Securing the E-Health Cloud

A Note on the Security in the Card Management System of the German E-Health Card

A Note on the Security in the Card Management System of the German E-Health Card Marcel Winandy (Ruhr-University Bochum) 3rd International ICST Conference on Electronic Healthcare for the 21st Century

Uni-directional Trusted Path: Transaction Confirmation on Just One Device

Uni-directional Trusted Path: Transaction Confirmation on Just One Device Atanas Filyanov 1, Jonathan M. McCune 2, Ahmad-Reza Sadeghi 3, Marcel Winandy 1 1 Ruhr-University Bochum, Germany 2 Carnegie Mellon

Patterns for Secure Boot and Secure Storage in Computer Systems

Patterns for Secure Boot and Secure Storage in Computer Systems Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {hans.loehr,ahmad.sadeghi,marcel.winandy}@trust.rub.de

AN ENHANCED ATTRIBUTE BASED ENCRYPTION WITH MULTI PARTIES ACCESS IN CLOUD AREA

Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 1, January 2014,

Security Requirements of a Trusted Virtual Domain (TVD)

Trusted Virtual Domains Design, Implementation and Lessons Learned Luigi Catuogno 1, Alexandra Dmitrienko 1, Konrad Eriksson 2, Dirk Kuhlmann 3, Gianluca Ramunno 4, Ahmad-Reza Sadeghi 1, Steffen Schulz

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

Global eid Developments Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Agenda Country View on eid initiatives Trustworthy Identity Scenarios Microsoft eid update Summary

A SECURITY ARCHITECTURE FOR ACCESSING HEALTH RECORDS ON MOBILE PHONES

A SECURITY ARCHITECTURE FOR ACCESSING HEALTH RECORDS ON MOBILE PHONES Alexandra Dmitrienko, Zecir Hadzic, Hans Löhr and Marcel Winandy Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany

Property Based TPM Virtualization

Property Based Virtualization Marcel Winandy Joint work with: Ahmad Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security Chair for System Security Ruhr University Bochum, Germany Sirrix

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH

PRISMACLOUD Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH FOC2015 Vienna / 17.06.2015 Challenges for Future ICT Systems Cloud computing

Security Issues in Cloud Computing

Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

Security and Privacy Issues and Requirements for Healthcare Cloud Computing

ICT Innovations 2012 Web Proceedings ISSN 1857-7288 143 Security and Privacy Issues and Requirements for Healthcare Cloud Computing Goce Gavrilov 1, Vladimir Trajkovik 2 1 Health Insurance Fund of Macedonia,

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

An Overview of Information Security Frameworks Presented to TIF September 25, 2013 What is a framework? A framework helps define an approach to implementing, maintaining, monitoring, and improving information

The Porticor Virtual Private Data solution includes two or three major components:

Architecture The Porticor solution offers a rich variety of cloud encryption capabilities. Your project s needs and characteristics will determine the right choices for your application. The Porticor Virtual

Start building a trusted environment now... (before it s too late) IT Decision Makers

YOU CAN T got HAP Start building a trusted environment now... IT Decision Makers (before it s too late) HAP reference implementations and commercial solutions are available now in the HAP Developer Kit.

Managing Enterprise Devices and Apps using System Center Configuration Manager

Course 20696B: Managing Enterprise Devices and Apps using System Center Configuration Manager Course Details Course Outline Module 1: Managing Desktops and Devices in the Enterprise This module explains

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Perspectives on Cloud Computing and Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory Standardization and Cloud Computing Cloud computing is a convergence of many technologies Some

Taking a Data-Centric Approach to Security in the Cloud

Taking a Data-Centric Approach to Security in the Cloud Bob West Chief Trust Officer CipherCloud 2014 CipherCloud All rights reserved 1 Taking a Data-Centric Approach to Cloud Data Protection Bob West

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

EESTEL White Paper October 29, 2014 Apple iphone 6, Apple Pay, What else? On 2014, September 9 th, Apple has launched three major products: iphone 6, Apple Watch and Apple Pay. On October 17 th, Apple

Overview. The world's first Telekom enterprise PUblic CLOUD with data security and privacy under German law

OPEN TELEKOM CLOUD Open TELEKOM CLOUD Overview Open Telekom Cloud is an OpenStack-based Infrastructure as a s (IaaS) designed for web- and application-services New public cloud services, perfect for all

Digital Rights Management Demonstrator

Digital Rights Management Demonstrator Requirements, Analysis, and Design Authors: Andre Osterhues, Marko Wolf Institute: Ruhr-University Bochum Date: March 2, 2007 Abstract: This document describes a

Cloud Security Introduction and Overview

Introduction and Overview Klaus Gribi Senior Security Consultant [email protected] May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

Windows Phone 8 Security Overview

Windows Phone 8 Security Overview This white paper is part of a series of technical papers designed to help IT professionals evaluate Windows Phone 8 and understand how it can play a role in their organizations.

BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective

BYOzzzz: Focusing on the Unsolved Challenges of Mobility, An Industry Perspective Kit Colbert CTO, End-User Computing 2014 VMware Inc. All rights reserved. VMware: Addressing the Market From Data Center

Using BitLocker As Part Of A Customer Data Protection Program: Part 1

Using BitLocker As Part Of A Customer Data Protection Program: Part 1 Tech Tip by Philip Cox Source: searchsecuritychannel.com As an information security consultant, one of my jobs is to help my clients

Brainloop Cloud Security

Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

Information Security Officer Job Code: 2534 Serve as the information security officer for the University. Develop and computer security system standards, policies, and procedures. Serve as technical team

Malicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities

Chapter 6: Fundamental Cloud Security

Chapter 6: Fundamental Cloud Security Nora Almezeini MIS Department, CBA, KSU From Cloud Computing by Thomas Erl, Zaigham Mahmood, and Ricardo Puttini(ISBN: 0133387526) Copyright 2013 Arcitura Education,

HEC Security & Compliance

HEC Security & Compliance SAP Security, Risk & Compliance Office November, 2014 Public Version 2.0 Details Introduction Overview Security Offering Approach Certifications Introduction Dear Customer, Information

涉 密 网 络 中 的 数 据 保 护 技 术

第 42 卷 第 1 期 电 子 科 技 大 学 学 报 Vol.42 No.1 2013 年 1 月 Journal of University of Electronic Science and Technology of China Jan. 2013 Data Protection Technology in Classified Networks CHEN Xun, HAN Zhen, and

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management

How To Secure Cloud Computing

A hole in the cloud: Is cloud secure? N. Vijaykumar Infosys Technologies Limited, Bangalore presented at Security in cloud is a key challenge! 70% 60% 50% 40% 30% 20% 10% 0% Data integrity tampering Hacker

The True Story of Data-At-Rest Encryption & the Cloud

The True Story of Data-At-Rest Encryption & the Cloud by Karen Scarfone Principal Consultant Scarfone Cybersecurity Sponsored by www.firehost.com (US) +1 844 682 2859 (UK) +44 800 500 3167 twitter.com/firehost

Virginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101

Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro

Tufts University. Department of Computer Science. COMP 116 Introduction to Computer Security Fall 2014 Final Project. Guocui Gao Guocui.gao@tufts.

Tufts University Department of Computer Science COMP 116 Introduction to Computer Security Fall 2014 Final Project Investigating Security Issues in Cloud Computing Guocui Gao [email protected] Mentor:

Cloud Computing Security Considerations

Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

Security Issues On Cloud Computing

Security Issues On Cloud Computing Pratibha Tripathi #1, Mohammad Suaib #2 1 M.Tech(CSE), Second year 2 Research Guide # Department of Computer Science and Engineering Abstract Integral University, Lucknow

Enterprise Data Protection

PGP White Paper June 2007 Enterprise Data Protection Version 1.0 PGP White Paper Enterprise Data Protection 2 Table of Contents EXECUTIVE SUMMARY...3 PROTECTING DATA EVERYWHERE IT GOES...4 THE EVOLUTION

REMOTE ASSISTANCE SOLUTIONS Private Server

REMOTE ASSISTANCE SOLUTIONS Private Server UBIQUITY components Control Center: client on the remote assistance PC Ubiquity Runtime: software installed on the remote device Ubiquity Server Infrastructure:

managing the risks of virtualization

managing the risks of virtualization Chris Wraight CA Technologies 28 February 2011 Session Number 8951 abstract Virtualization opens the door to a world of opportunities and well managed virtualization

What is the Right Security Solution for Mobile Computing? #RSAC

SESSION ID: SPO1-T09 Trust in Mobile Enterprise Have We Lost the Game? MODERATOR: Prof. Dr. Norbert Pohlmann Professor Computer Science Department for Information Security, Director of the Institute for

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

Federal CIO Council Information Security and Identity Management Committee (ISIMC) Guidelines for the Secure Use of Cloud Computing by Federal Departments and Agencies DRAFT V0.41 Earl Crane, CISSP, CISM

Thales e-security Key Isolation for Enterprises and Managed Service Providers

Thales e-security Key Isolation for Enterprises and Managed Service Providers Technical White Paper May 2015 Contents 1. Introduction 1. Introduction... 2 2. Business Models.... 3 3. Security World...

