ORCON in 10 Minutes

•

0 likes•502 views

This document discusses Covata's self-defending data technology. It summarizes that Covata's technology allows data originators to persistently control access to their data by enforcing requirements for access, auditing all access, and allowing revocation of access anytime. The technology is based on ORCON (Originator Control) models that extend traditional access controls to provide persistent controls tailored to security needs.

Technology Education

© Cocoon Data Holdings Limited 2013. All rights reserved.
COVATA SELF-DEFENDING DATA
(in 10 minutes)
Vic Winkler
CTO
Covata USA, Inc
Reston, Virginia

© Cocoon Data Holdings Limited 2013. All rights reserved.
Can You Control Unprotected Data?
No.
Adding strong security components to an otherwise
weak system is usually NOT effective
X

© Cocoon Data Holdings Limited 2013. All rights reserved.
First, Control The Data
Adding strong security components to an otherwise
weak system is usually NOT effective
Encrypt the data and apply access controls
Access
Controls
Persisting
Control
X
✔encrypted

© Cocoon Data Holdings Limited 2013. All rights reserved.
Self-Defending Data
•  Doesn’t grant access unless you meet it’s requirements
•  Doesn’t care if the computer or network are hacked
•  Every access is audited
•  Originator can revoke access anytime
•  …Every copy behaves the same way

© Cocoon Data Holdings Limited 2013. All rights reserved.
So, What is ORCON?
•  History: U.S. Intelligence Community
-  Desired “Originator Control” in Closed-Network Information Sharing
Examples: Rescind Access; Prevent Forwarding
•  Extends classic access controls
•  Has elements of:
DRM, MAC, RBAC, ABAC, and
Capability-Based approaches
ORCON
Persisting
Originator Control
over Data
Data
}

© Cocoon Data Holdings Limited 2013. All rights reserved.
ORCON …
•  Does it have to be “Originator” control? Not always.
The enterprise may require default controls
Other systems like DLP might “attach” additional ORCON
•  It is a flexible framework for persisting controls
…But, but how does it work?

© Cocoon Data Holdings Limited 2013. All rights reserved.
Policy Enforcement & Caveats

© Cocoon Data Holdings Limited 2013. All rights reserved.
Covata ORCON is Built on Other Access
Control Models
•  Again, the goal is control over your data
-  ORCON extends your control
-  It empowers control and sharing (X-domain and ad-hoc)
•  In brief, ORCON:
-  Extends traditional access controls with “persistent controls”
-  These persistent controls can be “shaped” to meet your security needs
•  ORCON is more lightweight than DRM | IRM | MAC
•  ORCON is more flexible than DRM | IRM | MAC

© Cocoon Data Holdings Limited 2013. All rights reserved.
What Is It?
REST API
SO 2.1 Server
Client
Apps
Java API
Client
Apps
Java API
Client
Apps
Java API
Client
Apps
Java API
Client
Apps
Java API
Windows
Apps
C# API
Client
Apps
Java API
Client
Apps
Java API
iPhone/
iPad
Apps
Objective
C API
Client
Libraries
REST API

© Cocoon Data Holdings Limited 2013. All rights reserved.
…What Is?

© Cocoon Data Holdings Limited 2013. All rights reserved.
Ranges of Use-Cases in Cloud

© Cocoon Data Holdings Limited 2013. All rights reserved.
Value Proposition
•  Accessible Crypto for Developers (helper libs)
•  FIPS Compliant Crypto and Key Management
•  All Accesses to Secured Data are ALWAYS Audited
•  Persistent and Fine-Grained Originator Control
Covata provides technology that enables persisting owner control
over data for compliance with regulatory, privacy, security or data
governance requirements

This document discusses self-defending data and ORCON (Originator Control), which allows data to persist access controls as it is shared. Self-defending data does not grant access unless requirements are met, is not affected if the computer or network are hacked, audits every access, and allows the originator to revoke access anytime. ORCON extends classic access controls and draws from models like DRM, MAC, RBAC, and ABAC to provide a flexible framework for persisting controls over data as it is shared within and between domains.

