3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company
|
|
- Gyles Day
- 8 years ago
- Views:
Transcription
1 3M Cogent, Inc. White Paper Beyond Wiegand: Access Control in the 21st Century a 3M Company
2 Unprecedented security features & capabilities Why Wiegand? The Problem with Wiegand In 1970, John Wiegand invented a wire that could quickly Wiegand is plain text. Wiegand data is not encrypted and switch its magnetic polarity when exposed to the magnetic follows a simple and well-known format, making it very easy information on wires embedded in a card and then accurately to copy. transmit this information electrically as a series of on and off signals through the wire to an electronic sensor. In a Wiegand system, the key is not the card, but the binary number magnetically written on the card and transmitted through the Wiegand reader and wires as a series of 0 s and 1 s. Attached to the other end of the Wiegand reader was a control device, which could check the number against authorized numerical keys for that door. In the 1970 s and 1980 s, this was the hottest technology in In the first decade of the 21st To better understand this, take out century, physical security your smart phone. You are holding technology, like other technologies, in the palm of your hand more has advanced at blinding speed. technology, more capabilities, more Physical access control, digital software, more memory, and more surveillance, building automation, computing power than the guidance and intrusion alarms now offer computers that sent Apollo 11 to the unprecedented features and moon and back in capabilities in security. 1 Contemporary access readers can In other words, if access control boast the same level of technological technology in the 20th century sophistication. The modern access was about opening doors, it means reader outpaces the average 1970 s something different in the 21st access reader in much the same way century. It means intelligent, as your smart phone surpasses the secure, and scalable biometric rotary phone. readers and data networks as well as open software platforms that can accommodate any number of business applications and changes in standards. However, the typical physical access reader, which is overflowing with impressive computing power, is still tethered to a technology the Wiegand interface that hasn t But despite this, most 21st century changed since the Apollo 11 went access control systems are still to the moon. wired into old technology. The Apollo Guidance Computers (AGC), years ahead of their time, boasted 12K read-only memory, 1K RAM, clocked in at 1 MhZ, and could perform 11 instructions simultaneously. Needless to say, a $20 cellphone handily beats the AGC in computing power. 1 access control. However by the late 1980 s, Wiegand reader technology had been replaced by better and more secure proximity readers such as encrypted credentials, smart cards, Radio Frequency Identification (RFID), and biometrics; all of which crowded out the older Wiegand reader technology. Yet the new technologies were still hard-wired into the old Wiegand communications rather than more sophisticated and secure data communications. The reason for this is that the Wiegand wiring was already installed in most people s walls and the majority of access readers still sent data upstream through the Wiegand interface. This is a mistake that has had economic impact in the security and usability of access control systems. Wiegand is easily intercepted. Wiegand IDs read from a Wiegand connection can be easily reproduced and replayed. Wiegand only uses one-way communication. Mutual authentication a cryptographic handshake never occurs between the reader and the access control system. As far as the control system is concerned, any Wiegand ID coming through the Wiegand wires must be from the reader. In the most simplified sense, the technology of secure access control relies on one or more basic components: What you have for instance, a key, a smart card, or a token. What you know as when you use a password or Personal Identification Number. What you are your unique biological characteristics that can be measured and compared, such as fingerprints, facial characteristics, or other biometric information. Technological innovations in access security reader systems over the decades have been designed to lock down the security of these three access control components. (continues on following page...)
