Mobile Payment Security
|
|
- Kellie Mills
- 6 years ago
- Views:
Transcription
1 Mobile Payment Security What it means and how to implement it Macroeconomics of Mobile Money Columbia University Apr. 2, 2010 Hadi Nahari Principal Security & Mobile Architect PayPal, Inc. an ebay Company HADI S BACKGROUND Security, cryptography, complex system analysis and design, distributed computing Identity management, digital asset protection, vulnerability assessment & threat analysis (VATA) Security and assurance certifications (FIPS, CC, NSA) Theory of programming languages, semantics of security, formal and functional languages Operating systems security (SVR4, Linux, Symbian, Nucleus, MultOS, etc.) Enterprise and embedded environments (Netscape Communications, Sun Microsystems, U.S. Government, Motorola, MontaVista, ebay, PayPal, etc.) The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
2 AGENDA Perspective Requirements Conclusion The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ AGENDA Perspective Requirements Conclusion The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
3 FACTS ABOUT MOBILE Internet access (all means) > 1 billion/day Cellular networks access ~ 4 billion/day Mobile is the only digital system many people will ever encounter The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ USECASE PROLIFERATION From Back Pocket to Front Pocket From Paper to Virtual Coupons From Paper to Virtual Tickets From Mass to Personalized From Pre Sale to in Store The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
4 MOBILE IDENTITY* CRISIS Complex landscape Identity proliferation Chip Vendors Mobile Network Operators Many players Neither trusts others Heterogeneous identity environment Device Manufacturers TSM Trusted Svc. Mgr. Card Associations Regulators Banks Retailers The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ MANY STANDARDIZATION* BODIES Global Platform Smart Card Infrastructure OMTP Open Mobile Terminal Platform Usability, Economic Security OMA Open Mobile Alliance Decoupling, Interoperability NFC Forum Near Field Communication Forum NFC, Proximity ETSI European Telecommunications Standards Institute Telecom Integration The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
5 AND THE NETWORKS Isolated from other systems (e.g. the Internet) Fundamentally different design-assumptions Applications must know how the network operates! The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ USAGE PATTERNS (UNITED STATES) The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
6 USAGE PATTERNS (INT L) The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ TRAFFIC SHARE The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
7 WHAT S A PLATFORM? Marc Andreessen A "platform" is a system that can be programmed and therefore customized by outside developers and in that way, adapted to countless needs and niches that the platform's original developers could not have possibly contemplated, much less had time to accommodate. So, platform is open by definition. How open? Two models the we know what s good for you model the you re not evil, are ya? model The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ AGENDA perspective Requirements Conclusion The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
8 MOBILE APP-WAREHOUSING ECOSYSTEM Development App. 1 Portal App. 0 App. 1 App. N SDK. 0 SDK. N Deployment App. 0 App. N\ App. N\ App. N\ App. N\ App. M SDK. 1 App. N Devices The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ IT S CLEAR THAT The mobile app ecosystem Is distributed Is open by definition The development & distribution model is evolving Single application warehouse (Market, AppStore, etc.) Compound application warehouse (WAC, etc.) The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
9 SECURITY BOUNDARIES Portal Regulator App. 1 App. 0 App. N Financial MNO Retailer The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ HOW MUCH SECURITY? Security proportionate to risk Simple, flexible, usable 0 $ Security Cost $$ No Security Usable Security Mil-Aero Security The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
10 THE BIG CHALLENGE: RISK MANAGEMENT Risk-driven decisioning: Authentication, authorization, etc. Takes time: highly data-driven Expen$ive: needs incurring the lo$ts Interoperability: Risk models are still rather local The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ AGENDA Perspective Requirements Conclusion The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
11 CONCLUDING THOUGHTS Good security should also be usable The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ THERE S MORE THAN TECHNOLOGY Technology Integrated Consolidated Utilized Technology People Interconnected Effective Supportive Information People Information Federated Secure Accessible Process Process Best Practices Automated Managed The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
