Government. In Italiano, per favore? Ou en rançais, s il vous plait? Or in German after all? There Is no such thing as a talking car?

Transcription

1 The IT Security Report by Issue Business Security Automotive Government High Security In Italiano, per favore? Ou en rançais, s il vous plait? Or in German after all? There Is no such thing as a talking car? Fingerprints in German Embassies Two masters do not get in each other's way Role-based system offers PAX staff the web content they need in the language they speak. The web offering of an insurance company is so extensive that even the staff often have trouble navigating through the website. Insurance brokers give up after a few clicks if they do not immediately find the they need and reach for the phone to get answers to their questions from the insurance company. With the rise in electronically mapped processes, e.g. online application forms for various services, finding one s way is becoming increasingly difficult. Car-to-car communication made secure. The EU is calling for the number of road fatalities to be cut by half by This is the reason why the automotive industry is currently developing solutions to make driving safer and increase driver protection. In future, ve - hicles are to be able to exchange with one another ad hoc while on the road without requiring driver intervention. This will allow for dangers to be recognized in time, e.g. icy road conditions. In spite of new regulations, Germans living abroad can still apply for new passports at German embassies. The introduction of electronic fingerprints in passports in Germany went off without a hitch. The integration into visas is to follow soon. But what does this change mean for Germans living abroad? ZIVIT uses next-generation SINA Boxes. The Centre for Information Processing and Information Technology (ZIVIT) has relied on proven SINA technology for quite a while now. ZIVIT opted again for SINA in a new project to ensure secure data transfer. The new system must be highly failure-proof. For this reason, ZIVIT is now using the next generation of our SINA Boxes. Find more on this issue on page 3 Find more on this issue on page 8 Find more on this issue on page 9 Find more on this issue on page 14

2 EDITORIAL CONTENT In Italiano, per favore? Ou en français, s il vous 03 plait? Or in German after all? Dear Reader, back in 2005, we hosted a meeting with the press on the subject of industrial espionage together with Dr Udo Helmbrecht, President of the German Federal Office for Information Security, and security consultant Dr Otto D. Mayer. The bottom line: High Dr. Rainer Baumgart security is not the privilege of national authorities it is also indispensable for companies. Some enterprises became sensitised to this as a result and have invested in the security of their IT infrastructure. Current talks with our customers from the private sector have indicated to us that this issue has again been placed on management agendas. The number of attacks against companies grew dramatically over the past year it is open season with competitors at home and abroad on the lookout for secret research results and business strategies. The interview with Anita Brandt-Zimmermann, Head of the Department for Counter-Espionage in the Ministry of the Interior of the German State of North Rhine-Westphalia, on page 4 confirms what we know from experience. Sufficient cause for us to make the fight against industrial espionage our top priority. At the CeBIT 2008, we focus on protection against espionage attacks and present you with solutions for the security of your IT. Our co-operation with Swiss-based Visonys AG also contributes to protecting your systems against attackers. Ensure adequate security in your web portals by preventing hackers from accessing your applications in the first place with visonysairlock. We cordially invite you to our Managed Security Forum which we started in collaboration with other IT security providers. You will find the times and further on the Forum on page 7. We would like to take this opportunity to reiterate that we welcome your ideas and critical feedback. Simply send us an secuview@secunet.com Espionage Germany under attack 04 IT Security Check Whoever does not behave according to the 06 Code of Conduct gets kicked Reinforcement with pros: 07 Managed Security Forum 2008 There Is no such thing as a talking car? 08 Fingerprints in German Embassies 09 Healthy security for personal data 10 NXP has epass chips tested by secunet 11 Cryptography meets biometrics 12 Electronically stamped 13 Two masters do not get in each other's way 14 What is? Do you speak SINA? 15 Your data are secure on the road CeBIT We wish you pleasant reading. Yours faithfully Rainer Baumgart 2

