Authentic long-term archiving with electronic signature (in Hungarian)Csaba Krasznay
With the modification of the law about Electronic Signature it is possible to provide authentic archiving service. In connection with this modification many interesting questions could be emerged primary from the technology side. After the introduction of the juridical background I represent an electronic signature policy with archiving instructions and its advantages and disadvantages. I mention the general problems of electronic archiving. For the realization of the regulation it is necessary to utilize an electronic signature format that can be verified after a long term archiving period. This format is derived from the ETSI TS 101 903 standard which usage is also the subject of my lecture. Lastly I try to outline the future of authentic long-term archiving.
Development of a secure e-commerce system based on PKI (in Hungarian)Csaba Krasznay
The goal of my thesis is the development of an electronic commerce system which complies with general practical security requirements and has the ability for handling commerce transactions which are authenticated with digital signatures. To ensure a proper level of security risk assessment should be completed, which exposes the potential defects and risks. I suggest protection measures to avoid the arising risks and defects.
Authentic long-term archiving with electronic signature (in Hungarian)Csaba Krasznay
With the modification of the law about Electronic Signature it is possible to provide authentic archiving service. In connection with this modification many interesting questions could be emerged primary from the technology side. After the introduction of the juridical background I represent an electronic signature policy with archiving instructions and its advantages and disadvantages. I mention the general problems of electronic archiving. For the realization of the regulation it is necessary to utilize an electronic signature format that can be verified after a long term archiving period. This format is derived from the ETSI TS 101 903 standard which usage is also the subject of my lecture. Lastly I try to outline the future of authentic long-term archiving.
Development of a secure e-commerce system based on PKI (in Hungarian)Csaba Krasznay
The goal of my thesis is the development of an electronic commerce system which complies with general practical security requirements and has the ability for handling commerce transactions which are authenticated with digital signatures. To ensure a proper level of security risk assessment should be completed, which exposes the potential defects and risks. I suggest protection measures to avoid the arising risks and defects.
Kollár Csaba: A digitális kommunikáció biztonságának fontosabb mérőszámaiCsaba KOLLAR (Dr. PhD.)
A KÖZELÍTÉSEK - KOMMUNIKÁCIÓKUTATÁS ÉS A VÁLTOZÓ TÁRSADALMI KÖRNYEZET című, a Magyar Kommunikációtudományi Társaság konferenciáján elhangzott előadás prezentációja.
Időpont: 2017. november 18.
Helyszín: BME, Budapest
Security analysis and development opportunities of Hungarian e-government (in...Csaba Krasznay
In 2009 and 2010 a huge development is expected in the Hungarian e-government system. Although information security aspects have an emphasized role solid principals and practices hasn’t been identified for the developments. This study reviews the design directions of the Hungarian e-government and presents some predictable IT security risks. This is done by the formalism of Common Criteria standard considering the governmental expectations. In the following chapter the author studies the current recommendations which are useable during the design and implementation and then outlines the ideal direction with the analysis of the Japanese example. Last it represents the overall security situation of the Hungarian e-government system and proposes some scientific topics for the improvement.
Kollár Csaba: A digitális kommunikáció biztonságának fontosabb mérőszámaiCsaba KOLLAR (Dr. PhD.)
A KÖZELÍTÉSEK - KOMMUNIKÁCIÓKUTATÁS ÉS A VÁLTOZÓ TÁRSADALMI KÖRNYEZET című, a Magyar Kommunikációtudományi Társaság konferenciáján elhangzott előadás prezentációja.
Időpont: 2017. november 18.
Helyszín: BME, Budapest
Security analysis and development opportunities of Hungarian e-government (in...Csaba Krasznay
In 2009 and 2010 a huge development is expected in the Hungarian e-government system. Although information security aspects have an emphasized role solid principals and practices hasn’t been identified for the developments. This study reviews the design directions of the Hungarian e-government and presents some predictable IT security risks. This is done by the formalism of Common Criteria standard considering the governmental expectations. In the following chapter the author studies the current recommendations which are useable during the design and implementation and then outlines the ideal direction with the analysis of the Japanese example. Last it represents the overall security situation of the Hungarian e-government system and proposes some scientific topics for the improvement.
The possibilities and limitations of the spreading of digital signature (in H...Csaba Krasznay
In this paper we deal with the subject of digital signatures and its national spreading. We have composed a questionnaire which was published on the internet to sketch out the current situation. With the given answers we can get the lessons of the attitude of the participants.
