COMPUTEX TAIPEI 2013 - Cloud Industry Forum
Topic: Securing the Cloud for a Connected Society
Speaker: Michael Poitner
Global Segment Marketing Director, Authentication, NXP Semiconductors
HYPR: The Leading Provider of True Passwordless Security®HYPR
Passwords and shared secrets are the #1 cause of breaches. But despite millions of dollars invested in authentication, your users still log in with passwords each day.
Backed by Comcast, Mastercard and Samsung, the HYPR cloud platform is designed to eliminate passwords and shared secrets across the enterprise. By replacing passwords with Public Key Encryption, HYPR removes the hackers’ primary target - forcing them to attack each device individually. With HYPR, businesses are finally able to deploy Desktop MFA and Strong Customer Authentication to millions of users worldwide.
Welcome to #ThePasswordlessCompany.
Traditional binary authentication (username & password) presents a number of security risks and usability impacts. But, what are the alternatives? During this session, you will learn from FIDO Alliance member and healthcare leader, Aetna in terms of how they are deploying next generation authentication across their mobile and web applications.
Rainer Enders from NCP Engineering presents: Debunking the Myths of SSL VPN Security.
"The NCP Secure Enterprise Solution provides a set of software products that enable complete policy freedom, unlimited scaling, multiple VPN-system setup and control, and total end-to-end security. Practically speaking, one administrator is able to handle 10,000+ secure remote users through all phases."
Learn more at: http://www.ncp-e.com
You can watch this presentation video at: http://inside-cloud.com/?p=2752
Zero Trust: the idea that all access to corporate resources should be restricted until the user has proven their identity and access permissions, and the device has passed a security profile check. A core concept for Okta.
This talk revisits the 2016 Mirai attack which targeted IoT devices including IP cameras, WiFi-connected refrigerators, home routers, and more. The resulting botnet was used to attack Dyn’s DNS platform, which affected many websites including Twitter, SoundCloud, Airbnb, and Spotify.
You will learn and discuss the answers to these questions and more:
• What is the current state of Mirai and Mirai variants?
• What Distributed Denial of Service (DDoS) defenses do you have in place?
• How can you prepare to detect and defend against them botnet malware?
• What is recommended in the September 2018 NISTIR Draft,
Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks.
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
This session will review digital identity’s transition from vulnerable authentication methods and what Microsoft and others are doing to address the hard problems associated with managing and protecting digital identities.
HYPR: The Leading Provider of True Passwordless Security®HYPR
Passwords and shared secrets are the #1 cause of breaches. But despite millions of dollars invested in authentication, your users still log in with passwords each day.
Backed by Comcast, Mastercard and Samsung, the HYPR cloud platform is designed to eliminate passwords and shared secrets across the enterprise. By replacing passwords with Public Key Encryption, HYPR removes the hackers’ primary target - forcing them to attack each device individually. With HYPR, businesses are finally able to deploy Desktop MFA and Strong Customer Authentication to millions of users worldwide.
Welcome to #ThePasswordlessCompany.
Traditional binary authentication (username & password) presents a number of security risks and usability impacts. But, what are the alternatives? During this session, you will learn from FIDO Alliance member and healthcare leader, Aetna in terms of how they are deploying next generation authentication across their mobile and web applications.
Rainer Enders from NCP Engineering presents: Debunking the Myths of SSL VPN Security.
"The NCP Secure Enterprise Solution provides a set of software products that enable complete policy freedom, unlimited scaling, multiple VPN-system setup and control, and total end-to-end security. Practically speaking, one administrator is able to handle 10,000+ secure remote users through all phases."
Learn more at: http://www.ncp-e.com
You can watch this presentation video at: http://inside-cloud.com/?p=2752
Zero Trust: the idea that all access to corporate resources should be restricted until the user has proven their identity and access permissions, and the device has passed a security profile check. A core concept for Okta.
This talk revisits the 2016 Mirai attack which targeted IoT devices including IP cameras, WiFi-connected refrigerators, home routers, and more. The resulting botnet was used to attack Dyn’s DNS platform, which affected many websites including Twitter, SoundCloud, Airbnb, and Spotify.
You will learn and discuss the answers to these questions and more:
• What is the current state of Mirai and Mirai variants?
