Security and Privacy in RFID Evolving Application Spaces for Edge Security
|
|
- Deirdre Oliver
- 5 years ago
- Views:
Transcription
1 1
2 Security and Privacy in RFID Evolving Application Spaces for Edge Security Chris Hanebeck, VP Product Management & Marketing Revere Security
3 First, Allow Me to Scare Everyone
4 And It Gets Worse Lockheed Martin Cyber Crime Monitoring On January 25, 2003 hackers infected the Davis-Besse nuclear power plant in Ohio with a worm. The virus entered through a secure T1 line for an external consulting firm. While the infection did not harm the plant, which had been off-line during the worm attack, it caused the Safety Parameter Display System to be down for five hours and the plant process computer for six. WSJ, Sept Four years later, IBM researcher Scott Lunsford hacked into a nuclear power plant and claimed that entering through the SCADA network turned out to be one of the easiest penetration tests I'd ever done Source: Forbes, America s Hackable Backbone, Oct. 2007
5 Typical RFID Systems Edge Security Traditional Security Data Capture Event Management Information Sharing Real-Time Decisions Reporting & Data Analysis RFID Tags, Readers and Antennae Barcode Scanner iphone or Camera Phone Device Mgt Layer Data Filtering & Smoothing Complex Event Processing Rules Engine User Input via Web Software as a Service AJAX Web 2.0 Data Push to Devices Rule-Based Decision- Making Alert & Notification Based Decision- Making Performance Data Behavioral Data Event Statistics System Statistics
6 Types of Attacks on RFID Physical Attacks (Breaks) Active Attacks (Communicating) Passive Attacks (Eavesdropping) Denial of Service Malware Insertion Key Extraction Cloning / Counterfeiting What needs to be protected is (a) identity and (b) data Track & Trace Replay Data Extraction
7 Attacks on RFID
8 Key RFID Vulnerabilities Privacy Process Data-rich
9 Second, There Are Solutions
10 Levels of RFID Security I. II. No Security 16-bit Security The tag is not protected from cyber treats and can be read by anyone with understanding of the Gen2 protocol. The tag is protected through a 32-bit password. A brute force attack will expose the password in less than two hours. III. IV. V. 32-bit Security 64-bit Security 80-bit Security The tag is protected through a 64-bit password. A brute force attack will expose the password in a couple of weeks. The tag is protected through a 128-bit password. A brute force attack will expose the password in a couple of months. The tag is protected through the RSA 1024 cipher. A brute force attack will expose the password in up to ten years. VI. VII. 128-bit Security Best Security The tag is protected through the HB-2 cipher. A brute force attack will expose the password in several million years. The tag is stored in a secure bank vault and cannot be read from the outside world. It is very secure, yet also unusable.
11 Aero DOD HazM Auto Pharmaceuticals Supply Chain Applications Tolling & EVR Access Restricted Tag Access Data Encryption Mutual Authentication ID Agility Tag Cloaking Levels of RFID Security Security Level Capabilities Application Requirements I. No Security II. 16-bit Security III. 32-bit Security IV. 64-bit Security V. 80-bit Security VI. 128-bit Security
12 What Do We Really Need? Cloaking the ability to render information carriers such as microprocessors or RFID tags invisible ID Agility information carriers respond to each ping with a different ID, which renders traceability impossible Mutual Authentication the ability to validate that sender and receiver really are who they say they are
13 Initially developed for the Department of Homeland Security in an effort to secure industrial controllers Designed specifically for small, resource-constrained devices. Hummingbird is a patented word-based cipher Inspired by rotor-based encryption Encrypts in 16 bit blocks Maintains a state Hardware and software friendly Enables an efficient patent-pending protocols for Secured identification Mutual authentication Anonymous communications Cloaking Forms the basis for a simple key management system Highly Scalable Real time revocation Low Overhead, Highly Efficient
14 Key Management RedBox Key Handling Cryptographic key usage and distribution Secure Com Custom Local DB Local cache, custom application features
15 Example It s Been Implemented On Microchips Hummingbird 4-clock Implementation Hummingbird 20- clock Implementation
16 Third, You Can Implement Today
