Encryption Technology Connected Car Autonomous Vehicles Export Control Implications
|
|
- Gladys Patrick
- 6 years ago
- Views:
Transcription
1 Encryption Technology Connected Car Autonomous Vehicles Export Control Implications Maher Shomali Wes Demory
2 What is an Export? Shipments of Physical Items Electronic Transfers Information Sharing Deemed Exports
3 What is Subject to U.S. Export Controls? U.S.-Origin Items AND Foreign Made Items Inside the United States Foreign Made Items Containing U.S.-Origin Components or Made from U.S.-Origin Technology
4 U.S. Agencies & Regulations Directorate of Defense Trade Controls (DDTC) Bureau of Industry and Security (BIS) Bureau of the Census Office of Foreign Assets Control (OFAC) International Traffic in Arms Regulations (ITAR) Export Administration Regulations (EAR) Foreign Trade Regulations (FTR) Sanctions Programs
5 United States Munitions List [ITAR]
6 Commerce Control List [EAR] 0 - Nuclear Materials, Facilities & Equipment 1 - Materials, Chemicals, Microorganisms & Toxins 2 - Materials Processing 3 - Electronics 4 - Computers 5 - Telecommunications & Information Security 6 - Lasers & Sensors 7 - Navigation & Avionics 8 - Marine 9 - Aerospace & Propulsion
7 Reasons For Control
8 EAR99 is the Catch-all Classification 3A001 5A991 5A002 6A005 EAR99
9 ENCRYPTION CONTROLS
10 How Did We Get Here? License Exception ENC ITAR Licenses EAR Licenses No License Required
11 What is an Encryption Product? A product that includes encryption functionality - Can be proprietary or from third-party source - Even dormant encryption functionality may be controlled
12 What is an Encryption Product? A product that uses encryption functionality without including the encryption code - An application that relies on the web browser to encrypt data between the device and server
13 Encryption Algorithms: - AES, DES, RC4, Blowfish, RSA, DSA, Diffie-Hellman, Elliptic Curve... Encryption Protocols: - SSL/HTTPS, TLS, SSH, IPsec, VPN, IKE, SNMPv3, WPA, Wi- Fi, Bluetooth... Encryption Uses: - Data Confidentiality, Key Management, Authentication, Digital Signature, IP Protection... Encryption Terms
14 Why is Encryption Important? Consumers will be reluctant to use connected cars if invehicle systems are vulnerable to cyberattacks. Comprehensive IT security solutions that cover the connected car s entire lifecycle can ease these concerns. - In-vehicle security - Cloud-based security
15 Authentication/Tamper Protection Trusted identity of all parts to the system TPM-based solutions for the ECU - Secure key storage - Only releases keys once parts to the system are authenticated
16 Infotainment Systems
17 Connectivity Systems
18 Data Applications Applications transmitting sensor or user data... - In-vehicle AND - To the cloud
19 EAR Controls on Encryption Items Is my item an encryption product? Is my item controlled under Category 5, Part 2 of the EAR? What is the appropriate ECCN and License Exception? - 5x002 for data confidentiality - 5x992 for mass market - EAR99 for limited use encryption What are my pre-shipment requirements? - No pre-shipment requirements - Notification - Formal Classification - Licensing What are my post-shipment reporting requirements?
20 Data Confidentiality Designed or modified to use cryptography for data confidentiality, including: - Items having information security as a primary function; - Digital communication or networking systems, equipment and components; and - Computers and components therefor... What about automotive applications?