Iot top 10 vulnerabilities and misconceptions 2016

Erez Metula

The document discusses common IoT security vulnerabilities and misconceptions. It outlines 10 top vulnerabilities: insecure web interfaces, SQL injection, cross-site scripting, cross-site request forgery, command injection, weak passwords, mobile app attacks, local memory and storage issues, device physical interfaces, and insecure device firmware. It also notes that IoT security requires covering all components, from the device to the cloud, and should not assume attackers cannot access devices, firmware, or decompiled apps. Common misconceptions about the limitations of attackers are also addressed.

Don't let wireless_detour_your_pci_compliance

Enterprise Technology Management (ETM)

This document discusses the PCI DSS wireless security requirements for payment card environments. It outlines the generally applicable requirements for conducting quarterly wireless scans and monitoring for intrusions that apply to all organizations. For those with official wireless networks, additional requirements for changing defaults, using strong encryption, restricting physical access, maintaining logs, and developing usage policies are described. The document recommends using a wireless intrusion prevention system to help efficiently meet the PCI wireless compliance requirements.

What is zero trust model (ztm)

Ahmed Banafa

Security Testing for IoT Systems

Security Innovation

IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.

IoT Security – Executing an Effective Security Testing Process

EC-Council

Deral Heiland CISSP, serves as a the Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on a numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.

Forrester no more chewy centers- the zero trust model

Cristian Garcia G.

This document summarizes John Kindervag's report "No More Chewy Centers: The Zero Trust Model Of Information Security". The report argues that traditional perimeter-based network security models are ineffective against modern threats like targeted attacks and malicious insiders. It introduces the "Zero Trust" model, which considers all network traffic untrusted and requires strict access controls and monitoring. The report recommends security professionals adopt this new model to better protect their organizations from sophisticated adversaries inside and outside the network.

Mobile Security for the Enterprise

Will Adams

The document discusses considerations for developing a robust mobile security strategy for an enterprise. It covers questions to ask, defining security policies, risks and threats, authentication, authorization, protecting data, securing communications, application security, device management, and enterprise mobility management. It emphasizes the importance of mobile device management, strong authentication, data encryption, application wrapping, and security policies.

This document analyzes security algorithms in cloud computing. It discusses challenges like security and privacy in cloud computing. It describes how data is stored and secured in the cloud, including issues like unauthorized access. It then explains existing security algorithms like AES and RSA. AES uses symmetric encryption with a variable key length and multiple rounds of transformations. RSA uses asymmetric encryption with a public/private key pair. The document proposes further developments in areas like multiple encryption and biometric security before concluding.

Cloud security

Tushar Kayande

Cloud computing allows users to access data and software over the internet rather than locally. While convenient, this presents security risks as users lose some control over their data. Common threats include hacking, malware, and insider privileges being misused. However, the document outlines security measures for cloud computing like encryption, access control, backups, and continuous monitoring that can help protect users if implemented properly. The key is treating security as an ongoing process rather than a one-time event.

IoT Security in Action - Boston Sept 2015

Eurotech

Presciense InterQuest IoT Talk

Jonathan Lishawa

Cryptography in Blockchain

EC-Council

This document discusses cryptography in blockchain. It begins by introducing blockchain and cryptography separately. It then defines important cryptography terminology like encryption, decryption, cipher, and key. It describes the main types of cryptography as symmetric-key, asymmetric-key, and hash functions. It explains how blockchain uses asymmetric-key algorithms and hash functions. Hash functions are used to link blocks and maintain integrity. Cryptography provides benefits like the avalanche effect and uniqueness to blockchain. Finally, it discusses an application of cryptography in cryptocurrency, where public-private key pairs maintain user addresses and digital signatures approve transactions.

$C:\fakepath\wg xcs data_lossprevention$ $C:\fakepath\wg xcs data_lossprevention$

C:\fakepath\wg xcs data_lossprevention

Yustinus Simon

Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...

Government Technology & Services Coalition

The document discusses Software Defined Perimeter (SDP) as a new approach to cybersecurity that reduces the attack surface. SDP implements a zero trust, need-to-know access model where device posture and identity are verified before access to application infrastructure is granted. It combines previously separate security protocols like single packet authentication and dynamic firewalls. This makes application infrastructure invisible to threats while cryptographically signing legitimate users and devices into a secure perimeter. The document provides examples of how SDP has benefits like simplified security, reduced costs, lower risk proportionate to effort, and improved user experience for companies.