3 For example, the latest Personal Identification These technologies make it nearly impossible for Verification (PIV) devices require the following: unauthorized people to hijack, copy, or use any combination Users must present a card that has been issued after they have been checked against an FBI database search. Each card must include encrypted data about the user such as PIN, PKI certification, and biometric information. Users must present the card to the device, input a PIN, and present one or two live fingerprints. The reader must be able to verify the card, match of these components in order to gain access to controlled areas unless the readers are wired into a legacy Wiegand system. When a smart card or biometric reader is wired to a Wiegand interface as most of them are then no matter what the input or how formidable the encryption, the reader will generate an open-format, unencrypted Wiegand ID from the match and send the old Wiegand ID to a controller. In other words, at the credential level, the reader can the fingerprint, and verify access with a Certifying function at the highest, most customizable, and most bullet- Authority. proof security level the technology permits. But once the reader starts communicating with the controller, the technology reverts to the most insecure, least adaptable, and most easily stolen and copied format possible. Wiegand Lives in a Gecko World At the 2007 Defcon 15 Hacker Conference, a local Bluetooth device, thus compromising biometric security hacker unveiled an easily and cheaply devices that do not use access cards. A mobile phone constructed device called the Gecko. This device enabled Gecko allows an attacker to control access required less than $10 worth of parts and 12 hours of systems from anywhere in the world through a cell labor. The Gecko was created and easily wired to the phone or any other cellular device, such as a tablet Wiegand through a card reader. Once connected, the computer. device recorded the unencrypted identification data transmitted through the wires. Using a magnetic stripe replay card, the hacker then signaled the Gecko device to replay the recorded data back into the Wiegand wires so the controller erroneously opened the door 2. Over the years, the Gecko has gained a number of terrifying new capabilities. A newer version of the Gecko includes a flash chip that allows the device to record data from multiple access cards for future download. A Bluetooth-enabled Gecko allows the attacker to access and replay reader data through any Zac Franken, a DefCon staffer, created a hacking device named Gecko at the conference in His presentation exposed the vulnerability of electromagnetic coupling, also known as Wiegand, involving security access control systems. ( 2 With such simple advances, the Gecko has ushered in the possibility that stolen Wiegand IDs may be traded on the Internet black market in the same way as stolen credit card information.
4 Alternatives to Wiegand The issues discussed above can be seen as the true cost of intelligent reader must provide a correct password for that legacy Wiegand systems. The system turns all readers, no challenge for the transmission to be accepted as valid. matter how intelligent, versatile, and secure, into dumb readers that are potentially no more secure than readers from forty years ago. So what is the impact if we dispose of the legacy Wiegand This means: a hacker cannot replay data from some other device and fool the controller or system. :: One Time Passcodes wires? The more advanced data lines such as ethernet, A One-Time Passcode validates a transmission between intelligent readers and access control systems deploy readers and controllers, but for one and only one transaction. technologies that are nearly impregnable to hacking or A new passcode is required for the next transmission or circumvention. This is detailed below: transaction the old one is obsolete as soon as it is used. :: Ethernet encryption This means: a hacker cannot record a passcode and replay Using intricate algorithms, readers and other devices can encrypt the data they transmit through the network and it to fool a controller or other device in the access control system. render the transmission unintelligible to anything but the By being connected to more advanced data lines, intelligent receiving device. readers also offer the promise of developing custom This means: a hacker cannot gain any meaningful information from the data transmitted by a reader over the Ethernet data line. :: Challenge-response protocols When a reader transmits data to a controller or other device, the reader can be authenticated through a challenge code the applications at the reader through software development kits (SDKs) and application programming interfaces (APIs). Therefore, integrators and customers can add, remove, Beyond Wiegand replace, or modify a reader s security functions without In access control, the concepts of intelligence sacrificing the security of the system. Most importantly, and security should apply to more than just the reader can adapt to evolving access control security readers and technologies so they encompass standards and improvements in technology. device connections and transmissions as well. To begin this process, the catalyst must come from new, more advanced and intelligent readers that exploit the full security potential of ethernet data connections. An example of this next generation of versatile, intelligent readers is 3M Cogent s Make It Yours (MiY) products, a complete line Connections between devices using Wiegand or of sophisticated and customizable multi-factor similar connections, such as RS232, are simply biometric access control terminals. unintelligent electrical connections. Data network connections, such as ethernet, are logical and intelligent connections. Thus, the same high level of security that is built into smart cards, biometrics, and access control readers can be logically configured into Ethernet transmissions as well. Each 3M Cogent MiY reader provides the highest level of security and fully realizes the security capabilities of ethernet reader connections. The MiY reader communicates over TLS-encrypted Ethernet, has full PKI-compliant solutions, and uses the highest NIST-approved encryption standards. The Wiegand has been a standard in access control but data transmitted from the MiY reader is protected it does not mean that this method should become and secure. a permanent speed bump on the access control landscape. Instead, the Wiegand method as the standard should devolve when customers realize the vulnerability of Wiegand, and Wiegand wires should be replaced with intelligent and secure data lines. These advances require an upgrade from the Wiegand standard. This means that accelerating technological improvements and evolving security requirements from the standard must be the only real change.
