IS Sumup

•

1 like•473 views

The document discusses information security. It begins by defining information safe as protecting certain properties of information. It then lists some major security problems like confidentiality, integrity, and trust, and provides examples of encryption and hashing techniques to address confidentiality and integrity. The document emphasizes that everyone involved in a project, from developers to testers to managers, must care about security. It also stresses understanding security at the theoretical level as well as finding and fixing vulnerabilities. The presentation ends with inviting questions from the audience.

Technology

Agenda
 What’s information safe.
 Major problems and solutions.
 Why must care.
 Security ...
 Q&A

Hoang V.Nguyen 5/1/2010 2

What’s information safe

 In some cases, some properties of information
must be protected

 Our tasks
?What properties
?How to protect
Hoang V.Nguyen 5/1/2010 3

Major problems and solutions
 Confidentiality
• E: PxK C
such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k)
• D: CxK P
 Integrity
• You cannot protect
• But you can detect
 Trust
• Make a belief to Alice and Bob

 Others ….
• ….

Hoang V.Nguyen 5/1/2010 4

Major problems and solutions
R
R C4
 Confidentiality
• E: PxK C DES S Elliptic Curve
such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k)
blowfish IDEA A
• D: CxK P
 Integrity CMAC
• You cannot protect Skien hash Family
• But you can detect
HMAC
Digital signature
 Trust
• Make a belief to Alice and Bob
Certificate Authority
 Others ….
• ….

Hoang V.Nguyen 5/1/2010 5

Why must care?
User
Developer Project manager

Our jobs?
Designer
Tester
Make security
Consultant
Coder
Solution Consultant Maintainer
Business analyst
Hoang V.Nguyen 5/1/2010 6

Security….
 What
• Theory
• Solution/pattern
• Design
• System
 How
• Understand
• Try to attack, and discover vulnerability
• Fix

Hoang V.Nguyen 5/1/2010 7

Security….

Michael Howard & others Andy Oram & John Viega Michael Howard & others

The Security Development Lifecycle by Michael Howard & Steve Lipner 2006

Hoang V.Nguyen 5/1/2010 8

Recently uploaded

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

Bits & Pixels using AI for Good.........

Alison B. Lowndes

UiPath Test Automation using UiPath Test Suite series, part 3

DianaGray10

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

Knowledge engineering: from people to machines and back

Elena Simperl

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

Recently uploaded (20)

Accelerate your Kubernetes clusters with Varnish Caching

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

GraphRAG is All You need? LLM & Knowledge Graph

Essentials of Automations: Optimizing FME Workflows with Parameters

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

JMeter webinar - integration with InfluxDB and Grafana

Bits & Pixels using AI for Good.........

UiPath Test Automation using UiPath Test Suite series, part 3

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Knowledge engineering: from people to machines and back

UiPath Test Automation using UiPath Test Suite series, part 4

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Key Trends Shaping the Future of Infrastructure.pdf

IS Sumup

1. INFORMATION SAFE SUMUP Hoang V.Nguyen

2. Agenda  What’s information safe.  Major problems and solutions.  Why must care.  Security ...  Q&A Hoang V.Nguyen 5/1/2010 2

3. What’s information safe  In some cases, some properties of information must be protected  Our tasks ?What properties ?How to protect Hoang V.Nguyen 5/1/2010 3

4. Major problems and solutions  Confidentiality • E: PxK C such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) • D: CxK P  Integrity • You cannot protect • But you can detect  Trust • Make a belief to Alice and Bob  Others …. • …. Hoang V.Nguyen 5/1/2010 4

5. Major problems and solutions R R C4  Confidentiality • E: PxK C DES S Elliptic Curve such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) blowfish IDEA A • D: CxK P  Integrity CMAC • You cannot protect Skien hash Family • But you can detect HMAC Digital signature  Trust • Make a belief to Alice and Bob Certificate Authority  Others …. • …. Hoang V.Nguyen 5/1/2010 5

6. Why must care? User Developer Project manager Our jobs? Designer Tester Make security Consultant Coder Solution Consultant Maintainer Business analyst Hoang V.Nguyen 5/1/2010 6

7. Security….  What • Theory • Solution/pattern • Design • System  How • Understand • Try to attack, and discover vulnerability • Fix Hoang V.Nguyen 5/1/2010 7

8. Security…. Michael Howard & others Andy Oram & John Viega Michael Howard & others The Security Development Lifecycle by Michael Howard & Steve Lipner 2006 Hoang V.Nguyen 5/1/2010 8

9. Q&A Hoang V.Nguyen 5/1/2010 9

IS Sumup

Recommended

Recommended

More Related Content

More from Hoang Nguyen

More from Hoang Nguyen (20)

Recently uploaded

Recently uploaded (20)

IS Sumup