Edge-based Encryption and ServiceNow. White Paper
|
|
- Barnaby Hunter
- 6 years ago
- Views:
Transcription
1 Edge-based Encryption and ServiceNow
2 Executive Summary Edge-based encryption is a proxy-based technology that sits between a customer s browser and a ServiceNow instance. Users of cloud-based software are constantly looking for new and improved ways to secure their data within the cloud. One of the newest technologies to attempt to address this need is an edge-based encryption proxy like those offered by companies such as CipherCloud or SkyHigh. An edge-based proxy can be used against a ServiceNow instance, and it will properly encrypt data. However, there are significant pieces of application functionality that either do not work at all, or do not work as expected against encrypted data. Specifically, the following functions are impacted: Sorting Searching Import/Export Business Rules and Logic The functional impact of each varies and, in some cases, there are mitigation strategies that can be implemented. However, the fact remains that the use of these proxies does not result in a seamless user experience. Understanding the Technology Edge-based encryption is a proxy-based technology that sits between a customer s browser and a ServiceNow instance. Traffic from a customer s browser passes through the proxy on its way to the ServiceNow instance. The proxy, in turn, is configured to encrypt specific columns of data on its way through. The traffic in the other direction is decrypted, and the end user sees plaintext. Figure 1: Edge-based Proxy Deployment ServiceNow 2
3 Edge-based Encryption and ServiceNow Barring a vulnerability in the encryption protocol itself, there is no way any employee at ServiceNow can read the encrypted data. The advantage of this solution, from a security standpoint, is that all encryption is handled externally from the vendor (in this case ServiceNow), as is all key management. Barring a vulnerability in the encryption protocol itself, there is no way any employee at ServiceNow can read the encrypted data. Likewise, a series of infrastructure attacks, up to and including stealing instance backups or taking control of the hosts on which the instance runs, cannot reveal the secret data. The best way to understand what this means in practical terms is to use a side by side example of what a list of data looks like both from an end user s perspective and from the ServiceNow instance s perspective. In this example, assume that there is a list table of soldiers, each of whom has a name, rank, and serial number. Let s further assume that we have deployed an edge encryption device to encrypt the rank and serial number fields of the table. Abe Abel Captain Bob Baker Lieutenant Carl Casey Captain Don Draper Colonel Ed Earl Major Abe Abel $%$%! SDSD# Bob Baker ^SD^&% A%$SA$ Carl Casey $%$%! C^D#$% Don Draper 9ASD&(*A G%$^$ Ed Earl H7asdh78 H%#D# Figure 2: What the user sees Figure 3: What the ServiceNow instance sees From a security standpoint, the above is great; ServiceNow doesn t see anybody s rank or serial number, instead we see encrypted gobblygook. If we happened to know that Carl Casey was a captain, we could probably deduce that Abe Abel was also a captain since he had the same cypher text as Carl Casey; setting aside those sorts of known plaintext attacks the data is secure from us. A point worth making here is that, as far as the ServiceNow instance is concerned, there s no encryption going on at all, it just thinks that Abe Abel s rank is literally $%$%!. The same functional encryption could be implemented by the end user typing all of their ranks into an encryption device on their desktop, and then copying the output of that into the system. Naturally, that s not a reasonable work experience outside of the classified world, but it s functionally equivalent from the back end s perspective. That, in turn, leads to a series of challenges when the application tries to operate over this data. Sorting ServiceNow does all sorting on the back end server. As an application, ServiceNow deals with large data sets and generally returns the top N to the end user based on some form of sort. Asked for a list of users sorted by last name, for example, ServiceNow will ServiceNow 3