Security analysis of the Hungarian e-government system (in Hungarian)Csaba Krasznay
The electronic public administration got a big push with the Act CXL of 2004 on the general regulation of the administrative authority process and services (Ket.). The “Client gate” and the increasing set of other e-government services were set up and are still emerging. But these new services on the internet mean new security challenges to the operators. They are supported by executive orders which draw up requirements in connection with the security level of e-government services.
Security of the Hungarian electronic government systems (in Hungarian)Csaba Krasznay
The presentation gives a short overview about the security questions of the Hungarian e-government system. The main goal is the problem-posing, namely who has the responsibility to protect the cyberspace in case of an attack.
Countermeasures on the internet (in Hungarian)Csaba Krasznay
The goal of this presentation is to provide the meaning and types of countermeasures on the internet. By drawing the parallel with electronic countermeasures it briefly shows the jamming, destroy and decoy techniques.
Possibilities and results of the usage of electronic signatures in the busine...Csaba Krasznay
This presentation discusses understandably the usage of electronic signatures in the economy, and presents the practical usage with the possibilities and pitfalls.
Possibilities of IT security evaluations based on Common Criteria in Hungary ...Csaba Krasznay
The presentation gives some information about Common Critera and talks about the possibilities of Hungarian IT developers if they want to get the certification for their products.
Thanks to my friend, Szigeti Szabolcs I'm invited in every year to talk about my experiences at Műegyetem. In 2008 I wrote up many subjects e.g. I presented ISO 27001 and 27002 (or better known ISO 17799) standards. I wrote some words about all chapters of these standards deal with organization security. In consideration of speaking for students of computer sciences the slides show how can applications support gaining ISO 27001 certification.
Development of information systems - Common Criteria (in Hungarian)Csaba Krasznay
This presentation introduces to the basics of Common Criteria and was held in the frame of the subject "Development of information systems" for the students of Budapest University of Technology and Economics.
Evaluation laboratories in the Hungarian Information Security Evaluation and ...Csaba Krasznay
Hungary has joined the Common Criteria Recognition Agreement. Development of the Hungarian Information Security Evaluation and Certification Scheme (MIBÉTS) has begun with this act. Basic element of this scheme – which is a simplified form of Common Criteria – is the presence of evaluation laboratories. The presentation deals with the requirements of MIBÉTS laboratories and the expectations and exercises related to the evaluators.
Beside the general standards in connection with the laboratories we review the specifications of the British national scheme and the current Hungarian legislation. After this we talk about the MIBÉTS specific regulations, i.e. the departmental order about laboratories. The second part of the presentation shows international examples about the shaping and operation of evaluation laboratories.
Security of handheld computers (in Hungarian)Csaba Krasznay
The security of handheld computers is getting more and more critical. We have to remember that every system and network is worth the same than its weakest link. In these days there are only a few people who consciously care for the security of their network or system. But all responsible system administrators have the duty to prepare to all intents and purposes. The mission of the experts and university lecturers is to give over their knowledge. This presentation was prepared with this purpose too.
Phishing and spam in Hungary and worldwide (in Hungarian)Csaba Krasznay
In my presentation - following the topic that was begun on Networkshop conference - I analyze the sources of unwanted e-mails, show some examples about their destructiveness, and discuss the specialities of Hungarian phishing.
In my presentation which was held on the Hacktivity 2005 Conference, I examined the known vulnerabilities of the bluetooth implementations and other common bluetooth security issues.
Information security from the other side: Hackers in Hungary (in Hungarian)Csaba Krasznay
I try to introduce the participants of the Hungarian hacker subculture. There is only one study about hackers in Hungary that is why I felt very important to share my experiences that came from my work, from the universities and from Hacktivity conference. You can argue with it, so please share your opinion with me!
Testing the system: ethical hacking and penetration testing (in Hungarian)Csaba Krasznay
I wanted to make a presentation about ethical hacking for a long while. This material tries to show what do we understand on ethical hacking, what concepts should we learn and bring to book for as a procurer. Maybe it's turn out that ethical hacking is based on a methodological work.
Hungarian Electronic Public Administration Interoperability Framework (MEKIK)...Csaba Krasznay
The huge project of the MEKIK (Hungarian Electronic Public Administration Interoperability Framework) has already been started; the next steps were the specification of the middleware and MEKIK portal and the pilot implementation of technical standards catalogue that would be accessible via this portal. These requirements affected the work in connection with the secure communication and the usage of electronic signature in the public administration. The project – correspondingly to the standards of the catalogue – also covered the general conception of security framework, requirements of certification service providers, signature creation application and devices, cryptographic protocols, legal aspects and secures mobile communication. This article introduces the actualities in connection with the interoperability of electronic public administration.