Digital signature in insecure environments

Size: px
Start display at page:

Download "Digital signature in insecure environments"

Transcription

1 Digital signature in insecure environments Janne Varjus Helsinki University of Technology Abstract Due to current legislation the digital signatures can be as valid as the hand written signatures. If the signing environment is compromised there is no way for the signatory to know what he/she is signing. Even if signing process is secure, data can be switched before signing by malware. Home computers are usually in a risk to get compromised by virus attacks and computers elsewhere can be untrusted. If computers in a risk cannot be used for signing it greatly reduces the applications of the digital signatures. To solve this issue hardware and software approaches have been developed that try to minimize the risks. KEYWORDS: Digital Signatures, Trusted Computing, Malware 1 Introduction Digital signatures are nowadays as legally binding as the normal signatures are in many countries [7]. Accredited certificate authorities have been around for some time now, but the current usage of the digital signatures is still rare. The digital signatures should be secure enough and easy to use to gain a wide acceptance from the public and the service providers. Current implementations lack such a security as well as the ease of the usage [4]. Also the price is a very important issue. To be able to provide services to the general public these issues must be addressed. Usable and secure digital signatures would make it possible to offer many kinds of services, which currently require a hand written signature. Numerous government and private sector services could be provided online and the need to make and archive paper documents, which will be after all inputted to the computer systems, would be eliminated. This would speed up the service and reduce the cost caused by archiving and manually processing the documents. For example the new legislation in the Finland requires the use of the digital signature for signing documents stored in the new health care information system [2]. To be more useful also patients should be able to sign the documents stored there. Places where the most of the signing would take a place are probably the home computer of the patient and a public terminal in the hospital. This requires at least addressing the security issues. 2 Technology Digital signatures are produced by using public-key cryptography. This is usually achieved by using a smart card that holds keys and does the actual signing. The private key never leaves the card. The smart card is protected by a PIN-code that must be entered before signing. [6] To be able to sign a document user needs a card reader (preferably with a pin pad) and a software that handles the signing process. Software calculates a hash value for the document, transfers it to the smart card, and the smart card signs it with the private key if the entered PIN-code is correct. After signing anyone can verify with the public key that the document is signed with the corresponding private key. [8] To be able to trust that the public key is belonging to the user it says it belongs to, it must be signed by a trusted certificate authority. The certificate authority must also have a way to revoke the certificate. Usually the certificate authority is a third party. Also some kind of service to establish the timeline between signatures is usually required to determine which signatures have been made before revoking the certificate. Signing with an old key must also be prevented. [8] 3 Legislation In Finland all signatures created using accredited certificate authority signed keys and secure signing device are legally binding. Otherwise signature is not necessarily legally valid. It could be argued that the law requires completely secure signing method and therefore no signature is legally binding. [1] Digital signatures are already required by the law in electronic medical records. After the transition period secure way to sign medical documents will be needed. [2] Internationally digital signature laws are quite different in different countries and legally binding signature in one country might not be binding in another country. Also liability of the signatory could differ between countries. There is work being done to harmonize laws between countries so international commerce could use the digital signature. [7] 4 Problem description Digital signatures are usually created by calculating a hash value from the data to be signed and then the hash value