12 THANK YOU! Questions, Comments, Feedback The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ BACKUP SLIDES The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
13 SECURITY REQUIREMENTS Environment: Objects: Autonomous governance of Key material Identities Secure isolation Authentication Asset protection At rest In transit Cohabitation Well-defined interaction contracts Channel protection The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ ABSTRACT MODEL Cloud_m Claims Verification Authorization Framework Cloud_n Claims Verification Authorization Framework Unforgeable, as in capability model ID Claims Protection Declarations Enforcement Mechanisms The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
14 OBJECTS MANDATE Declares own security needs Authenticates environment Protects its key material Claims, requirements, etc. ID Claims Protection Declarations Protected by object itself Declaration is a security asset Enforcement Mechanisms The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ ENVIRONMENTS MANDATE Authenticates objects Based on objects claims Authorizes interactions Among objects Between environments Claims Verification Authorization Framework The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
15 INTER-OBJECT COMMUNICATIONS Follows objects declarations Facilitated by env. only if authorized Claims Verification Authorization Framework ID Claims? ID Claims Protection Declarations Enforcement Mechanisms Protection Declarations Enforcement Mechanisms The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/ INTER-ENVIRONMENT COMMUNICATION Follows mutually-agreed declarations Only if authorized by both environments Claims Verification Cloud_m Claims Verification Cloud_n Authorization Framework ID Claims? Authorization Framework ID Claims Protection Protection Declarations Declarations?? Enforcement Enforcement Mechanisms Mechanisms? The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
16 OBSERVATIONS The proposed model decouples authorization decisions Enables the autonomy of environments Allows for flexible business models Objects also authenticated the environment Execution is based on mutual agreement The Macroeconomics of Mobile Money, Apr. 2 nd 2010 Columbia University, NYC 4/9/
Forging the Link Between Global Interoperability and New Business Opportunities
Forging the Link Between Global Interoperability and New Business Opportunities Debbie Arnold Director, NFC Forum WIMA USA November 30, 2011 Marketplace Situation 2 NFC Forum Google Hits Awareness of NFCIncreasing
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationWill Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?
Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions? Jack Radzikowski,, Northrop Grumman & FiXs Smart Card Alliance Annual Meeting La Jolla, California
More informationGSAW Information Assurance in Government Space Systems: From Art to Engineering
GSAW 2006 Information Assurance in Government Space Systems: From Art to Engineering Charles Lavine The Aerospace Corporation 310-336-1595 lavine@aero.org 1 Toward the Global Information Grid Toward the
More informationThe Open Application Platform for Secure Elements.
The Open Application Platform for Secure Elements. Java Card enables secure elements, such as smart cards and other tamper-resistant security chips, to host applications, called applets, which employ Java
More informationDigital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans
Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October 2014 Frazier D. Evans Evans_Frazier@bah.com There are four key areas that need to be investigated when talking
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationIntroduction to Device Trust Architecture
Introduction to Device Trust Architecture July 2018 www.globalplatform.org 2018 GlobalPlatform, Inc. THE TECHNOLOGY The Device Trust Architecture is a security framework which shows how GlobalPlatform
More informationThe Innovation Connection: How NFC is Driving New Global Opportunities. Koichi Tagawa Sony Chairman, NFC Forum
The Innovation Connection: How NFC is Driving New Global Opportunities Koichi Tagawa Sony Chairman, NFC Forum NFC World Congress September 19, 2011 Marketplace Situation 2 Global Market Developments Business
More informationTrust Services for Electronic Transactions
Trust Services for Electronic Transactions ROUMEN TRIFONOV Faculty of Computer Systems and Control Technical University of Sofia 8 st. Kliment Ohridski bul., 1000 Sofia BULGARIA r_trifonov@tu-sofia.bg
More informationDefining IT Security Requirements for Federal Systems and Networks
Defining IT Security Requirements for Federal Systems and Networks Employing Common Criteria Profiles in Key Technology Areas Dr. Ron Ross 1 The Fundamentals Building more secure systems depends on the
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationCloud Security. Copyright Ramesh Nagappan. All rights reserved.
