spooling Directory Can Be Located on NFS The Berkeley DB spooling framework has been enhanced such
More informationIBM Unica PredictiveInsight Version 8.5.0 Publication Date: June 7, 2011. Recommended Software Environments and Minimum System Requirements
IBM Unica PredictiveInsight Version 8.5.0 Publication Date: June 7, 2011 Recommended Software Environments and Minimum System Requirements Copyright Copyright IBM 2011 IBM Corporation Reservoir Place North
More informationWindows OS Security/Critical Patch List for BD Workstations
Last Updated January, 2015 Below is the list of Microsoft Windows OS Security/Critical Patches that customers can install on their BD workstations with minimal impact on the performance or functionality
More informationInstall this update to increase the performance of web sites that use Ajax. After you install this item, you may have to restart your computer.
Windows XP Pro Service Pack 2 Approved Window Update Windows XP (KB896423) Update Description A security issue has been identified in the Print Spooler service that could allow an attacker to compromise
More informationTrusted Platforms for Homeland Security
Trusted Platforms for Homeland Security By Kevin Schutz, Product Manager Secure Products Summary Ongoing threats from hackers, viruses, and worms continue to make security a top priority for IT and business
More informationIndex. BIOS rootkit, 119 Broad network access, 107
Index A Administrative components, 81, 83 Anti-malware, 125 ANY policy, 47 Asset tag, 114 Asymmetric encryption, 24 Attestation commercial market, 85 facts, 79 Intel TXT conceptual architecture, 85 models,
More informationTotal Defense Endpoint Premium r12
DATA SHEET Total Defense Endpoint Premium r12 Overview: Total Defense Endpoint Premium Edition r12 offers comprehensive protection for networks, endpoints and groupware systems from intrusions, malicious
More informationFull and Para Virtualization
Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels
More informationVirtualised MikroTik
Virtualised MikroTik MikroTik in a Virtualised Hardware Environment Speaker: Tom Smyth CTO Wireless Connect Ltd. Event: MUM Krackow Feb 2008 http://wirelessconnect.eu/ Copyright 2008 1 Objectives Understand
More informationSymantec Endpoint Protection
The next generation of antivirus technology from Overview Advanced threat protection combines AntiVirus with advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops,
More informationSymantec NetBackup Enterprise Server and Server 7.x OS Software Compatibility List
Symantec NetBackup Enterprise Server and Server 7.x OS Software Compatibility List Created on March 12, 2015 Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and NetBackup
More informationSystem Requirements Table of contents
Table of contents 1 Introduction... 2 2 Knoa Agent... 2 2.1 System Requirements...2 2.2 Environment Requirements...4 3 Knoa Server Architecture...4 3.1 Knoa Server Components... 4 3.2 Server Hardware Setup...5
More informationSage CRM Technical Specification
Sage CRM Technical Specification Client Software This document outlines the recommended minimum software and hardware requirements for running Sage CRM. Please note that while the document refers to Sage
More informationRED HAT ENTERPRISE VIRTUALIZATION & CLOUD COMPUTING
RED HAT ENTERPRISE VIRTUALIZATION & CLOUD COMPUTING James Rankin Senior Solutions Architect Red Hat, Inc. 1 KVM BACKGROUND Project started in October 2006 by Qumranet - Submitted to Kernel maintainers
More informationSoftware Vulnerabilities
Software Vulnerabilities -- stack overflow Code based security Code based security discusses typical vulnerabilities made by programmers that can be exploited by miscreants Implementing safe software in
More information