2 is signed with a public key algorithm [8]. Signing operations and key storage are usually done with a smart card or a similar device which is a closed platform. This assures that the private keys are safe and the signing operation is secure. It however doesn t prevent malicious alteration of the hash value or the document to be signed before signing. This is because the computer used for the signing operation is an open platform, which can be infected by a trojan horse. Malware could easily alter the document to be signed when using current signing software packages. [6] Preventing this from happening would require that the malware couldn t take a part in the signing process. This could be achieved by using a completely closed system for the signing or by trying to verify that the software components taking part to the signing process are unaltered. First available solution is hardware based and requires a special display controller and a smart card reader combination. It basically signs what you see in the display. It is in practice a closed system so the malware should not affect it. [3] Second solution is software or partly software based and reduces risk that the malware could operate in the system. It is usually referred as a Trusted Computing. Hardware or software verifies the integrity of the software and detects any changes. It doesn t offer complete protection but it greatly increases the security. [6] Software solutions tested at autumn 2005 didn t have any kind of protection for modifying the data to be signed or the data to be verified. Some solutions are even allowed to execute arbitrary code in their address space. [4] Smart cards usually have PIN codes to ensure that the card is only used by the card owner. Cheaper readers do not have a numeric keypad for the PIN code. When the PIN-code is inputted by a computer keyboard, it is relatively easy to capture it. After the PIN-code is captured, the malware can use the card whenever it wants to, if the card is inserted to the reader. Alternatively someone could acquire the PINcode and then steal the card. [5] The PIN-code is relatively easy to protect with readers that have a keypad and use it for entering the PIN-code. Digital signatures that satisfy certain conditions are legally binding so care should be taken when signing any document [7]. Every time a signing operation could be misused to sign something else if the platform is compromised. However the hash should be secure so malicious information to be signed must be available at the moment when signature is performed. After signing operation the user can be very confident at least that no more forged signatures can be made using his keys, if the key material isn t exposed to the malware. Current signing software require saving the document, launching separate program for a signing operation and reviewing the document in a separate secure viewer before signature even if you just have written the document. Of course there could be only one button that reads "Sign", but it would undermine the security against malware. Also the PIN-code will be asked each time you want to sign something. [4] This should be much easier for the general public. 5 Software based secure signing environment using Trusted Computing Platform Document to be signed is saved to a SWORM medium to prevent modification. Java application will be used for signing because it can be executed in a trusted Java Virtual Machine or in the memory of a smart card when intelligent adjunct model is used. The signing application should be saved to the memory of the smart card so it will be more platform independent and always trusted. [6] This approach could be used by the general public in the future because it only requires Trusted Platform Module and a smart card reader to be in the computer, and the rest depends on the software and the smart card. Because it is very unlikely, that the malware that targets digital signatures attacks operating system loader, it could be possible to drop off the Trusted Platform Module. Then the whole solution would be software based and usable in all computers that are running operating systems supporting Trusted Computing Platform. Currently there isn t required support in any mainstream operating system so this approach is valid only in the future. [6] 5.1 Trusted Computing Platform To prevent that the malware has access to the signing process, Trusted Computing Platform could be used. It consists of a hardware module that functions as a root of the software signature verification. Previously loaded software components verify that the components they load have a valid signature. This way the whole operating system could be verified and loading the malware as trusted software prevented. At least the malware wouldn t be able to mess up with the operating system. Also path from the reader to the software and the path from the keyboard to the software are protected. Signing software is not required to be signed and it could be run for example in a trusted Java Virtual Machine. [6] 5.2 WORM and SWORM WORM means write once read multiple and SWORM is a software implementation of WORM. For example it could be securely implemented by using Trusted Computing Platform. WORM ensures that when a file is saved it cannot be modified anymore. When software saves a file to the SWORM medium it is impossible to tell if it will be signed in the future. This prevents the malware from monitoring when the document to be signed is saved. Also malware has only a short window of opportunity to change the data to be signed. This reduces the need of the secure viewer component in the signing software. [6] 5.3 Intelligent adjunct model Normally smart card controls only the signing process inside the smart card, but in the Intelligent Adjunct model the smart card is given control of resources outside the smart card. The card could for example retrieve file to be signed from the SWORM medium. This means that the Java Virtual Machine