3 Business Security In Italiano, per favore? Ou en français, s il vous plait? Or in German after all? Role-based system offers PAX staff the web content they need in the language they speak Continuance of page 1 PAX, the Swiss life assurance company, recognised this problem and found a solution: It commissioned secunet to integrate the Web-based single sign-on system SAM Web from Evidian. With this system, each of the insurance company's staff members or brokers can access precisely the content they need after signing on under This saves time and reduces the stress of lengthy searches on the web. In addition, users are offered the content they need in the language they want an important feature in view of Switzerland s many languages. All of this occurs via a role-based system in which all members of staff and brokers create their profiles once and receive content and forms personalised to suit them. played. They can electronically process and save the customer data directly on site. The advantage for customers: Their data is processed quickly and securely. Questions resulting from unintelligible forms no longer arise. And it is good for brokers: Data is entered directly in electronic format, which saves time they would otherwise need to type the from the form when back in the office. PAX s own staff have an addi - tional advantage: Thanks to single sign-on, they have direct online access to their web mail without having to sign on again. A further advantage, especially for Management: The solution ensures audit trail compliance. It is possible to track precisely which staff member accessed what when. This is an important step towards the automated implementation of PAX s security policy. Günther Mellinger Phone: guenther.mellinger@secunet.com Instead of carrying reams of paper about, brokers only take along their notebook with UMTS card when visiting customers. After signing on, a clear list containing precisely the and forms they need for the meeting with the customer is dis- After the log-in on each insurance broker gets personalised contents and forms and enters data electronically during the conversation. 3

4 Business Security Espionage Germany under attack Industrial and commercial espionage* are serious issues in Germany. However, many companies underestimate the danger. Ms Anita Brandt-Zimmermann, Head of the Department for Counter-Espionage in the Ministry of the Interior of the German State of North Rhine-Westphalia, answered our questions. Ms Brandt-Zimmermann, how would you rate the danger of industrial espionage in Germany? The likelihood of a company becoming the target of espion - age is high. Germany is a very attractive target due to the innovative strength of its companies and because numerous hightech corporations are located here. The geopolitical situation and the important role in the EU and NATO make Germany even more attractive as a target. Industrial spies steal know-how in order to catch up with successful industrial nations without expensive and time-consuming research. Do you think espionage will continue to be on the in - crease? Yes, we have to expect an increase, unfortunately. Re - nowned auditing companies such as Ernst & Young, KPMG or PricewaterhouseCoopers have dealt with this phenomenon for quite a while now. According to a PwC study, the volume of product piracy and industrial espionage in affected companies has been on a steady rise since This is demonstrated by, among other things, the continuously increasing number of knock-offs, counterfeits and plagiarisms which are often the result of industrial espionage. The fact that an increasing number of suspected espionage cases is reported to the counterespionage department at the There are no industries that spies are not interested in. It can hit anybody. For example, plagiarised pastries of a German baker were found in China. Office for Protection of the Constitution in North Rhine-Westphalia is yet another indication of an increase of the espionage activities. What is the resulting damage? The estimated damages amounts to up to 20 billion euros per year. What are the most frequently used methods of spies? Are there specific patterns? The IT of a company is one possibility of obtaining and therefore a preferred target of industrial espion - age. For example, it is possible to attack an unguarded notebook containing data that is not secured. The notebook of a tra - veller is borrowed for 10 minutes from the hotel room or the empty conference room and the unsecured data is accessed. Another method of obtaining consists of sending an with a Trojan in the attachment. The offenders first find out which topics are interesting to the target person. Then they send an e- mail that relates to this topic and that purports to originate from some sort of personal context. This appeals to the target person who disregards the security rules. Often, companies do not even notice they are being spied on, for instance that is being tapped. They only see that sales decrease. However, staff also becomes the target of espionage attacks in other situations. The term social engineering refers to the siphoning off of from trustful partners. The attacker creates an atmosphere of well-being with the intention of throwing his part- 4