• What Distributed Denial of Service (DDoS) defenses do you have in place?
• How can you prepare to detect and defend against them botnet malware?
• What is recommended in the September 2018 NISTIR Draft,
Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks.
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
This session will review digital identity’s transition from vulnerable authentication methods and what Microsoft and others are doing to address the hard problems associated with managing and protecting digital identities.
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
Space infrastructure has become an integral part of everyday life, with individuals, businesses and governments relying overwhelmingly on it. However, despite the space industry’s technical sophistication, its cybersecurity efforts have lagged behind that of other high-tech sectors.
Block Armour has developed a next-gen Zero Trust Cybersecurity solution explicitly designed for connected devices, integrated IoT systems and related communication networks. And, is extending the solution to deliver Zero Trust Cybersecurity for Software-defined Space based Systems.
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour
The rapid adoption of Cloud technology and employees working from home due to Covid-19 has resulted in highly distributed and hybrid IT ecosystems. Cyberattacks are on the rise and legacy tools like VPNs are unable to deliver secure access for today’s modern enterprise-IT environments
Block Armour offers a Unified Secure Access solution to provide secure and compliant access to enterprise-IT systems for users working within the office or remotely. The integrated solution - based on Zero Trust principles - delivers secured access to on-prem and Cloud / multi-Cloud based systems
It replaces four traditional point products (VPN, NAC, Cloud Firewall, and Multi-Factor Authentication) while additionally delivering next-gen Zero Trust Network Access and Server Protection.
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...CODE BLUE
Tons of insecure IoT devices are out there and ready to be compromised to join next IoT botnet or misused in even more serious threats. Since many of them are unmanaged, the situation does not seem to improve naturally in a short term. This talk will focus on series of efforts on discovery, monitoring, analysis, and notification of these devices trying to clean up "the mess".
An overview of Secure IoT development using Java technologies. A brief overview of some recent attacks, some considerations on what to consider and the related Java technologies
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
One of the toughest IT challenges has been figuring out how to allow users to bring their own devices to work while maintaining the security of internal apps. It becomes even more complicated when a good chunk of users are partners, contractors, and other third parties—those who present a disproportionately high security risk.
-IoT Security is a Safety/Privacy Issue
-Consider the devices you bring into your home and to work
Video Links:
-Hue: https://www.youtube.com/watch?v=7TOsFqqJgj4
-Slow Cooker: https://www.walmart.com/ip/BLACK-DECKER-WiFi-Enabled-6-Quart-Slow-Cooker/128745799
-Smart Toilet: https://www.youtube.com/watch?v=HyZ7S4fE5v4
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTTransUnion
The Internet of Things is here, and has begun transforming society at every level. For consumers, it brings the promise of non-stop seamless connectivity to a host of useful things, including smart cars, smart refrigerators and smart meters in homes, as well as keyless hotels, automated health and fitness tools, and internet-enabled toys.
But with this unfettered access comes the unique challenge of authentication in this new IoT world: How do we determine that someone or something is, indeed, who or what it claims to be? How do we insure strong (and accurate) authentication in an interfaceless, machine-to-machine world?
Five Things to Know About Authentication for Consumer IoT Products:
In this webinar Michael Thelander, iovation’s’ product marketing manager for authentication products solutions, will walk us through the current state of authentication in the everyday world of consumer-centric, non-industrial IoT technologies.
* What about privacy?
* What standards or frameworks are available to guide authentication in this new age?
* Is a password even necessary any more?
* How long before mobile devices become your primary proxy in the consumer IoT?
* What pitfalls might come with the burgeoning IoT? (Other than Skynet, of course)
Michael will review recent research, cite experts in the field, and give recommendations on how your and your customers can “stay ahead of the power curve” as the number of consumers with IoT devices begins its hockey-stick growth.
More and more IoT vulnerabilities are found and showcased at security events. From connected thermostats to power plants!
Insecurity became the favorite subject for creating catchy IoT headlines: "Connected killer toaster", "Fridges changed into spamming machines","Privacy concerns around connected home".
We will explore the five challenges one has to face when building a secure IoT solution:
- hardware security: how to avoid rogue firmwares and keep your security keys safe?
- upgrade strategy: you can't secure what you can't update!
- secure transport: no security without secure transports.