IoT/M2M Security

Yu-Hsin Hung

Menofia UN -Mobile Security

Ahmed Samara

This document discusses mobile security and vulnerabilities. It begins with definitions of security concepts like assets, vulnerabilities, threats, and risks. It then covers why mobile security is important and provides an overview of common mobile security issues like malware, insecure data storage, data leakage, and insecure communication channels. Specific vulnerabilities discussed include SQL injection, cross-site scripting, insecure authentication, cryptographic weaknesses, and insecure permissions. The document emphasizes that mobile apps must not store sensitive data locally and must implement secure protocols like HTTPS. It also notes that mobile devices are susceptible to malware and reverse engineering attacks.

Zero Trust

Boaz Shunami

This document discusses the principles of zero trust architecture, which aims to eliminate trust from IT systems by verifying all users and devices before granting limited, least-privilege access. It outlines the core elements of zero trust, including verifying the user, verifying their device, and limiting access and privileges. The document also notes that implementing zero trust will require monitoring the environment closely, architecting microperimeters, mapping acceptable data routes, and identifying sensitive data. Organizations may face challenges from technical debt, legacy systems, and other issues requiring new technologies or wrappers.

SD-WAN - comSpark 2019

Advanced Technology Consulting (ATC)

Anonymous Individual Integration for IoT

Paul Fremantle

This document proposes a new model called OAuthing for federated identity, access control, and data sharing in IoT. It describes the growth of IoT devices and privacy/security issues. The model includes a Device Identity Provider (DIdP) that provides anonymous identities and tokens, a Personal Cloud Middleware (PCM) that runs on behalf of each user to filter data, and an Intelligent Gateway (IG) that routes requests based on identities. It presents the implementation including a device bootloader, and prototype results showing it can support 400 brokers handling 10 messages/second each with low latency. Comparisons are made to related work which don't provide the same anonymous identities, registration processes, or personal middleware capabilities.

The 1st Step to Zero Trust: Asset Management for Cybersecurity

nathan-axonius

Eight years after former Forrester analyst John Kindervag introduced the Zero Trust model, the concept has hit the mainstream. As current Forrester analyst Chase Cunningham says, 85% of his calls involve zero trust. With the amount of interest in the concept, many organizations are rushing to understand how to implement the zero-trust model. In this guide, we’ll look at the first step to implementing zero trust: asset management.

Security for iot and cloud aug 25b 2017

Ulf Mattsson

The document discusses security considerations for Internet of Things (IoT) and cloud computing. It notes that by 2020, IoT security needs will account for 2% of total IoT project costs. Supply chain security will account for 15% of IoT security spending. The document also discusses how 95% of cloud security failures will be the customer's fault. It recommends using tools like cloud access security brokers and data-centric audit and protection strategies to help secure data in cloud environments.

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CloudIDSummit

IoT Security: Cases and Methods [CON5446]

Leonardo De Moura Rocha Lima

In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.

Libraries promoting economic development through collaboration

Sara Wedell

This presentation was created by Victoria Bennett and Bethany Kennedy of Washtenaw Community College and Sara Wedell of the Chelsea District Library. It recounts the establishment of an organization connecting libraries and business service organizations to help promote economic development and details the experiences of the Chelsea District Library as it introduces small business support programs into the Chelsea, MI community.

Philadelphia Naval Complex case study

ldscdr

What's hot

Cloud security

BikashPokharel3

Security in the Internet of Things

ForgeRock

The use case for Cassandra at Ping Identity

Ping Identity

Securing Software-as-a-Service: Cover your SaaS and protect enterprise data

Pistoia Alliance

Analysis-of-Security-Algorithms-in-Cloud-Computing [Autosaved]

Mahmuda Rahman

Cloud security

Tushar Kayande

IoT Security in Action - Boston Sept 2015

Eurotech

Presciense InterQuest IoT Talk

Jonathan Lishawa

Cryptography in Blockchain

EC-Council

$C:\fakepath\wg xcs data_lossprevention$ $C:\fakepath\wg xcs data_lossprevention$

C:\fakepath\wg xcs data_lossprevention

Yustinus Simon

Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...