3 running on the smart card is given access to the hardware of the computer through the smart card reader interface. [6] 5.4 Storing signing software on the smart card Signing software resides in the smart card and is loaded from there to the secure Java Virtual Machine or it could be also executed in the smart card s own internal virtual machine. Signing software should be implemented in Java so it can be run in the virtual machine. This makes it possible that integrity of the signing software is verified even if it doesn t have a signature from the Trusted Computing Platform Alliance. This makes it easier to make updates to the software. Smart card manufacturer or developer writes the signing software to the smart card and if it cannot be modified it could be considered trusted. [6] 6 Trusted Display Controller based secure signing method Trusted Display Controller is used to control the video path. Together with a smart card reader it forms a closed platform for signing. Trusted Display Controller is a modification for the Trusted Platform Module. Rest of the system can be a normal personal computer that has open platform. [3] When an application wants to sign some information it sends it to the Trusted Display Controller. Trusted Display Controller first performs mutual authentication with the smart card using secure communication between the smart card reader and the controller. Only controllers that have correct certificates can access to the smart card data. User can be guaranteed that the hardware is approved to be used with the smart card even when using computer that the user has never used before. [3] After the authentication controller fetches a seal image from the smart card and displays the bitmap of the information to be signed with it. The controller generates a random number and displays it with the seal and the document. User can confirm that the image on the display actually comes from the controller by looking at the seal image which is chosen by user, and only user knows what it looks like. To sign the bitmap user is required to input that random number with a normal keyboard. Security of the keyboard input is not an issue because the number is used only once. [3] This method could be impractical with large documents because each page must be shown and signed separately. Also because the image of the document is signed it could be hard to automatically process that data. [3] This isn t very appealing to the general public because special display controller costs too much for someone who just wants to use some services that require digital signature. Hardware based approach could be used in public computers intended for producing digital signatures. It could be a good idea if such a solution supported also viewing and signing documents in pdf-format instead of just bitmap. 7 Other hardware based solutions Secure signing operation could be performed on a completely separate hardware. To be able to trust the signing process, this hardware device should have a display to view the document and a smart card reader with a possibility to input the PIN-code. [6] The device could be a dedicated computer that has only minimal software for performing the signing process and a secure way to transfer the document to be signed. Also completely closed system that is only meant for this use is possible [6]. It could be connected to the computer via USB or by some other means. Problem with this solution would be a high price tag and therefore it wouldn t be practical for home usage. By using a PDA as a secure signing device this could be a solution for business use. Completely closed system would be difficult for most applications because it could sign only a few preselected formats. However this could be useful when the formats are known before, like for example when signing documents at some government bureau. [6] 8 Commercial software available from the store. Commercial software products for producing the digital signature are the easy way to go. These products are usually build to perform digital signature operations the user friendly way. But there isn t sufficient security against malware in these programs. More secure platform could help. [4] Many products available are vulnerable to even the most basic attacks by trojan horses. In most cases attack could be executed by using only basic user rights. Attack can be performed with a very little knowledge about the internals of the program. [4] DLL that provides an interface to the smart card reader can be replaced with another DLL that wraps functionality of the real DLL and so malicious DLL gains an access to the signing software address space. It could be used as a sniffer for the smart card traffic or to make changes to the signing software. [4] The PIN-code can be usually intercepted by just accessing to the password input box through the Windows API. Some software has protection against this, but usually the PIN-code can be still retrieved. Key pad with the smart card reader eliminates this security problem. [4] Most programs have secure viewer component that displays the document just before it will be signed. Malicious program can draw to the viewer surface or open a new window on top of the viewer. This could be prevented by refreshing the content frequently enough and by monitoring that no window is on top of the actual viewer window. [4] Most of these attacks can be prevented using simple methods, but programs do not employ them. Software manufacturers assume that environment where programs will be used is not compromised. And it is responsibility of the user to assure this. [4] This option is more appealing to the general public because it needs just the software and the smart card reader and

4 is compatible with the platforms that the software supports. Security however is not so great and for the digital signature with legal obligations it isn t a very good option. 9 Solution for the general public For the general public the security should be high because users aren t experts and the equipment should be cheap for home use. Also the solution must be easy to use. Users shouldn t be able to make any modifications that would produce a security risk. This means that the platform must be closed or at least the software must be protected from any modifications. To keep the cost of this solution low need of extra hardware should be kept minimal. To protect the software from modifications it should be loaded from read only memory and no other software should be running at the same time. Device used needs a display because of the need to inspect the document to be signed. Displays capable to view documents aren t cheap, so usually at home buying one for this reason is out of the question. A computer display is usually the only display that is found from home and is capable to view documents. This means that the computer should be used to sign the documents in home environment. I propose that a specialized Linux distribution booted from a CD-ROM could be used to perform the signing. Booting from the CD-ROM ensures that only the software that is on the CD is running and making changes to the software is impossible. This would be a good solution for home use because only needed hardware is a card reader and a normal computer. Distribution should include only the necessary tools and nothing else. Such tools would be the signing software and a collection of editors and viewers. Also tools to access file systems on the computer should be included. Distribution could be easily customized to fit any special purpose by adding software to it. If trusted service provider provides the CD, user knows that he/she has obtained a valid copy. For example the distribution could be constructed to support all the services that the government offers. It might be advantageous for the service providers to create one common distribution for every service. Security with this solution would be quite good because every time system is booted, clean copy of the operating system will be loaded and minimal Linux is a very hard target for any kind of malware that doesn t already come with the distribution. Of course any other OS could be used for this purpose if it can be customized. This Linux distribution could also be running under a virtual machine. It reduces security but could be a good option for some purposes. In this configuration the smart card reader could pose a security risk because it needs to be connected to the virtual machine through the actual computer. Otherwise well implemented virtual machine should be relatively safe place to run this Linux distribution. Normal trojan horse would have great difficulty to do something because it would have to directly modify address space used by the virtual machine. Need to boot to another operating system makes this Linux distribution a little difficult to use if it is needed frequently. Solution Price Security Software, Trusted Computing low medium Hardware high high Current software in market low low Bootable linux CD free medium Table 1: Solutions for producing digital signatures For users who use it just occasionally it could be the best solution and because the Linux is under the GPL it would also be free. This Linux distribution could also be useful for applications where whole computer is dedicated to performing digital signature operations. This could be the case for example if temporary workstation is needed to produce digital signatures. 10 Analysis of the solutions Different solutions follow the rule: When usability increases security decreases or the price increases. Trusted Computing Platform based solutions provide more secure environment and therefore increase also security of the signing software. Current software shows that the developers don t care to make even the most basic protection against malware. Usually the manual says that it is responsibility of the user to provide malware-free environment. [4] Closed platform hardware solutions are very secure and also expensive. The advantage with the closed platform is that outside influence can t interfere with it. Special hardware is also usually easy and fast to use. Linux boot CD solution seems to be a good choice compared to the other choices, but it is necessary to boot computer to this special environment. Frequent usage with one computer that is in other uses too could be very inconvenient. This solution could also be used to make workstation that is dedicated for digital signing. Solutions are compared in the Table Conclusion Emerging services that use digital signatures need to have a secure way for the user to make the signatures. As the number of the services will increase also solutions to perform digital signatures will increase and security will be taken into account more seriously. Current hardware solutions are expensive and software solutions insecure. Specialized hardware could be option when the signing of documents is very frequent. Because hardware solution also makes it possible to authenticate the hardware by the smart card, it is the best solution for use in public computers like for example the computer in the library. Current software solutions are suitable for people that can be sure that their computer doesn t contain any malware. Software solution that utilizes Trusted Computing Platform would be secure and inexpensive but operating systems that support it are not currently available for the wide audience. [6]