- security credentials distribution: how to distribute security keys to a fleet with millions of devices?
- cloud vulnerability mitigation, how to keep your fleet of devices safe from the next Heartbleed?
Current enterprise infrastructure provides solutions for handling application security but are they really matching the IoT challenge? Could running a PKI client on a low power wireless sensor node be an option?
Despite those difficulties, we will show how a modern IoT device management standard like Lightweight M2M with DTLS is the way for building a secur-first IoT solutions. It provides a solution for upgrading your device, distributing your security keys and comes with a full range of cryptography cipher suites, from PSK algorithm for very constrained devices to high level of security using X.509 certificates.
Furthermore for adding security to your solution we will present you ready to use opensource libraries for implementing secure IoT servers and devices. The way for quickly releasing your next catchy connected product.!
Ultimately we will showcase Wakaama and Leshan, the Eclipse IoT Lightweight M2M implementation maybe your next best friend in the troubled water of Internet-Of-Things security!
Presented at Internet of Things Stream Conference 2015 in San Francisco by Mark Benson on April 2nd, 2015.
ABSTRACT: The growth of IoT is occurring at an incredible rate, justly raising alarms about security and privacy issues as we become increasingly reliant on these intelligent, interconnected devices in our lives and businesses. How are we to protect billions of devices from attacks and intrusions that could compromise our personal privacy, public safety, or business viability? Building an IoT solution involves securing sensors, devices, networks, cloud platforms, web applications, and mobile applications for diverse industries. This presentation examines the landscape of emerging security challenges posed by connected devices and offers a catalog of security deployment patterns that have been successfully used by some of the world’s most well known OEMs to deploy connected product fleets.
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
As mobile devices become more and more prevalent in our lives, the clash between security and usability moves to the forefront. Apple integrated TouchID into its main mobile devices products (iPhones/iPads). In Apple’s controlled fashion, access to the TouchID was unavailable at first and has been expanded over subsequent releases. With this expansion is a new world of authentication possible?
In this talk, we will explore the architecture of TouchID and the how Apple is pushing biometrics into the forefront of consumer-based products. As companies start embracing biometrics, there are standard client-side authentication risks and TouchID Implementations risk. We will explore the architecture and common implementations, to understand possible hidden risks, and how to strengthen the implementations.
In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
While the Internet of Things (IoT) is growing significantly in the number of devices and capabilities, there is little thought given to security by the manufacturers and software developers for these devices. This talk will explore one mechanism, using open standards, to add a layer of security and convenience for devices connecting to a personal cloud including the challenges that exist to make it a reality.
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security.
Consumerization of IT and BYOD are here – and it’s a GOOD thing. Today's dynamic workplaces and hyper-competitive markets drive demand for more mobile productivity solutions. Nearly 70% of enterprise employees report making better decisions, being more productive and happier if they are allowed to use mobile devices and cloud-based tools. Yet, IT organizations often resist these trends because of cost and risk associated with multi-platform, multi-device ecosystem having access to corporate data and resources.
In this webinar, product experts from Sencha and Centrify will help your organization embrace BYOD and SaaS in a cost-effective, scalable way. Sencha Space is an advanced platform for securely deploying mobile apps and delivering a consistent, elegant, mobile user experience to end-users. Users can launch any mobile web app, or HTML5 app in a secure, managed environment. Combining Space with secure, Active Directory- or Cloud-Based Identity and Access Management (IAM) from Centrify gives IT visibility and control over mobile platforms and SaaS / in-house apps while improving user experience and reducing security risk.
The Future of Mobile Application SecuritySecureAuth
The rapid adoption of mobile technology in recent years has created an opportunity for enterprises to increase the productivity and flexibility of their organizations. This demand for greater mobility has forced enterprises to deliver sensitive applications and data across a wide array of devices and networks.
SecureAuth and Sencha have created an integrated approach to application, data, and user mobility that elegantly addresses these challenges.
-Secure enterprise application deployment
-End-to-end data security with strong encryption
-Managed application container that works on any device
-Developer SDK for creating rich application user experiences
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
Space infrastructure has become an integral part of everyday life, with individuals, businesses and governments relying overwhelmingly on it. However, despite the space industry’s technical sophistication, its cybersecurity efforts have lagged behind that of other high-tech sectors.