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc. [email protected]

Secure Multi Tenancy In the Cloud Boris Strongin VP Engineering and Co-founder, Hytrust Inc. [email protected] At-a-Glance Trends Do MORE with LESS Increased Insider Threat Increasing IT spend on cloud

Securing the Access to Electronic Health Records on Mobile Phones

Securing the Access to Electronic Health Records on Mobile Phones Alexandra Dmitrienko 1, Zecir Hadzic 1, Hans Löhr 1, Ahmad-Reza Sadeghi 2, and Marcel Winandy 1 1 Horst Görtz Institute for IT-Security

Patient Records: Challenges for and Approaches to Safety and Security

Patient Records: Challenges for and Approaches to Safety and Security Klaus Pommerening IMBEI, Universitätsmedizin Mainz ehealth Workshop, London, 16 June 2011 5 Challenges of ehealth for the Next Years

Longmai Mobile PKI Solution

Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2

Security Model for VM in Cloud

Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,

A Secure Autonomous Document Architecture for Enterprise Digital Right Management

A Secure Autonomous Document Architecture for Enterprise Digital Right Management Manuel Munier LIUPPA Université de Pau et des Pays de l Adour Mont de Marsan, France [email protected] SITIS 2011

UNCLASSIFIED Version 1.0 May 2012

Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice

Solutions as a Service N.Konstantinidis Technical Director - MNG

Med Nautilus Greece Connected World April 10, 2014 Solutions as a Service N.Konstantinidis Technical Director - MNG MedNautilus Greece Solutions as a Service 2014 SINCE 2002 Data Center Physical Colocation

Cloud Computing Security Audit

Cloud Computing Security Audit Teddy Sukardi [email protected] Indonesia IT Consultant Association IKTII Chairman Agenda The data center and the cloud Concerns with cloud implementation The role of cloud

Securing Cloud Computing by GED-i

Securing Cloud Computing by GED-i General Most IT professionals estimate that the cloud computing environment will dominate the deployment and usage of the IT and storage environment in the near future.

Configuring your deployment with

An Abbott Company Relying on IT to handle upgrades and resolve issues is smart. Configuring your deployment with STARLIMS secure, cost-effective cloud technology IS SMARTER. STARLIMS.COM CREATING SMARTER

Integrating the Healthcare Enterprise (IHE): Enable Seamless and Secure Access to Health Information. IHE Europe Peter Mildenberger (User Co Chair)

Integrating the Healthcare Enterprise (IHE): Enable Seamless and Secure Access to Health Information IHE Europe Peter Mildenberger (User Co Chair) Real World (outside Healthcare) Use Cases in Healthcare

Check Point and Security Best Practices. December 2013 Presented by David Rawle

Check Point and Security Best Practices December 2013 Presented by David Rawle Housekeeping o Mobiles on Silent o No File Alarms planned o Fire exits are in front and behind and down the stairs o Downstairs

Course Outline. Managing Enterprise Devices and Apps using System Center Configuration ManagerCourse 20696B: 5 days Instructor Led

Managing Enterprise Devices and Apps using System Center Configuration ManagerCourse 20696B: 5 days Instructor Led About this Course Get expert instruction and hands-on practice configuring and managing

Entrust IdentityGuard

+1-888-437-9783 [email protected] IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's

Cloud security architecture

ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide

Securing Data on Portable Media. www.roxio.com

Securing Data on Portable Media www.roxio.com Contents 2 Contents 3 Introduction 4 1 The Importance of Data Security 5 2 Roxio Secure 5 Security Means Strong Encryption 6 Policy Control of Encryption 7

Securing Virtual Applications and Servers

White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating

EXIN Cloud Computing Foundation

Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing

Cloud Security Fails & How the SDLC could (not?) have prevented them

Cloud Security Fails & How the SDLC could (not?) have prevented them CSA CEE Summit 2015, Ljubjana By Christopher Scheuring, ERNW Germany #2 /whoami Christopher Scheuring Security Analyst @ ERNW Since

That Point of Sale is a PoS

SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach

Advanced Authentication

Architecture Overview Authasas Advanced Authentication Strong Authenticating to Novell edirectory using Domain Services for Windows November, 2011 Authasas Advanced Authentication Asterweg 19D12 1031 HL

Securing the Cloud Infrastructure

EXECUTIVE STRATEGY BRIEF Microsoft recognizes that security and privacy protections are essential to building the necessary customer trust for cloud computing to reach its full potential. This strategy

Course MS20696A Managing Enterprise Devices and Apps using System Center Configuration Manager

3 Riverchase Office Plaza Hoover, Alabama 35244 Phone: 205.989.4944 Fax: 855.317.2187 E-Mail: [email protected] Web: www.discoveritt.com Course MS20696A Managing Enterprise Devices and Apps using

Private Cloud for Every Organization

white paper Private Cloud for Every Organization Leveraging the community cloud As more organizations today seek to gain benefit from the flexibility and scalability of cloud environments, many struggle