Cloud Security 1 Cloud Security Week 1 Lecture 1 Ramesh Nagappan Harvard University Extension School Brandeis University GPS 2 Week 1 Lecture - 1 Course Introduction Evolution of Cloud Computing Introduction
More informationSession 2: Understanding the payment ecosystem and the issues Visa Europe
Session 2: Understanding the payment ecosystem and the issues Visa Europe Agnes Revel Martineau VP, Head of Product Specifications, Standards and Industry Liaison ETSI 01st, July, 2014 Agenda You said
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationEuropean Cyber Security Certification: ECSO Meta-Scheme Approach
European Cyber Security Certification: ECSO Meta-Scheme Approach Sergio Lomban ECSO WG1 Chairman Conference on Cybersecurity Act Establishing the link between Standardisation and Certification 13 February
More informationSecure Elements 101. Sree Swaminathan Director Product Development, First Data
Secure Elements 101 Sree Swaminathan Director Product Development, First Data Secure Elements Secure Element is a tamper resistant Smart Card chip that facilitates the secure storage and transaction of
More informationDelivering Complex Enterprise Applications via Hybrid Clouds
Whitepaper Delivering Complex Enterprise Applications via Hybrid Clouds As enterprises and industries shake off the effects of the last recession, the focus of IT organizations has shifted from one marked
More informationBusiness Models in Mobile NFC Services
+ Business Models in Mobile NFC Services Network-Approach to Service Development and Commercialization Per Andersson, Riikka Murto, Christopher Rosenqvist 19.10.2012 + Small project at Wireless@KTH, 2
More informationMobile Payments Building the NFC Ecosystem
Mobile Payments Smart Card Alliance / NFC Forum Joint Workshop Building the NFC Ecosystem 2010 Smart Card Alliance Annual Conference Peter Preuss Nokia Chairman, NFC Forum Marketing Committee Cooperation
More informationSEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop January 2011 Sophia Antipolis, France
www.europeanpaymentscouncil.eu SEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop 2011 19-20 January 2011 Sophia Antipolis, France Global mobile subscribers (millions) Mobile phone: some statistics
More informationNPP & Blockchain Have you thought about the data? Ken Krupa, CTO, MarkLogic
NPP & Blockchain Have you thought about the data? Ken Krupa, CTO, MarkLogic Hello SLIDE: 2 14 COPYRIGHT November 2017 MARKLOGIC CORPORATION. ALL RIGHTS RESERVED. A QUICK LOOK New Payments Platform Open
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationINSPIRING IOT INNOVATION: MARKET EVOLUTION TO REMOVE BARRIERS. Mark Chen Taiwan Country Manager, Senior Director, Sales of Broadcom
INSPIRING IOT INNOVATION: MARKET EVOLUTION TO REMOVE BARRIERS Mark Chen Taiwan Country Manager, Senior Director, Sales of Broadcom CAUTIONARY STATEMENT This presentation may contain forward-looking statements
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationIBM Security Services Overview
Services Overview Massimo Nardone Senior Lead IT Security Architect Global Technology Services, IBM Internet Security Systems massimo.nardone@fi.ibm.com THE VEHICLE THE SKILL THE SOLUTION Today s Business
More informationInnovation policy for Industry 4.0
Innovation policy for Industry 4.0 Remarks from Giorgio Mosca Chair of Cybersecurity Steering Committee Confindustria Digitale Director Strategy & Technologies - Security & IS Division, Leonardo Agenda
More informationAchieving online trust through Mutual Authentication
Achieving online trust through Mutual Authentication Agenda Where do we need trust online? who are the affected parties? Authenticating the site to a consumer V by V and SecureCode, next generation browsers
More informationThe Future of Mobile Device Management
The Future of Mobile Device Management Simplifying the move from BlackBerry to a multi-os environment MobileIron Advisory Services 415 E. Middlefield Road Mountain View, CA 94043 www.mobileiron.com Table
More informationNIS Standardisation ENISA view
NIS Standardisation ENISA view Dr. Steve Purser Brussels, 19 th September 2017 European Union Agency for Network and Information Security Instruments For Improving Cybersecurity Policy makers have a number
More informationUsability, Security and Privacy
Usability, Security and Privacy Computer Science and Telecommunications Board Butler Lampson Microsoft Research July 21, 2009 1 Usable Security: Things Are Really Bad Users don t know how to think about
More informationShould You Use Liberty or Passport for Digital Identities?
