Cyber Security and Privacy
|
|
- Wilfrid Edwards
- 8 years ago
- Views:
Transcription
1 Cyber Security and Privacy Jovan Golić CySeP Winter School, Stockholm, 2014
2 EIT ICT Labs EIT ICT Labs is one of the first Knowledge and Innovation Communities set up in 2010 by the European Institute of Innovation and Technology (EIT), as an initiative of the European Union, motivated by an urgent need to strengthen the ICT competence in Europe EIT ICT Labs mission is to drive European leadership in ICT innovation for economic growth and quality of life: by linking Education, Research & Business through 8 thematic + 2 educational action lines, co-location centers, network of partners, and business development accelerator for startups and SMEs Finalization stages of research & innovation aiming at bringing to market innovative ICT products and services are funded through 1-year projects conducted by the partners, together with others through sub-granting (up to 60k ) and sub-contracting
3 Cyber Security Cyber security can generally be considered as information/data security in cyberspace In practice, it is resp. related to offensive and defensive techniques that can be used for performing attacks or defences Defensive techniques can be attack-based (e.g. anti-malware signaturebased techniques or security patches against SW vulnerabilities) or generic (e.g. anomaly-based/behaviour-based techniques); the latter are more effective against unknown attacks and less effective against known attacks Techniques include traffic or event monitoring, data analytics, attack detection and prevention (gateways, firewalls, IDS/IPS), tracking, tracing, incident management & emergency response, information sharing (SOCs and CERTs), security policies, and risk management Attacks can aim at DoS/DDoS, fraud, malfunctioning, physical damage (cyber physical systems), defamation, data theft, terrorism, cyberwar; they appear to evolve exponentially! Current situation and trends are unsatisfactory!
4 Data Security Data integrity data received/retrieved in original form via secret tag for detection of unauthorized changes Data confidentiality data intelligible only to desired entities via secret reversible transformation of data Data availability data available on request via redundancy, dynamic testing, recovery Entity authentication and identification of entities (e.g., persons, organizations, things) creating, sending, receiving, or retrieving data via verification of real-world physical/logical attributes and time of communication, authentication protocols Security is relative to attacks types, objectives, impact, scale Security is relative to attackers skills, sophistication, resources Security has a cost widespread usage reduces the costs and enables security-by-design Security as a business opportunity rather than an obstacle
5 Data Privacy - 1 Data privacy is about the security of personal data and of any sensitive data regarding citizens, private or public companies, institutions, and organizations (e.g., IoT data, industrial secrets) Data privacy is also about the user s control of sensitive data according to the minimality principle Minimality principle: Sensitive data should be controlled by the user during the whole lifecycle and disclosed to the lowest possible extent for a minimum period of time only to entities and for purposes authorized by the user. Ideally, this principle should guide the balance between data disclosure and usability. Rarely applied in practice. One reason is massive user profiling by online service providers, since user data has market value. Another reason is the surveillance and lawful interception by government agencies and law enforcement authorities to help detect and monitor social threats, and detect, track, and investigate criminal or terrorist activities. Alert: Massive user profiling becomes massive citizen profiling if identity attributes are associated with user profiles
6 Data Privacy - 2 Protect data privacy against insider attacks: traceable system administrator interventions, integrity of logs and audit trails, strong authentication, shared access & control, separation of duties Privacy paradigm shift: Enforce the minimality principle Support data privacy by practical advanced cryptographic techniques, including privacy-preserving data mining and profiling, secure multiparty computation, practical homomorphic encryption, secret sharing, threshold cryptography, anonymization, anonymity protocols, anonymous credentials, attribute-based encryption, format- and syntax-preserving encryption, searchable encryption, end-to-end encryption, and SW obfuscation, in addition to traditional techniques Address accountability by techniques for revocable anonymity Protection of sensitive data requires privacy-aware security platforms and mechanisms in both software and hardware N.B. Data protection laws depend on physical location of data!