21 Data Confidentiality Does Not Include... Authentication Digital Signature Data Integrity Non-repudiation DRM Entertainment, mass commercial broadcasts, or medical records
22 Other Decontrols... Smart cards and smart card readers Specially designed and limited for banking use or money transactions Portable or mobile radiotelephones for civil use Cordless telephone equipment Wireless Personal Area Network equipment Disabled crypto Mobile telecommunications Radio Access Network equipment Operations, Administration or Maintenance items
23 Mass Market Note Note 3 Category 5, Part 2 - Generally available to public - Crypto cannot be easily changed - Designed for install without support - Can include components - Must consider target market and price Automotive items have generally been considered mass market
24 Formal Classification Requirements - Network infrastructure commodities - Encryption source code that is not publicly available - Encryption technology - Chips, chipsets, and other components - Cryptographic libraries, modules, development kits and toolkits - Non-standard encryption items - Network or computer forensics items
25 Encryption Checklist Develop an encryption checklist for internal company use - Request encryption details from product team - Algorithms? Uses? Protocols? Sources? Thomsen & Burke Encryption Make it a mandatory step in the new product introduction process
26 Pre- and Post-Shipment Reporting Requirements There are three types of pre- and post-shipment reporting requirements: 1. Yearly Encryption Registration Report for products selfclassified 2. Semi-Annual ENC Report for more restricted products formally classified 3. Pre-Shipment Notifications for products exported under a bulk encryption license Maintain reports throughout the year to avoid stress at reporting deadline
27 Foreign Import Control Requirements Transparent Rules - France - Israel Opaque Rules - Russia - China Key Points of Trans-shipment - Hong Kong - Singapore Other countries to consider - UAE - India - Poland - South Africa - Malaysia - Turkey THIS IS NOT AN EXHAUSTIVE LIST
28 OTHER TECHNOLOGIES
29 Light Detection and Ranging (LIDAR)
30 Light Detection and Ranging (LIDAR) ITAR Category XII(b)(6): LIDAR specially designed for a military end user EAR 6A008.j: LIDAR equipment having any of the following: 1. Space-qualified 2. Employing coherent heterodyne or homodyne detection techniques and having an angular resolution of less (better) than 20 µrad (microradians) 3. Designed for carrying out airborne bathymetric littoral surveys... Note: 6A008 does not control Civil Automotive Radar
31 Cameras EAR 6A003.b: Imaging cameras Note: 6A003.b.4.b and.c do not control imaging cameras having any of the following: The camera is specially designed for installation into a civilian passenger land vehicle and having all of the following: 1. The placement and configuration of the camera within the vehicle are solely to assist the driver in the safe operation of the vehicle; 2. Is operable only when installed in any of the following: a. The civilian passenger land vehicle for which it was intended and the vehicle weighs less than 4,500 kg (gross vehicle weight); or b. A specially designed, authorized maintenance test facility; and 3. Incorporates an active mechanism that forces the camera not to function when it is removed from the vehicle for which it was intended.
32 Camera Technology EAR 6E001/6E002: Technology for 6A003 cameras License Exception TSR may not be used, unless it is for the integration of 6A003 cameras into camera systems specially designed for civil automotive applications
33 Artificial Intelligence / Machine Learning EAR 3A001.a.9 Neural network integrated circuits NOTE: The control status of integrated circuits described in 3A001.a.9 that are unalterably programmed or designed for a specific function for other equipment is determined by the control status of the other equipment.
34 Data Privacy Issues Who owns the data that is collected or generated? To whom is data sent and how is it stored? How is the data being secured?