5 Security Systems Division 3M Cogent, Inc. 639 North Rosemead Boulevard Pasadena, CA U.S.A Please recycle. Printed in the U.S.A. 3M is a trademark of 3M. Cogent logo is a trademark of 3M Cogent. 3M Cogent, Inc v.αx All rights reserved. a 3M Company
Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER
with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics
More informationEntrust IdentityGuard
+1-888-437-9783 sales@identisys.com IdentiSys.com Distributed by: Entrust IdentityGuard is an award-winning software-based authentication enterprises and governments. The solution serves as an organization's
More informationLongmai Mobile PKI Solution
Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2
More informationMobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager
Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords Mika Devonshire Associate Product Manager 1 Agenda 2 What is Cybersecurity? Quick overview of the core concepts 3 Cybercrime
More informationRF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards
RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:
More informationOnline Gaming: Legalization with Protection for Minors, Adult Players, Problem Gamers
Online Gaming: Legalization with Protection for Minors, Adult Players, Problem Gamers Frequently Asked Questions and Answers 2011 CardLogix Corporation. All rights reserved. This document contains information
More informationSmart Cards and Biometrics in Physical Access Control Systems
Smart Cards and Biometrics in Physical Access Control Systems Robert J. Merkert, Sr. Vice President of Sales Americas Biometric Consortium 2005 Conference September 21, 2005 All Company and/or product
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationBiometrics in Physical Access Control Issues, Status and Trends White Paper
Biometrics in Physical Access Control Issues, Status and Trends White Paper Authored and Presented by: Bill Spence, Recognition Systems, Inc. SIA Biometrics Industry Group Vice-Chair & SIA Biometrics Industry
More informationMulti-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
More informationW.A.R.N. Passive Biometric ID Card Solution
W.A.R.N. Passive Biometric ID Card Solution Updated November, 2007 Biometric technology has advanced so quickly in the last decade that questions and facts about its cost, use, and accuracy are often confused
More informationSYMMETRY PRODUCT OVERVIEW
ACCESS CONTROL The Symmetry Security Management Systems provides powerful integrated solutions for organizations requiring Access Control and Integrated Security. Solutions are available for organizations
More informationResearch Article. Research of network payment system based on multi-factor authentication
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor
More informationSYMMETRY. DATASHEET ACCESS CONTROL Product Overview
DATASHEET ACCESS CONTROL Product Overview SYMMETRY The AMAG Technology range of Security Management Systems provides powerful integrated solutions for organizations requiring Access Control and Integrated
More informationData Security Concerns for the Electric Grid
Data Security Concerns for the Electric Grid Data Security Concerns for the Electric Grid The U.S. power grid infrastructure is a vital component of modern society and commerce, and represents a critical
More informationExecutive Summary P 1. ActivIdentity
WHITE PAPER WP Converging Access of IT and Building Resources P 1 Executive Summary To get business done, users must have quick, simple access to the resources they need, when they need them, whether they
More informationPassing PCI Compliance How to Address the Application Security Mandates
Passing PCI Compliance How to Address the Application Security Mandates The Payment Card Industry Data Security Standards includes several requirements that mandate security at the application layer. These
More informationMore effective protection for your access control system with end-to-end security
More effective protection for your access control system with end-to-end security By Jeroen Harmsen The first article on end-to-end security appeared as long ago as 1981. The principle originated in ICT
More informationA Security Survey of Strong Authentication Technologies
A Security Survey of Strong Authentication Technologies WHITEPAPER Contents Introduction... 1 Authentication Methods... 2 Classes of Attacks on Authentication Mechanisms... 5 Security Analysis of Authentication
More informationContactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council
Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked
More informationAudio: This overview module contains an introduction, five lessons, and a conclusion.
Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules
More informationRFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region
RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationHARDENED MULTI-FACTOR AUTHENTICATION INCREASES ENTERPRISE PC SECURITY
HARDENED MULTI-FACTOR AUTHENTICATION INCREASES ENTERPRISE PC SECURITY INSTEAD OF A SECURITY PROBLEM, ENDPOINTS BECOME PART OF THE SECURITY SOLUTION SUMMARY The internet and mobility have made enterprise
More informationAccess Control in Commercial Applications. Is the future of commercial building security built in, or bolted on? A discussion paper
Access Control in Commercial Applications Is the future of commercial building security built in, or bolted on? A discussion paper Author: Damian Marsh, Managing Director UK, ASSA ABLOY Access Control
More information3M Cogent, Inc. White Paper. Facial Recognition. Biometric Technology. a 3M Company
3M Cogent, Inc. White Paper Facial Recognition Biometric Technology a 3M Company Automated Facial Recognition: Turning Promise Into Reality Once the province of fiction, automated facial recognition has
More informationTechnical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
More informationXYPRO Technology Brief: Stronger User Security with Device-centric Authentication
Ken Scudder Senior Director Business Development & Strategic Alliances XYPRO Technology Talbot A. Harty CEO DeviceAuthority XYPRO Technology Brief: Stronger User Security with Device-centric Authentication
More informationHow TraitWare TM Can Secure and Simplify the Healthcare Industry
How TraitWare TM Can Secure and Simplify the Healthcare Industry January 2015 Secure and Simplify Your Digital Life. Overview of HIPPA Authentication Standards When Title II of the Health Insurance Portability
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Mobile Services Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively Table
More informationTrue Identity solution
Identify yourself securely. True Identity solution True Identity authentication and authorization for groundbreaking security across multiple applications including all online transactions Biogy Inc. Copyright
More informationStrong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment
Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment IIIIII Best Practices www.gemalto.com IIIIII Table of Contents Strong Authentication and Cybercrime... 1
More informationUS Security Directive FIPS 201
Security US Security Directive FIPS 201 Compliance Strategies Learn about compliance strategies for governmental agencies in meeting requirements of Homeland Security Presidential Directive 12 (HSPD-12),
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationL-1 Fingerprint Reader Solutions. V-Flex 4G
L- Fingerprint Reader Solutions V-Flex 4G 4G Biometric Performance Redefined with a Flexible and Powerful Device to Secure any Size Premises Advanced Features Large Template Storage Capacity (0,000 in
More informationAlarm over IP. What is Alarm over IP? How does Alarm over IP work? Intrusion Systems White Paper Series Alarm over IP
Intrusion Systems White Paper Series Alarm over IP Alarm over IP What is Alarm over IP? Alarm over IP is the ability for security and fire alarm systems to transmit alarm signals over IP networks such
More informationAD-Series. Selection Guide
AD-Series Selection Guide The first step in our design process: Listening. We wanted to know exactly what you needed in a security solution. So we asked. We asked hundreds of questions and received thousands
More informationSecuring Virtual Desktop Infrastructures with Strong Authentication
Securing Virtual Desktop Infrastructures with Strong Authentication whitepaper Contents VDI Access Security Loopholes... 2 Secure Access to Virtual Desktop Infrastructures... 3 Assessing Strong Authentication
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationSecure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications. www.vidyo.com 1.866.99.VIDYO
TECHNICAL NOTE Secure VidyoConferencing SM Protecting your communications 2012 Vidyo, Inc. All rights reserved. Vidyo, VidyoTechnology, VidyoConferencing, VidyoLine, VidyoRouter, VidyoPortal,, VidyoRouter,
More informationRemote Access Security
Glen Doss Towson University Center for Applied Information Technology Remote Access Security I. Introduction Providing remote access to a network over the Internet has added an entirely new dimension to