7 Digital Trust Level of confidence that a product or service or process in digital world is functioning accordingly relative, conditional, time dependent Has a subjective component and an objective component, which can be called trustworthiness Best practices and reputation are fundamental The problem is that data security is complex, relative, conditional, difficult to verify Trust + Distrust + Uncertainty = 1 Increase trust directly or by decreasing distrust or uncertainty Factors: policies and agreements, liability, reputation, best practices, assurance levels, technical and technological assurance, transparence, verifiability, auditing, cost-effective certification, information sharing, awareness, knowledge
8 Action Line for Privacy, Security & Trust Mission: Support users and businesses in protecting their digital assets and transactions, promoting robust and safe products and services that realize data privacy and security Privacy: Security & User s Control of sensitive data Minimality principle: Disclose sensitive data to a minimum extent Misconception 1: Address cyber security by counteracting attacks and SOCs/CERTs only Misconception 2: Cyber security is possible without privacy Strategy: Address cyber security and privacy proactively, by deploying trustworthy and transparent innovative technologies bridging the gaps between available techniques and practice; promote «security & privacy by design» paradigm; raise social awareness Priorities : Privacy-aware federated ID management & strong authentication Data privacy in online/mobile applications, services & communications Protection against malicious software & intrusion detection/prevention on computing devices, especially on mobile platforms
9 Software Security Standardized cryptographic algorithms and protocols used for data security are subject to public scrutiny and trustworthy Many proprietary ones turned out to be weak after being exposed Software products (operating systems, middleware, applications) are frequently proprietary and obfuscated; trustworthiness w.r.t. data security is then not well anchored SW and SW updates can be authenticated/certified by digital signatures issued by using trusted public keys Reduce SW vulnerabilities by applying security by design: develop SW by using static and/or dynamic formal methods Untrusted applications can be separated from the trusted ones, by using trusted execution environment or virtualization Detection of malicious applications and intrusions on end-point devices is currently not sufficiently effective!
10 Virtualization Security Virtualization is fundamental for cloud services; it can also be done on end-point devices, even in constrained environment Hypervisor is SW running on host platform, for generating and supporting guest Virtual Machines (VMs) Isolation of guest VMs is fundamental for virtualization security Proving the isolation and other properties of hypervisor by formal security analysis is a challenge Hypervisor can be transparent and open for verification or certified; this can significantly improve trustworthiness Assuming that the host platform is trusted, security of guest VMs and distributed middleware (intrusion and anti-malware protection including APTs) can be efficiently controlled by the monitoring SW process running on the host Virtual monitoring and IDS can be introduced on the network level
11 Hardware Security ICT system can be secure on SW level, but insecure on HW level Strong HW platforms and architectures (including self-checking circuits) are important, especially w.r.t. sophisticated attackers Transparent and auditable HW fabrication facilities are preferable, but difficult to implement HW devices connected to the cloud (IoT), such as smart meters and various sensors, especially if they generate sensitive data, need to be strongly authenticated/identified by using cryptographic keys and/or chip templates such as Physical Unclonable Functions (PUFs) Such devices should better be run on open or standardized OS guided by the simplicity and security principles Secure key generation & management (HSM, secure element) Usage of HW security tokens (HST) for strong user-to-hst-tocloud authentication; the same HST for multiple keys HW/SW implementations of cryptographic algorithms and protocols running on sensitive data should be resistant to side-channel attacks
12 Business Opportunities ICT business at risk: The worldwide ICT security technology and services market is growing more than 11% annually, to reach 92 billion in By 2020, it is estimated that 440 billion of the added value is at risk if the leveraged data are not appropriately protected. Significant market opportunities: Market share of European companies in industry solutions for data security and privacy ( 16.5%) is lagging behind their global ICT market share ( 25%). This is possibly due to fragmented national regulations and government control, as cyber security and privacy are considered to be matters of national security and safety. European technology solutions in this area potentially have a comparative advantage with respect to trustworthiness. In after-snowden era, enterprises, institutions, and organizations hesitate to send their sensitive data to the cloud. This implies that the business opportunities for deploying innovative solutions offering higher assurance for data privacy are significant.
13 Priority 1: Secure and Privacy-aware E-authentication and Digital Identity Management (1) Widely adopted and deployed innovative solutions for secure and privacy-aware federated e-authentication and e-identification of physical or logical entities (e.g., persons, organizations, things, services) via online or wireless communications will create a basis for more secure, authentic and trustworthy products and services, cross-nationally and nationally a springboard for trusted personal data management more trust among people and organizations in Europe without violating the privacy of users as citizens! Build on existing cross-border projects and initiatives, e.g., STORK, ABC4Trust, FutureID, GBA, OneAPI, EEMA, Kantara, FIDO N.B. Single sign-on and federated e-id facilitate user or citizen profiling via linking!