5 New solutions must be developed before the general public can utilize the services safely. Because of the legally binding nature of the digital signature equal to a hand written signature these solutions must be very secure. One possibility to achieve secure and inexpensive system could be using Linux system that boots from the CD. It however isn t very user friendly because user must first shut down the operating system he/she uses regularly. References [1] Laki sähköisistä allekirjoituksista /14, [2] Laki sosiaali- ja terveydenhuollon asiakastietojen sähköisestä käsittelystä /159, [3] B. Balacheff, L. Chen, D. Plaquin, and G. Proudler. A trusted process to digitally sign a document. In NSPW 01: Proceedings of the 2001 workshop on New security paradigms, pages 79 86, New York, NY, USA, ACM Press. [4] H. Langweg. Malware attacks on electronic signatures revisited. In Konferenzband der 3. Jahrestagung Fachbereich Sicherheit der Gesellschaft für Informatik., pages , [5] A. Spalka, A. B. Cremers, and H. Langweg. The fairy tale of what you see is what you sign - trojan horse attacks on software for digital signatures. In Proceedings of the IFIP WG 9.6/11.7 Working Conference., [6] A. Spalka, A. B. Cremers, and H. Langweg. Protecting the creation of digital signatures with trusted computing platform technology against attacks by trojan horse programs. In Sec 01: Proceedings of the 16th international conference on Information security: Trusted information, pages , [7] M. Wang. A review of electronic signatures regulations: do they facilitate or impede international electronic commerce? In ICEC 06: Proceedings of the 8th international conference on Electronic commerce, pages , New York, NY, USA, ACM. [8] J. Zhou and R. Deng. On the validity of digital signatures. SIGCOMM Comput. Commun. Rev., 30(2):29 34, 2000.

Understanding and Integrating KODAK Picture Authentication Cameras

Understanding and Integrating KODAK Picture Authentication Cameras Understanding and Integrating KODAK Picture Authentication Cameras Introduction Anyone familiar with imaging software such as ADOBE PHOTOSHOP can appreciate how easy it is manipulate digital still images.

More information

Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs

Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs Protecting the Creation of Digital Signatures with Trusted Computing Platform Technology Against Attacks by Trojan Horse Programs Adrian Spalka, Armin B. Cremers and Hanno Langweg Department of Computer

More information

HOW SECURE ARE CURRENT MOBILE OPERATING SYSTEMS?

HOW SECURE ARE CURRENT MOBILE OPERATING SYSTEMS? HOW SECURE ARE CURRENT MOBILE OPERATING SYSTEMS? Tobias Murmann, Heiko Rossnagel Chair of Mobile Commerce and Multilateral Security Johann Wolfgang Goethe-University Frankfurt D-60054 Frankfurt / Main,

More information

That Point of Sale is a PoS

That Point of Sale is a PoS SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach

More information

Secure Data Exchange Solution

Secure Data Exchange Solution Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates

More information

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK

HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK HE WAR AGAINST BEING AN INTERMEDIARY FOR ANOTHER ATTACK Prepared By: Raghda Zahran, Msc. NYIT-Jordan campus. Supervised By: Dr. Lo ai Tawalbeh. November 2006 Page 1 of 8 THE WAR AGAINST BEING AN INTERMEDIARY

More information

School of Computer Science and Engineering policy with regard to self-administered computers

School of Computer Science and Engineering policy with regard to self-administered computers School of Computer Science and Engineering policy with regard to self-administered computers CSE Computer Security Committee October, 2002 Abstract The School s Computing Support Group (CSG) provides a

More information

What Are Certificates?