Block Armour has developed a next-gen Zero Trust Cybersecurity solution explicitly designed for connected devices, integrated IoT systems and related communication networks. And, is extending the solution to deliver Zero Trust Cybersecurity for Software-defined Space based Systems.
Block Armour Unified Secure Access Solution (based on Zero Trust principles)Block Armour
The rapid adoption of Cloud technology and employees working from home due to Covid-19 has resulted in highly distributed and hybrid IT ecosystems. Cyberattacks are on the rise and legacy tools like VPNs are unable to deliver secure access for today’s modern enterprise-IT environments
Block Armour offers a Unified Secure Access solution to provide secure and compliant access to enterprise-IT systems for users working within the office or remotely. The integrated solution - based on Zero Trust principles - delivers secured access to on-prem and Cloud / multi-Cloud based systems
It replaces four traditional point products (VPN, NAC, Cloud Firewall, and Multi-Factor Authentication) while additionally delivering next-gen Zero Trust Network Access and Server Protection.
[CB20] Cleaning up the mess: discovery, monitoring, analysis, and notificatio...CODE BLUE
Tons of insecure IoT devices are out there and ready to be compromised to join next IoT botnet or misused in even more serious threats. Since many of them are unmanaged, the situation does not seem to improve naturally in a short term. This talk will focus on series of efforts on discovery, monitoring, analysis, and notification of these devices trying to clean up "the mess".
An overview of Secure IoT development using Java technologies. A brief overview of some recent attacks, some considerations on what to consider and the related Java technologies
Three ways-zero-trust-security-redefines-partner-access-v8Zscaler
One of the toughest IT challenges has been figuring out how to allow users to bring their own devices to work while maintaining the security of internal apps. It becomes even more complicated when a good chunk of users are partners, contractors, and other third parties—those who present a disproportionately high security risk.
-IoT Security is a Safety/Privacy Issue
-Consider the devices you bring into your home and to work
Video Links:
-Hue: https://www.youtube.com/watch?v=7TOsFqqJgj4
-Slow Cooker: https://www.walmart.com/ip/BLACK-DECKER-WiFi-Enabled-6-Quart-Slow-Cooker/128745799
-Smart Toilet: https://www.youtube.com/watch?v=HyZ7S4fE5v4
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTTransUnion
The Internet of Things is here, and has begun transforming society at every level. For consumers, it brings the promise of non-stop seamless connectivity to a host of useful things, including smart cars, smart refrigerators and smart meters in homes, as well as keyless hotels, automated health and fitness tools, and internet-enabled toys.
But with this unfettered access comes the unique challenge of authentication in this new IoT world: How do we determine that someone or something is, indeed, who or what it claims to be? How do we insure strong (and accurate) authentication in an interfaceless, machine-to-machine world?
Five Things to Know About Authentication for Consumer IoT Products:
In this webinar Michael Thelander, iovation’s’ product marketing manager for authentication products solutions, will walk us through the current state of authentication in the everyday world of consumer-centric, non-industrial IoT technologies.
* What about privacy?
* What standards or frameworks are available to guide authentication in this new age?
* Is a password even necessary any more?
* How long before mobile devices become your primary proxy in the consumer IoT?
* What pitfalls might come with the burgeoning IoT? (Other than Skynet, of course)
Michael will review recent research, cite experts in the field, and give recommendations on how your and your customers can “stay ahead of the power curve” as the number of consumers with IoT devices begins its hockey-stick growth.
More and more IoT vulnerabilities are found and showcased at security events. From connected thermostats to power plants!
Insecurity became the favorite subject for creating catchy IoT headlines: "Connected killer toaster", "Fridges changed into spamming machines","Privacy concerns around connected home".
We will explore the five challenges one has to face when building a secure IoT solution:
- hardware security: how to avoid rogue firmwares and keep your security keys safe?
- upgrade strategy: you can't secure what you can't update!
- secure transport: no security without secure transports.
- security credentials distribution: how to distribute security keys to a fleet with millions of devices?
- cloud vulnerability mitigation, how to keep your fleet of devices safe from the next Heartbleed?
Current enterprise infrastructure provides solutions for handling application security but are they really matching the IoT challenge? Could running a PKI client on a low power wireless sensor node be an option?