Government Technology & Services Coalition

IoT/M2M Security

Yu-Hsin Hung

Menofia UN -Mobile Security

Ahmed Samara

Zero Trust

Boaz Shunami

SD-WAN - comSpark 2019

Advanced Technology Consulting (ATC)

Anonymous Individual Integration for IoT

Paul Fremantle

The 1st Step to Zero Trust: Asset Management for Cybersecurity

nathan-axonius

Security for iot and cloud aug 25b 2017

Ulf Mattsson

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

CloudIDSummit

IoT Security: Cases and Methods [CON5446]

Leonardo De Moura Rocha Lima

What's hot (20)

Cloud security

Security in the Internet of Things

The use case for Cassandra at Ping Identity

Securing Software-as-a-Service: Cover your SaaS and protect enterprise data

Analysis-of-Security-Algorithms-in-Cloud-Computing [Autosaved]

Cloud security

IoT Security in Action - Boston Sept 2015

Presciense InterQuest IoT Talk

Cryptography in Blockchain

$C:\fakepath\wg xcs data_lossprevention$ $C:\fakepath\wg xcs data_lossprevention$

C:\fakepath\wg xcs data_lossprevention

Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...

IoT/M2M Security

Menofia UN -Mobile Security

Zero Trust

SD-WAN - comSpark 2019

Anonymous Individual Integration for IoT

The 1st Step to Zero Trust: Asset Management for Cybersecurity

Security for iot and cloud aug 25b 2017

CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...

IoT Security: Cases and Methods [CON5446]

Viewers also liked

Libraries promoting economic development through collaboration

Sara Wedell

Philadelphia Naval Complex case study

ldscdr

Stronger Together: Public Library as Community Partner

Sara Wedell

Mm overview

spalroay

- The document discusses key concepts in materials management in SAP including procurement processes, inventory management, material master data, and material movements. - It describes the different types of procurement including consumable materials, procurement for stock, and procurement for consumables. Inventory management integrates with modules like financial accounting, controlling, and production. - The document outlines material movements like goods receipts, goods issues, and stock transfers and how they impact the material master, accounting, production, and inventory. Master and transactional data are also discussed.

Security in an Interconnected and Complex World of Software

Michael Coates

Michael Coates discusses security challenges in today's complex software world. Cybercrime costs over $100 billion annually. Most data breaches are caused by hacking rather than accidents. The security landscape is evolving with new technologies like cloud computing and the internet of things. Traditional security approaches like standards and hiring more people do not scale well. Instead, security needs to be integrated throughout the entire software development lifecycle and automated where possible to effectively secure systems at the speed and scale of modern development.

Pilot Study Project

ldscdr

Viewers also liked (6)

Libraries promoting economic development through collaboration

Philadelphia Naval Complex case study

Stronger Together: Public Library as Community Partner

Mm overview

Security in an Interconnected and Complex World of Software

Pilot Study Project

Similar to ORCON in 10 Minutes

Winkler Cloud, ORCON, and Mobility

Vic Winkler

This document discusses originator control (ORCON) and how it can provide persistent control over data as it is shared beyond the enterprise. ORCON is related to digital rights management and information rights management as it allows the originator or enterprise to specify access controls for shared data, such as preventing forwarding or rescinding access. The document argues that while networks and infrastructure are difficult to secure, focusing protection at the data layer through encryption and ORCON can provide better persistent control over sensitive data as it moves to different domains.

Con8819 context and risk aware access control any device any where - final

OracleIDM

This document summarizes an Oracle presentation on context and risk aware access control using Oracle Access Management 11gR2. The presentation discusses market trends driving demand for mobile and cloud security, as well as avoiding system fragmentation. It then outlines key features of Oracle Access Management 11gR2 such as simplified and innovative access management, flexible policy models, mobile authentication options, device-based security, context-aware authorization and risk-based authentication. The presentation also covers how Oracle Access Management uses identity context and real-time risk analysis to enhance security and user experience while lowering costs.

