Key2Share is a new solution for NFC-enabled Android smartphones that allows enterprise employees to access offices and other enterprise premises using digital access control tokens stored on their mobile phones. The Key2Share app utilizes Near Field Communication (NFC) technology, which enables the phone to emulate a contactless smartcard that can be used with standard contactless smartcard readers.
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0 Block Armour
IOT Armour is a next-gen Zero Trust Cybersecurity solution designed for fourth industrial revolution. The platform leverages digital signature based identity and authentication for humans, machines and data; securing interconnected systems and communication networks while tightly ring-fencing OT and IT systems. IOT Armour harnesses Software-Defined Perimeter (SDP) architecture, private Blockchain and TLS technology to deliver end-to-end security for Industry 4.0.
Block Armour Zero Trust Solution for Hybrid and Distributed IT environmentsBlock Armour
Block Armour delivers a holistic Zero Trust cybersecurity solution for today's hybrid and distributed IT environments - A single solution to secure on-premise and cloud systems as well as connected devices in the Internet of Things (IoT)
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0 Architecture Block Armour
IOT Armour is a next-gen Zero Trust Cybersecurity solution designed for fourth industrial revolution. The platform leverages digital signature based identity and authentication for humans, machines and data; securing interconnected systems and communication networks while tightly ring-fencing OT and IT systems. IOT Armour harnesses Software-Defined Perimeter (SDP) architecture, private Blockchain and TLS technology to deliver end-to-end security for Industry 4.0.
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0 Block Armour
IOT Armour is a next-gen Zero Trust Cybersecurity solution designed for fourth industrial revolution. The platform leverages digital signature based identity and authentication for humans, machines and data; securing interconnected systems and communication networks while tightly ring-fencing OT and IT systems. IOT Armour harnesses Software-Defined Perimeter (SDP) architecture, private Blockchain and TLS technology to deliver end-to-end security for Industry 4.0.
Block Armour Zero Trust Solution for Hybrid and Distributed IT environmentsBlock Armour
Block Armour delivers a holistic Zero Trust cybersecurity solution for today's hybrid and distributed IT environments - A single solution to secure on-premise and cloud systems as well as connected devices in the Internet of Things (IoT)
IoT Armour - Next-gen Zero Trust Cybersecurity for Industry 4.0 Architecture Block Armour
IOT Armour is a next-gen Zero Trust Cybersecurity solution designed for fourth industrial revolution. The platform leverages digital signature based identity and authentication for humans, machines and data; securing interconnected systems and communication networks while tightly ring-fencing OT and IT systems. IOT Armour harnesses Software-Defined Perimeter (SDP) architecture, private Blockchain and TLS technology to deliver end-to-end security for Industry 4.0.
IoT has undoubtedly opened newer business opportunities to improve operations across industries. Though some of the research reports say that the market will witness a short-term slump in the adoption rates owing to Covid-19, it will soar over the long run as organizations adjust to the new normal. IoT Security has become one of the most crucial factors in deciding the fate of IoT Adoption during and post the pandemic. As the devices grow, so does the need to protect and secure them from intrusions into the networks and spying.
In this session Ronnie and Kevin will provide a brief history of authentication, discuss today’s authentication risks and
challenges then look at how modern multi-factor authentication services can help keep businesses and access to
their data secure and compliant. The talk covers cloud services, on premise servers, RADIUS and mobile devices. It
will also explores what’s next with Windows 10 Hello and Passport technologies before wrapping up with a Q&A.
Strong Authentication and US Federal Digital ServicesFIDO Alliance
A presentation from Paul Grassi, senior standards and technology advisor, NIST, on FIDO Authentication in applications within the US Federal Digital Services.
Smart OpenID brings strong authentication for internet cloud service access to mobile devices by leveraging the crypto capabiliteis provided by smart cards and secure elements in mobile phones.
Presentation held at Chip-To-Cloud Forum in Nice, September 2012
smartXS is compact and robust 'Access and Time Attendance' system. In current scenario where security requirements are becoming stringent, we provide different access control and Identification systems to meet modern security needs. The systems are reliable, robust, easy to install with minimum support.
Block Armour: Zero Trust Cybersecurity Block Armour
Block Armour delivers a holistic Zero Trust cybersecurity solution for today's hybrid and distributed IT environments - A single solution to secure on-premise and cloud systems as well as connected devices in the Internet of Things (IoT)
Connected vehicles: An Overview on Security, Vulnerabilities and RemediesMadhur Gupta
White papers on Connected Vehicles on Security & Safety aspects, Vulnerabilities, impact on socio-economic life of People
Please go through this to get a glipse of the facinating opportunities and potential work streams.
The Internet of things (IoT) and Information security are two rapidly growing markets, This presentation demonstrates an innovative solution for product development to leverage the opportunity and capture these markets.