Despite those difficulties, we will show how a modern IoT device management standard like Lightweight M2M with DTLS is the way for building a secur-first IoT solutions. It provides a solution for upgrading your device, distributing your security keys and comes with a full range of cryptography cipher suites, from PSK algorithm for very constrained devices to high level of security using X.509 certificates.
Furthermore for adding security to your solution we will present you ready to use opensource libraries for implementing secure IoT servers and devices. The way for quickly releasing your next catchy connected product.!
Ultimately we will showcase Wakaama and Leshan, the Eclipse IoT Lightweight M2M implementation maybe your next best friend in the troubled water of Internet-Of-Things security!
Presented at Internet of Things Stream Conference 2015 in San Francisco by Mark Benson on April 2nd, 2015.
ABSTRACT: The growth of IoT is occurring at an incredible rate, justly raising alarms about security and privacy issues as we become increasingly reliant on these intelligent, interconnected devices in our lives and businesses. How are we to protect billions of devices from attacks and intrusions that could compromise our personal privacy, public safety, or business viability? Building an IoT solution involves securing sensors, devices, networks, cloud platforms, web applications, and mobile applications for diverse industries. This presentation examines the landscape of emerging security challenges posed by connected devices and offers a catalog of security deployment patterns that have been successfully used by some of the world’s most well known OEMs to deploy connected product fleets.
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
As mobile devices become more and more prevalent in our lives, the clash between security and usability moves to the forefront. Apple integrated TouchID into its main mobile devices products (iPhones/iPads). In Apple’s controlled fashion, access to the TouchID was unavailable at first and has been expanded over subsequent releases. With this expansion is a new world of authentication possible?
In this talk, we will explore the architecture of TouchID and the how Apple is pushing biometrics into the forefront of consumer-based products. As companies start embracing biometrics, there are standard client-side authentication risks and TouchID Implementations risk. We will explore the architecture and common implementations, to understand possible hidden risks, and how to strengthen the implementations.
In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
While the Internet of Things (IoT) is growing significantly in the number of devices and capabilities, there is little thought given to security by the manufacturers and software developers for these devices. This talk will explore one mechanism, using open standards, to add a layer of security and convenience for devices connecting to a personal cloud including the challenges that exist to make it a reality.
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security.
Consumerization of IT and BYOD are here – and it’s a GOOD thing. Today's dynamic workplaces and hyper-competitive markets drive demand for more mobile productivity solutions. Nearly 70% of enterprise employees report making better decisions, being more productive and happier if they are allowed to use mobile devices and cloud-based tools. Yet, IT organizations often resist these trends because of cost and risk associated with multi-platform, multi-device ecosystem having access to corporate data and resources.
In this webinar, product experts from Sencha and Centrify will help your organization embrace BYOD and SaaS in a cost-effective, scalable way. Sencha Space is an advanced platform for securely deploying mobile apps and delivering a consistent, elegant, mobile user experience to end-users. Users can launch any mobile web app, or HTML5 app in a secure, managed environment. Combining Space with secure, Active Directory- or Cloud-Based Identity and Access Management (IAM) from Centrify gives IT visibility and control over mobile platforms and SaaS / in-house apps while improving user experience and reducing security risk.
The Future of Mobile Application SecuritySecureAuth
The rapid adoption of mobile technology in recent years has created an opportunity for enterprises to increase the productivity and flexibility of their organizations. This demand for greater mobility has forced enterprises to deliver sensitive applications and data across a wide array of devices and networks.
SecureAuth and Sencha have created an integrated approach to application, data, and user mobility that elegantly addresses these challenges.
-Secure enterprise application deployment
-End-to-end data security with strong encryption
-Managed application container that works on any device
-Developer SDK for creating rich application user experiences
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
View recorded webinar - http://get.skycure.com/accessibility-clickjacking-webinar
Accessibility Clickjacking, a vulnerability discovered by Skycure’s Mobile Threat Defense Research Team, is a method hackers may use to gain complete control over an Android device, including acquiring elevated privileges and exposing the content of all apps on the device.
It can compromise container solutions and is extremely difficult to detect.
It will be a quick intro about Cloud Security Alliance (CSA). Overview of current cloud security research, events and other opportunities are covered. We will touch cloud security related certifications (for professionals and companies that provide cloud offerings)/ CSA Lviv Chapter membership and active participation will be discussed as well.