4 Edge-based Encryption and ServiceNow ServiceNow does all sorting on the back end server. sort all 100,000 users in the customer s database to find the first 100 and return those to the user. Depending on the presence or absence of an index, ServiceNow may, in fact, be able to avoid physically sorting that many rows. However, the point remains that the top N rows that match your sort are returned rather than, say, returning all possible rows and letting the user s browser do the sort. Since the application always sorts on the back end, and the application always sorts on the cypher text values, any user-initiated sort of encrypted data will produce results that appear wrong to the end user. Example: Sorting the list of soldiers by serial number. The end user expects to see Abe Abel atop the list of soldiers since his serial number, is the first serial number sequentially. In terms of cypher text though, the cypher value of his serial number, SDSD#, collates last in the list, leading to the end user thinking sorting is not working properly. Bob Baker Lieutenant Carl Casey Captain Don Draper Colonel Ed Earl Major Abe Abel Captain Bob Baker ^SD^&% A%$SA$ Carl Casey $%$%! C^D#$% Don Draper 9ASD&(*A G%$^$ Ed Earl H7asdh78 H%#D# Abe Abel $%$%! SDSD# Figure 4: User this is sorted incorrectly Figure 5: Back end this is sorted correctly In some edge-based encryption products, it is possible to use an order preserving hash instead of a classical encryption function. In doing so, all encrypted values are replaced with cypher text, but the cypher text values are chosen such that the collation values of each entry are retained. While this option sounds attractive, and does solve the sorting problem, it also introduces a cryptographic weakness into the system. Any user who can add data to the system and observe its collation order, or introduce somebody else to do so on their behalf, can quickly determine the plaintext value of any cypher text element via a binary search. Alternately, sorting can be disabled for any encrypted column by adding the: no_sort=true attribute to that column s dictionary entry. ServiceNow 4
5 Edge-based Encryption and ServiceNow ServiceNow executes all searches on the back end database, which means all searches will be executed against cypher text values, rather than plaintext values. Searching Like sorting, searching is limited for similar reasons. ServiceNow executes all searches on the back end database, which means all searches will be executed against cypher text values, rather than plaintext values. End users who enter searches (who only see plaintext) will perceive the product to be broken as regards to searching. For example, assume that users want to search all soldiers for those whose rank begins with C (presumptively they want both captains and colonels and potentially corporals). The back end will happily look at this table of users and look for those whose rank begins with C. Bob Baker ^SD^&% %$SA$ Carl Casey $%$%! ^D#$% Don Draper 9ASD&(*A G%$^$ Ed Earl H7asdh78 H%#D# Abe Abel $%$%! SDSD# Figure 6: There are no users whose rank begins with C The end user will be told that there are zero records matching the search, which will be, as far as they are concerned, wrong. Searches specifically for equality, or inequality, will still work since the search term for a particular plaintext will be turned into a search for a predictable cypher text as well. For example, searching for the soldier whose serial number is will be turned into a search for the soldier whose serial number is SDSD$, and will correctly return Abe Abel. None. Import/Export ServiceNow does all export and import activities on the back end servers. As such, any exported data, be it Excel, XML, CSV, or other, will export the cypher text values of any encrypted columns. Likewise, since ServiceNow physically cannot encrypt the data, any attempt to import data into an encrypted column will result in unencrypted (plaintext) values being written into the column. None. ServiceNow 5