35 Key Compliance Considerations Determine if the item/project is controlled under the ITAR or EAR Classify the item/technology Does is matter if it is specially designed for civil automotive vs generic? Does it use encryption in a non-exempt manner? In what ways will there be an export? Physical shipment Electronic transmission Sharing of information Who will receive the export? Internal parties Third-parties Foreign persons
36 Questions? Maher M. Shomali Wes Demory Two Hamill Road, Suite 415 Baltimore, Maryland 21210
CATEGORY 5 - TELECOMMUNICATIONS AND "INFORMATION SECURITY" A. SYSTEMS, EQUIPMENT AND COMPONENTS. II. "Information Security"
Commerce Control List Supplement No. 1 to Part 774 Category 5 - Info. Security page 1 CATEGORY 5 - TELECOMMUNICATIONS AND "INFORMATION SECURITY" A. SYSTEMS, EQUIPMENT AND COMPONENTS II. "Information Security"
More informationWelcome to Baker McKenzie Stockholm Fifth Annual Trade Day. 7 November 2017
Welcome to Baker McKenzie Stockholm Fifth Annual Trade Day 7 November 2017 Software Classification and Security Alison Stafford Powell and Olof König 3 4 Alison J. Stafford Powell Partner Baker McKenzie
More informationExport Management System. Information Needed for an Export Controls License Assessment. June 2009
Office of Sponsored Programs Services Export Management System Information Needed for an Export Controls License Assessment June 2009 1 Introduction The purpose of this document is to provide a template
More informationCyber security mechanisms for connected vehicles
Infineon Security Partner Network Partner Use Case Cyber security mechanisms for connected vehicles Protecting automotive vehicle networks and business models from cyber security attacks Products AURIX
More informationINTERNATIONAL TRADE COMPLIANCE ISSUE REPORT FORM For use in reporting suspected export or import compliance issues Effective as of 3/25/2016
A potential export or import compliance issue includes but is not limited to potential escapes, errors, and violations related to the International Traffic in Arms Regulations ( ITAR ), Export Administration
More informationHow do you classify encryption under the Commerce Department s Export Administration Regulations (EAR)?
By Ray Gold What is encryption? How do you classify encryption under the Commerce Department s Export Administration Regulations (EAR)? What are potential solutions to managing concerns? Encryption Is
More informationDDTC IT Modernization
DDTC IT Modernization Anthony Dearth Directorate Defense Trade Controls Acting Managing Director AGENDA DECCS Release 2 Features and Industry Batch Filing/Testing DECCS Cyber Security DTAG Recommendations
More informationThe modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.
Automotive The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020. Cars are becoming increasingly connected through a range of wireless networks The increased
More informationINSPIRING IOT INNOVATION: MARKET EVOLUTION TO REMOVE BARRIERS. Mark Chen Taiwan Country Manager, Senior Director, Sales of Broadcom
INSPIRING IOT INNOVATION: MARKET EVOLUTION TO REMOVE BARRIERS Mark Chen Taiwan Country Manager, Senior Director, Sales of Broadcom CAUTIONARY STATEMENT This presentation may contain forward-looking statements
More informationInstructions for Form DS-7787: Disclosure of Violations of the Arms Export Control Act
Instructions for Form DS-7787: Disclosure of Violations of the Arms Export Control Act General Instructions: 1 The size of the text field will correspond to the type of information required, with more
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationBlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module
BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE Cryptographic Appliances with Integrated Level 3+ Hardware Security Module The BlackVault hardware security platform keeps cryptographic material
More informationExport Controls and Cloud Computing
Export Controls and Cloud Computing Bureau of Industry and Security U.S. Department of Commerce Presented by: Tracy L. Patts Foreign Policy Division BIS Guidance on Cloud Computing Three directly relevant,
More informationSecuring IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region
Securing IoT devices with STM32 & STSAFE Products family Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region 2 The leading provider of products and solutions for Smart Driving and
More informationSUMMARY: The Bureau of Industry and Security (BIS) proposes to implement the
This document is scheduled to be published in the Federal Register on 05/20/2015 and available online at http://federalregister.gov/a/2015-11642, and on FDsys.gov Billing Code: 3510 33 P DEPARTMENT OF
More informationIntroduction to the Export Services Branch Programmes and Services Ministry of International Trade