Select Q&A, J. Pescatore, A. Litan Research Note 12 August 2003 Should You Use Liberty or Passport for Digital Identities? Federated digital identities, such as from the Liberty Alliance and Microsoft
More informationVirtual Machine Encryption Security & Compliance in the Cloud
Virtual Machine Encryption Security & Compliance in the Cloud Pius Graf Director Sales Switzerland 27.September 2017 Agenda Control Your Data In The Cloud Overview Virtual Machine Encryption Architecture
More informationImproving Internet of Things Device Certification with Policy Based Management
Improving Internet of Things Device Certification with Policy Based Management Gianmarco Baldini European Commission DG.JRC.E3 Gianmarco.Baldini@ec.europa.eu 1 IoT Security In beginning of 2015, US Federal
More informationMobile software security Building trust in mobile apps
Mobile software security 2016 More use of mobile devices 53% Of polled smart phone users say they use their device to pay online - 2014 26 Times per month for mobile apps usage against less than twice
More informationThe GP Composition Model Maximizing the Efficiency of Security Certifications
The GP Composition Model Maximizing the Efficiency of Security Certifications 11th ICCC Antalya, 21-23 September 2010 Authors: Mestiri S. Oberthur Technologies; Chetali B. Gemalto; Loiseaux C. Trusted
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationTAF-TAP TSI Steering Committee Agenda item..: Presentation of the activities of the sector TAP TSI. Brussels, 24 June 2015
TAF-TAP TSI Steering Committee Agenda item..: Presentation of the activities of the sector TAP TSI Brussels, TAP/TAF SteCo 24 June 2016 1 INDEX The Rail Sector complexity EU Approaches for a new framework
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More informationEXPERIENCE SIMPLER, STRONGER AUTHENTICATION
1 EXPERIENCE SIMPLER, STRONGER AUTHENTICATION 2 Data Breaches are out of control 3 IN 2014... 783 data breaches >1 billion records stolen since 2012 $3.5 million average cost per breach 4 We have a PASSWORD
More informationNFC embedded microsd smart Card - Mobile ticketing opportunities in Transit
NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit July 2017 By: www.smk-logomotion.com Introduction Presentation is describing NFC enabled microsd smart card (LGM Card) Technical
More informationGSM Association (GSMA) Mobile Ticketing Initiative
GSM Association (GSMA) Mobile Ticketing Initiative Sue Monahan Director - GSMA NA Clif Campbell Lead Member of Technical Staff AT&T April 2010 Content GSM World Today GSMA Overview GSMA M-Ticketing Initiative
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationNFC in Japan and NFC Forum
NFC in Japan and NFC Forum Koichi Tagawa Sony Chairman, NFC Forum Meetup at NFC Solutions Summit 2012.05.23 What is NFC? 2 NFC is Uniquely Powerful 3 NFC - How Does it Work? Three Mandatory Communication
More informationMOBILE WALLET TECHNOLOGIES: GLOBAL MARKETS. IFT070A April Priyanka Patel Project Analyst ISBN:
MOBILE WALLET TECHNOLOGIES: GLOBAL MARKETS IFT070A April 2013 Priyanka Patel Project Analyst ISBN: 1-56965-176-0 BCC Research 49 Walnut Park, Building 2 Wellesley, MA 02481 866-285-7215, 781-489-7301 www.bccresearch.com
More informationMobile NFC Services Opportunities & Challenges. NGUYEN Anh Ton VNTelecom Conference 31/10/2010
Mobile NFC Services Opportunities & Challenges NGUYEN Anh Ton VNTelecom Conference 31/10/2010 Agenda 1. Introduction 2. Mobile NFC Overview 3. NFC Ecosystem Key Findings 4. Main NFC challenges 5. What
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationIT Security Evaluation : Common Criteria
AfriNIC-9 MEETING Mauritius 22-28 November 2008 IT Security Evaluation : Common Criteria Ministry of Communication Technologies National Digital Certification Agency Mounir Ferjani November 2008 afrinic
More informationAspects of Identity. IGF November BCS Security Community of Expertise
Aspects of Identity IGF November 2012 BCS Security Community of Expertise Representatives Dr. Louise Bennett FBCS CITP Chair of the BCS Security Community of Expertise Mirza Asrar Baig Executive Director,
More informationSmart Card Alliance Update. Update to the Interagency Advisor Board (IAB) June 27, 2012
Smart Card Alliance Update Update to the Interagency Advisor Board (IAB) June 27, 2012 Industry s Access Control Payments (NEW) Mobile & NFC Identity Industry s Healthcare Transportation Access Control
More informationCampus IT Modernization OPERATIONAL CONTINUITY FLEXIBLE TECHNOLOGY MODERNIZED SYSTEMS
Campus IT Modernization OPERATIONAL CONTINUITY FLEXIBLE TECHNOLOGY MODERNIZED SYSTEMS Managing the Complexity of IT Modernization Constructing and modernizing a new campus is a complex undertaking, requiring
More informationNatural Security Alliance
Natural Security Alliance Biometrics Based Projects: How to Build Trust in biometrics projects? October 7-8, 2014 Barcelona Summary! 3 Key questions 1/ How to succeed biometrics based deployment project?