17 Typical Project Revere Security Solution Design Best-Practices Rely on Revere Security s extensive knowledge in Edge Security Assess Analyze Distill assessment findings into meaningful information and derive conclusions for the solution phase. Assess your overall strategy, current systems environment, hardware and software systems and business processes. Design Recommend Based on all findings, we recommend the best course of action for our clients. Design the security architecture, identify business process changes and hardware as well as software requirements. We also build a business case for the most desirable option(s). Decide Client Decision Deploy
18 Secure RFID System Architecture Physical RFID System Design Mutual Authentication Mutual Authentication Mutual Authentication Tag Antenna Reader CryptoServer LAN Data Encryption Pass Through Data Decryption or Pass Through Data Decryption or Pass Through Software App Data Decryption or Pass Through Use of Cryptography Hummingbird HB-2, Passerine Traditional Security
19 Crypto Protocols for RFID Gen2 Secure ID and Mutual Auth. Gen2 Tag Cloaking, Sec ID and MA Secure ID and MA Tag Cloaking, Sec ID and MA
20 Typical Applications For Secure RFID Aerospace Access Control Defense Pharmaceuticals Tolling /EVR Healthcare HazMat Anti-Counterfeits
21 UHF Applications Aerospace Authentication Applications: Inventory Control Parts100% Lifecycle Mgt Attestation Maintenance Records Oxygen & Life Vests Industry Requirements High Memory UHF Long memory life- 20 yrs Standards Based Frequency Interop- EPC Metal mount form factor
22 Requirements for Security at the Edge Short Messages e.g. 16-bit Cipher Built-in MAC Little Code Space Required Fits on a 4-bit Chip Anonymous Communications Easy to Integrate Lower Power Requirement Mutual Authentication Protocol Simple, Scalable Key Management System
23 At Last, The End
24 We Need Change!
25 Find The Right Partners! Not all security innovation is equal the key is to identify the pretenders early on!
26 Don t Wait! The key to winning is getting to where the puck is going to be next. The Great One
27 Questions? Chris Hanebeck (214) Security and Privacy in RFID Evolving Application Spaces for Edge Security
28 28
S P O N S O R E D B Y
S P O N S O R E D B Y Audio Requirements Log in using the link in the email you received after you registered Click on the triangle next to the word Audio on the tool palette Choose use Telephone or Mic
More informationUHF RFID Embedded in Electronic Devices. Chris Diorio CTO, Impinj Inc.
UHF RFID Embedded in Electronic Devices Chris Diorio CTO, Impinj Inc. 2 2012 UHF RFID Applications Today Supply-Chain Tracking Asset/Returns Management Retail Inventory Pharmaceuticals Authentication Consumables
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationSINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker
NH9000 Certified Ethical Hacker 104 Total Hours COURSE TITLE: Certified Ethical Hacker COURSE OVERVIEW: This class will immerse the student into an interactive environment where they will be shown how
More informationSECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA
SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA CTO Office www.digi.me another Engineering Briefing digi.me keeping your data secure at all times ALL YOUR DATA IN ONE PLACE TO SHARE WITH PEOPLE WHO
More informationWhitepaper on AuthShield Two Factor Authentication with SAP
Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationGuide to cyber security/cip specifications and requirements for suppliers. September 2016
Guide to cyber security/cip specifications and requirements for suppliers September 2016 Introduction and context The AltaLink cyber security/cip specification and requirements for suppliers (the standard)
More informationSystem LSI Research Center, Grad. Sch.. Information Science & Electrical Engineering, Kyushu Univ., Japan
RFID Privacy Using User-controllable Uniqueness Sozo INOUE, Hiroto YASUURA System LSI Research Center, Grad. Sch.. Information Science & Electrical Engineering, Kyushu Univ., Japan Suppose: Ad.: Super
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationPractical application of Quantum Key Distribution and wider security implications.
Practical application of Quantum Key Distribution and wider security implications. Luke Beeson, VP Security 1 The exploding threat landscape. BT's viewpoint. What really matters: Alignment to business
More informationA Look Inside Today's Embedded RFID. Chris Diorio CTO, Impinj Inc.