14 Priority 1: Secure and Privacy-aware E-authentication and Digital Identity Management (2) Relevant techniques include Strong, multi-factor authentication (beyond password-only) Privacy-preserving biometric authentication of persons and physical authentication of things (e.g., biometric encryption) Device usage profiling Cryptographic authentication protocols, credentials, certificates Privacy-aware identity federation and attribute sharing, anonymous credentials Secret sharing and shared access control Trust & liability models Relevant technologies include Hardware & software security tokens, biometrics, PUFs, TPMs, SIM cards, physically embedded digital signatures, NFC, QR codes, monitoring & anti-fraud technologies
15 Priority 2: Protection of Data Privacy in Online and Mobile Applications, Services and Communications (1) Data privacy essentially means that user controls usage of related sensitive data during its whole life cycle, with the minimality principle guiding the balance with usability Not only personal data, but also industrial secrets! Privacy = security & control of sensitive data Data are easy to copy Support by legislation or regulation is necessary, but is difficult to correctly implement in practice Current practice is unsatisfactory, especially for ordinary people and with respect to sophisticated adversaries! Paradigm promoted: support data privacy by validated technical & technological means wherever practically possible, in addition to transparent, humanunderstandable, and machine-readable privacy policies
16 Priority 2: Protection of Data Privacy in Online and Mobile Applications, Services and Communications (2) Relevant cryptographic techniques include Local storage and computation Anonymization & pseudonymization Data aggregation Anonymity protocols Privacy-preserving data mining and profiling Secret sharing and shared control Threshold cryptography Secure multiparty computation Practical homomorphic encryption Attribute-based encryption and searchable encryption End-to-end encryption Zero-knowledge protocols
17 Priority 2: Protection of Data Privacy in Online and Mobile Applications, Services and Communications (3) Relevant technologies include Hardware security tokens Hardware and software solutions for end-to-end security Distributed databases and servers Privacy-aware operating systems and software platforms Virtualization Secure hardware platforms Cost-effective certification & auditing procedures
18 Priority 3: Mobile Cyber-Security, Addressing Malicious Software in Mobile and Online Applications (1) Privacy-preserving intrusion detection & prevention and protection against malicious software (malware) on endpoint computing devices (e.g., smartphone, tablet, PC) is an aspect of cyber security and privacy of ever increasing importance, especially in mobile scenarios Smart mobile devices typically contain both personal data and sensitive business-related data Malicious or potentially dangerous apps for mobile devices rapidly multiply and evolve Existing solutions are partial and fragmented and do not appear to be sufficiently effective, especially with respect to sophisticated attackers and on mobile platforms
19 Priority 3: Mobile Cyber-Security, Addressing Malicious Software in Mobile and Online Applications (2) Relevant techniques include Local, distributed, or centralized methods Privacy-preserving intrusion detection/prevention Kernel-level anti-malware protection Detection/prevention of advanced persistent threats Sandboxing Behaviour-based malware detection Combined client-based and cloud-based solutions for malware detection on mobile devices Privacy-aware process monitoring on computing devices Trustworthy apps Machine learning techniques for sophisticated intrusion detection
20 Priority 3: Mobile Cyber-Security, Addressing Malicious Software in Mobile and Online Applications (3) Relevant technologies include Privacy-aware operating systems Virtualization and virtual machines Secure microkernels and hypervisors Multiple operating systems Trusted hardware platforms, secure elements, and trusted execution environment Secure graphical user interfaces Dedicated memory encryption Sensitive data protection in case of device stealing Hardware security tokens
21 Applications User profiling Social networks E-commerce and e-payment E-government and e-signatures E-voting and e-democracy E-health and wellbeing Smart spaces, smart cities & communities Cyber-physical systems Connected vehicles, mobility Smart energy Cloud computing and storage Personal data management Intellectual property licensing Internet of things Big data analytics
ATTPS Publication: Trustworthy ICT Taxonomy
Publication: worthy ICT Taxonomy Roger Berkley worthy ICT Taxonomy Research Cybersecurity technology is a considerably large subdomain of ICT. Technology experts like Gartner have identified at least 94
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationEU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015
EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015 Aristotelis Tzafalias Trust and Security Unit H.4 DG Connect European Commission Trust and Security: One Mission
More informationNetwork Security in Building Networks
Network Security in Building Networks Prof. Dr. (TU NN) Norbert Pohlmann Institute for Internet Security - if(is) Westphalian University of Applied Sciences Gelsenkirchen, Germany www.if-is.net Content
More informationBeyond passwords: Protect the mobile enterprise with smarter security solutions
