The document discusses the Combined Public Key (CPK) cryptosystem used in OpenSolaris. CPK provides identity-based encryption and signature schemes as an alternative to traditional public key infrastructure. It maps identities to key pairs using a hash function and private/public key matrices. CPK interfaces with the Solaris cryptographic and key management frameworks using standards like PKCS #11 and PKCS #7.
CIS14: Developing with OAuth and OIDC ConnectCloudIDSummit
David Chase, Ping Identity
Exploring the implementation and architecture of OAuth and OpenID Connect, using web and mobile applications, with topics including grant types, choosing a grant type, refresh tokens, and managing sessions
PLEASE NOTE: there is an updated version of this deck at https://www.slideshare.net/TorstenLodderstedt/nextgenpsd2-oauth-sca-mode-security-recommendations-186812074
The talk gives an introduction to the NextGenPSD2 OAuth SCA mode and explains security considerations implementors should take into account when implementing it. This advice will go beyond the text of the NextGenPSD2 Spec and will be based on the latest OAuth Security Guidelines (https://tools.ietf.org/html/draft-ietf-oauth-security-topics) and work being conducted at OpenID Foundations FAPI working group.
Strong Authentication in Web Application #SCS IIISylvain Maret
Swiss Cyber Storm 3 Security Conference / OWASP Track
Strong Authentication: State of the Art 2011
Risk Based Authentication
Biometry - Match on Card
OTP for Smartphones
OTP SMS
PKI
SuisseID
Mobile-OTP
OATH (HOTP, TOTP, OCRA)
Open Source approach
How to integrate Strong Authentication in Web Application?
OpenID, SAML, Identity Federation for Strong Authentication
API, SDK, Agents, Web Services, Modules
PAM, Radius, JAAS
Reverse Proxy (WAF) and WebSSO
PKI / SSL client authentication
PHP example with Multi-OTP PHP class
AppSec (Threat Modeling - OWASP)
Braga Blockchain - Ethereum Smart Contracts programmingEmanuel Mota
Intro to blockchain technology. Ethereum differences from Bitcoing. Presentation of some of Ethereum’s smart contracts Programming with its properties and applications on a distributed virtual machine EVM. Demo of solidity programing language. Useful links.
CIS14: Developing with OAuth and OIDC ConnectCloudIDSummit
David Chase, Ping Identity
Exploring the implementation and architecture of OAuth and OpenID Connect, using web and mobile applications, with topics including grant types, choosing a grant type, refresh tokens, and managing sessions
PLEASE NOTE: there is an updated version of this deck at https://www.slideshare.net/TorstenLodderstedt/nextgenpsd2-oauth-sca-mode-security-recommendations-186812074
The talk gives an introduction to the NextGenPSD2 OAuth SCA mode and explains security considerations implementors should take into account when implementing it. This advice will go beyond the text of the NextGenPSD2 Spec and will be based on the latest OAuth Security Guidelines (https://tools.ietf.org/html/draft-ietf-oauth-security-topics) and work being conducted at OpenID Foundations FAPI working group.
Strong Authentication in Web Application #SCS IIISylvain Maret
Swiss Cyber Storm 3 Security Conference / OWASP Track
Strong Authentication: State of the Art 2011
Risk Based Authentication
Biometry - Match on Card
OTP for Smartphones
OTP SMS
PKI
SuisseID
Mobile-OTP
OATH (HOTP, TOTP, OCRA)
Open Source approach
How to integrate Strong Authentication in Web Application?
OpenID, SAML, Identity Federation for Strong Authentication
API, SDK, Agents, Web Services, Modules
PAM, Radius, JAAS
Reverse Proxy (WAF) and WebSSO
PKI / SSL client authentication
PHP example with Multi-OTP PHP class
AppSec (Threat Modeling - OWASP)
Braga Blockchain - Ethereum Smart Contracts programmingEmanuel Mota
Intro to blockchain technology. Ethereum differences from Bitcoing. Presentation of some of Ethereum’s smart contracts Programming with its properties and applications on a distributed virtual machine EVM. Demo of solidity programing language. Useful links.