1 2013 1 A Look Inside Today's Embedded RFID Chris Diorio CTO, Impinj Inc. 2 What is Embedded RFID? Definition Incorporating UHF RFID technology into another device for the purposes of configuration, authentication,
More informationHassle-free banking in the DIGITAL AGE through NEXT-GEN. Technologies W H I T E PA P E R
Hassle-free banking in the DIGITAL AGE through NEXT-GEN Technologies W H I T E PA P E R Experience smooth transactions with the new generation of banking and payments using facial recognition. Financial
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationEPC Tag Authentication with Randomized Characteristics for Strong Privacy
182 IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.9B, September 2006 EPC Tag Authentication with Randomized Characteristics for Strong Privacy Soohyun Oh, and Jin Kwak,
More informationEasily add high-performance UHF RFID and bar code capture to the mobile devices
AT RFD 8500 Series Easily add high-performance UHF RFID and bar code capture to the mobile devices With the RFD8500 compatible third-party mobile devices, tablets and smart phones with enterprise-class
More informationHIPAA 2017 Compliancy Group, LLC
1 Meet Your Expert Charles Weiselberg Compliancy Group, LLC Director of Customer Service Chuck@compliancygroup.com ENDORSED PARTNER 2 Compliancy Group We simplify compliance so you can confidently focus
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationDistributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationPYTHIA SERVICE BY VIRGIL SECURITY WHITE PAPER
PYTHIA SERVICE WHITEPAPER BY VIRGIL SECURITY WHITE PAPER May 21, 2018 CONTENTS Introduction 2 How does Pythia solve these problems? 3 Are there any other solutions? 4 What is Pythia? 4 How does it work?
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationINTRODUCTION TO CLOAKWARE/TRS TECHNOLOGY
INTRODUCTION TO CLOAKWARE/TRS TECHNOLOGY VERSION 2.2 OCTOBER 2001 SUMMARY Software is easy to tamper with and reverse engineer so unprotected software deployed on malicious hosts can t be trusted by corporations
More informationThe Next Generation of Credential Technology
The Next Generation of Credential Technology Seos Credential Technology from HID Global The Next Generation of Credential Technology Seos provides the ideal mix of security and flexibility for any organization.
More informationDigital it Signatures. Message Authentication Codes. Message Hash. Security. COMP755 Advanced OS 1
Digital Signatures Digital it Signatures Offer similar protections as handwritten signatures in the real world. 1. Difficult to forge. 2. Easily verifiable. 3. Not deniable. 4. Easy to implement. 5. Differs
More informationEthical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationSmartSiren: Virus Detection and Alert for Smartphones. Jerry Cheung, Starsky Wong, Hao Yang and Songwu Lu MOBISYS 2007
SmartSiren: Virus Detection and Alert for Smartphones Jerry Cheung, Starsky Wong, Hao Yang and Songwu Lu MOBISYS 2007 Premise Smartphones have become increasingly popular. So have viruses for smartphones
More informationMISSION. S i x D e g r e e s C o u n t e r f e i t P r e v e n t i o n, L L C 6 D C P. c o m
MISSION The Alpium Consortium consists of experts in the field of Gemology and Cyber Security whose mission is to provide an end to end, simple to use solution for marking and identifying loose diamonds
More informationAGILE AND CONTINUOUS THREAT MODELS
SESSION ID: DEV-R04 AGILE AND CONTINUOUS THREAT MODELS Nancy Davoust Vice President, Security Architecture and Technology Solutions Comcast CONTEXT FOR AGILE AND CONTINUOUS THREAT MODELING The Landscape
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationMeeting FFIEC Meeting Regulations for Online and Mobile Banking
Meeting FFIEC Meeting Regulations for Online and Mobile Banking The benefits of a smart card based authentication that utilizes Public Key Infrastructure and additional mechanisms for authentication and
More informationSecurity in ECE Systems
Lecture 11 Information Security ECE 197SA Systems Appreciation Security in ECE Systems Information security Information can be very valuable Secure communication important to protect information Today
More information1.264 Lecture 26. Security protocols. Next class: Anderson chapter 4. Exercise due before class
1.264 Lecture 26 Security protocols Next class: Anderson chapter 4. Exercise due before class 1 Encryption Encryption is the process of: Transforming information (referred to as plaintext) Using an algorithm
More informationUHF RFID tag IC with cryptographic authentication
SPECIFICATION 1 FEATURES SMIC EEPROM CMOS 180 nm Operating temperature range -40 +65 C Passive operation no battery needed Operating frequency 860-960 MHz EPC Class 1 Generation 2 compliant 352 bit memory
More informationFRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES
More informationPCI DSS and VNC Connect
VNC Connect security whitepaper PCI DSS and VNC Connect Version 1.2 VNC Connect security whitepaper Contents What is PCI DSS?... 3 How does VNC Connect enable PCI compliance?... 4 Build and maintain a
More informationSecurity Solutions. Overview. Business Needs
Security Solutions Overview Information security is not a one time event. The dynamic nature of computer networks mandates that examining and ensuring information security be a constant and vigilant effort.
More informationAURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo
ETHICAL HACKING (CEH) CURRICULUM Introduction to Ethical Hacking What is Hacking? Who is a Hacker? Skills of a Hacker? Types of Hackers? What are the Ethics and Legality?? Who are at the risk of Hacking
More informationInstructions 1. Elevation of Privilege Instructions. Draw a diagram of the system you want to threat model before you deal the cards.
Instructions 1 Elevation of Privilege Instructions Draw a diagram of the system you want to threat model before you deal the cards. Deal the deck to 3 6 players. Play starts with the 3 of Tampering. Play
More informationAuthentication Technologies
Authentication Technologies 1 Authentication The determination of identity, usually based on a combination of something the person has (like a smart card or a radio key fob storing secret keys), something
More informationInstructions 1 Elevation of Privilege Instructions
Instructions 1 Elevation of Privilege Instructions Draw a diagram of the system you want to threat model before you deal the cards. Deal the deck to 3-6 players. Play starts with the 3 of Tampering. Play
More informationCOMPGA12 1 TURN OVER
Applied Cryptography, COMPGA12, 2009-10 Answer ALL questions. 2 hours. Marks for each part of each question are indicated in square brackets Calculators are NOT permitted 1. Multiple Choice Questions.
More informationkey distribution requirements for public key algorithms asymmetric (or public) key algorithms
topics: cis3.2 electronic commerce 24 april 2006 lecture # 22 internet security (part 2) finish from last time: symmetric (single key) and asymmetric (public key) methods different cryptographic systems
More informationEasyCrypt passes an independent security audit
July 24, 2017 EasyCrypt passes an independent security audit EasyCrypt, a Swiss-based email encryption and privacy service, announced that it has passed an independent security audit. The audit was sponsored
More informationSecurity of Biometric Passports ECE 646 Fall Team Members : Aniruddha Harish Divya Chinthalapuri Premdeep Varada
Security of Biometric Passports ECE 646 Fall 2013 Team Members : Aniruddha Harish Divya Chinthalapuri Premdeep Varada CONTENTS Introduction to epassports Infrastructure required for epassports Generations
More informationSimple and Powerful Security for PCI DSS
Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them
More informationCybersecurity and Communications Based Train Control
Cybersecurity and Communications Based Train Control RAHEEL QURESHI CYBERSECURITY AUTHORITY URBAN RAIL SIGNALLING (URS) 2016 Thales Canada, Transportation Solutions. All rights reserved. Passing on or
More informationTRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE
SESSION ID: TECH-F03 TRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE Tom Dodson Supply Chain Security Architect Intel Corporation/Business Client Products Monty Wiseman Security
More informationBEST PRACTICES FOR PERSONAL Security
BEST PRACTICES FOR PERSONAL Email Security Sometimes it feels that the world of email and internet communication is fraught with dangers: malware, viruses, cyber attacks and so on. There are some simple
More informationIntroduction to Cryptography
Introduction to Cryptography 1 2 Definition process data into unintelligible form, reversibly, without data loss typically digitally usually one-to-one in size $ compression analog cryptography: voice
More informationCyber fraud and its impact on the NHS: How organisations can manage the risk
Cyber fraud and its impact on the NHS: How organisations can manage the risk Chair: Ann Utley, Preparation Programme Manager, NHS Providers Arno Franken, Cyber Specialist, RSM Sheila Pancholi, Partner,
More informationCybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference
www.pwc.com 2016 ISACA Atlanta Chapter Geek Week Conference Highlights from surveys 38% Amount of security incidents In 2015, 38% more security incidents were detected than in 2014. $4.9M Cost of security
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationHibiki Project and Secure RFID Project
Hibiki Project and Secure RFID Project October 22, 2007 Hitachi, Ltd. Yo Nakajima Hitachi, Ltd. 2007. All rights reserved. 0 1. About Hitachi 2. Hibiki Project / Secure RFID Project 3. Cases in Japan 4.
More informationAre You Avoiding These Top 10 File Transfer Risks?
Are You Avoiding These Top 10 File Transfer Risks? 1. 2. 3. 4. Today s Agenda Introduction 10 Common File Transfer Risks Brief GoAnywhere MFT Overview Question & Answer HelpSystems Corporate Overview.