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationSync Security and Privacy Brief
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
More informationWhite Paper. The risks of authenticating with digital certificates exposed
White Paper The risks of authenticating with digital certificates exposed Table of contents Introduction... 2 What is remote access?... 2 Authentication with client side digital certificates... 2 Asymmetric
More informationHIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics
HIPAA Security S E R I E S Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationStrong Authentication. Securing Identities and Enabling Business
Strong Authentication Securing Identities and Enabling Business Contents Contents...2 Abstract...3 Passwords Are Not Enough!...3 It s All About Strong Authentication...4 Strong Authentication Solutions
More informationAdvanced Biometric Technology
INC Internet Biometric Security Systems Internet Biometric Security System,Inc.White Papers Advanced Biometric Technology THE SIMPLE SOLUTION FOR IMPROVING ONLINE SECURITY Biometric Superiority Over Traditional
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationDirected Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM
Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring A White Paper from the Experts in Business-Critical Continuity TM Executive Summary With continued efforts to reduce overhead,
More informationWhite Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS
White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services Over the past decade, the demands on government agencies to share information across the federal, state and local levels
More informationToday, there are three major initiatives for cards and credentials. Every security
What s the Near Future Hold for ID Cards & Credentials? Jeremy Earles, Ingersoll Rand Security Technologies Portfolio Marketing Manager-Credentials & Readers Today, there are three major initiatives for
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationsolutions Biometrics integration
Biometrics integration Challenges Demanding access control and identity authentication requirements drive the need for biometrics. Regulations such as Sarbanes-Oxley (SOX), Health Insurance Portability
More information22 nd NISS Conference
22 nd NISS Conference Submission: Topic: Keywords: Author: Organization: Tutorial BIOMETRICS - DEVELOPING THE ARCHITECTURE, API, ENCRYPTION AND SECURITY. INSTALLING & INTEGRATING BIOMETRIC SYSTEMS INTO
More informationUsing Entrust certificates with VPN
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
More informationTesting Overview [Document subtitle]
10/16/2015 ZigBee Penetration Testing Overview [Document subtitle] PURE INTEGRATION Introduction Penetration testers have been focusing on wireless technologies for over a decade now, and industry researchers
More informationTarget Security Breach
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
More informationImproving Online Security with Strong, Personalized User Authentication
Improving Online Security with Strong, Personalized User Authentication July 2014 Secure and simplify your digital life. Table of Contents Online Security -- Safe or Easy, But Not Both?... 3 The Traitware
More informationBest Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council
Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity
More informationSecure communications via IdentaDefense
Secure communications via IdentaDefense How vulnerable is sensitive data? Communication is the least secure area of digital information. The many benefits of sending information electronically in a digital
More informationPCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00
PCI PA - DSS Point XSA Implementation Guide Atos Worldline Banksys XENTA SA Version 1.00 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page number 2 (16)
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationHow did Wiki Leaks happen?
How did Wiki Leaks happen? A disgruntled employee with an agenda goes to work with USB flash drives and copies restricted files off of the server. There is no adequate secure network access and identity
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationGOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.
PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize
More informationContents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008
Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication
More informationProblems of Security in Ad Hoc Sensor Network
Problems of Security in Ad Hoc Sensor Network Petr Hanáček * hanacek@fit.vutbr.cz Abstract: The paper deals with a problem of secure communication between autonomous agents that form an ad hoc sensor wireless
More informationTop Three POS System Vulnerabilities Identified to Promote Data Security Awareness
CISP BULLETIN Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness November 21, 2006 To support compliance with the Cardholder Information Security Program (CISP), Visa USA
More informationAuthentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationDevice-Centric Authentication and WebCrypto
Device-Centric Authentication and WebCrypto Dirk Balfanz, Google, balfanz@google.com A Position Paper for the W3C Workshop on Web Cryptography Next Steps Device-Centric Authentication We believe that the
More informationSecuring Internet Facing. Applications. Technical White Paper. configuration drift, in which IT members open up ports or make small, supposedly
Securing Internet Facing Applications Ten years ago protecting the corporate network meant deploying traditional firewalls and intrusion detection solutions at the perimeter of the trusted network in order
More informationProtecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices
Protecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices Protecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices It s common today for law enforcement
More informationProtect Your Customers and Brands with Multichannel Two-Factor Authentication
SAP Brief Mobile Services from SAP SAP Authentication 365 Objectives Protect Your Customers and Brands with Multichannel Two-Factor Authentication Protecting your most valuable asset your customers Protecting
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationHSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006
HSPD-12 Implementation Architecture Working Group Concept Overview Version 1.0 March 17, 2006 Table of Contents 1 PIV Lifecycle... 3 2 High Level Component Interaction Diagram... 4 3 PIV Infrastructure
More informationSelf-Encrypting Hard Disk Drives in the Data Center
Technology Paper Self-Encrypting Hard Disk Introduction At least 35 U.S. states now have data privacy laws that state if you encrypt data-at-rest, you don t have to report breaches of that data. U.S. Congressional
More informationMulti-factor authentication
CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL
More informationThe Benefits of an Industry Standard Platform for Enterprise Sign-On
white paper The Benefits of an Industry Standard Platform for Enterprise Sign-On The need for scalable solutions to the growing concerns about enterprise security and regulatory compliance can be addressed
More informationTime Clocks for Employee Attendance Tracking
Time Clocks for Employee Attendance Tracking InfoTronics, Inc. Whitepaper Time clocks record employee attendance information including start, end, and lunch break times. This information is then shared
More informationBest Practices in Access Control
Best Practices in Access Control Table of Contents Introduction...1 Choosing the Right Reader and Card Technology...2 Relative Security of Commonly Used Card Technologies...2 Use Proper Key Management...3
More informationChapter 15 User Authentication
Chapter 15 User Authentication 2015. 04. 06 Jae Woong Joo SeoulTech (woong07@seoultech.ac.kr) Table of Contents 15.1 Remote User-Authentication Principles 15.2 Remote User-Authentication Using Symmetric
More informationManage and secure your workplace by controlling who, what, when, why, where and how people are allowed in your facility. Marquee
Marquee Manage and secure your workplace by controlling who, what, when, why, where and how people are allowed in your facility. Securing the Workplace Executive Summary OPTIMIZE TODAY S WORKPLACE Protecting
More informationPCI PA - DSS. Point ipos Implementation Guide. Version 1.01. VeriFone Vx820 using the Point ipos Payment Core
PCI PA - DSS Point ipos Implementation Guide VeriFone Vx820 using the Point ipos Payment Core Version 1.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page
More informationTailored integration to suit you
UTC Fire & Security Integrated Systems Platforms Tailored integration to suit you We listened to you A majority of the Fortune 100 companies have chosen UTC Fire & Security for their integration needs.*
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationAn Oracle White Paper December 2010. Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance
An Oracle White Paper December 2010 Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance Executive Overview... 1 Health Information Portability and Accountability Act Security
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationHow To Protect Your Business Information From Being Stolen From A Cell Phone Or Tablet Device
Page 2 of 14 Securing Critical Corporate Data in a Mobile World Page 3 of 14 Table of Contents 1 Mobile is the New Normal... 4 1.1 The Critical Importance of Mobile Security... 4 1.2 Mobile Security Challenges...
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationAuthentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationEnhancing Web Application Security
Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor
More informationMulti-Factor Authentication
Enhancing network security through the authentication process Multi-Factor Authentication Passwords, Smart Cards, and Biometrics INTRODUCTION Corporations today are investing more time and resources on
More informationSymposium (FBOS) PCI Compliance. Connecting Great Ideas and Great People. Agenda
2010 Finance & Business Operations Symposium (FBOS) PCI Compliance Cort M. Kane COO, designdata Judy Durham CFO, NPES Kymberly Bonzelaar, Sr. VP Capital One Richard Eggleston, Sr. Project Director, TMAR
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationClosing Wireless Loopholes for PCI Compliance and Security
Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop
More informationSmart Card: The Computer in Your Wallet
Smart Card: The Computer in Your Wallet MIPS Technologies, Inc. June 2002 Smart cards, credit-card-size pieces of plastic incorporating a silicon chip, comprise the highest volume computing platform. Roughly
More information