Faster, simpler, more secure remote access to apps in aws

Zscaler

1) The document discusses Zscaler's cloud-based platform for providing secure access to applications in AWS and hybrid cloud environments. It outlines how Zscaler Private Access (ZPA) implements a zero-trust network architecture by brokering secure connections between users and applications without placing users on the internal network. 2) ZPA provides policy-based access to internally managed applications using software-defined perimeters rather than traditional VPNs. It segments applications and enforces security policies through the Zscaler cloud. 3) The document provides an example workflow showing how ZPA can be configured to enable secure access to migrated applications in AWS within an hour, without requiring inbound connectivity or remote access to internal networks.

Oracle Database 11g Security and Compliance Solutions - By Tom Kyte

Edgar Alejandro Villegas

Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...

Indus Khaitan

Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...

SolarWinds

This document discusses cross-domain cyber situational awareness solutions from SolarWinds and BlueSpace. SolarWinds provides IT monitoring and management software, including their Enterprise Operations Console. BlueSpace provides cross-domain software solutions using their SmartXD technology. Together, SolarWinds and BlueSpace offer Sentinel, which uses certified data guards to provide cross-domain cyber situational awareness by extending the SolarWinds EOC interface across multiple isolated networks and clouds in a secure manner.

Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...

TheAnfieldGroup

This document describes a partnership between SolarWinds and BlueSpace to provide cross-domain cyber situational awareness, monitoring, and management. It summarizes SolarWinds' network monitoring software capabilities and introduces BlueSpace's Sentinel product, which uses BlueSpace's SmartXD technology to enable cross-domain access to SolarWinds' Enterprise Operations Console for improved cyber monitoring across isolated networks and clouds in a secure manner. The solution aims to increase visibility and efficiency while simplifying certification.

Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...

Proofpoint

Cloud-based file sharing and collaboration solutions are ripe for the picking, but what’s right for one organization might not be right for another. Accellion presented the pros and cons of various cloud computing choices at the InfoSec World 2013 Conference & Expo last month. To learn more about the top cloud considerations for file sharing and collaboration and to find out where you stand on the privacy and public cloud debate, check out this presentation entitled ”Do You Know Where Your Data Is?

XO _Hosted Security Product Overview__v.21 (1)

Pasquale Tursi

This document provides an overview of XO Communications' Hosted Security product. It is a cloud-based network security solution that fully manages and integrates solutions like next-generation firewalls, intrusion detection and prevention, web filtering, secure remote access, and a secure VPN. It allows customers to gain robust security protection without making capital expenditures or increasing staff. The solution is hosted on XO's network and provides high availability, scalability, and centralized management through an online customer portal.

Understanding Database Encryption & Protecting Against the Insider Threat wit...

MongoDB

The document discusses protecting databases from insider threats using MongoDB encryption. It describes how insider threats are on the rise and how privileged users can bypass traditional security to access sensitive data. The solution presented is using Vormetric transparent encryption to encrypt MongoDB databases, which applies encryption and access controls without changes to applications or the database. Key benefits include field-level encryption, blocking administrative users' access to raw data, and centralized key management on a separate device from encrypted data.

Cloud Security

Pyingkodi Maran

This document discusses various aspects of cloud security including cloud security challenges, areas of concern in cloud computing, how to evaluate risks, cloud computing categories, the cloud security alliance, security service boundaries, responsibilities by service models, securing data, auditing and compliance, identity management protocols, and Windows Azure identity standards. It provides information on policies, controls, and technologies used to secure cloud environments, applications, and data.

Presentation deploying oracle database 11g securely on oracle solaris

xKinAnx

Bridging the Cloud Sign-On Gap

OracleIDM

This document summarizes a webinar about bridging the gap between on-premise identity and access management solutions and cloud applications. The webinar discusses challenges in providing single sign-on, strong authentication, access control, compliance, and auditing when applications are hosted in the cloud. It also presents Oracle's ESSO Suite as a solution, which can generate and manage passwords for cloud applications, integrate on-premise strong authentication, ensure compliance by auditing access, and control user access through provisioning. The webinar aims to explain how the ESSO Suite can simplify access to cloud applications while increasing security.

UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...