More informationWHITEPAPER. Vulnerability Analysis of Certificate Validation Systems
WHITEPAPER Vulnerability Analysis of Certificate Validation Systems The US Department of Defense (DoD) has deployed one of the largest Public Key Infrastructure (PKI) in the world. It serves the Public
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationSymmetric Key Encryption. Symmetric Key Encryption. Advanced Encryption Standard ( AES ) DES DES DES 08/01/2015. DES and 3-DES.
Symmetric Key Encryption Symmetric Key Encryption and 3- Tom Chothia Computer Security: Lecture 2 Padding Block cipher modes Advanced Encryption Standard ( AES ) AES is a state-of-the-art block cipher.
More informationHow Secured2 Uses Beyond Encryption Security to Protect Your Data
Secured2 Beyond Encryption How Secured2 Uses Beyond Encryption Security to Protect Your Data Secured2 Beyond Encryption Whitepaper Document Date: 06.21.2017 Document Classification: Website Location: Document
More informationThe World s Leading Software for Label, Barcode, RFID & Card Printing
The World s Leading Software for Label, Barcode, RFID & Card Printing Seagull Scientific has been a technology leader since 1985. In fact, BarTender was the very first Windows program to support both laser
More informationSecuring Today s Mobile Workforce
WHITE PAPER Securing Today s Mobile Workforce Secure and Manage Mobile Devices and Users with Total Defense Mobile Security Table of Contents Executive Summary..................................................................................
More informationComputer Security: Cyber Essentials KAMI VANIEA 1
Computer Security: Cyber Essentials DR. KAMI VANIEA KAMI VANIEA 1 First, the news http://www.sbrcentre.co.uk/images/site_images/20522_small BusinessTheCyberRiskReportVoRFINALFeb2016.pdf http://www.informationisbeautiful.net/visualizations/worldsbiggest-data-breaches-hacks/
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationAdvanced Ethical Hacking & Penetration Testing. Ethical Hacking
Summer Training Internship Program 2017 (STIP - 2017) is a practical oriented & industrial level training program for all students who have aspiration to work in the core technical industry domain. This
More informationTrusted Platform Module explained
Bosch Security Systems Video Systems Trusted Platform Module explained What it is, what it does and what its benefits are 3 August 2016 2 Bosch Security Systems Video Systems Table of contents Table of
More informationFederal Information Processing Standard (FIPS) What is it? Why should you care?
Federal Information Processing Standard (FIPS) 140-2 What is it? Why should you care? SECURITY IS BECOMING A GROWING CONCERN The migration from TDM to IP communication networks has drastically increased
More informationWho Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom
WEAT Webinar Who Goes There? Access Control in Water/Wastewater Siemens AG 2018. siemens.com/ruggedcom ACCESS CONTROL WEBINAR TABLE OF CONTENTS TOPIC Why Access Control? Risks If Not Used Factors of Authentication
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationHacking Terminology. Mark R. Adams, CISSP KPMG LLP
Hacking Terminology Mark R. Adams, CISSP KPMG LLP Backdoor Also referred to as a trap door. A hole in the security of a system deliberately left in place by designers or maintainers. Hackers may also leave
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationIdentity & security CLOUDCARD+ When security meets convenience
Identity & security CLOUDCARD+ When security meets convenience CLOUDCARD+ When security meets convenience We live in an ever connected world. Digital technology is leading the way to greater mobility and
More informationRestech. User Security AVOIDING LOSS GAINING CONFIDENCE IN THE FACE OF TODAY S THREATS
Restech User Security AVOIDING LOSS GAINING CONFIDENCE IN THE FACE OF TODAY S THREATS Your presenter: Vince Gremillion, CISSP 30+ years technical and customer service experience Founder/Co-Owner RESTECH
More informationHow To Remove Personal Antivirus Security Pro Virus Manually
How To Remove Personal Antivirus Security Pro Virus Manually Uninstall Antivirus Pro 2017 Virus (Manual Removal Guide) This type of virus uses false scan results and fake security alerts to scare computer
More informationThe Cryptographic Sensor
The Cryptographic Sensor Libor Dostálek and Václav Novák {libor.dostalek, vaclav.novak}@prf.jcu.cz Faculty of Science University of South Bohemia České Budějovice Abstract The aim is to find an effective
More informationSession 2: Understanding the payment ecosystem and the issues Visa Europe
Session 2: Understanding the payment ecosystem and the issues Visa Europe Agnes Revel Martineau VP, Head of Product Specifications, Standards and Industry Liaison ETSI 01st, July, 2014 Agenda You said
More informationGoals of Modern Cryptography