6 The use of edge-based encryption with ServiceNow is an impactful decision that can lead to a degraded or surprising user experience for many common activities. Business Rules and Logic ServiceNow runs all business logic on the back end as well, so any business rule that wants to either read from or write to an encrypted column will run into problems. When reading values from an encrypted column, the business rule will read only cypher text. When writing values into an encrypted field, ServiceNow will overwrite the encrypted column with whatever plaintext value we stored. Example, a business rule which wants to test the value of the rank field on a soldier and send them an inviting them to the Officers Ball if they are a commissioned rank cannot do so. Likewise a business rule that wants to issue a field commission to anybody whose commanding general nominates them for one cannot do so since it cannot properly set the rank value. None. Summary The use of edge-based encryption with ServiceNow is an impactful decision that can lead to a degraded or surprising user experience for many common activities. Making parallel configuration changes between the encryption proxy and the ServiceNow instance can mitigate some of these issues, but for many others there is no mitigation strategy. As a vendor, ServiceNow neither recommends nor discourages the use of this technology as a whole, but we do want to ensure that ServiceNow customers understand the pros and cons of this approach. Using this class of technology will protect sensitive data, but due to the functional deficits associated with this approach, we recommend its use only for columns which: Have no back end workflow requirement Do not require import/export Are used in relatively well understood product areas where appropriate end user training can be implemented 2014 ServiceNow, Inc. All rights reserved. ServiceNow believes information in this publication is accurate as of its publication date. This publication could include technical inaccuracies or typographical errors. The information is subject to change without notice. Changes are periodically added to the information herein; these changes will be incorporated in new editions of the publication. ServiceNow may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time. Reproduction of this publication without prior written permission is forbidden. The information in this publication is provided as is. ServiceNow makes no representations or warranties of any kind, with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. ServiceNow is a trademark of ServiceNow, Inc. All other brands, products, service names, trademarks or registered trademarks are used to identify the products or services of their respective owners. SN-WP-EdgebasedEncryption
Data Encryption with ServiceNow
Data Encryption with ServiceNow Encryption Technologies for Data Protection on the ServiceNow Platform Table of Contents Executive summary... 3 Edge Encryption...4 Common use cases... 5 Perspectives on
More informationData Encryption with ServiceNow
Data Encryption with ServiceNow Encryption Technologies for Data Protection on the ServiceNow Platform Table of Contents Executive summary... 3 Edge Encryption...4 Common use cases... 5 Perspectives on
More information1-7 Attacks on Cryptosystems
1-7 Attacks on Cryptosystems In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from
More informationData Domain OpenStorage Primer
White Paper Data Domain OpenStorage Primer Abstract Data Domain s support for Symantec NetBackup OpenStorage enables the use of disk as disk, eliminating the need to emulate tape drives, tape cartridges,
More informationIntroduction to Security and User Authentication
Introduction to Security and User Authentication Brad Karp UCL Computer Science CS GZ03 / M030 14 th November 2016 Topics We ll Cover User login authentication (local and remote) Cryptographic primitives,
More informationRSA DISTRIBUTED CREDENTIAL PROTECTION
RSA DISTRIBUTED CREDENTIAL PROTECTION There is a security weakness lurking in many of today s best designed systems a primary point of compromise. Think about your own IT operations. Chances are that by
More informationQuick Start An Overview of ITIL Service Design
Quick Start An Overview of ITIL Service Design Warning: This will increase your brain activity Learning ITIL is not easy. First, there s confusion. What the blank is ITIL? Then comes denial. Why, ITIL,
More informationMicrosoft Dynamics GP. Extender User s Guide Release 9.0
Microsoft Dynamics GP Extender User s Guide Release 9.0 Copyright Copyright 2005 Microsoft Corporation. All rights reserved. Complying with all applicable copyright laws is the responsibility of the user.