5 Business Security ner off guard so that he disregards his normal precautions and unintentionally discloses pertinent. What are the consequences for the economy and companies in Germany? The economy must adjust to the increased threat potential and safeguard companies appropriately against attacks. Companies must always be aware of the fact that their know-how is attractive to foreign intelligence services. Maximum caution is required during stays abroad. Security/ awareness concepts should be created if that has not already been done. How can companies protect themselves? Can you tell our readers where to obtain additional? The first step to protect a company is to identify the core knowhow, i. e. the data that must be absolutely protected. Companies do not have to identify this know-how by themselves. For example, the counter-espionage department in North Rhine-Westphalia provides competent support. The department offers free and neutral consulting and assistance though specially trained staff. All is treated confidentially. In addition, companies should devise a comprehensive security concept including staff, organisational and material issues with a focus on awareness and implement this concept in their corporate identity. Reliable protection against espionage requires all staff of the company to be integrated in the planning of precautions. An online test that we offer on the website of the Office for Protection of the Constitution in North Rhine-Westphalia enables companies to assess the hazard. The test takes 5 minutes. It is performed via an encrypted line and is tap-proof. More on How secure is your company? Take the online test at the counter-espionage department of North Rhine-Westphalia: wirtschaftsspionage Commercial and industrial espionage *The terms commercial espionage and industrial espionage are often used synonymously. However, they relate to different issues: Industrial espionage relates to activities which are aimed at siphoning off corporate know-how; such activities are controlled by foreign intelligence services. The Office for Protection of the Constitution is concerned with preventing such espionage activities. However, espionage activities can also be performed by foreign or domestic private competitors. This type of eavesdropping of private competitors is referred to as commercial espionage. Police and public prosecution service are in charge of prosecution in such cases. IT Security Check 2008 IT security is only given top priority in 50 % of companies 47.8 % of IT decision-makers respond in the affirmative to the question as to whether company management has declared the issue of IT security a top priority. This is the conclusion of the secunet study IT Security Check 2008, in which 881 IT decisionmakers from various industries were surveyed in October and November This is quite remarkable since many companies today are subject to compliance or corporate governance rules. It is not rare that managing directors can be held responsible for inadequate IT security. Providers of financial services and trade seem to be aware of the problem. The values of 55.3 % and 61.0 % in these fields are above average. In industrial companies, only two in five company leaders (39.3 %) are involved in securing their IT. IT security is also on the agenda of leaders of companies with more than employees: 62.1 % take care of the issue personally. More it-sicherheitscheck on 5

6 Business Security Whoever does not behave according to the Code of Conduct gets kicked HAMBURG WASSER, a public water supply and waste water disposal company, protects Web applications for customers and staff with visonysairlock. Approximately 30,000 inhabit - ants of the City of Hamburg conveniently manage their personal data at their water supply company via the Internet by using the online service of HAMBURG WASSER, the largest municipal water supply company. Customers can view their meter readings and invoices, make direct debit authorisations and change their address data with just a few mouse clicks. This online service is secured by the Web Application Firewall (WAF) visonysairlock. Now, yet another application operates under the WAF shield: The approx. 1,700 staff of the com - pany can now securely communicate via the groupware system Lotus Notes, protected by visonysairlock. This means hard times for attackers from the Internet using methods such as cross-site scripting, SQL injection or cookie poisoning. To secure our Web application, a central, especially secure access was to be created. And we wanted to connect future systems via this access as well, says Peter Saile, Head of Systems Planning at HAMBURG WASSER. Competent consulting by secunet, the service range and the excellent references are what made the difference and convinced us in selecting visonys- Airlock. With this solution, HAMBURG WASSER opted for a highly effective approach to protect their Web applications. The concept is easy to explain: Whoever does not behave according to the Code of Conduct gets kicked or is not allowed in in the first place. This way, attackers do not even get access to security-rel - evant points of attack for compromising Web applications. For this purpose, the rules for using the offered Web contents were precisely defined. Users who observe these rules gain full access to the Web contents and services offered. Everybody else has to stay out. The Web Application Firewall operates before the Web server, thus relieving it from security tasks. This way, unauthorised queries are automatically blocked by comprehensive filters and unauthorised users are rejected by upstream authentication. The successful start of visonysairlock has paved the way for other Web applications such as Internet portals for plumbers or facility management companies, ex - plains Saile. Main functions of visonysairlock 4.1 at a glance: Secure and high-availability operation of Web applications due to prevention of attacks Multi-level filtering of all user input Upstream user authentication with secure session handling Highly secure reverse proxy with SSL termination Comprehensive logging and alerting, monitoring and reporting with the possibility of integration into management systems Reduced total costs for development, maintenance and operation of applications Project implementation: Visonys AG and secunet Security Networks AG 6