More informationLaura Arribas Vodafone WAC 6th ETSI Security Workshop January ETSI, Sophia Antipolis, France
Security in WAC Laura Arribas Vodafone WAC (laura.arribas@vodafone.com) 6th ETSI Security Workshop 19 20 January 2011 - ETSI, Sophia Antipolis, France The largest wholesale applications platform Money
More informationVendor: The Open Group. Exam Code: OG Exam Name: TOGAF 9 Part 1. Version: Demo
Vendor: The Open Group Exam Code: OG0-091 Exam Name: TOGAF 9 Part 1 Version: Demo QUESTION 1 According to TOGAF, Which of the following are the architecture domains that are commonly accepted subsets of
More informationM-Commerce and its features
M-Commerce and its features Abstract: Purpose of this article is to elaborate the concept of electronic commerce and its red hot issue, mobile commerce. In this article I define E-commerce as: Electronic
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationImportance of the Data Management process in setting up the GDPR within a company CREOBIS
Importance of the Data Management process in setting up the GDPR within a company CREOBIS 1 Alain Cieslik Personal Data is the oil of the digital world 2 Alain Cieslik Personal information comes in different
More informationAnalysis of Effectiveness of Open Service Architecture for Fixed and Mobile Convergence
Analysis of Effectiveness of Open Service Architecture for Fixed and Mobile Convergence Kyung-Hyu Lee* Jeung-Heon Hahn* Electronics and Telecommunications Research Institute* Email: {khyulee, stevehahn
More informationCLOUD GOVERNANCE SPECIALIST Certification
CLOUD GOVERNANCE SPECIALIST Certification The Cloud Professional (CCP) program from Arcitura is dedicated to excellence in the fields of cloud computing technology, mechanisms, platforms, architecture,
More informationOATH : An Initiative for Open AuTHentication
OATH : An Initiative for Open AuTHentication Who Are You Really Doing Business With? 2 Oath Proprietary Confidential The New York Magazine, July 5, 1993, Peter Steiner, The Economic Promise of e-business
More informationPlatform Economy and Trustworthiness Standardization
Security for Industrie 4.0 Platform Economy and Trustworthiness Standardization Siemens Corporate Technology and Member of the German Platform Industrie 4.0 Industrie 4.0 Connecting business processes
More informationContents. Preface. Acknowledgments. xxiii. List of Acronyms i xxv
Preface xv Acknowledgments. xxiii List of Acronyms i xxv 1 Executive Summary 1 1.1 Towards NFC Era 2 1.1.1 Ubiquitous Computing 2 1.1.2 Mobile Phones 3 1.1.3 Technological Motivation of NFC 4 1.1.4 Wireless
More informationCloud Security Alliance Quantum-safe Security Working Group
Don Hayford 3rd ETSI/IQC Workshop on Quantum-Safe Cryptography Seoul, Korea October 5, 2015 Session 3: Joint Global Efforts Cloud Security Alliance Quantum-safe Security Working Group 1 Cloud Security
More informationComputing as a Service
IBM System & Technology Group Computing as a Service General Session Thursday, June 19, 2008 1:00 p.m. - 2:15 p.m. Conrad Room B/C (2nd Floor) Dave Gimpl, gimpl@us.ibm.com June 19, 08 Computing as a Service
More informationA Market Solution to Online Identity Trust. Trust Frameworks 101: An Introduction