What Are Certificates? The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form

More information

S3 Control. Confirma Technology Brief November 2008

S3 Control. Confirma Technology Brief November 2008 S3 Control Confirma Technology Brief November 2008 Confirma Product Support 11040 Main St., Suite 100, Bellevue, WA 98004-6368, USA Toll free: 877.274.3045 Local: 425.691.1595 Email: support@confirma.com

More information

Firmware security features in HP Compaq business notebooks

Firmware security features in HP Compaq business notebooks HP ProtectTools Firmware security features in HP Compaq business notebooks Embedded security overview... 2 Basics of protection... 2 Protecting against unauthorized access user authentication... 3 Pre-boot

More information

Bypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken

Bypassing Local Windows Authentication to Defeat Full Disk Encryption. Ian Haken Bypassing Local Windows Authentication to Defeat Full Disk Encryption Ian Haken Who Am I? Currently a security researcher at Synopsys, working on application security tools and Coverity s static analysis

More information

Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things:

Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things: SHA-1 Versus SHA-2 Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things: - Breaking SHA-1 is not yet practical but will

More information

User Manual. HitmanPro.Kickstart User Manual Page 1

User Manual. HitmanPro.Kickstart User Manual Page 1 User Manual HitmanPro.Kickstart User Manual Page 1 Table of Contents 1 Introduction to HitmanPro.Kickstart... 3 2 What is ransomware?... 4 3 Why do I need HitmanPro.Kickstart?... 6 4 Creating a HitmanPro.Kickstart

More information

Executable Integrity Verification

Executable Integrity Verification Executable Integrity Verification Abstract Background Determining if a given executable has been trojaned is a tedious task. It is beyond the capabilities of the average end user and even many network

More information

Content Teaching Academy at James Madison University

Content Teaching Academy at James Madison University Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect

More information

Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory

Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed

More information

Trojan Horse Attacks on Software for Electronic Signatures

Trojan Horse Attacks on Software for Electronic Signatures Informatica 26 (2002) 191-203 191 Trojan Horse Attacks on Software for Electronic Signatures Adrian Spalka, Armin B. Cremers and Hanno Langweg Department of Computer Science III, University of Bonn Roemerstrasse

More information

CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services

CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services P/N:900-1005-20 CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services CD180 CeMOS/Cedar Software Package Management and Release Management Cloud Services (hereinafter referred

More information

BUSINESS COMPUTER SECURITY. aaa BUSINESS SECURITY SECURITY FOR LIFE

BUSINESS COMPUTER SECURITY. aaa BUSINESS SECURITY SECURITY FOR LIFE aaa BUSINESS SECURITY SECURITY FOR LIFE CHAPTER 1: WHY COMPUTER SECURITY IS IMPORTANT FOR YOUR BUSINESS No matter how big or small your business is, it s highly likely that you have some information stored

More information

Guide Installing Digital Certificates in Outlook 2000

Guide Installing Digital Certificates in Outlook 2000 Guide Installing Digital Certificates in Outlook 2000 Document SIGNE_PAPET. Ver. 1.0 Date of application 06/08/2012 Seguridad documental 2 Introduction This document describes the steps for configuring

More information

Patterns for Secure Boot and Secure Storage in Computer Systems

Patterns for Secure Boot and Secure Storage in Computer Systems Patterns for Secure Boot and Secure Storage in Computer Systems Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {hans.loehr,ahmad.sadeghi,marcel.winandy}@trust.rub.de

More information

Signal Customized Helpdesk Course

Signal Customized Helpdesk Course Signal Customized Helpdesk Course This course is a combination of modules taken from two Microsoft Courses: 50311A and 50331A. It is geared toward staff who handle helpdesk calls and troubleshoot end user

More information

Net Integrator Firewall

Net Integrator Firewall Net Integration Technologies, Inc. http://www.net itech.com Net Integrator Firewall Technical Overview Version 1.00 TABLE OF CONTENTS 1 Introduction...1 2 Firewall Architecture...2 2.1 The Life of a Packet...2

More information

Advanced Endpoint Protection Overview

Advanced Endpoint Protection Overview Advanced Endpoint Protection Overview Advanced Endpoint Protection is a solution that prevents Advanced Persistent Threats (APTs) and Zero-Day attacks and enables protection of your endpoints by blocking

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com

WatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION

More information

Digital Signatures on iqmis User Access Request Form

Digital Signatures on iqmis User Access Request Form Digital Signatures on iqmis User Access Request Form When a user clicks in the User Signature block on the iqmis Access Form, the following window appears: Click Save a Copy and rename it with your name,