7 Business Security Reinforcement with pros: Managed Security Forum 2008 Why do it all yourself if others can do it better? Without extensive planning and regular adjustments in response to the latest requirements and threats from the Internet, not even the most expensive IT protection systems will pay off. Managed Security is a guarantee for ongoing protection against the latest attack methods. IT experts safeguard operations, mainten - ance and updates of your systems. Together with partners from the IT security sector, we will be holding a series of al events and discussions on the issue of Managed Security Services in the months to come. The forum is a cross-enterprise platform for and dis - cussion which is to contribute to the clarification and establishment of Managed Security Services. We would like to provide participants not only with theoretical knowledge but, more importantly, also with exclusive hands-on case studies. Participating companies: ComputaCenter Integralis McAfee secunet Sonicwall Symantec Unisys Verisign Verizon Dates and places April 2, 2008: Frankfurt Maritim Hotel Theodor-Heuss-Allee 3 May 7, 2008: Düsseldorf Hotel Hilton Georg-Glock-Strasse 20 Issues to be focused on: Legal Requirements & Compliance Cost-efficiency & Benchmarking Implementation and Control Strategies Benefits for Enterprise IT Enterprise IT and Security Service Providers as Partners Contracts for Areas of Responsibility and Competence, SLAs, OLAs May 29, 2008: Hamburg Hotel Lindtner Heimfelder Strasse 123 June 16, 2008: Munich Airport Marriott Hotel Alois-Steinecker-Strasse 20 More on For detailed on the individual presentations and to register, please visit Events +++ Important dates +++ Events +++ CeBIT Hannover March 4-9, 2008 RSA Conference San Francisco April 7-11, 2008 Security Document World London April 22-23, 2008 AFCEA Bonn May 7-8, th Annual Congress: Software in Automobiles Stuttgart June 2-3, 2008 VÖB-Service Congress Frankfurt am Main June 2-3, 2008 SINA User Day Bonn June 3-4, 2008 TranSec World Expo Amsterdam June 11-12, 2008 D A CH Security Berlin June 24-25,

8 Automotive There is no such thing as a talking car? Car-to-car communication made secure Dr. Marc Lindlbauer Phone: marc.lindlbauer@secunet.com Continuance of page 1 This is referred to as Local Danger Warning, and requires an open communication interface to the vehicle which is on continuous communication stand-by. As part of the World Wide Web, the in-vehicle network is also a potential target for Internet threats such as viruses, worms and Trojans as well as DoS (Denial of Service) and buffer overflow attacks. The security challenges involved in setting up open Internet access in the ve - hicle have a variety of parallels to those in conventional computer networks. secunet has developed two methods which provide effective protection against known Internet attacks. Both methods are based on the principle of recognising possible attacks on site in the vehicle and neutralising their impact by means of appropriate protection measures in the vehicle: Secure Communication Unit The Secure Communication Unit (SCU) is a method to ensure availability of the communication channels from and to the vehicle. In the event that the communication interface of the vehicle is attacked, the SCU ensures that the remaining vehicle applications can continue to run securely. This means, for example, that in the case of a DoS attack, the overload is detected and the SCU terminates the connection. The master Internet application, such as a browser, remains unaffected and does not crash as a result of the DoS attack. Finally, the SCU re-establishes the connection so that it is possible to run the vehicle application again. secunet Protection Unit There is a second danger which looms in the form of data which gets access via the Internet connection and which may contain manipulated or malicious code. The secunet Protection Unit (PU) rounds off the protection mechan - isms of the SCU at application level. The main tasks of a PU are to ensure integrity and protect against manipulation: Ensuring integrity refers to monitoring the runtime environment of a control unit and the static program memory with regard to the origin of existing and incoming data. Manipulation protection refers to monitoring unauthorised changes to the program code or the data. If the monitoring logic detects behaviour which deviates from the specifications, appropriate measures are initiated, e.g. denial of access or initialisation of emergency run properties. In co-operation with a supplier, a PC-based proof of concept of the SCU was presented at this year's IAA. Porting to an embedded chip is a subsequent step planned for In the final version, the SCU will be available as a separate micro-controller or as an extension to such a controller. The next issue of secuview will provide you with further on the Secure Communication Unit 8