A Market Solution to Online Identity Trust Background OIX is an Internet scale solution to the problem of how identity credentials can be trusted online. Background "OIX is the organization where different
More informationARM Security Solutions and Numonyx Authenticated Flash
ARM Security Solutions and Numonyx Authenticated Flash How to integrate Numonyx Authenticated Flash with ARM TrustZone* for maximum system protection Introduction Through a combination of integrated hardware
More informationSD-WAN Transform Your Agency
Federal SD-WAN Transform Your Agency 1 Overview Is your agency facing network traffic challenges? Is migration to the secured cloud hogging scarce bandwidth? How about increased mobile computing that is
More informationSolving the Enterprise Data Dilemma
Solving the Enterprise Data Dilemma Harmonizing Data Management and Data Governance to Accelerate Actionable Insights Learn More at erwin.com Is Our Company Realizing Value from Our Data? If your business
More informationeid Interoperability for PEGS WS-Federation
eid Interoperability for PEGS WS-Federation Workshop Brussels 10 May 2007 Agenda 1 Scope 2 Category 3 Approach and description 4 Relevance for eid Interoperability 5 Pro s and Con s 6 Relationship with
More informationPlease remember to put your name and address on the cover of your blue book(s).
CPSC156a: First Exam October 14, 2003 Instructions: Answer exactly five of the following six questions. Do not answer all six. If you do answer all six, the first five answers in your blue book(s) will
More informationSecure & Unified Identity
Secure & Unified Identity for End & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Key Point #1: Perimeter is Dissolving Making Identity Matter Most You must plant a strong
More informationA Data-Centric Approach for Modular Assurance Abstract. Keywords: 1 Introduction
A Data-Centric Approach for Modular Assurance Gabriela F. Ciocarlie, Heidi Schubert and Rose Wahlin Real-Time Innovations, Inc. {gabriela, heidi, rose}@rti.com Abstract. A mixed-criticality system is one
More informationFirewalls (IDS and IPS) MIS 5214 Week 6
Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part
More informationAndroid: A Security Analysis
Mythbusters! Security means different things to different people! Closed source more secure than open source! Security could be achieved by obscurity! Software-only security is good [enough]! Security
More informationOpen Server Architecture
EAB/OP-08:0052 Uen Rev A Open Server Architecture April 2008 Technology Paper The Open Server Architecture is flexible, open and easier to build applications on. This is achieved primarily through open
More informationStrong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing LANCEN LACHANCE VICE PRESIDENT PRODUCT MANAGEMENT GLOBALSIGN WHAT YOU WILL LEARN TODAY 1 2 3 Examining of security risks with smart connected products Implementing
More informationNatural Security Alliance
Natural Security Alliance Business model and pilot projects ITU 14 & 15 October 2014 Philippe'Batard' Batard&&&Partners' Summary Natural Security Alliance: an initiative from retailers and banks The solution
More informationMoving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model.