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsNok Nok Labs, Inc
The rise in mobile and cloud computing continue to drive the urgent need to rethink whether authentication is fit for purpose. The Mobile Network Operators (MNO) are well positioned to participate in this evolution, by enabling the secure storage of credentials within the SIM and delivering authentication-driven services to their business customers.
These slides cover:
- The respective roles of the FIDO Alliance, The Organization for the Advancement of Structured Information Standards (OASIS) and The OpenID Foundation;
- GSMA’s Mobile Connect program which supports the use of mobile devices for authentication purposes;
- The benefits of Nok Nok’s FIDO Ready™ technology for the MNO
An overview of the Alliance, the problem we are addressing the password problem, how FIDO is addressing it, the new ecosystem we are creating and the road ahead.
IoT has undoubtedly opened newer business opportunities to improve operations across industries. Though some of the research reports say that the market will witness a short-term slump in the adoption rates owing to Covid-19, it will soar over the long run as organizations adjust to the new normal. IoT Security has become one of the most crucial factors in deciding the fate of IoT Adoption during and post the pandemic. As the devices grow, so does the need to protect and secure them from intrusions into the networks and spying.
In this session Ronnie and Kevin will provide a brief history of authentication, discuss today’s authentication risks and
challenges then look at how modern multi-factor authentication services can help keep businesses and access to
their data secure and compliant. The talk covers cloud services, on premise servers, RADIUS and mobile devices. It
will also explores what’s next with Windows 10 Hello and Passport technologies before wrapping up with a Q&A.
Strong Authentication and US Federal Digital ServicesFIDO Alliance
A presentation from Paul Grassi, senior standards and technology advisor, NIST, on FIDO Authentication in applications within the US Federal Digital Services.
Smart OpenID brings strong authentication for internet cloud service access to mobile devices by leveraging the crypto capabiliteis provided by smart cards and secure elements in mobile phones.
Presentation held at Chip-To-Cloud Forum in Nice, September 2012
smartXS is compact and robust 'Access and Time Attendance' system. In current scenario where security requirements are becoming stringent, we provide different access control and Identification systems to meet modern security needs. The systems are reliable, robust, easy to install with minimum support.
Block Armour: Zero Trust Cybersecurity Block Armour
Block Armour delivers a holistic Zero Trust cybersecurity solution for today's hybrid and distributed IT environments - A single solution to secure on-premise and cloud systems as well as connected devices in the Internet of Things (IoT)
Connected vehicles: An Overview on Security, Vulnerabilities and RemediesMadhur Gupta
White papers on Connected Vehicles on Security & Safety aspects, Vulnerabilities, impact on socio-economic life of People
Please go through this to get a glipse of the facinating opportunities and potential work streams.
The Internet of things (IoT) and Information security are two rapidly growing markets, This presentation demonstrates an innovative solution for product development to leverage the opportunity and capture these markets.
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsNok Nok Labs, Inc
The rise in mobile and cloud computing continue to drive the urgent need to rethink whether authentication is fit for purpose. The Mobile Network Operators (MNO) are well positioned to participate in this evolution, by enabling the secure storage of credentials within the SIM and delivering authentication-driven services to their business customers.
These slides cover:
- The respective roles of the FIDO Alliance, The Organization for the Advancement of Structured Information Standards (OASIS) and The OpenID Foundation;
- GSMA’s Mobile Connect program which supports the use of mobile devices for authentication purposes;
- The benefits of Nok Nok’s FIDO Ready™ technology for the MNO
An overview of the Alliance, the problem we are addressing the password problem, how FIDO is addressing it, the new ecosystem we are creating and the road ahead.
E-Passport: Deploying Hardware Security Modules to Ensure Data Authenticity a...SafeNet
In the wake of acts of terrorism occurring worldwide, it has become imperative for countries to increase the level of security at their borders. To assist in
their efforts for stronger border security, countries around the globe are implementing an e-passport program.
The objective of this document is to highlight a vulnerability within the eID scheme ("Online-Ausweis-Funktion") of the German National Identity Card. This vulnerability compromises the hardware security, enabling an attacker to effectively carry out scalable Man-In-The-Middle attacks. The attack does not require remote code execution, physical access, or similar approaches and can be executed through apps uploaded to the official app stores. Such attacks compromise access to services that rely on eID security, including government services, eHealth platforms, and banking systems. Additionally, the attacker can extract the personal data stored in the eID. This attack requires no special privileges and can be executed remotely. Due to the nature of the vulnerability as a design flaw, implementing countermeasures may prove challenging or impractical. The vulnerability has the CVE ID CVE-2024-23674 and a CVSS rating of 9.7 (Critical).