9 Government Fingerprints in German Embassies In spite of new regulations, Germans living abroad can still apply for new passports at German embassies Continuance of page 1 Just like all other Germans, they need a new passport every ten years. Prior to the introduction of biometric features, they simply handed in their passport photos at the embassies which were then mailed to Germany along with the signed applications. For the staff at the embassies, this was a quick and easy process. Most of the work i. e. creating the passport was done in Germany. This changed with the introduction of biometric features. Today, an employee at the embassy first has to check the passport photograph for its biometric suitability and then take fingerprints of two fingers of the applicant for a passport and all ten fingers for visas. Speed and reliability were not the only requirements concerning the biometric solution it had to be Linux-compatible since the German Federal Foreign Office had migrated its entire IT to this Open Source operating system a number of years ago. In biomiddle addition, flexibility was a major concern in the selection of the solution. The components, such as fingerprint scanners or passport readers, should be replaceable without having to change the entire system. Therefore, the German Federal Foreign Office opted for secunet's biomiddle. This biometric middleware runs under Linux and can be easily reconfigured when devices need to be replaced. In addition, only a single scanner is needed which scans two or ten fingers, as required. Another challenge: The electronic fingerprints for visas are stored in ANSI/NIST format, but coded in data groups for passports. No problem for our solution which ensures that all these processes can run on a single workplace. Therefore, the extra time that goes along with the extra work for the staff at the embassies can be kept to a mini - mum. The sensitive data is then transferred to Germany highly encrypted with SINA, another secunet solution. Marco Breitenstein Phone: marco.breitenstein@secunet.com 9

10 Government Healthy security for personal data The secunet network connector protects the network of providers of medical services and the transfer of patient data Gregor Boeckeler Phone: The largest healthcare project in Europe involves an impressive number of stakeholders: 80 million persons with health insurance, pharmacies, physicians, 65,000 dentists, hospitals and approx. 270 health insurance companies. The objective of the project is the introduction of the electronic health card in Germany. Of course, meticulous planning with numerous test runs and a long time to final implementation are absolutely indispensable for a project of this magnitude. For the preparations to be co - ordinated by a central organisation, the gematik gmbh was founded, a company for telematics applications for the electronic health card. Its task is to ensure the introduction, maintenance and further development of the health card, the electronic prescription and other telematics applications such as the electronic patient file. Data protection and security are key issues in the project. The personal data of the patients must be protected in a reliable way in particular during the electronic transfer between the parties involved. For connection to the healthcare telematics network, physicians practices, pharmacies and others therefore need a connector. This connector consists of various components: the application connector software, a hardware platform and the network connector software. The latter protects the application connector software and the network of the medical service providers from attacks and ensures secure Internet connections, i. e. it is the basis of maximum security. The secunet network connector protects the connection between the various participants so that the personal data can be transmitted in a secure way. Developed on the basis of our highsecurity solution SINA, it has already passed the gematik function test for the offline field tests and successfully overcome the first obstacle for field tests. Certification according to Common Criteria as required by gematik is currently in progress. Leading suppliers of the connector, among them Siemens, already rely on our technology. 10

11 Government NXP has epass chips tested by secunet Chip manufacturer relies on the competency of the laboratory approved by the German Federal Office for Information Security In the last issue of secuview, we introduced our test laboratory for electronic passports. We test electronic passports and their components for compliance with worldwide standards according to the technical directives of the German Federal Office for Information Security BSI. Our laboratory was the first test centre in Germany to be approved by the BSI for tests according to layers 6 and 7. In the meantime, numerous passport manufacturers from all over the world have made use of our offer and had their components for electronic passports tested by our specialists. Just like NXP, a leading manufacturer of chip solutions for electronic passports. In order to test their compliance with national and international requirements for electronic travel documents, NXP commissioned our certification office for IT compliance. Testing was conducted according to the Technical Guideline of the German Federal Office for Information Security BSI TR Part 3. These tests ensure that the data stored on the electronic passport chip are interoperably readable world-wide and that the mechanisms for protection of the data on the chip are correctly implemented. Matthias Niesing Phone: matthias.niesing@secunet.com The advantage of the secunet network connector: The SINA technology which serves as its basis has successfully been used for years by public authorities. SINA has been approved by the German Federal Office for Information Security for the transfer of classified documents up the level Top Secret, i. e. its reliability and security has been certified by a public authority. In addition, our solution is interoperable. It can communicate with VPN solutions (concentrators) of various manufacturers. First tests in different regions of Germany have been successful. Further tests are to follow until the health card project is implemented in all of Germany. 11