More information

Studying Security Weaknesses of Android System

Studying Security Weaknesses of Android System , pp. 7-12 http://dx.doi.org/10.14257/ijsia.2015.9.3.02 Studying Security Weaknesses of Android System Jae-Kyung Park* and Sang-Yong Choi** *Chief researcher at Cyber Security Research Center, Korea Advanced

More information

Security Evaluation CLX.Sentinel

Security Evaluation CLX.Sentinel Security Evaluation CLX.Sentinel October 15th, 2009 Walter Sprenger walter.sprenger@csnc.ch Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil Tel.+41 55-214 41 60 Fax+41 55-214 41

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

SecureAge SecureDs Data Breach Prevention Solution

SecureAge SecureDs Data Breach Prevention Solution SecureAge SecureDs Data Breach Prevention Solution In recent years, major cases of data loss and data leaks are reported almost every week. These include high profile cases like US government losing personal

More information

LASTLINE WHITEPAPER. In-Depth Analysis of Malware

LASTLINE WHITEPAPER. In-Depth Analysis of Malware LASTLINE WHITEPAPER In-Depth Analysis of Malware Abstract Malware analysis is the process of determining the purpose and functionality of a given malware sample (such as a virus, worm, or Trojan horse).

More information

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com

You re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.

More information

Practical Mobile Digital Signatures

Practical Mobile Digital Signatures Practical Mobile Digital Signatures Antonio Maña and Sonia Matamoros Computer Science Department University of Málaga. Spain. {amg, sonia}@lcc.uma.es Abstract. There are important details that give legal

More information

International Journal of Enterprise Computing and Business Systems ISSN (Online) : 2230-8849

International Journal of Enterprise Computing and Business Systems ISSN (Online) : 2230-8849 WINDOWS-BASED APPLICATION AWARE NETWORK INTERCEPTOR Ms. Shalvi Dave [1], Mr. Jimit Mahadevia [2], Prof. Bhushan Trivedi [3] [1] Asst.Prof., MCA Department, IITE, Ahmedabad, INDIA [2] Chief Architect, Elitecore

More information

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not

More information

System Security Policy Management: Advanced Audit Tasks

System Security Policy Management: Advanced Audit Tasks System Security Policy Management: Advanced Audit Tasks White Paper October 6, 2005 2005 Altiris Inc. All rights reserved. ABOUT ALTIRIS Altiris, Inc. is a pioneer of IT lifecycle management software that

More information

SENSE Security overview 2014

SENSE Security overview 2014 SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2

More information

PCI PA - DSS. Point BKX Implementation Guide. Version 2.01. Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core

PCI PA - DSS. Point BKX Implementation Guide. Version 2.01. Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core PCI PA - DSS Point BKX Implementation Guide Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core Version 2.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566

More information

Chapter 1. Introduction to ios Development. Objectives: Touch on the history of ios and the devices that support this operating system.

Chapter 1. Introduction to ios Development. Objectives: Touch on the history of ios and the devices that support this operating system. Chapter 1 Introduction to ios Development Objectives: Touch on the history of ios and the devices that support this operating system. Understand the different types of Apple Developer accounts. Introduce

More information

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT Appendix A to 11-02-P1-NJOIT NJ OFFICE OF INFORMATION TECHNOLOGY P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT The Intent

More information

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15. NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities

More information

Using Remote Desktop Clients

Using Remote Desktop Clients CYBER SECURITY OPERATIONS CENTRE December 2011 Using Remote Desktop Clients INTRODUCTION 1. Remote access solutions are increasingly being used to access sensitive or classified systems from homes and

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Secure Email Frequently Asked Questions

Secure Email Frequently Asked Questions Secure Email Frequently Asked Questions Frequently Asked Questions Contents General Secure Email Questions and Answers Forced TLS Questions and Answers SecureMail Questions and Answers Glossary Support

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy For Public Use G/On Basic Best Practice Reference Guide Version 6 Make Connectivity Easy 2006 Giritech A/S. 1 G/On Basic Best Practices Reference Guide v.6 Table of Contents Scope...3 G/On Server Platform

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,

More information

Remote Access Securing Your Employees Out of the Office

Remote Access Securing Your Employees Out of the Office Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction

More information

Technical Description. DigitalSign 3.1. State of the art legally valid electronic signature. The best, most secure and complete software for

Technical Description. DigitalSign 3.1. State of the art legally valid electronic signature. The best, most secure and complete software for Technical Description DigitalSign 3.1 State of the art legally valid electronic signature The best, most secure and complete software for Adding digital signatures to any document, in conformance with

More information

INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL

INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL Abstract Ryan Seifert ryanseifert@earthlink.net T. Andrew Yang Yang@UHCL.edu Division of Computing and Mathematics University of Houston - Clear Lake,