FAD® is an autograph signature on electronic media, functional equivalent of the handwritten signature on paper
It integrates video of the moment the signature is made,
record of the autograph and video of the agreement
acceptance; on the whole, FAD® provides 13 security and audit
elements that makes it the only platform of its kind in the world
Zero Trust security for connected devices, critical IoT infrastructure and 5G...Block Armour
IoT Armour is a next-gen Zero Trust Cybersecurity solution designed explicitly to provide next-gen digital identity and access control for all users, connected devices, integrated IoT systems and associated communication networks. SDP architecture renders core systems and IoT gateways invisible to attackers; while customized agents along with private Blockchain technology delivers a new breed of digital identity and access control. Our Identity, Authentication and Controlled Access is based on blockchain-based Digital id’s, not just IP Address; which is crucial for 5G networks. All communication between devices and control systems is secured using 4096 bit RSA encryption.
The Internet of Things (IoT) offers many industries significant new opportunities, but it also exposes them and their customers to a host of security issues. Securing the IoT requires new ways of thinking that can defend the enterprise and its customers against attackers and privacy abuses.
CIS14: Securing the Internet of Things with Open StandardsCloudIDSummit
George Fletcher, AOL, Inc.
Exploring one mechanism, using open standards, to add a layer of security and convenience for devices connecting to a
personal cloud, including the challenges that exist to make it a reality.
Enterprise secure identity in the cloud with Single Sign On and Strong Authen...GARL
A presentation by Giuseppe "Gippa" Paternò", GARL Director, at Brighton event "Open Source, the Cloud and your business" on 18th November 2014
Enterprise secure identity in the cloud with Single Sign On and Strong Authentication
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
While the Internet of Things (IoT) is growing significantly in the number of devices and capabilities, there is little thought given to security by the manufacturers and software developers for these devices. This talk will explore one mechanism, using open standards, to add a layer of security and convenience for devices connecting to a personal cloud including the challenges that exist to make it a reality.
Smart Card Security; Technology and AdoptionCSCJournals
Newly, smart card technology are being used in a number of ways around the world, on the other hand, security has become significant in information technology, especially in those application involving data sharing and transactions through the internet. Furthermore, researches in information technology acceptance have identified the security as one of the factor that can influence on smart card adoption. This research is chiefly to study the security principals of smart card and assess the security aspects’ affect on smart card technology adoption. In order to achieve this purpose, a survey was conducted among the 640 university students to measure the acceptance of smart card technology from security aspects.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
1. Key2Share: NFC-enabled
Smartphone-based Access Control
Alexandra Dmitrienko
Cyberphysical Mobile Systems Security Group
Fraunhofer SIT, Darmstadt
In collaboration with TU Darmstadt, Center for Advanced Security
Research in Darmstadt (CASED), Intel Collaborative Research Institute for
Secure Computing (ICRI-SC) at TU-Darmstadt, Bosch Security Systems
2. + NFC =
Near Field Communication (NFC)
Applications
mPayments
services in one touch
mTicketing
4. Smartphone as a Door Key
Access control by enterprises to their facilities
Access control in private sector (houses, garages)
4
5. Access to hotel rooms
5
Smartphone as a Door Key
6. Smartphone as a Car Key/Immobilizer
Fleet management by enterprises
Car sharing with family members or friends
6
7. Smartphone as a Car Key/Immobilizer
Car sharing by rental/car sharing companies
7
8. Smartphone for Access to Storage
Facilities
Access to safes in hotel rooms
Lockers in luggage storage at train stations/airports
8
DHL packing stations
11. Usual Keys vs. SmartCards vs. Key2Share
11
Usual Keys SmartCards Key2Share
Distribution Requires physical
access
Requires physical
access
Remote
Revocation Requires physical
access or replacement
of the lock
Remote Remote
Delegation Not possible Not possible Possible
Context-aware
access (e.g.,
time frame)
Not possible Possible Possible
13. Key Sharing
The key to be shared is represented as a QR-code
Can be sent to the recipient per e-mail, MMS
or scanned by a camera of another device
14. QR Code: What’s Inside?
14
Electronic keys of Key2Share are similar to passports
Issued by a central authority Government Enterprise
Issued for a particular entity Citizen Employee
Has binding to an identity of
an entity it is issued for
Photo
Cryptographic key
bound to the platform
Public (not a secret) Yes Yes (encrypted)
17. Platform Security
Different trade-offs between security and requirements
to a mobile device
17
Built-in Security
Mechanisms of Mobile OS
System level software-based
security extensions
Hardware-based
security extensions
More secureLess secure
No extra requirements to
mobile hardware and
system software (e.g.,
operating system)
Requires update of system
software (e.g., OS)
Requires support in
hardware. Available
only on some
mobile platforms
18. Platform Security
Require support in hardware
e.g., Giesecke & Devrient Mobile
Security Card http://www.gd-
sfs.com/the-mobile-security-
card/
Can be attached to the device
via microSD card slot 18
provided by BizzTrust
architecture
http://www.bizztrust.de/
Hardware-based security
extensions
Software-based security
extensions
21. Proof of Concept with Bosch Security Systems:
Key2Share as Access Pass
Key2Share as Building Block in Bosch‘s
„Access-Control-as-a-Service“
Compatibility with already deployed
infrastructure (wireless readers, management
software)
Current Work