12 Government Cryptography meets biometrics Research project for acquisition of keys from fingerprints Marco Breitenstein Phone: Biometric features such as fingerprints, iris patterns or electronic pictures of faces are increasingly used as secure identification technologies in a variety of application areas. When biometric methods are used, it is essential to ensure the protection of the personal features. How can this be effectively protected from unauthorised access and misuse? To find convincing answers to this question, the German Fed - eral Office for Information Security BSI initiated the BioKeyS re - search project. This project is part of the research programme of the BSI which was started within the framework of the Innovation Initiative of the German Federal Government and which allows the public and the private sector to implement jointly funded technology projects. Together with the BSI, our experts are now examining whether it is possible to combine the benefits of biometrics and proven cryptographic processes. The objective is to use biometric data as cryptographic keys without saving these keys themselves. This means: An algorithm generates a key from, for example, a person's fingerprints which is used to encode data, s, etc. This way, only the owner of the fingerprints can access the since decoding again requires a key generated from the fingerprints. To ensure reliable protection, strong keys must be used which cannot be broken. Since a single fingerprint does not provide a sufficient amount of for such strong keys, secunet and the project partners rely on multi-biometrics. This means that, for instance, all fingerprints of a hand are taken. These provide sufficient individual to generate strong cryptographic keys. The advantage of this new development: Solutions which require neither the biometric data nor the cryptographic key to be stored are breaking new ground for applications in the public and private sector which are compliant with data protection legislation. With the BioKeyS research pro - ject, secunet and the BSI are investing in tomorrow's techno l - ogy. The combination of multibiometrics and cryptography serves as the innovative basis for future applications made by secunet. 12

13 Government Electronically stamped secunet multisign TSP responder helps Deutsche Rentenversicherung DRV (German Pension Fund) in electronic long-term archiving If you were to place all the documents from the archives of the German Pension Fund end to end, how often would you cover the distance from Earth to Mars? Quite often, probably. Instead of finding the actual answer, we would rather contribute to minimising the flood of paper-based documents in the archives of the DRV and other social insurance carriers. A time stamping service based on the secunet multisign TSP responder is a part of the Trust Centre which the DRV has operated since the end of 2005 and in whose implementation secunet played a major role. This service has now been migrated to up-todate crypto-algorithms together with the other components. The time stamps are required for conclusive long-term archiving of electronic documents according to the ArchiSig concept. This way, paper files, incoming letters and other paper documents can be scanned and stored in electronic archives. The time stamp confirms the integrity of each document at a given time and ensures that it is conclusive. The secunet multisign TSP responder is compliant with the Signature Act; archiving of the original, paper-based document is therefore no longer required. This not only saves space in the archives, but also processing time. Since our time stamping service already uses the RSA-2048 and SHA-256 algorithms, conclusiveness of the electronic files according to the specifications of the German Federal Office for Information Security and the Federal Network Agency is ensured until at least The Trust Centre of the DRV grants all social insurance car - riers and other public institutions in Germany access to the central time stamping service. The offer is in great demand: Users currently include DRV Bund, DRV Rhineland, DRV Berlin-Brandenburg, the Association of Indus - trial Workers in the Metal Industry and the Association of Agricultural Pension Funds. Other authorities are waiting in the wings, ready to get rid of the flood of paper-based documents in their offices. Frank Rustemeyer Phone: frank.rustemeyer@secunet.com 13

14 High Security Two masters do not get in each other's way ZIVIT uses next-generation SINA Boxes Dirk Mangelmann Phone: Continuance of page 1 These boxes feature a new Hot Stand-By System (HSB) which dramatically reduces downtimes by decreasing the switch-over times. How is this achieved? In the old master-slave system (active passive), the master operates while the slave is inactive. The latter does not become active until operation is requested; it takes a while until the slave reaches full performance. In large infrastructures, these wake-up times (so-called switch-over times) may add up. The new HSB system has further minimised the wake-up times by using two masters (active active) with each of them having the current session data available. In cases of emergency, no. 2 can take over the job of the failed box no. 1 within seconds. And no. 2 works as the master (active) from now on while no. 1 operates in stand-by mode, i. e. there is no jump back from slave to master as before. The new system completely does away with this down time caused by the jump back. With the application at ZIVIT, our new SINA Box has successfully passed its first field test outside of our test laboratory; it will officially ship approx. from the middle of the year on. What is the SINA Box 1000? The SINA Box 1000 is our racer. It encrypts from 0 to 1,200 MBits in just a second. What this means for you: Greater engine power and a considerably smaller and lighter chassis, but the same security for the data occupants. The silver metallic paint makes it the must-have of the season. Arrange your test ride today. 14