Goals of Modern Cryptography Providing information security: Data Privacy Data Integrity and Authenticity in various computational settings. Data Privacy M Alice Bob The goal is to ensure that the adversary
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More informationTop 10 Considerations for Securing Private Clouds
Top 10 Considerations for Securing Private Clouds 1 Who s that knocking at my door? If you know who s accessing your cloud, you can head off many problems before they turn into disasters. You should ensure
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationCyber Vigilantes. Rob Rachwald Director of Security Strategy. Porto Alegre, October 5, 2011
Cyber Vigilantes Rob Rachwald Director of Security Strategy Porto Alegre, October 5, 2011 Hacking: Industry Analysis Hacking has become industrialized. Attack techniques and vectors keep changing with
More informationUnderstanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
More information18-642: Security Vulnerabilities
18-642: Security Vulnerabilities 11/20/2017 Security Vulnerabilities Anti-Patterns for vulnerabilities Ignoring vulnerabilities until attacked Assuming vulnerabilities won t be exploited: Unsecure embedded
More informationNetwork Security Issues and Cryptography
Network Security Issues and Cryptography PriyaTrivedi 1, Sanya Harneja 2 1 Information Technology, Maharishi Dayanand University Farrukhnagar, Gurgaon, Haryana, India 2 Information Technology, Maharishi
More informationThe most powerful professional headset on the market is also the most secure * Jabra Engage
Whitepaper Jabra Engage The most powerful professional headset on the market is also the most secure * Taking in wireless calls to the next level: 56-bit ES encryption. 8-bit authentication. * Relates
More informationPart 2: How to Detect Insider Threats
Part 2: How to Detect Insider Threats Amichai Shulman Chief Technology Officer Imperva Amichai Shulman CTO, Imperva Speaker at Industry Events RSA, Appsec, Info Security UK, Black Hat Lecturer on information
More informationLecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall Nitesh Saxena
Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall 2009 Nitesh Saxena *Adopted from a previous lecture by Gene Tsudik Course Admin HW3 Problem 3 due Friday midnight
More informationAuthor: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0
Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0 Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the
More informationLightweight Cryptography for RFID Systems
Lightweight Cryptography for RFID Systems Guang Gong Department of Electrical and Computer Engineering University of Waterloo CANADA G. Gong (University of Waterloo)
More informationThe Internet of Things. Steven M. Bellovin November 24,
The Internet of Things Steven M. Bellovin November 24, 2014 1 What is the Internet of Things? Non-computing devices...... with CPUs... and connectivity (Without connectivity, it s a simple embedded system)
More informationTowards Trustworthy Internet of Things for Mission-Critical Applications. Arjmand Samuel, Ph.D. Microsoft Azure - Internet of Things
Towards Trustworthy Internet of Things for Mission-Critical Applications Arjmand Samuel, Ph.D. Microsoft Azure - Internet of Things Internet of Things is a game changer Organizations are benefiting from
More informationTrusted Platform Modules Automotive applications and differentiation from HSM
Trusted Platform Modules Automotive applications and differentiation from HSM Cyber Security Symposium 2017, Stuttgart Martin Brunner, Infineon Technologies Axiom: Whatever is connected can (and will)
More informationIT SECURITY FOR NONPROFITS
IT SECURITY FOR NONPROFITS COMMUNITY IT INNOVATORS PLAYBOOK April 2016 Community IT Innovators 1101 14th Street NW, Suite 830 Washington, DC 20005 The challenge for a nonprofit organization is to develop
More informationCYBER ATTACKS EXPLAINED: PACKET SPOOFING
CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationREAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY
SEPTEMBER 11 13, 2017 BOSTON, MA REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY HealthcareSecurityForum.com/Boston/2017 #HITsecurity Brian Selfridge Partner, Meditology Services https://www.meditologyservices.com/
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationmhealth SECURITY: STATS AND SOLUTIONS
mhealth SECURITY: STATS AND SOLUTIONS www.eset.com WHAT IS mhealth? mhealth (also written as m-health) is an abbreviation for mobile health, a term used for the practice of medicine and public health supported
More informationDEFENDING THE MOBILE WORKFORCE Karim Toubba-Vice President Product Marketing and Strategy-Security Business Unit
DEFENDING THE MOBILE WORKFORCE Karim Toubba-Vice President Product Marketing and Strategy-Security Business Unit THE MOBILE INTERNET IS THE NEW INTERNET Proliferation of Devices Number of smartphones sales
More information