More information

Workflow Templates Library

Workflow Templates Library Workflow s Library Table of Contents Intro... 2 Active Directory... 3 Application... 5 Cisco... 7 Database... 8 Excel Automation... 9 Files and Folders... 10 FTP Tasks... 13 Incident Management... 14 Security

More information

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities

More information

IDRBT Working Paper No. 11 Authentication factors for Internet banking

IDRBT Working Paper No. 11 Authentication factors for Internet banking IDRBT Working Paper No. 11 Authentication factors for Internet banking M V N K Prasad and S Ganesh Kumar ABSTRACT The all pervasive and continued growth being provided by technology coupled with the increased

More information

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL 1 INTRODUCTION The County of Imperial Information & Technical Services (ITS) Security Policy is the foundation of the County's electronic information

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

Server Security. Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Aliases 4

Server Security. Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Aliases 4 Contents Is Rumpus Secure? 2 Use Care When Creating User Accounts 2 Managing Passwords 3 Watch Out For Aliases 4 Deploy A Firewall 5 Minimize Running Applications And Processes 5 Manage Physical Access

More information

Network Based Intrusion Detection Using Honey pot Deception

Network Based Intrusion Detection Using Honey pot Deception Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.

More information

WINDOWS AZURE EXECUTION MODELS

WINDOWS AZURE EXECUTION MODELS WINDOWS AZURE EXECUTION MODELS Windows Azure provides three different execution models for running applications: Virtual Machines, Web Sites, and Cloud Services. Each one provides a different set of services,

More information

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance Date: 07/19/2011 The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance PCI and HIPAA Compliance Defined Understand

More information

UNCLASSIFIED Version 1.0 May 2012

UNCLASSIFIED Version 1.0 May 2012 Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice

More information

Guide to Computer Forensics and Investigations, Second Edition

Guide to Computer Forensics and Investigations, Second Edition Guide to Computer Forensics and Investigations, Second Edition Chapter 4 Current Computer Forensics Tools Objectives Understand how to identify needs for computer forensics tools Evaluate the requirements

More information

Course overview. CompTIA A+ Certification (Exam 220 902) Official Study Guide (G188eng verdraft)

Course overview. CompTIA A+ Certification (Exam 220 902) Official Study Guide (G188eng verdraft) Overview This 5-day course is intended for those wishing to qualify with. A+ is a foundation-level certification designed for IT professionals with around 1 year's experience whose job role is focused

More information

ELECTRONIC SIGNATURES FACTSHEET

ELECTRONIC SIGNATURES FACTSHEET ELECTRONIC SIGNATURES FACTSHEET Electronic signatures mean that you can exchange information with others electronically and securely safe in the knowledge that everyone is who they claim to be and that

More information

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003 Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while

More information

P1050 EMPLOYEE INTERNET USE, MONITORING AND FILTERING. Idaho statute states in part the Idaho Technology Authority shall:

P1050 EMPLOYEE INTERNET USE, MONITORING AND FILTERING. Idaho statute states in part the Idaho Technology Authority shall: Idaho Technology Authority (ITA) ENTERPRISE POLICY P1000 GENERAL POLICIES Category: P1050 EMPLOYEE INTERNET USE, MONITORING AND FILTERING CONTENTS: I. Authority II. Abstract III. Definitions IV. Policy

More information

Digitally Signed Documents Ambiguities and Solutions

Digitally Signed Documents Ambiguities and Solutions Digitally Signed Documents Ambiguities and Solutions Adil Alsaid and Chris J. Mitchell Abstract Information Security Group, Royal Holloway, University of London Egham, Surrey TW20 0EX, UK. e-mail: A.Alsaid@rhul.ac.uk

More information

SecureDoc Disk Encryption Cryptographic Engine

SecureDoc Disk Encryption Cryptographic Engine SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the

More information

Chapter 8: Security Measures Test your knowledge

Chapter 8: Security Measures Test your knowledge Security Equipment Chapter 8: Security Measures Test your knowledge 1. How does biometric security differ from using password security? Biometric security is the use of human physical characteristics (such

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

Article. Electronic Notary Practices. Copyright Topaz Systems Inc. All rights reserved.