More informationWHITE PAPER. Best Practices for Web Application Firewall Management
WHITE PAPER Best Practices for Web Application Firewall Management WHITE PAPER Best Practices for Web Application Firewall Management.. INTRODUCTION 1 DEPLOYMENT BEST PRACTICES 2 Document your security
More informationA Practical Guide to Efficient Security Response
A Practical Guide to Efficient Security Response The Essential Checklist Start The Critical Challenges to Information Security Data breaches constantly threaten the modern enterprise. And the risk continues
More informationKronoDesk Quick Start Guide Inflectra Corporation
KronoDesk Quick Start Guide Inflectra Corporation Date: June 16th, 2016 Contents Introduction 2 1. Getting Started 3 1.1. Viewing Knowledge Base Articles 3 1.2. Browsing the Support Forums 5 2. Using the
More informationMicrosoft Dynamics GP. Extender User s Guide
Microsoft Dynamics GP Extender User s Guide Copyright Copyright 2009 Microsoft Corporation. All rights reserved. Complying with all applicable copyright laws is the responsibility of the user. Without
More informationCryptanalysis. Ed Crowley
Cryptanalysis Ed Crowley 1 Topics Cryptanalysis History Modern Cryptanalysis Characterization of Cryptanalysis Attacks Attack Types 2 Cryptanalysis Science of cracking ciphers and codes, decoding secrets,
More informationSage Construction Anywhere Setup Guide
Sage Construction Anywhere Setup Guide Sage 300 Construction and Real Estate Sage University This is a publication of Sage Software, Inc. Copyright 2014 Sage Software, Inc. All rights reserved. Sage, the
More informationCryptography ThreeB. Ed Crowley. Fall 08
Cryptography ThreeB Ed Crowley Fall 08 Cryptanalysis History Modern Cryptanalysis Characterization of Cryptanalysis Attacks Attack Types Cryptanalysis. Science of cracking ciphers and codes, decoding secrets,
More informationTrademark. Cadex C5100 BatteryStore v1.5 User Guide
v1.5 Trademark C5100 BatteryStore is a trademark of Cadex Electronics Inc. All other trademarks or registered trademarks mentioned herein are the property of their respective owners. Copyright Notice Copyright
More informationApplication Security for Java-based BlackBerry Handhelds
Application Security for Java-based Originally posted: February 2003 Latest revision: May 2003 Introduction Corporate data access capabilities supported by the BlackBerry platform enable wireless connectivity
More informationENCRYPTION IN USE FACT AND FICTION. White Paper
White Paper Table of Contents The Case for Encryption... Encryption in Use Not Some Kind of Magic... Evaluating Encryption in Use Claims... 3 4 4 The Vaultive Approach... 5 2 Risk-conscious enterprises
More informationDell EMC Ready Solution for VMware vcloud NFV 3.0 OpenStack Edition Platform
Dell EMC Ready Solution for VMware vcloud NFV 3.0 OpenStack Edition Platform Deployment Manual Document Index Guide for VMware NFV 3.0 with VMware Integrated OpenStack 5.0 with Kubernetes Dell Engineering
More informationIntroduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014
Introduction to Cryptography CS 136 Computer Security Peter Reiher October 9, 2014 Page 1 Outline What is data encryption? Cryptanalysis Basic encryption methods Substitution ciphers Permutation ciphers
More informationIntegration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with CA SiteMinder
SafeNet Authentication Service Integration Guide SAS Using RADIUS Protocol with CA SiteMinder Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc.
More informationThe following topics describe how to use backup and restore features in the Firepower System:
The following topics describe how to use backup and restore features in the Firepower System: Introduction, page 1 Limitations, page 1 Backup Files, page 2 Backing up a Firepower Management Center, page
More informationTrademark. Cadex C5100 BatteryStore User Guide
Trademark C5100 BatteryStore is a trademark of Cadex Electronics Inc. All other trademarks or registered trademarks mentioned herein are the property of their respective owners. Copyright Notice Copyright
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
More informationCryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols
More informationGUIDE. MetaDefender Kiosk Deployment Guide
GUIDE MetaDefender Kiosk Deployment Guide 1 SECTION 1.0 Recommended Deployment of MetaDefender Kiosk(s) OPSWAT s MetaDefender Kiosk product is deployed by organizations to scan portable media and detect
More informationImplementing Disk Encryption on System x Servers with IBM Security Key Lifecycle Manager Solution Guide
Implementing Disk Encryption on System x Servers with IBM Security Key Lifecycle Manager Solution Guide Securing sensitive client and company data is becoming an IT task of paramount importance. Often
More informationEXECUTIVE VIEW. One Identity SafeGuard 2.0. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger August 2017 One Identity SafeGuard 2.0 One Identity SafeGuard 2.0 is a re-architected, modular solution for Privilege Management, supporting both
More informationInstalling an Actifio Sky 7.0 Appliance on a Hyper-V Server
Installing an Actifio Sky 7.0 Appliance on a Hyper-V Server Copyright, Trademarks, and other Legal Matter 2010 2016 Actifio, Inc. All rights reserved. Actifio is a registered trademark of Actifio, Inc.