TEG Progress Update Moving Digital Identity to the Cloud, a Fundamental Shift in rethinking the enterprise collaborative model. Fulup Ar Foll Master Architect Sun Microsystems Fulup@sun.com 1 What is the
More informationSmarts Application Discovery Manager 5.0: Accelerating Server/Data Center Consolidations, Application Migrations, and CMDB Projects
Smarts Application Discovery Manager 5.0: Accelerating Server/ Center Consolidations, Application Migrations, and CMDB Projects Glenn O Donnell EMC Corporation 1 Smarts Application Discovery Manager Application
More informationGlobalPlatform Trusted Execution Environment (TEE) for Mobile
GlobalPlatform Trusted Execution Environment (TEE) for Mobile Kevin Gillick Executive Director, GlobalPlatform @GlobalPlatform_ www.linkedin.com/company/globalplatform GlobalPlatform Overview GlobalPlatform
More informationDiscussion on MS contribution to the WP2018
Discussion on MS contribution to the WP2018, 30 January 2018 European Union Agency for Network and Information Security Possibilities for MS contribution to the WP2018 Expert Groups ENISA coordinates several
More informationThe Honest Advantage
The Honest Advantage READY TO CHALLENGE THE STATUS QUO GSA Security Policy and PCI Guidelines The GreenStar Alliance 2017 2017 GreenStar Alliance All Rights Reserved Table of Contents Table of Contents
More informationAppendix 12 Risk Assessment Plan
Appendix 12 Risk Assessment Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A12-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More informationJBoss Enterprise Middleware
JBoss Enterprise Middleware Making software from the open source community ready for the enterprise DLT Solutions 2411 Dulles Corner Park, Suite 800 Herndon, VA 20171 Web: www.dlt.com Phone: 703-709-7172
More informationAN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP
AN IPSWITCH WHITEPAPER The Definitive Guide to Secure FTP The Importance of File Transfer Are you concerned with the security of file transfer processes in your company? According to a survey of IT pros
More informationASEAN e-authentication Workshop Balwinder Sahota
ASEAN e-authentication Workshop Balwinder Sahota Agenda ASEAN Single Window (ASW) What is ATIGA Form D The information flow of ATIGA Form D and related documents Security Requirements Challenges in Implementation
More informationSeagate Supply Chain Standards and Operational Systems
DATA IS POTENTIAL Seagate Supply Chain Standards and Operational Systems Government Solutions Henry Newman May 9 2018 Supply Chain Standards and Results Agenda 1. 2. SUPPLY CHAIN REQUIREMENTS AND STANDARDS
More informationElectronic Commerce Working Group report
RESTRICTED CEFACT/ECAWG/97N012 4 December 1997 Electronic Commerce Ad hoc Working Group (ECAWG) Electronic Commerce Working Group report SOURCE: 10 th ICT Standards Board, Sophia Antipolis, 4 th November
More informationeinfrastructures Concertation Event
einfrastructures Concertation Event Steve Crumb, Executive Director December 5, 2007 OGF Vision & Mission Our Vision: The Open Grid Forum accelerates grid adoption to enable scientific discovery and business
More informationSecuring your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008
Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to
More informationIntroduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria
Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria Evaluation: assessing whether a product has the security properties claimed for it. Certification: assessing whether a
More informationIdentity and Authentication PKI Portfolio
Identity and Authentication PKI Portfolio Gemalto offers comprehensive public key infrastructure (PKI) authentication solutions that provide optimal levels of security. Supporting a wide portfolio of IDPrime
More informationGSMA Embedded SIM for Connected Cars
GSMA Embedded SIM for Connected Cars C-ITS ronde tafel Security 10 mei 2016 Arjan Geluk UL Software & Security UL and the UL logo are trademarks of UL LLC 2016 1 Arjan Geluk - bio Principal Advisor, Software
More informationTo: All Deposit Money Banks, Switches, Mobile Money Operators, Payment Solution Service Providers, Micro Finance Banks & Others
. BANKING AND PAYMENTS SYSTEM DEPARTMENT CEN BANK OF NIGERIA Central Business District P.M.B. 0187, Gar1ci, Abuja. +234-0946238445 BPS/DIR/GEN/CIR/05/002 April 17, 2018 To: All Deposit Money Banks, Switches,
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationWireless Connectivity: Future Evolution of the Mobile Network
Wireless Connectivity: Future Evolution of the Mobile Network Simon Yeung Executive Director, Comba Telecom Systems Holdings 26 May 2017 President, Comba Telecom Systems International 2017 Comba Telecom.
More informationHow to Prepare a Response to Cyber Attack for a Multinational Company.
You Have Been Breached! How to Prepare a Response to Cyber Attack for a Multinational Company. Chayan Chakravarti, MBA, CISM, PMP Patrick Enyart, CISA, CISM, CRISC Presenters Chayan Chakravarti Manager,
More informationCLOUD SECURITY SPECIALIST Certification. Cloud Security Specialist
CLOUD SECURITY SPECIALIST Certification Cloud Security The Cloud Professional (CCP) program from Arcitura is dedicated to excellence in the fields of cloud computing technology, mechanisms, platforms,
More informationData Security: Public Contracts and the Cloud
Data Security: Public Contracts and the Cloud July 27, 2012 ABA Public Contract Law Section, State and Local Division Ieuan Mahony Holland & Knight ieuan.mahony@hklaw.com Roadmap Why is security a concern?
More information