Cisco Tech Advantage Webinar. June 4th, 2014
Video: http://youtu.be/RkmMi9qea5Y
IoT is everywhere, from smart meters on houses to parking sensors in the ground – all devices are connected to the Internet. Internet engineers are helping traditional industries solve new industrial world challenges by connecting billions of new devices. An exciting part of the IoT journey is the integration between both worlds: Information Technology (IT) and Operation Technology (OT). For that a systems approach is required to scale the existing Internet infrastructure to accommodate IoT use cases, while making IT technology easy to adopt for OT operators.
In this session you will learn:
IoT infrastructure challenges and the need for open standards and partner ecosystem
Key elements to build large-scale IoT systems as IPv6, access control, plug and play, distributed intelligence and contextual awareness
Introduction to fog computing and advantages of extending cloud computing and services
Looking ahead to the future
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCloudIDSummit
With the growing threat and public concern around the use of legacy username/password mechanisms for authentication and authorisation, many are now turning to the mobile phone as a way of providing solutions that are convenient and provide peace of mind for the user as well as meeting the security requirements and expectations of both Service Providers and Government/Regulatory Bodies keen to protect the interests of citizens. We’ll look at the role the mobile phone (and mobile operator) can play in supporting a wide range of different use cases bringing together industry initiatives such as GSMA Mobile Connect and the FIDO Alliance.
Security from the Start: Optimizing Your Acquia Experience with Acquia Cloud...Rachel Wandishin
The threat landscape of DDoS attacks, data breaches, and performance disruption continues to become more complex and overwhelming. You don’t have to worry alone.
At Acquia, our suite of Acquia Cloud Edge solutions allows your team to deliver faster, reliable digital experiences and sites that are protected from threats and disruption. On average, Acquia Cloud Edge blocks more than 13 million threats per week.
Join Brad LaPorte, Acquia Security Product Manager, to learn how your organization can build security best practices from the start:
In this webinar, Brad LaPorte will outline:
- An overview of the current state of the threat landscape.
- Detailed examples on how Acquia can help your organization become more secure.
- Best practices on protecting your environment from the start and beyond.
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Ranjan Jain
These slides were presented by Ranjan Jain, Enterprise IT Architect at Cisco Systems during the Ping Identity WorldWide User Group meet at Napa on July 7th 2013. Ranjan talked about what Inbound Federation and Zero Sign On means to enterprises like Cisco and how Cisco and Ping Identity have joined hands together to solve this problem by building cloud connector to tackle it.
The 5 Crazy Mistakes IoT Administrators Make with System CredentialsBeyondTrust
In this presentation from his webinar, Rob Black, CISSP, Founder and Managing Principal of Fractional CISO, explores IoT architectures, the different types of credentials in an IoT system, the common challenges with IoT credential management, and what you can do to mitigate the risks of credential-based attacks.
You can also watch the full webinar on-demand here: https://www.beyondtrust.com/resources/webinar/5-crazy-mistakes-administrators-make-iot-system-credentials/
Topic: Accelerating the Big Data Industry with Intel Solid-State Drive Data Center Family
Speaker: Bill Leszinske, Jr., Vice President, Technology and Manufacturing Group, Intel
Topic: How the Internet of Things Has Changed the Way You Should Look at Storage
Speaker: Brendan Collins, Vice President, Product Marketing, HGST, a Western Digital Company
Topic: Moving from Cloud Computing to Fog Computing: How the “Internet of Things will Change the Way We Live and Work
Speaker: Jeff Hagins, Co-founder & CTO, SmartThings
Topic: A Parallel IoT Universe: How parallel processing will power the next wave of computing
Speaker: Scott Aylor, Corporate Vice President & General Manager, AMD Embedded Solutions
2014 IoT Forum_Mobile World Capital BarcelonaCOMPUTEX TAIPEI
Topic: Mobile World Capital Barcelona:The challenge of mobile transformation
Speaker: Carles Gomara (Coordinator Mobile World Capital International Program)
Topic: Augmented Internet of Things
Speaker: Francois Guibert (Executive Vice President and President, Greater China and South Asia Region STMicroeletronics)
Topic: Wearable Technologies Enabling the Next Wave of Internet of Things Innovation
Speaker: Ting Wei,Li (Senior Vice Present of Sales President of Greater China Broadcom)
Re-architecting the Datacenter to Deliver Better Experiences (Intel)COMPUTEX TAIPEI
COMPUTEX TAIPEI 2013 - Cloud Industry Forum
Topic: Re-architecting the Datacenter to Deliver Better Experiences
Speaker:Lisa H. Graff
Vice President and General Manager of Datacenter Marketing Group, Intel
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
1. Securing the Cloud for a
Connected Society
Computex – Cloud Industry Forum
Taipei, June 6, 2013
Michael Poitner
2. Table of Contents
Online Authentication Facts
Today’s 2-factor Authentication Solutions
Google’s “War on Password” and Solution
Hardware Secure Elements and Threats
Introduction to Fido (Fast Identity Online)
User vs. Device Authentication
Overview NXP
Page 2
6/6/2013
Securing The Cloud – War On Password
3. Online Authentication: few facts
Username and password prevalent for the past 40 years: Still adapted?