IBM Software Thought Leadership White Paper September 2013 Beyond passwords: Protect the mobile enterprise with smarter security solutions Prevent fraud and improve the user experience with an adaptive
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationBrainloop Cloud Security
Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationCESG Certification of Cyber Security Training Courses
CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security
More informationChallenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved
Siemens AG - Corporate Technology - IT Security Challenges in Industrial IT-Security Dr. Rolf Reinema, Head of Technology Field IT-Security, Siemens AG Siemens AG 2015. All rights reserved Not a single
More informationCloud Security Trust Cisco to Protect Your Data
Trust Cisco to Protect Your Data As cloud adoption accelerates, organizations are increasingly placing their trust in third-party cloud service providers (CSPs). But can you fully trust your most sensitive
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationDeveloping Secure Software in the Age of Advanced Persistent Threats
Developing Secure Software in the Age of Advanced Persistent Threats ERIC BAIZE EMC Corporation DAVE MARTIN EMC Corporation Session ID: ASEC-201 Session Classification: Intermediate Our Job: Keep our Employer
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationApplied and Integrated Security. C. Eckert
Applied and Integrated Security 1 Joseph von Fraunhofer (1787-1826) Researcher discovery of Fraunhofer Lines in the sun spectrum Inventor new methods of lens processing Entrepreneur head of royal glass
More informationNational Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity
National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationOhio Supercomputer Center
Ohio Supercomputer Center Intrusion Prevention and Detection No: Effective: OSC-12 5/21/09 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationHow does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1
How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management
More informationTowards Trustworthy Architectures for Secure Cloud Servers and End-User Devices
Towards Trustworthy Architectures for Secure Cloud Servers and End-User Devices Jakub Szefer and Prof. Ruby B. Lee Princeton University http://palms.princeton.edu/ 2013-03-11 ARO Invitational Workshop
More informationCHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS
CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS Prof. Dr.-Ing. Georg Sigl Institute for Security in Information Technology Technical University Munich sigl@tum.de Fraunhofer Research Institution
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationSECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014
SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security
More informationMcAfee Security Architectures for the Public Sector
White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed
More information1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk
Proposed PhD Research Areas I am looking for strong PhD candidates to work on the projects listed below. The ideal candidate would have a mix of theoretical and practical skills, achieved a distinction
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationHow Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015
How Microsoft is taking Privacy by Design to Work Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 Agenda Introducing the New Microsoft Microsoft privacy principle Protecting privacy
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationALERT LOGIC FOR HIPAA COMPLIANCE
SOLUTION OVERVIEW: ALERT LOGIC FOR HIPAA COMPLIANCE AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE Alert Logic provides organizations with the most advanced and cost-effective means to secure their healthcare
More informationMitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security
Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored
More informationCloud Security & Standardization. Markku Siltanen Tietoturvakonsultti CISA, CGEIT, CRISC
0 Copyright 2011 FUJITSU Cloud Security & Standardization Markku Siltanen Tietoturvakonsultti CISA, CGEIT, CRISC Cloud computing 1 Copyright 2011 FUJITSU Characteristics of cloud 2 Copyright 2011 FUJITSU
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationDigital identity: Toward more convenient, more secure online authentication
Digital identity: Toward more convenient, more secure online authentication For more than four decades, the familiar username/password method has been the basis for authentication when accessing computer-based
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationPUF Physical Unclonable Functions
Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationTop Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America
1 Top Ten Security and Privacy Challenges for Big Data and Smartgrids Arnab Roy Fujitsu Laboratories of America 2 User Roles and Security Concerns [SKCP11] Users and Security Concerns [SKCP10] Utilities:
More informationE-Democracy and e-voting
E-Democracy and e-voting How to make them secure and transparent August 2013 Jordi Puiggali CSO and SVP R&D Jordi.puiggali@scytl.com Index Introduction e-democracy Security and Transparency in e-voting
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationBlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationProvide access control with innovative solutions from IBM.
Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationNSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense
NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial
More informationSecurity as Architecture A fine grained multi-tiered containment strategy
1 Security as Architecture A fine grained multi-tiered containment strategy Andras R. Szakal IBM Distinguished Engineer Chief Software Architect, U.S. Federal SWG aszakal@us.ibm.com 2 Objectives Cybersecurity
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationCyber Security Strategy
NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use
More informationSecuring the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.
Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. The number of Internet-connected smart devices is growing at a rapid pace. According to Gartner, the
More informationThe FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
More informationProtecting Point-of-Sale Environments Against Multi-Stage Attacks
SOLUTION BRIEF: PROTECTING POS DEVICES & BROADER ENVIRONMENT........................................ Protecting Point-of-Sale Environments Against Multi-Stage Attacks Who should read this paper Point-of-Sale
More informationMASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY
MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing
More informationArnab Roy Fujitsu Laboratories of America and CSA Big Data WG
Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1 The Big Data Working Group (BDWG) will be identifying scalable techniques for data-centric security and privacy problems. BDWG s investigation
More informationNetwork/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
More informationCyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist
Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationPrivacy and Identity Management for Europe
Privacy and Identity Management for Europe Pierangela Samarati Università degli Studi di Milano Milan, Italy samarati@dti.unimi.it Page 1 Vision and Objectives Users disclose vast amounts of personal information
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationnext generation privilege identity management
next generation privilege identity management Nowadays enterprise IT teams are focused on adopting and supporting newer devices, applications and platforms to address business needs and keep up pace with
More informationSecurity in ST : From Company to Products
Security in ST : From Company to Products July 2015 Thierry FENSCH Innovation, Collaboration and Efficiency Director Grenoble Site A global semiconductor leader 2014 revenues of $7.40B Who we are 2 Approximately
More informationSECURITY IN THE INTERNET OF THINGS
Lessons from the Past for the Connected Future INNOVATORS START HERE. EXECUTIVE SUMMARY Although it has been with us in some form and under different names for many years, the Internet of Things (IoT)
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationPerspectives on Cybersecurity in Healthcare June 2015
SPONSORED BY Perspectives on Cybersecurity in Healthcare June 2015 Workgroup for Electronic Data Interchange 1984 Isaac Newton Square, Suite 304, Reston, VA. 20190 T: 202-618-8792/F: 202-684-7794 Copyright
More informationCGI Cyber Risk Advisory and Management Services for Insurers
CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their
More informationCONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL
CONTROLLING DATA IN THE CLOUD: OUTSOURCING COMPUTATION WITHOUT OUTSOURCING CONTROL Paper By: Chow, R; Golle, P; Jakobsson, M; Shai, E; Staddon, J From PARC & Masuoka, R And Mollina From Fujitsu Laboratories
More informationKaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking
Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey
More informationAPPLIED AND INTEGRATED SECURITY
APPLIED AND INTEGRATED SECURITY Directors: Claudia Eckert (Managing) Georg Sigl SECURITY RESEARCH IN MUNICH Fraunhofer Institution for Applied and Integrated Security Claudia Eckert Georg Sigl TU München
More informationITAR Compliance Best Practices Guide
ITAR Compliance Best Practices Guide 1 Table of Contents Executive Summary & Overview 3 Data Security Best Practices 4 About Aurora 10 2 Executive Summary & Overview: International Traffic in Arms Regulations
More informationAssociate Prof. Dr. Victor Onomza Waziri
BIG DATA ANALYTICS AND DATA SECURITY IN THE CLOUD VIA FULLY HOMOMORPHIC ENCRYPTION Associate Prof. Dr. Victor Onomza Waziri Department of Cyber Security Science, School of ICT, Federal University of Technology,
More informationProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst
ESG Lab Spotlight ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst Abstract: This ESG Lab Spotlight examines the
More informationSDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015
SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationGoodData Corporation Security White Paper
GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share
More information7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.
Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric
More informationNetwork Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶
Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course
More informationRight-Sizing M2M Security: The Best Security is Security Tailored to Your Application
Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application Introduction Security continues to be a hot topic in all areas of technology, including machine-tomachine (M2M) applications.
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationTrusted Network Connect (TNC)
Trusted Network Connect (TNC) Open Standards for Integrity-based Network Access Control and Coordinated Network Security April 2011 Trusted Computing Group 3855 SW 153rd Drive, Beaverton, OR 97006 Tel
More information