More informationSage Construction Anywhere Setup Guide
Sage Construction Anywhere Setup Guide Sage 100 Contractor Sage University This is a publication of Sage Software, Inc. Copyright 2014 Sage Software, Inc. All rights reserved. Sage, the Sage logos, and
More informationUser Guide for Skype for Business. Published Date : September Copyright Copyright Notice. Disclaimer. Limitations of Liability.
User Guide for Skype for Business Published Date : September 2017 Copyright 2017 Copyright Notice This publication, including all photographs, illustrations and software, is protected under international
More informationBackup and Restore Introduction
The ability to recover from a disaster is an essential part of any system maintenance plan. As part of your disaster recovery plan, Cisco recommends that you back up the Firepower Management Center and
More informationProduct Brief. Circles of Trust.
Product Brief Circles of Trust www.cryptomill.com product overview Circles of Trust is an enterprise security software system that eliminates the risks associated with data breaches from a hacker attack
More informationOctober 14, Business Intelligence Connector Guide
October 14, 2017 Copyright 2013, 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and
More informationHigh Availability For Private Clouds
High Availability For Private Clouds Executive Summary When moving from traditional IT to private cloud, there is generally a tradeoff between elasticity and availability, so only applications that do
More informationCSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationSecure Held Print Jobs
Secure Held Print Jobs Version 3.0 Administrator's Guide January 2016 www.lexmark.com Contents 2 Contents Change history... 3 Overview... 4 Deployment readiness checklist...5 Configuring the printer settings...
More informationIf you re a Facebook marketer, you re likely always looking for ways to
Chapter 1: Custom Apps for Fan Page Timelines In This Chapter Using apps for Facebook marketing Extending the Facebook experience Discovering iframes, Application Pages, and Canvas Pages Finding out what
More informationIntroduction...1. Authentication Methods...1. Classes of Attacks on Authentication Mechanisms...4. Security Analysis of Authentication Mechanisms...
WHITE PAPER A Security Survey of Strong Authentication Technologies Contents Introduction...1 Authentication Methods...1 Classes of Attacks on Authentication Mechanisms...4 Security Analysis of Authentication
More informationTungsten Security Whitepaper
Tungsten Labs UG (haftungsbeschränkt) Email: contact@tungsten-labs.com Web: http://tungsten-labs.com Monbijouplatz 5, 10178 Berlin Tungsten Security Whitepaper Berlin, May 2018 Version 1 Contents Introduction
More informationOutline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA
CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography 1. Introduction 2. RSA Outline 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationUser Scripting April 14, 2018
April 14, 2018 Copyright 2013, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and
More informationSafeNet Authentication Manager
SafeNet Authentication Manager Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationOracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E June 2016
Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E69079-01 June 2016 Copyright 2016, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided
More informationEncrypted Object Extension
Encrypted Object Extension ABSTRACT: "Publication of this Working Draft for review and comment has been approved by the Cloud Storage Technical Working Group. This draft represents a "best effort" attempt
More informationSecuring Network Devices with the IEC Standard What You Should Know. Vance Chen Product Manager
with the IEC 62443-4-2 Standard What You Should Know Vance Chen Product Manager Industry Background As the Industrial IoT (IIoT) continues to expand, more and more devices are being connected to networks.