Although I connect to 8
different services per day,
I use some of them very
I own 25 online accounts.
a password re-initialization
seldom and sometimes
In you expect
user has 6.5
Doaverage, athe service
costs the to me to
forget $15 associated
different passwords
remember
provider
password. 25 passwords?
• Account takeover (ATF+NAF)
rose by 50% in 2012 (Javelin March
2013)
• Average 25 accounts per user
• 6.5 different passwords
• 8 services used per day in
average
• $15 per password re-initialization
User
Page 3
Service
Provider
6/6/2013
• Passwords are being
• Reused
• Phished
• Keylogged
Securing The Cloud – War On Password
4. Online Authentication: more facts
Passwords are not secure enough
Some more hacking incidents
Cisco IOS Passwords Issue: March 18
Michelle Obama, Hillary Clinton, Britney
Spears, …: March 11
Evernote hacked, Password reset for 50M:
March 2
cPanel web hosting control service
hacked: Feb 28
Google 2-step verification tricked: Feb 26
Facebook, Apple, Microsoft corporate
network hacked: Feb 22
250,000 Twitter accounts (Burger King,
Jeep) hacked: Feb 19
Source: Ponemon Institute 2013 (sponsored by NokNok Labs Inc.)
Page 4
6/6/2013
Securing The Cloud – War On Password
5. Good Pa$$phr@ses#1 are rare
Source: http://www.troyhunt.com/2011/03/only-secure-password-is-one-you-cant.html
Page 5
6/6/2013
Securing The Cloud – War On Password
6. Online Authentication: few facts
Multi-factors authentication proved efficiency in reducing fraud
Multi-Factor Authentication,
e.g. a token and a secret
I don’t want to carry one
(Pin or password) each of
physical token for proved
veryaccounts.
my secure
User
Page 6
• With Chip-and-PIN card
introduction in UK, fraud has
decreased by 69%
• For user convenience, tokens
should be shared between
services
Service
Provider
6/6/2013
Securing The Cloud – War On Password
6
7. Online Authentication: few facts
PC is no longer the only access platform
What about securing to
Please don’t ask me
My TVthesmartphone
I use my now connected.
accesses credential back
move is through my
Iand forth between all my
can console? my
more use it than Mymy to
gameoften access PC
favorite Facebook
access content
connected car?