Introduction to the Export Services Branch Programmes and Services Ministry of International Trade 10/25/2017 Export Services Branch Overview Branch Mandate: To support/assist Small and Medium Enterprises
More informationCASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)
CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001) Gregg, Michael ISBN-13: 9781118083192 Table of Contents Foreword xxi Introduction xxvii Assessment Test xliv Chapter 1 Cryptographic
More informationEMERG IOT / M2M regulation and autonomous driving
EMERG IOT / M2M regulation and autonomous driving Workshop Massimo Morganti Ericsson BTEB IoT 27-09-2018 Ericsson Connected Vehicle Cloud Commercial Presentation 1/221 09-FGD 101 432 Uen, Rev C 2018-05-18
More informationCyber security of automated vehicles
Cyber security of automated vehicles B. Steurich Infineon Technologies Conference Sep. 2017, Berlin Building blocks of automated driving: Cooperation of multiple system and disciplines Data Processing
More informationVehicle To Android Communication Mode
Technical Disclosure Commons Defensive Publications Series May 12, 2017 Vehicle To Android Communication Mode Tanmay Wadhwa Neil Dhillon Follow this and additional works at: http://www.tdcommons.org/dpubs_series
More informationSmart Grid vs. The NERC CIP
Smart Grid vs. The NERC CIP Tobias Whitney, MBA GE Smart Grid Center of Excellence 1 First The Bottom Line Security & Privacy are paramount Smart Grid concerns of regulators and the public Currently every
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationEntire contents 2013 Mobile Experts LLC. Reproduction of this publication in any form without prior written permission is strictly forbidden and will
Table of Contents Entire contents 2013 Mobile Experts LLC. Reproduction of this publication in any form without prior written permission is strictly forbidden and will be prosecuted to the fully extent
More informationCybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute
Cybersecurity Challenges for Connected and Automated Vehicles Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute Cars are becoming complex (and CAV is only part of it) 1965: No
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationAbout Office 365 [PLACEHOLDER]
Office 365 [PLACEHOLDER] Service Description Applies to: Office 365 [PLACEHOLDER] Topic Last Modified: 22-Apr-2016 In response to the unique and evolving requirements of the United States federal government
More informationCardOS Secure Elements for Smart Home Applications
Infineon Security Partner Network Partner Use Case CardOS Secure Elements for Smart Home Applications Using cryptographic functionality provided by ATOS to secure embedded platforms in Smart Home applications.
More informationSession 6A: Export Controls and Cloud Computing. Key Regulatory Issues
Export Controls and Cloud Computing Bureau of Industry and Security U.S. Department of Commerce Key Regulatory Issues Control system was devised before the development of highbandwidth telecommunications,
More informationTrust & Privacy: Information Security and Identity Management for Autonomous Vehicles. March 31, failure analysis & prevention
failure analysis & prevention Trust & Privacy: Information Security and Identity Management for Autonomous Vehicles March 31, 2016 A leading engineering & scientific consulting firm dedicated to helping
More informationAutomotive Cyber Security
Automotive Cyber Security Rajeev Shorey (Ph.D.) Principal Scientist TCS Innovation Labs Cincinnati, USA & Bangalore, India Copyright 2013 Tata Consultancy Services Limited Connected Vehicles Chennai, 18
More informationProtecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations (NIST SP Revision 1)
https://www.csiac.org/ Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations (NIST SP800-171 Revision 1) Today s Presenter: Wade Kastorff SRC, Commercial Cyber Security
More informationARM processors driving automotive innovation
ARM processors driving automotive innovation Chris Turner Director of advanced technology marketing, CPU group ARM tech forums, Seoul and Taipei June/July 2016 The ultimate intelligent connected device
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationInformation Security Drivers and Challenges for High Assurance Applications
www.thalesgroup.com Information Security Drivers and Challenges for High Assurance Applications Glyn Jones Security Research Team Leader Adrian Waller Chief Technical Consultant Thales UK Research & Technology
More informationOracle Data Cloud ( ODC ) Inbound Security Policies
Oracle Data Cloud ( ODC ) Inbound Security Policies Contents Contents... 1 Overview... 2 Oracle Data Cloud Security Policy... 2 Oracle Information Security Practices - General... 2 Security Standards...