More informationStrong Password Protocols
Strong Password Protocols Strong Password Protocols Password authentication over a network Transmit password in the clear. Open to password sniffing. Open to impersonation of server. Do Diffie-Hellman
More informationDell EMC Ready Solution for VMware vcloud NFV 3.0 OpenStack Edition Platform
Dell EMC Ready Solution for VMware vcloud NFV 3.0 OpenStack Edition Platform Deployment Automation - Document Index Guide for VMware NFV 3.0 with VMware Integrated OpenStack 5.0 with Kubernetes Dell Engineering
More informationBIG-IP System: Implementing a Passive Monitoring Configuration. Version 13.0
BIG-IP System: Implementing a Passive Monitoring Configuration Version 13.0 Table of Contents Table of Contents Configuring the BIG-IP System for Passive Monitoring...5 Overview: Configuring the BIG-IP
More informationOutline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)
Outline AIT 682: Network and Systems Security 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard Topic 5.2 Public Key Cryptography Instructor: Dr. Kun Sun 2 Public Key
More informationChapter 9 Public Key Cryptography. WANG YANG
Chapter 9 Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content Introduction RSA Diffie-Hellman Key Exchange Introduction Public Key Cryptography plaintext encryption ciphertext decryption plaintext
More informationUpgrading to MailMarshal Version 6.0 SMTP Technical White Paper April 19, 2005
Contents Introduction... 3 Case 1: Standalone MailMarshal SMTP Server... 3 Case 2: Array of MailMarshal SMTP Servers... 14 Additional Resources....38 Upgrading to MailMarshal Version 6.0 SMTP Technical
More informationPassword Management. Eugene Davis UAH Information Security Club January 10, 2013
Password Management Eugene Davis UAH Information Security Club January 10, 2013 Password Basics Passwords perform service across a broad range of applications Can act as a way to authenticate a user to
More informationOCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA)
OCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA) This is a License Agreement (the "Agreement") for certain code (the Software ) owned by Akamai Technologies, Inc. ( Akamai ) that is useful in connection
More informationOutline More Security Protocols CS 239 Computer Security February 4, 2004
Outline More Security Protocols CS 239 Computer Security February 4, 2004 Combining key distribution and authentication Verifying security protocols Page 1 Page 2 Combined Key Distribution and Authentication
More informationNGFW Security Management Center
NGFW Security Management Center Release Notes 6.4.3 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 2.1 Introduction to Cryptography CSC 474/574 By Dr. Peng Ning 1 Cryptography Cryptography Original meaning: The art of secret writing Becoming a science that
More informationShoviv GroupWise To Outlook
Copyright 2018 Shoviv Software Private Limited Table of Contents 1. About 1.1 Introduction 1.2 Key Features 1.3 System Requirements 2. Installation and Uninstallation 2.1 Installation 2.2 Uninstallation
More informationTrimble. ecognition. Release Notes
Trimble ecognition Release Notes Trimble Documentation: ecognition 8.9 Release Notes Imprint and Version Document Version 8.9 Copyright 2013 Trimble Germany GmbH. All rights reserved. This document may
More informationRelease Notes 1 of 5. Release Notes. BlackBerry 7100g BlackBerry 7290 Wireless Handheld.
Release Notes 1 of 5 Release Notes BlackBerry 7100g BlackBerry 7290 Wireless Handheld Release Notes 2 of 5 NOTE This document is provided for informational purposes only, and does not constitute a binding
More informationUNIT - IV Cryptographic Hash Function 31.1
UNIT - IV Cryptographic Hash Function 31.1 31-11 SECURITY SERVICES Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service
More informationOneID An architectural overview
OneID An architectural overview Jim Fenton November 1, 2012 Introduction OneID is an identity management technology that takes a fresh look at the way that users authenticate and manage their identities
More informationHYCU SCOM Management Pack for Nutanix
HYCU SCOM Management Pack for Nutanix Product version: 2.5 Product release date: May 2018 Document edition: First Legal notices Copyright notice 2016-2018 HYCU. All rights reserved. This document contains
More informationSurveOne. User Manual. Release 1.0
SurveOne User Manual Release 1.0 About This Document This manual introduces SurveOne, the Web-based Easy System Management Tool and describes how to use it, providing an overview of SurveOne functionality
More informationWEB SECURITY: XSS & CSRF
WEB SECURITY: XSS & CSRF CMSC 414 FEB 22 2018 Cross-Site Request Forgery (CSRF) URLs with side-effects http://bank.com/transfer.cgi?amt=9999&to=attacker GET requests should have no side-effects, but often
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More information1. Out of the 3 types of attacks an adversary can mount on a cryptographic algorithm, which ones does differential cryptanalysis utilize?