platforms
• 64% of Facebook users via
Smartphone, up by 57% yearover-year (FB Q4-12)
• By 2016, 100M homes will be
equipped with SmartTV in US and
Western Europe (NPD In-Stat 2012)
• Must have consistent level of
security through all platforms
User
Page 7
Service
Provider
6/6/2013
Security level is defined
• Solution must
by the weakest link. We be user-friendly:
avoid too
must insure utmost many user
securitymanipulations
through all
platforms
Securing The Cloud – War On Password
8. Today’s 2-factor solutions (consumer)
Something you have + Something you know
SMS OTP
• Cost (user and issuer)
OTP App/
Soft Certificates
• Delay
• Vulnerable to malware
on host system
• Use proprietary
algorithms
• No 2nd factor if
phone/tablet is
used for Internet
access
• Coverage issues
• Typically one per site
OTP Security
• Phishable
Convenience/
Features
• Cannot hold identity
• OTP not calculated in a
Secure Element
6/6/2013
• On the large side
• Type 6 or 8 digits into
the phone
• Vulnverable to MITM and
MITB attacks
Page 8
OTP fobs
• No contactless interface
Securing The Cloud – War On Password
9. Google declared “War On Passwords”
IEEE paper
“Authentication at Scale”
Wired article Jan 18
“Gnubby” term leaked
on Google blog Jan 18
Yubico blog Jan 21
Google protocol
RSA conference Feb 25
Strong user auth
Strong auth everywhere
FIDO membership
U2F working group April 18
Page 9
6/6/2013
Securing The Cloud – War On Password
10. Authentication System Architecture
AUTHENTICATION
PROTOCOL
END USER
RELYING PARTY WEBSITE
DISCOVERY
BROWSER
MOBILE
APP
WEB APPLICATION
PROVISIONING
DEVICE ABSTRACTION
AUTHENTICATION
AUTHENTICATION
SERVER
IDENTITY
SYSTEMS
AUTHENTICATION VALIDATION
SERVICES
Page 10
6/6/2013
Securing The Cloud – War On Password
11. Hardware Secure Element: a natural
placeholder for security credentials
• Tamper resistant: credentials can’t be duplicated nor altered
• Proven security: core technology for banking cards and e-passports
• Works on Windows, Mac and Linux. No driver needed.
• Standardized and “open”: Supports multiple web sites
• Ubiquitous interface: USB or NFC
Page 11
6/6/2013
Securing The Cloud – War On Password
12. Typical Secure Element attacks
Micro-probing
Forcing
Manipulation
Electron Microscopy
Atomic Force
Microscopy (AFM)
Contrast Etching
Decoration
Page 12
6/6/2013
Global And Local Light
Attacks
Spike/Glitch injection
Alpha Particle
Penetration
Securing The Cloud – War On Password
Non invasive Attacks: Leakage
Invasive Attacks
Reverse
Engineering
Delayering
Semi-invasive Attacks: Fault Attacks
Combined Attacks
Photo emission
Analysis
EMA
Analysis
Timing
Analysis
SPA/DPA
Analysis
13. NXP has joined the
FIDO alliance board
Board Members
Page 13
6/6/2013
Securing The Cloud – War On Password
14. FIDO System Architecture
FIDO
AUTHENTICATION
PROTOCOL
END USER
RELYING PARTY WEBSITE
DISCOVERY
BROWSER
MOBILE
APP
WEB APPLICATION
PROVISIONING
FIDO AUTHENTICATION CLIENT
(WINDOWS, MAC, IOS, ANDROID…)
DEVICE ABSTRACTION
FIDO
AUTHENTICATION
6/6/2013
SERVER
IDENTITY
SYSTEMS
AUTHENTICATION VALIDATION
SERVICES
FIDO AUTHENTICATORS
Page 14
AUTHENTICATION
Securing The Cloud – War On Password
15. User vs. Device Authentication
Protect sensitive
networks and
infrastructures
• Industrial
Control
• Smart
Grid
Secure
communications
and services
• Medical
Devices
secure firmware
management
Trust
provisioning
Tailored
solution
Bank-grade
security
Credential
management
Page 15
• Cloud
Services
6/6/2013
Securing The Cloud – War On Password
16. NXP Semiconductors
NXP
Strong Innovation Pipeline:
Distinctive Technologies:
Headquarters: Eindhoven/NL
Over $600M / year in R&D
Portfolio of secure/non-secure MCU
Employees: ~25,000 employees
3,200 engineers
Embedded non-volatile & flash
11,000 patents
Mixed signal processing
Down to 40nm processes
Zero power RF & NFC
in more than 25 countries
Net sales: $4.3B in 2012
Page 16
6/6/2013
Securing The Cloud – War On Password
17. NXP is the Identification Industry’s
#1 Semiconductor Supplier
eGovernment
Bank Cards
Smart Mobility
(MIFARE) Cards
Tags & Authentication
Readers
Mobile
Page 17
6/6/2013
Securing The Cloud – War On Password
18. Thank you for your
attention!
michael.poitner@nxp.com
http://www.us-cert.gov/
http://krebsonsecurity.com/
http://www.schneier.com/
https://www.grc.com/haystack.htm