Pgsodium's Features: those not provided by pgcrypto and integration with rem...EDB
Database level encryption is an important component of comprehensive system security and in-depth data defense. PostgreSQL's built in pgcrypto library is useful, but lacks a number of modern features such as key derivation, key exchange, authentication signing, and authenticated encryption with additional data (AEAD).
Introduction to cryptography. Using Caesar cipher and Vigenere Cipher help Phineas and Ferb to hide their idea from Candace. And finally quick explanation of RSA encryption technique.
Introduction to cryptography. Using Caesar cipher ,Vigenere cipher to help Phineas and Ferb hide their plan from Candace . And finally ,RSA encryption technique explained.
Pgsodium's Features: those not provided by pgcrypto and integration with rem...EDB
Database level encryption is an important component of comprehensive system security and in-depth data defense. PostgreSQL's built in pgcrypto library is useful, but lacks a number of modern features such as key derivation, key exchange, authentication signing, and authenticated encryption with additional data (AEAD).
Introduction to cryptography. Using Caesar cipher and Vigenere Cipher help Phineas and Ferb to hide their idea from Candace. And finally quick explanation of RSA encryption technique.
Introduction to cryptography. Using Caesar cipher ,Vigenere cipher to help Phineas and Ferb hide their plan from Candace . And finally ,RSA encryption technique explained.
Anonymous Credentials on Java Card - SIT Smartcard 2011Thomas Gross
How anonymous credentials can enhance electronic identity cards with strong security and privacy. A feasibility study presented at the Fraunhofer SIT Smartcard workshop 2011
HKG18-402 - Build secure key management services in OP-TEELinaro
Session ID: HKG18-402
Session Name: HKG18-402 - Build secure key management services in OP-TEE
Speaker: Etienne Carriere
Track: Security
★ Session Summary ★
The session presents an initiative to build secure key management services in the OP-TEE project. Based on OP-TEE services (persistent storage, cryptography, time, etc) one could build a trusted application of store and use secure keys. An open source implementation for generic key services could be of interest. However there are many client APIs defined in the ecosystem which is a matter of concern for standardization of such services. The session will open a discussion on this and presents the current choice of the PKCS#11 Cryptoki. There can be lot of key attributes and cryptographic schemes to be supported. The session will present the current plans (starting from AES flavors) and what is currently missing in the OP-TEE (as certificate support, bootloader support). This session aims at getting feedback from the community on this topic, discuss about expected services and client APIs.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/hkg18/hkg18-402/
Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-402.pdf
Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-402.mp4
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2018 (HKG18)
19-23 March 2018
Regal Airport Hotel Hong Kong
---------------------------------------------------
Keyword: Security
'http://www.linaro.org'
'http://connect.linaro.org'
---------------------------------------------------
Follow us on Social Media
https://www.facebook.com/LinaroOrg
https://www.youtube.com/user/linaroorg?sub_confirmation=1
https://www.linkedin.com/company/1026961
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...SSIMeetup
Lovesh Harchandani from Dock presents their approach to anonymous credentials and dives in on the various predicates that can be proven in zero knowledge. In over 90 minutes of discussion, we cover what these cryptographic techniques are, how they enable several important use cases for digital identity credentials, and we stretch James Monaghan's ability to keep up as interviewer by taking a look at the source code which makes it all possible! We show how various zero knowledge primitives we've built can be used in a modular fashion to solve real-world use cases. We cover privacy-preserving signature schemes, zero knowledge attribute equalities, range proofs, and verifiable encryption based on ZK-SNARKs, expressing arbitrary predicates as Circom programs and creating ZK proofs for them and blinded credentials (issuer is unaware of all attributes). For anyone interested in the technical underpinnings of this new frontier of digital identity, this episode is a must!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
2. Outline
• CPK cryptosystem overview
• CPK Message Syntax
• CPK in Solaris Cryptographic Framework
• CPK in Solaris Key Management Framework
• CPK Code Signing in Solaris
• Other Applications
3. CPK Cryptosystem
• CPK: Combined Public Key
• What is CPK?
❖ At first, it is a key management scheme
❖ Second, it provides identity based encryption
and and signature scheme.
• Comparison with PKI
4. Map an Identity to Key Pair
h1 , h2 , . . . , hn ← H(ID)
Private Key Matrix
Userʼs Private Key
···
s11 s12 s1n
n−1
···
s21 s22 s2n
H(ID)
dID = shi ,i (mod p)
. . .