Livingstone Advisory

How should we navigate the pitfalls of IT’s newest ‘big opportunity’? For individuals and small business, Cloud computing via the Internet offers unprecedented access to systems, software and technologies, previously restricted to the corporate world, at little or no cost. But for mid-sized and large organisations, the reality of adopting Cloud computing presents a whole new set of costs, risks and governance implications, quite different to those in traditional in-house IT systems. This public lecture provides a concise, plain English overview of Cloud computing and what it means for businesses in Australia. It explores the privacy, security, commercial, regulatory, cost, risk and internal governance challenges that organisations, as well as the wider community, should be aware of.

AWS Cloud Security

Amazon Web Services LATAM

The document provides an overview of AWS security presented by Max Ramsay. It discusses AWS security capabilities that are available to all customers regardless of business type. It focuses on case studies of how Serasa Experian and Trend Micro use AWS, highlighting benefits like agility, flexibility and cost reduction. The document also covers shared security responsibilities on AWS, compliance controls, network security features, and resources for learning more about AWS security best practices.

Top 10 Things Logs Can Do for You, Today

SolarWinds

Oracle presentation at Tech Summit PR 2014

Tech Summit PR 2014

This document discusses common myths about cloud computing and outlines the evolution of cloud models. It summarizes that while virtualization is related to cloud computing, it does not define cloud. The document also notes that public clouds are continuing to grow in adoption compared to private clouds. Additionally, it asserts that the benefits of cloud computing go beyond just cost reductions and include increased speed and elasticity. The document aims to dispel myths about cloud computing and help readers make informed choices about cloud options.

Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht

Infosecurity2010

1) The Jericho Forum aims to develop security standards to facilitate secure collaboration over open networks as businesses move away from traditional network perimeter security models. 2) Around fifty large organizations from different sectors globally work together through the Jericho Forum to address problems posed by this "de-perimeterization". 3) The document discusses security challenges posed by internal cloud computing and outlines the Jericho Forum's work to analyze issues, raise awareness, and establish requirements to help make cloud computing a safer option for collaboration.

Cloud security

Adeel Javaid

This document discusses cloud computing security and outlines key considerations for both cloud service providers and users. It describes the major cloud service models (SaaS, PaaS, IaaS) and deployment models (public, private, community, hybrid). The document then covers security pitfalls and responsibilities of providers versus users. Specific areas of focus include governance, compliance, data management, security, encryption, and access control. It emphasizes the importance of effective security controls and trust between providers and users for widespread adoption of cloud computing.

Lock it or Lose It: Why Every Company Should be Concerned About Data Security

SmartCompliance

Similar to ORCON in 10 Minutes (20)

Winkler Cloud, ORCON, and Mobility

Con8819 context and risk aware access control any device any where - final

Faster, simpler, more secure remote access to apps in aws

Oracle Database 11g Security and Compliance Solutions - By Tom Kyte

Oracle OpenWorld | CON9707 Enterprise Mobile Security Architecture beyond the...

Cross Domain Cyber Situational Awareness in a Multi Cloud, Multi-Network Fede...

Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Fran...

Do you Know Where Your Data Is? - Accellion InfoSec World 2013 Conference pre...

XO _Hosted Security Product Overview__v.21 (1)

Understanding Database Encryption & Protecting Against the Insider Threat wit...

Cloud Security

Presentation deploying oracle database 11g securely on oracle solaris

Bridging the Cloud Sign-On Gap

UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...

AWS Cloud Security

Top 10 Things Logs Can Do for You, Today

Oracle presentation at Tech Summit PR 2014

Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht

Cloud security

Lock it or Lose It: Why Every Company Should be Concerned About Data Security

Recently uploaded

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/ DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen! Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell. Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten. Diese Themen werden behandelt - Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten - Wie funktionieren CCB- und CCX-Lizenzen wirklich? - Verstehen des DLAU-Tools und wie man es am besten nutzt - Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw. - Praxisbeispiele und Best Practices zum sofortigen Umsetzen

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

RESUME BUILDER APPLICATION Project for students

KAMESHS29

Serial Arm Control in Real Time Presentation

tolgahangng

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Neo4j

Microsoft - Power Platform_G.Aspiotis.pdf

Uni Systems S.M.S.A.

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Paige Cruz

Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack. While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack. I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

SOFTTECHHUB

As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.