Article. Electronic Notary Practices. Copyright Topaz Systems Inc. All rights reserved. Article Electronic Notary Practices Copyright Topaz Systems Inc. All rights reserved. For Topaz Systems, Inc. trademarks and patents, visit www.topazsystems.com/legal. Table of Contents Key Features and

More information

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features MCTS Guide to Microsoft Windows 7 Chapter 7 Windows 7 Security Features Objectives Describe Windows 7 Security Improvements Use the local security policy to secure Windows 7 Enable auditing to record security

More information

Dynamic content attacks on digital signatures

Dynamic content attacks on digital signatures Dynamic content attacks on digital signatures Adil Alsaid and Chris J. Mitchell A.Alsaid@rhul.ac.uk, C.Mitchell@rhul.ac.uk Information Security Group Royal Holloway, University of London Egham, Surrey

More information

AdwareMedic. About AdwareMedic... 2. How to use AdwareMedic... 3. Frequently Asked Questions... 7. Version History... 9 License Agreement...

AdwareMedic. About AdwareMedic... 2. How to use AdwareMedic... 3. Frequently Asked Questions... 7. Version History... 9 License Agreement... AdwareMedic http://www.adwaremedic.com thomas@thesafemac.com About AdwareMedic... 2 System Requirements... 2 Limitations... 2 How to use AdwareMedic... 3 Scan for Adware... 4 Optional items... 5 Firefox

More information

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against

More information

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored

More information

Ohio Supercomputer Center

Ohio Supercomputer Center Ohio Supercomputer Center Intrusion Prevention and Detection No: Effective: OSC-12 5/21/09 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original

More information

KON-BOOT For Windows Guide http://thelead82.com http://www.kon-boot.com

KON-BOOT For Windows Guide http://thelead82.com http://www.kon-boot.com KON-BOOT For Windows Guide http://thelead82.com http://www.kon-boot.com General notes PLEASE KEEP YOUR ANTIVIRUS DISABLED WHILE EXTRACTING / BURNING / INSTALLING KON-BOOT Table of contents General notes...

More information

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn. CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

More information

October Is National Cyber Security Awareness Month!

October Is National Cyber Security Awareness Month! (0 West Virginia Executive Branch Privacy Tip October Is National Cyber Security Awareness Month! In recognition of National Cyber Security Month, we are supplying tips to keep you safe in your work life

More information

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...

More information

PCI PA - DSS. Point ipos Implementation Guide. Version 1.01. VeriFone Vx820 using the Point ipos Payment Core

PCI PA - DSS. Point ipos Implementation Guide. Version 1.01. VeriFone Vx820 using the Point ipos Payment Core PCI PA - DSS Point ipos Implementation Guide VeriFone Vx820 using the Point ipos Payment Core Version 1.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information

Understanding Digital Signature And Public Key Infrastructure

Understanding Digital Signature And Public Key Infrastructure Understanding Digital Signature And Public Key Infrastructure Overview The use of networked personnel computers (PC s) in enterprise environments and on the Internet is rapidly approaching the point where

More information

A Roadmap for personal identity management

A Roadmap for personal identity management 2010 Fifth International Conference on Systems A Roadmap for personal identity management Thomas Neubauer Vienna University of Technology Vienna, Austria neubauer@ifs.tuwien.ac.at Johannes Heurix Secure

More information

University of Kent Information Services Information Technology Security Policy

University of Kent Information Services Information Technology Security Policy University of Kent Information Services Information Technology Security Policy IS/07-08/104 (A) 1. General The University IT Security Policy (the Policy) shall be approved by the Information Systems Committee

More information

Intelligent Log Analyzer. André Restivo

Intelligent Log Analyzer. André Restivo <andre.restivo@portugalmail.pt> Intelligent Log Analyzer André Restivo 9th January 2003 Abstract Server Administrators often have to analyze server logs to find if something is wrong with their machines.

More information

B U S I N E S S G U I D E

B U S I N E S S G U I D E VeriSign Microsoft Office/Visual Basic for Applications (VBA) Code Signing Digital Certificates Realizing the Possibilities of Internet Software Distribution CONTENTS + What Is Developer Code Signing?

More information

Applying Cryptography as a Service to Mobile Applications

Applying Cryptography as a Service to Mobile Applications Applying Cryptography as a Service to Mobile Applications SESSION ID: CSV-F02 Peter Robinson Senior Engineering Manager RSA, The Security Division of EMC Introduction This presentation proposes a Cryptography

More information

User. Role. Privilege. Environment. Checkpoint. System

User. Role. Privilege. Environment. Checkpoint. System 8. Security Features Motivation Viruses, spam, trojan horses have become increasingly common in PC environment In mobile environment, new kinds of opportunities offered for malicious software Potentially

More information

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

More information

Data Security 2. Implement Network Controls

Data Security 2. Implement Network Controls UNIT 19 Data Security 2 STARTER Consider these examples of computer disasters. How could you prevent them or limit their effects? Compare answers within your group. 1 You open an email attachment which

More information

A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL

A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL Wangjian, Xu Guoai, Zhangmiao National Engineering Laboratory for Disaster Backup and Recovery, Beijing University

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information