..
. . .
.
. . . i=0
···
sm1 sm2 smn
Public Key Matrix
Userʼs Public Key
···
s11 G s12 G s1n G
···
s21 G s22 G s2n G n−1
H(ID)
. . . QID =
..
shi i G
. . .
.
. . . i=0
···
sm1 G sm2 G smn G
7. CPK Objects
• Public system parameters public matrix
• Master secret : private matrix
• User’s private key
• User’s user’s identifier Object
Private Public Private
Identifier
Matrix Matrix Key
8. CPK Cryptographic Messages
• Signature
• Public key encrypted session key.
• Signed data
• Public key encrypted data.
• Signed and public key encrypted data.
9. PKCS #7 General Syntax: ContentInfo
specified by an Object Identifier,
ContentInfo
which is a global unique identifier.
content type
content the format of content is explicitly
defined by the “content type”.
The content type options include:
•data
•signedData
•encryptedData
•envelopedData
•signedAndEnvelopedData
10. PKCS #7 Raw Data
ContentInfo
Data
content type
EncryptedData
SignedData
EnvelopedData
SignedAndEnvelopedData
11. PKCS #7 EncryptedData
EncryptedData
version
EncryptedContentInfo
content type
encryption algor
encrypted content
12. PKCS #7 EnvelopedData
EnvelopedData
version
recipientInfos
EncryptedContentInfo
content type
encryption algor
encrypted content
14. PKCS #7 SignedData
SignedData
version Data
digest algorithms
EncryptedData
ContentInfo
......
certificates
CRLs
no useful attributes
SignerInfos
for CPK
15. PKCS #7 SignerInfo
SignerInfo
Specify the signer. In PKI this field
version specify signer’s certificate, in CPK
this field specify signer’s CPK
signer’s id Identity.
digest algorithm
for example, the date and time of
the signing.
signed attributes
sign algorithm
for exampel, ECDSA with SHA1
signature signing algorithm
unsigned attributes
29. Solaris Key Management Framework
• Centralized key storage and management
framework.
• Support PKI programing interfaces
30. OS without Centralized Key Management
• Every applications must have there own
cryptography implementations and key
management and storage mechanisms.
App
App App
Key
Key Key
Store
Store Store
31. !quot;#$%&'$(&)*+,-
Solaris with Key Management Framework
<4=4>?
.:.;
.-)+,-$
1!2 B..C:(1
..; <@:
./-00
D&'-?*Cquot;DE
@F:quot;Cquot;DE
B..C:(1
$(!$!-,J-,8?
(,8=&A-,
(+J0&)$!-3
<@:
(!KLL;
!-3$quot;454'-6-5*$#,46-78,9 !quot;#$%#&'()*
(,8',466&5'$:(1
!-3 @-,*&H&)4*-
25,8006-5*
quot;'6* I40&A4*&85
(,8=&A-,? !quot;#
(,8=&A-,? (,8=&A-,?
D-=-08G6-5*
#+*+,-$
(!@.MM L@.( @F;
#&0-?
N.. (!1O 15*-',4*&85$7&*/
!quot;#
!quot;#$%&$'()*+(),,-
this picture is from Solaris Key Management Framework sliders by Wyllys Ingersoll
32. !quot;#$%&'$(&)*+,-
Solaris with Key Management Framework
<4=4>?
.:.;
.-)+,-$
1!2 B..C:(1
..; <@:
./-00
D&'-?*Cquot;DE
@F:quot;Cquot;DE
B..C:(1
$(!$!-,J-,8?
(,8=&A-,
(+J0&)$!-3
<@:
(!KLL;
!-3$quot;454'-6-5*$#,46-78,9 !quot;#$%#&'()*
(,8',466&5'$:(1
!-3 @-,*&H&)4*-
25,8006-5*
quot;'6* I40&A4*&85
(,8=&A-,? !quot;#
(,8=&A-,? (,8=&A-,?
D-=-08G6-5*
#+*+,-$
(!@.MM L@.( @F;
#&0-?
N.. (!1O 15*-',4*&85$7&*/
!quot;#
!quot;#$%&$'()*+(),,-
this picture is from Solaris Key Management Framework sliders by Wyllys Ingersoll