How to use Firebase Data Connect For Flutter

Daiki Mogmet Ito

みなさんこんにちはこれ何文字まで入るの？40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの？えこ...

名前です男

How to Get CNIC Information System with Paksim Ga.pptx

danishmna97

GraphRAG for Life Science to increase LLM accuracy

Tomaz Bratanic

“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...

Edge AI and Vision Alliance

For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/ Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit. In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing. van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.

“I’m still / I’m still / Chaining from the Block”

Claudio Di Ciccio

GenAI Pilot Implementation in the organizations

kumardaparthi1024

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

Mind map of terminologies used in context of Generative AI

Kumud Singh

Best 20 SEO Techniques To Improve Website Visibility In SERP

Pixlogix Infotech

Recently uploaded (20)

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

Essentials of Automations: The Art of Triggers and Actions in FME

RESUME BUILDER APPLICATION Project for students

Serial Arm Control in Real Time Presentation

GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024

Microsoft - Power Platform_G.Aspiotis.pdf

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf

Pushing the limits of ePRTC: 100ns holdover for 100 days

Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!

How to use Firebase Data Connect For Flutter

How to Get CNIC Information System with Paksim Ga.pptx

GraphRAG for Life Science to increase LLM accuracy

“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...

“I’m still / I’m still / Chaining from the Block”

GenAI Pilot Implementation in the organizations

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Mind map of terminologies used in context of Generative AI

Best 20 SEO Techniques To Improve Website Visibility In SERP

ORCON in 10 Minutes

3. © Cocoon Data Holdings Limited 2013. All rights reserved. First, Control The Data Adding strong security components to an otherwise weak system is usually NOT effective Encrypt the data and apply access controls Access Controls Persisting Control X ✔encrypted

4. © Cocoon Data Holdings Limited 2013. All rights reserved. Self-Defending Data •  Doesn’t grant access unless you meet it’s requirements •  Doesn’t care if the computer or network are hacked •  Every access is audited •  Originator can revoke access anytime •  …Every copy behaves the same way

5. © Cocoon Data Holdings Limited 2013. All rights reserved. So, What is ORCON? •  History: U.S. Intelligence Community -  Desired “Originator Control” in Closed-Network Information Sharing Examples: Rescind Access; Prevent Forwarding •  Extends classic access controls •  Has elements of: DRM, MAC, RBAC, ABAC, and Capability-Based approaches ORCON Persisting Originator Control over Data Data }

6. © Cocoon Data Holdings Limited 2013. All rights reserved. ORCON … •  Does it have to be “Originator” control? Not always. The enterprise may require default controls Other systems like DLP might “attach” additional ORCON •  It is a flexible framework for persisting controls …But, but how does it work?

8. © Cocoon Data Holdings Limited 2013. All rights reserved. Covata ORCON is Built on Other Access Control Models •  Again, the goal is control over your data -  ORCON extends your control -  It empowers control and sharing (X-domain and ad-hoc) •  In brief, ORCON: -  Extends traditional access controls with “persistent controls” -  These persistent controls can be “shaped” to meet your security needs •  ORCON is more lightweight than DRM | IRM | MAC •  ORCON is more flexible than DRM | IRM | MAC

9. © Cocoon Data Holdings Limited 2013. All rights reserved. What Is It? REST API SO 2.1 Server Client Apps Java API Client Apps Java API Client Apps Java API Client Apps Java API Client Apps Java API Windows Apps C# API Client Apps Java API Client Apps Java API iPhone/ iPad Apps Objective C API Client Libraries REST API

12. © Cocoon Data Holdings Limited 2013. All rights reserved. Value Proposition •  Accessible Crypto for Developers (helper libs) •  FIPS Compliant Crypto and Key Management •  All Accesses to Secured Data are ALWAYS Audited •  Persistent and Fine-Grained Originator Control Covata provides technology that enables persisting owner control over data for compliance with regulatory, privacy, security or data governance requirements

ORCON in 10 Minutes

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (6)

Similar to ORCON in 10 Minutes

Similar to ORCON in 10 Minutes (20)

Recently uploaded

Recently uploaded (20)

ORCON in 10 Minutes