15 High Security Do you speak SINA? SINA User Day 2008 in Bonn You work with our SINA highsecurity solution every day? Then you have surely heard of our SINA User Day. This year we would like to invite you to a new location, the Beethoven Hall in Bonn, on 3 and 4 June where you will have the opportunity to exchange ideas with other users. Of course, our experts will again be presenting more exciting new subjects and case studies. The programme is identical both days so that you can choose the time that suits you best. Is there anything that you as a user are particularly interested in? Please let us know. We would be pleased to introduce your topic within the scope of a podium discussion. As a SINA user, you can register now for this event. Simply send an with your details and the time you prefer to events@secunet.com. Would you like to become a member of the SINA community? It's easy get in touch and we will send you further infor - mation. Dirk Mangelmann Phone: dirk.mangelmann@secunet.com Your data are secure on the road The SINA Access Client extends the mobile SINA line Good news for mobile Windows users: The SINA Access Client is the ideal extension of existing mobile SINA clients (SINA Virtual Desktop and SINA Virtual Workstation). It makes the SINA technology and a universal Windows VPN client compatible. This enables mobile users to access their familiar work environments in a secure way via insecure Internet connections. The data connection is secured on the basis of the IPsec standard. Data is transferred via landline, public radio networks, LANs, Internet or wireless LANs at the company site or at hotspots, independent of the media type. The SINA Access Client is easy to install on a Windows operating system (Win 32/64). It sets up a secure connection to a SINA Box from the Windows environment which, in the case of successful authentication, permits access to the data networks. The participants communicate exclusively via the secure connection so that the workplace is protected from unwanted attacks from the Internet. Stefan Albers Phone: stefan.albers@secunet.com 15

16 March 4-9 Hall 6, stand J 36 CeBIT 2008 You may know our consultants only from phone calls. Would you like to meet with them in person? Or you may need to talk with them but cannot seem to find a suitable time? Then please take note of 4 to 9 March 2008, where you will find us in Hanover at the CeBIT. biomiddle Not only the German Federal Foreign Office uses our biometric middleware. secunet biomiddle is also in demand internationally. We will again be presenting our latest trends in IT security in hall 6, stand J36. This year we are concentrating on the following: Now there is also an industry version of our high-security solution. Top security for confidential data such as research results. Our solution suite is growing steadily. You can keep your confidential data with you at all times with the SINA Mobile Disk, an encrypted hard disk. safe surfer Managed Security Services We make surfing from the workstation convenient. The German Federal Chancellery is already successfully using our solution. Would you rather entrust the security of your network systems to professionals? No problem for us. We have two partners at our stand this year: Visonys AG Visonys AG is a globally leading Swiss manufacturer of standard IT security products. Their solutions protect web applications against attacks, increase their availability and reduce operating costs. Today, leading companies world-wide from all industries as well as nine in ten Swiss banks protect their web applications with Visonys. The company won the Swiss Technology Award for its web application firewall visonysairlock in on Visonys, visit ewitness s. a. ewitness s.a. offers a globally unique notarial certification service: Notaries public can now precisely log companies' electronic transactions, e.g. and FTP transfers, and authenticate the transactions with qualified digital signatures and time stamps. This rules out any subsequent manipulation of the transmitted data and allows electronic transactions to be proven compliant at notarial level. The ewitness system is suitable for companies in a variety of fields including credit services, assets management and the provision of power and water. But other companies, especially mid-sized ones, stand to benefit considerably from the degree of document security at notarial level achieved with ewitness. The technology has been in successful use in Europe since IMPRINT Editor: secunet Security Networks AG Kronprinzenstraße Essen - Germany Telephone: Responsible for the content: Marketing/Communications marketing@secunet.com Chief Editor: ines.kruse@secunet.com Design: Chromedia West GmbH Copyright: secunet Security Networks AG. All rights reserved. All contents and structures are copyright protected. All and any use not expressly permitted by copyright law requires prior written permission. 16