Introduction Answer the following questions. When a word count restriction is given for a question, exceeding it will result in marks being deducted. If your answer is more than twice the maximum length,
More informationRSA Authentication Manager 7.1 Help Desk Administrator s Guide
RSA Authentication Manager 7.1 Help Desk Administrator s Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA,
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationSiebel Server Sync Guide. Siebel Innovation Pack 2016 May 2016
Siebel Server Sync Guide Siebel Innovation Pack 2016 May 2016 Copyright 2005, 2016 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license
More informationGFI Product comparison. vs. Archiver
GFI Product comparison Product GFI Archiver name vs. Reddoxx Product E-mail name Archiving Archiver GFI Archiver With GFI Archiver, all company emails, calendar entries and files are automatically stored
More informationSiebel Server Sync Guide. Siebel Innovation Pack 2015 May 2015
Siebel Server Sync Guide Siebel Innovation Pack 2015 May 2015 Copyright 2005, 2015 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license
More informationDeploying IWAN Routers
Deploying IWAN Routers Cisco Prime Infrastructure 3.1 Job Aid Copyright Page THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
More informationWhat's New. Features introduced in New Features in Primavera Gateway 17
What's New New Features in Primavera Gateway 17 Features introduced in 17.7 An External Custom provider utility enables you to build, deploy, and maintain custom providers outside of Gateway. By leveraging
More informationCS 161 Computer Security
Popa & Wagner Spring 2016 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be
More informationEvaluator Group Inc. Executive Editor: Randy Kerns
Avoiding an Infrastructure Cost Explosion as You Move to Exchange 2010 Metalogix Archive Manager Evaluator Group Inc. Technology Insight Series Executive Editor: Randy Kerns Version 1: January 2012 Copyright
More informationEncrypted Data Deduplication in Cloud Storage
Encrypted Data Deduplication in Cloud Storage Chun- I Fan, Shi- Yuan Huang, Wen- Che Hsu Department of Computer Science and Engineering Na>onal Sun Yat- sen University Kaohsiung, Taiwan AsiaJCIS 2015 Outline
More informationApplication Note Using SiteManager as Web Proxy And/or Mail Relay Server
Application Note Using SiteManager as Web Proxy And/or Mail Relay Server This guide explains how to configure a SiteManager, so devices on the Device side of it can use it to access as Web Proxy to access
More informationUsing Network Maps and Inventories for Security Compliance
Security Management Tactics for the Network Administrator The Essentials Series Using Network Maps and Inventories for Security Compliance sponsored by Introduction to Realtime Publishers by Don Jones,
More informationIntroduction to Cryptography
Introduction to Cryptography 1 2 Definition process data into unintelligible form, reversibly, without data loss typically digitally usually one-to-one in size $ compression analog cryptography: voice
More informationBeginning Tutorials. BT004 Enterprise Guide Version 2.0 NESUG 2003 James Blaha, Pace University, Briarcliff Manor, NY ABSTRACT: INTRODUCTION:
BT004 Enterprise Guide Version 2.0 NESUG 2003 James Blaha, Pace University, Briarcliff Manor, NY ABSTRACT: This paper focuses on the basics for using the SAS Enterprise Guide software. The focus is on
More informationOracle Adaptive Access Manager. 1 Oracle Adaptive Access Manager Documentation. 2 Resolved Issues. Release Notes Release 10g (
Oracle Adaptive Access Manager Release Notes Release 10g (10.1.4.5) E13648-03 May 2009 These release notes contain important last minute information not included in the Oracle Adaptive Access Manager Release
More informationSAPtips. Journal. Creating a Well-Developed Master Data Management Solution in BW. August/September 2005 Volume III Issue 4. SAPtips.