More informationTopSec Mobile Secure voice encryption for smartphones and laptops
Secure Communications Product Brochure 02.00 TopSec Mobile Secure voice encryption for smartphones and laptops TopSec Mobile At a glance The TopSec Mobile is a mobile encryption device for secure worldwide
More informationSafeGuard SecurityServer
SafeGuard SecurityServer The Hardware Security Module for Securing Cryptographic Key Material Transparent Pricing Unlimited connections without extra licenses. Unrestricted use in applications. Compliance
More informationCorporate Guideline. Export Compliance Policy
Export Compliance Policy Table of contents EXPORT INFORMATION ON UTIMACO PRODUCTS... 3 GLOBAL EXPORT CONTROLS... 4 GOBAL EXPORT CONTROLS PRODUCT CLASSIFICATION... 5 2 EXPORT INFORMATION ON UTIMACO PRODUCTS
More informationWhat are Embedded Systems? Lecture 1 Introduction to Embedded Systems & Software
What are Embedded Systems? 1 Lecture 1 Introduction to Embedded Systems & Software Roopa Rangaswami October 9, 2002 Embedded systems are computer systems that monitor, respond to, or control an external
More informationGrenzen der Kryptographie
Microsoft Research Grenzen der Kryptographie Dieter Gollmann Microsoft Research 1 Summary Crypto does not solve security problems Crypto transforms security problems Typically, the new problems relate
More informationThe Role of SANAS in Support of South African Regulatory Objectives. Mr. Mpho Phaloane South African National Accreditation System
The Role of SANAS in Support of South African Regulatory Objectives Mr. Mpho Phaloane South African National Accreditation System Outline of Presentation INTRODUCTION STATUS OF SANAS TECHNICAL INFRASTRUCTURE
More informationVPN World. MENOG 16 Istanbul-Turkey. By Ziad Zubidah Network Security Specialist
VPN World MENOG 16 Istanbul-Turkey By Ziad Zubidah Network Security Specialist What is this Van used for?! Armed Van It used in secure transporting for valuable goods from one place to another. It is bullet
More informationGetting to Grips with Public Key Infrastructure (PKI)
Getting to Grips with Public Key Infrastructure (PKI) What is a PKI? A Public Key Infrastructure (PKI) is a combination of policies, procedures and technology that forms a trust infrastructure to issue
More informationITAR and EAR Contamination and Impacts on Employment, Facility Visits and Retransfers
9-11 June 2015 ITAR and EAR Contamination and Impacts on Employment, Facility Visits and Retransfers George N. Grammas Partner and Chair, International Trade / Global Import and Export Compliance Squire
More informationCS155b: E-Commerce. Lecture 6: Jan. 25, Security and Privacy, Continued
CS155b: E-Commerce Lecture 6: Jan. 25, 2001 Security and Privacy, Continued FIREWALL A barrier between an internal network & the Internet Protects the internal network from outside attacks Executes administrator-defined
More informationfips185 U.S. DEPARTMENT OF COMMERCE/National Institute of Standards and Technology
FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION 185 1994 February 9 U.S. DEPARTMENT OF COMMERCE/National Institute of Standards and Technology ESCROWED ENCRYPTION STANDARD CATEGORY: TELECOMMUNICATIONS
More informationAbout FIPS, NGE, and AnyConnect
About FIPS, NGE, and AnyConnect, on page 1 Configure FIPS for the AnyConnect Core VPN Client, on page 4 Configure FIPS for the Network Access Manager, on page 5 About FIPS, NGE, and AnyConnect AnyConnect
More informationCONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements
CONTENTS Preface Acknowledgements xiii xvii Chapter 1 TCP/IP Overview 1 1.1 Some History 2 1.2 TCP/IP Protocol Architecture 4 1.2.1 Data-link Layer 4 1.2.2 Network Layer 5 1.2.2.1 Internet Protocol 5 IPv4
More informationCisco VPN Internal Service Module for Cisco ISR G2
Data Sheet Cisco VPN Internal Service Module for Cisco ISR G2 Compact Versatile High-Performance VPN Module The Cisco VPN Internal Service Module (VPN ISM) is a module for the Cisco Integrated Services
More informationSDBOR Technology Control Plan (TCP) Project Title:
SDBOR Technology Control Plan (TCP) Project Title: Principal Investigator: Phone: Department: Email: Description of Controls (EAR/ITAR Category): Location(s) Covered by TCP: Is sponsored research involved?