Page 1 Creating a Well-Developed Master Data Management Solution in BW By Arthur Pat Pesa, arthurpesa, inc Editor Note: Pat Pesa delivers another one-two-three punch with his discussion of developing,
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : SY0-301 Title : CompTIA Security+ Certification Exam (SY0-301) Vendor : CompTIA Version : DEMO 1 / 5 Get Latest & Valid
More informationSecomea Remote Device Management
Secomea Remote Device Management Fast-Track BASIC Guide This guide is intended for first time users of the Secomea Remote Device Management solution, who need a practical introduction to the Secomea RDM
More informationDiscovery Attender. Version 2.2. White Paper. Discovery Attender is a member of the Attender Utilities family.
Discovery Attender Version 2.2 White Paper Discovery Attender is a member of the Attender Utilities family Table of Contents Introduction...3 Benefits...4 Product Overview...5 FAQ...8 Product History...12
More informationHow Secured2 Uses Beyond Encryption Security to Protect Your Data
Secured2 Beyond Encryption How Secured2 Uses Beyond Encryption Security to Protect Your Data Secured2 Beyond Encryption Whitepaper Document Date: 06.21.2017 Document Classification: Website Location: Document
More information2012 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Excel, Lync, Outlook, SharePoint, Silverlight, SQL Server, Windows,
2012 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Excel, Lync, Outlook, SharePoint, Silverlight, SQL Server, Windows, Windows Server, and other product names are or may be registered
More informationHow to deploy a Microsoft Windows 10 image to an AMD processor-based laptop or desktop
A Principled Technologies report: Hands-on testing. Real-world results. How to deploy a Microsoft Windows 10 image to an AMD processor-based laptop or desktop In the Principled Technologies datacenter,
More informationSecurity Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors
SECURITY ADVISORY Processor based Speculative Execution Vulnerabilities AKA Spectre and Meltdown Version 1.6 Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors
More information18-642: Cryptography 11/15/ Philip Koopman
18-642: Cryptography 11/15/2017 Cryptography Overview Anti-Patterns for Cryptography Using a home-made cryptographic algorithm Using private key when public key is required Not considering key distribution
More informationNew Features in Primavera P6 EPPM 17
What's New New Features in Primavera P6 EPPM 17 Spotlight P6 17 continues the process of removing Java-based applets from the application in exchange for pages written in HTML5. The HTML-based pages load
More informationNetwrix Auditor for Active Directory
Netwrix Auditor for Active Directory Quick-Start Guide Version: 8.0 4/22/2016 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationThe Device Has Left the Building
The Device Has Left the Building Mobile Security Made Easy With Managed PKI Christian Brindley Principal Systems Engineer, Symantec Identity and Information Protection Agenda 1 2 3 Mobile Trends and Use
More informationConfiguration Import and Export
The following topics explain how to use the Import/Export feature: About Configuration Import/Export, page 1 Exporting Configurations, page 3 Importing Configurations, page 4 About Configuration Import/Export
More informationCS 161 Computer Security
Paxson Spring 2017 CS 161 Computer Security Midterm 2 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that any academic misconduct will be reported
More informationUser Guide. Avigilon Camera Configuration Tool
User Guide Avigilon Camera Configuration Tool 2016, Avigilon Corporation. All rights reserved. AVIGILON, the AVIGILON logo and AVIGILON CONTROL CENTER are trademarks of Avigilon Corporation. Other product
More informationOracle Financial Consolidation and Close Cloud
Oracle Financial Consolidation and Close Cloud October Update (16.10) New Feature Summary September 2016 TABLE OF CONTENTS REVISION HISTORY... 3 ORACLE FINANCIAL CONSOLIDATION AND CLOSE CLOUD, OCTOBER
More information