More informationSecuring V2X communications with Infineon HSM
Infineon Security Partner Network Securing V2X communications with Infineon HSM Savari and Infineon The Sign of Trust for V2X Products SLI 97 www.infineon.com/ispn Use case Application context and security
More informationHP Instant Support Enterprise Edition (ISEE) Security overview
HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained
More informationNew Security Features in DLMS/COSEM
New Security Features in DLMS/COSEM A comparison to the Smart Meter Gateway Workshop on Power Line Communications 2015 (HRW), Robin Massink (DNV GL), Gerd Bumiller (HRW) 21.09.2015 21.09.2015 1 Initiated
More informationEasy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications
Infineon Network Use Case Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications Providing Infineon customers with an easy path to integrating TPM support into their products and systems
More informationDesigning Network Encryption for the Future Emily McAdams Security Engagement Manager, Security & Trust Organization BRKSEC-2015
Designing Network Encryption for the Future Emily McAdams Security Engagement Manager, Security & Trust Organization BRKSEC-2015 What Could It Cost You? Average of $0.58 a record According to the Verizon
More informationAuthentication with Privacy for Connected Cars - A research perspective -
Authentication with Privacy for Connected Cars - A research perspective - Mark Manulis Surrey Centre for Cyber Security, Deputy-Director Department of Computer Science University of Surrey sccs.surrey.ac.uk
More informationUCOP ITS Systemwide CISO Office Systemwide IT Policy
UCOP ITS Systemwide CISO Office Systemwide IT Policy Revision History Date: By: Contact Information: Description: 08/16/17 Robert Smith robert.smith@ucop.edu Initial version, CISO approved Classification
More informationWiFi and Wireless System on Module Applications and Bluegiga products
WiFi and Wireless System on Module Applications and Bluegiga products Compelfest Jarno Salmivuori Business Development Director 31.1.2013 Topics Bluegiga Technologies in brief What is Bluetooth Smart and
More informationEnterprise Identity Management 101. Phillip J. Windley Brigham Young University
Enterprise Identity Management 101 Phillip J. Windley Brigham Young University phil@windley.com www.windley.com 1 Digital Identity Matters Rifkin on service economy and what it portends for identity: commercial
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationNOVEMBER 2017 Leading Digital Transformation Driving innovation at scale Marc Leroux Executive Evangelist/Digital ABB
NOVEMBER 2017 Leading Digital Transformation Driving innovation at scale Marc Leroux Executive Evangelist/Digital ABB Discussion topics Introductions The digital transformation Innovating at scale How
More informationUNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE
INFORMATION TECHNOLOGY SECURITY GUIDANCE CRYPTOGRAPHIC ALGORITHMS FOR UNCLASSIFIED, PROTECTED A, AND PROTECTED B INFORMATION ITSP.40.111 August 2016 FOREWORD The Cryptographic Algorithms for UNCLASSIFIED,
More informationApple Inc. Apple IOS 11 VPN Client on iphone and ipad Guidance Documentation
Apple Inc. Apple IOS 11 VPN Client on iphone and ipad Guidance Documentation April 2018 Version 1.2 1 Contents 1 Introduction... 4 1.1 Target of Evaluation... 4 1.2 Cryptographic Support... 5 1.3 Glossary...
More informationAchieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients
Achieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients This document is provided as is with no warranties whatsoever, including any warranty of merchantability,
More informationData Localization. Data Localization
Data Localization Society of Corporate Compliance & Ethics Compliance & Ethics Institute 2016 Presenter: Web Hull Data Localization - Web.Hull@icloud.com 1 Data Localization It s All about Protecting the
More informationRoger C. Lanctot Director, Automotive Connected Mobility
Roger C. Lanctot Director, Automotive Connected Mobility Roger Lanctot has 25+ years of experience as a journalist, analyst and consultant advising electronics companies, car companies, wireless carriers,
More informationMesse Wien Internet FAQ
Messe Wien Internet FAQ Dear customer, thank you very much for your interest in our products at Messe Wien. Based on experience and feedback from past years, we have collected the most important questions
More informationDepartment of Public Health O F S A N F R A N C I S C O
PAGE 1 of 7 Category: Information Technology Security and HIPAA DPH Unit of Origin: Department of Public Health Policy Owner: Phillip McDown, CISSP Phone: 255-3577 CISSPCISSP/C Distribution: DPH-wide Other:
More informationGlobalPlatform Trusted Execution Environment (TEE) for Mobile
GlobalPlatform Trusted Execution Environment (TEE) for Mobile Kevin Gillick Executive Director, GlobalPlatform @GlobalPlatform_ www.linkedin.com/company/globalplatform GlobalPlatform Overview GlobalPlatform
More informationMobile Computing Introduction
Mobile Computing Introduction UNIT - 1 Prepared By:- NITIN PANDYA Assistant Professor, SVBIT. What is Mobile Computing 2 NTIIN PANDYA 3 NTIIN PANDYA Definitions Mobile Computing What is mobile computing?
More information24th MONDAY. Overview 2018
24th MONDAY Overview 2018 Imagination: your route to success At Imagination, we create and license market-leading processor solutions for graphics, vision & AI processing, and multi-standard communications.
More informationSecuring the future of mobility
Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need
More informationSGS CYBER SECURITY GROWTH OPPORTUNITIES
SGS CYBER SECURITY GROWTH OPPORTUNITIES Eric Krzyzosiak GENERAL MANAGER DIGITAL Jeffrey Mc Donald Executive Vice President CERTIFICATION & BUSINESS ENHANCEMENT Eric Lee WIRELESS & CONSUMER RETAIL CYBER
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationGM Information Security Controls
: Table of Contents 2... 2-1 2.1 Responsibility to Maintain... 2-2 2.2 GM s Right to Monitor... 2-2 2.3 Personal Privacy... 2-3 2.4 Comply with Applicable Laws and Site Specific Restrictions... 2-3 2.5
More informationDigital Opportunity Index. Michael Minges Telecommunications Management Group, Inc.
Digital Opportunity Index Michael Minges Telecommunications Management Group, Inc. Digital Opportunity Index (DOI) Why How Preliminary results Conclusions WSIS Plan of Action E. Follow-up and evaluation
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationTechnology / Export Control Plan (T/ECP)
Technology / Export Control Plan (T/ECP) Technology Control Plan Template This project/activity involves the use of Export-Controlled Information (ECI). As a result, the project/activity comes under the
More informationThe Expanding Role of Bluetooth in Smart Buildings. Chuck Sabin Senior Director, Business Strategy
The Expanding Role of Bluetooth in Smart Buildings Chuck Sabin Senior Director, Business Strategy 1 use solution Bluetooth driving waves of innovation May 30, 2018 Bluetooth SIG Proprietary 2 use solution
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationPrinciples of Information Security, Fourth Edition. Chapter 8 Cryptography
Principles of Information Security, Fourth Edition Chapter 8 Cryptography Learning Objectives Upon completion of this material, you should be able to: Chronicle the most significant events and discoveries
More informationGoogle Cloud Platform: Customer Responsibility Matrix. December 2018
Google Cloud Platform: Customer Responsibility Matrix December 2018 Introduction 3 Definitions 4 PCI DSS Responsibility Matrix 5 Requirement 1 : Install and Maintain a Firewall Configuration to Protect
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationStandard For IIUM Wireless Networking
INTERNATIONAL ISLAMIC UNIVERSITY MALAYSIA (IIUM) Document No : IIUM/ITD/ICTPOL/4.3 Effective Date : 13/11/2008 1.0 OBJECTIVE Standard For IIUM Wireless Networking Chapter : Network Status : APPROVED Version
More informationCYBER SECURITY WHITEPAPER
CYBER SECURITY WHITEPAPER ABOUT GRIDSMART TECHNOLOGIES, INC. GRIDSMART Technologies, Inc. provides Simple, Flexible, and Transparent solutions for the traffic industry that collect and use data to make
More informationE-Seminar. Wireless LAN. Internet Technical Solution Seminar
E-Seminar Wireless LAN Internet Technical Solution Seminar Wireless LAN Internet Technical Solution Seminar 3 Welcome 4 Objectives 5 Definition 6 Uses 7 LAN Network Layout 8 Operation 9 Building - to -
More informationINCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.
INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS Protect Critical Enterprise Applications and Cardholder Information with Enterprise Application Access Scope and Audience This guide is for
More informationAutomotive Gateway: A Key Component to Securing the Connected Car
Automotive : A Key Component to Securing the Connected Car Introduction Building vehicles with gateways electronic devices that enable secure and reliable communications among a vehicle s electronic systems
More informationFRAMEWORK MAPPING HITRUST CSF V9 TO ISO 27001/27002:2013. Visit us online at Flank.org to learn more.
FRAMEWORK MAPPING HITRUST CSF V9 TO ISO 27001/27002:2013 Visit us online at Flank.org to learn more. HITRUST CSF v9 Framework ISO 27001/27002:2013 Framework FLANK ISO 27001/27002:2013 Documentation from
More informationCryptography and Network Security Chapter 16. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Chapter 16 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death,
More informationWhite paper. Combatant command (COCOM) next-generation security architecture
Combatant command () next-generation security architecture using NSA Suite B Table of Contents Combatant command () next-generation security architecture using NSA Suite B NSA Commercial Solution for Classified
More informationConnected Car. Dr. Sania Irwin. Head of Systems & Applications May 27, Nokia Solutions and Networks 2014 For internal use
Connected Car Dr. Sania Irwin Head of Systems & Applications May 27, 2015 1 Nokia Solutions and Networks 2014 For internal use Agenda Introduction Industry Landscape Industry Architecture & Implications
More informationE-Seminar. Voice over IP. Internet Technical Solution Seminar
E-Seminar Voice over IP Internet Technical Solution Seminar Voice over IP Internet Technical Solution Seminar 3 Welcome 4 Objectives 5 Telephony in Business 6 VoIP and IP Telephony 7 Traditional Telephony
More informationST33F1M, ST33F1M0, ST33F896, ST33F768, ST33F640, ST33F512
ST33F1M, ST33F1M0, ST33F896, ST33F768, ST33F640, ST33F512 Secure MCU with 32-bit ARM SC300 CPU, SWP interface, NESCRYPT cryptoprocessor and high-density Flash memory Data brief Micromodule DFN8 package
More informationDatabase Centric Information Security. Speaker Name / Title
Database Centric Information Security Speaker Name / Title The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated
More informationA HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage
A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION Establish Create Use Manage SIMPLE. SECURE. SMART. ALL FROM A SINGLE SOURCE. As the ways to access your organization and its sensitive data increase,
More informationFast 3D EMC/EMI Scan with Detectus Scanning System and Tektronix Real Time Spectrum Analyzers CASE STUDY
Fast 3D EMC/EMI Scan with Detectus Scanning System and Tektronix Real Time Spectrum Analyzers Fast 3D EMC/EMI Scan with Detectus Scanning System and Tektronix Real Time Spectrum Analyzers Customer Solution
More informationSAC PA Security Frameworks - FISMA and NIST
SAC PA Security Frameworks - FISMA and NIST 800-171 June 23, 2017 SECURITY FRAMEWORKS Chris Seiders, CISSP Scott Weinman, CISSP, CISA Agenda Compliance standards FISMA NIST SP 800-171 Importance of Compliance
More informationDatacryptor AP Layer 3 IP Encryptor
> Datacryptor AP Layer 3 IP Encryptor www.thalesesec.com SECURITY Technical Specifications Cryptography Protocols Key Management Physical Interfaces Device Management Security Features Certifications Regulatory
More informationMeeting FFIEC Meeting Regulations for Online and Mobile Banking
Meeting FFIEC Meeting Regulations for Online and Mobile Banking The benefits of a smart card based authentication that utilizes Public Key Infrastructure and additional mechanisms for authentication and
More information