ExpertSoft provides best SAP ewm 9.1 online training for USA, UK, Australia, New Zealand and Singapore students with our industry experienced professionals. Fore more details, Please visit our website
Streamlining logistics execution at Arla Foods with SAP Extended Warehouse Ma...Rocket Consulting Ltd
This presentation discusses Arla Foods' implementation of SAP Extended Warehouse Management (EWM) to streamline logistics execution. Key points include:
1) Arla Foods is a large dairy company that needed an integrated WMS to support new automated distribution centers with features like voice picking, RFID, and automated vehicle integration.
2) SAP EWM was selected as it could meet requirements like standard integration, material flow systems, and future flexibility better than their customized SAP WM system.
3) The project blueprinted processes, configured EWM templates, and executed the implementation. This provided real-time integration, optimized processes, and improved traceability.
4) Benefits included
The document provides an overview of the SAP EWM Solution along with its benefits, value propositions, capabilities as well as other aspects.
The discussion also covers the key EWM baseline configurations as well as preparing the master data required.
SAP MM Génération, impression, distribution dossiers AchatSEAL Systems
SAP dispose d’un module dédié à la gestion documentaire : SAP DMS. Celui-ci est peu connu, il permet pourtant de gagner en productivité et de sécuriser les processus opérationnels SAP lorsqu’il est bien utilisé.
En effet, les processus métiers SAP nécessitent de créer des dossiers qui se composent des formulaires SAP et de documents associés(plans, modes opératoires, consignes de sécurité…). La génération de ces dossiers se décompose en différentes opérations manuelles coûteuses en temps et comportant des risques d’erreurs... (Recherche manuelle de documents, impression interactive, tri manuel, distribution manuelle...) (Tous les documents doivent-ils être imprimés ? Est-ce dans la bonne séquence ? Est-ce que c’est la bonne version du document ? ...)
SEAL Systems vous propose de découvrir sa solution DMS PUR qui permet de générer et distribuer automatiquement les dossiers d'achat (SAP MM ). La simple opération d'impression de la commande permet de lancer en arrière plan, tout le processus de recherche, de constitution et diffusion du dossier d'achat.
All levels of society rely upon information technology systems. Network operations are pervasive and impact nearly every aspect of our society. The desire of companies to collect, use, store, and secure information about customers, employees, and other individuals is a requirement of the new economy. It is no wonder that the prevalence of electronic communications and a growing dependency on cyber structures and operations also create potential vulnerabilities to cyberattacks. It is critical to preserve information systems and address and prevent weaknesses in cyber protection efforts. This webinar examines the means for companies to reach data goals ethically, efficiently and legally. The panel will also discuss the evolving regulatory approaches of the European Union, United States Federal government and significant developments in U.S. state regimes, including California. Best practices and model comprehensive privacy and cybersecurity policies are discussed. And, data breach response and related litigation, including class action litigation issues and fiduciary duty violations under corporate law, are discussed.
Part of the webinar series: CORPORATE & REGULATORY COMPLIANCE BOOTCAMP 2022 - PART I
See more at https://www.financialpoise.com/webinars/
- SAP has two main warehouse management solutions: ERP WM (included with SAP ERP) and SCM Extended Warehouse Management (EWM, a separate component).
- ERP WM is suited for basic to complex warehouse requirements while EWM is designed for large, high-volume warehouses with very complex requirements.
- A number of choice criteria were presented to help determine which solution is better suited for different warehouse characteristics and requirements such as volume, complexity, integration needs, and type of processes performed.
- The presentation provided an overview of the history and functionalities of the two solutions and was meant to help customers choose the optimal warehouse management offering from SAP.
The document discusses Enterprise Resource Planning (ERP) systems. It defines ERP as a business application that integrates all business processes in an organization. ERP provides an integrated view of various functions to help effectively manage resources and improve efficiency. Benefits of ERP include improved productivity, lower costs, reduced inventory and lead times, better analysis and planning capabilities, and increased organizational transparency. The document also discusses key ERP modules, features, vendors, implementation considerations, and common myths about ERP systems.
ExpertSoft provides best SAP ewm 9.1 online training for USA, UK, Australia, New Zealand and Singapore students with our industry experienced professionals. Fore more details, Please visit our website
Streamlining logistics execution at Arla Foods with SAP Extended Warehouse Ma...Rocket Consulting Ltd
This presentation discusses Arla Foods' implementation of SAP Extended Warehouse Management (EWM) to streamline logistics execution. Key points include:
1) Arla Foods is a large dairy company that needed an integrated WMS to support new automated distribution centers with features like voice picking, RFID, and automated vehicle integration.
2) SAP EWM was selected as it could meet requirements like standard integration, material flow systems, and future flexibility better than their customized SAP WM system.
3) The project blueprinted processes, configured EWM templates, and executed the implementation. This provided real-time integration, optimized processes, and improved traceability.
4) Benefits included
The document provides an overview of the SAP EWM Solution along with its benefits, value propositions, capabilities as well as other aspects.
The discussion also covers the key EWM baseline configurations as well as preparing the master data required.
SAP MM Génération, impression, distribution dossiers AchatSEAL Systems
SAP dispose d’un module dédié à la gestion documentaire : SAP DMS. Celui-ci est peu connu, il permet pourtant de gagner en productivité et de sécuriser les processus opérationnels SAP lorsqu’il est bien utilisé.
En effet, les processus métiers SAP nécessitent de créer des dossiers qui se composent des formulaires SAP et de documents associés(plans, modes opératoires, consignes de sécurité…). La génération de ces dossiers se décompose en différentes opérations manuelles coûteuses en temps et comportant des risques d’erreurs... (Recherche manuelle de documents, impression interactive, tri manuel, distribution manuelle...) (Tous les documents doivent-ils être imprimés ? Est-ce dans la bonne séquence ? Est-ce que c’est la bonne version du document ? ...)
SEAL Systems vous propose de découvrir sa solution DMS PUR qui permet de générer et distribuer automatiquement les dossiers d'achat (SAP MM ). La simple opération d'impression de la commande permet de lancer en arrière plan, tout le processus de recherche, de constitution et diffusion du dossier d'achat.
All levels of society rely upon information technology systems. Network operations are pervasive and impact nearly every aspect of our society. The desire of companies to collect, use, store, and secure information about customers, employees, and other individuals is a requirement of the new economy. It is no wonder that the prevalence of electronic communications and a growing dependency on cyber structures and operations also create potential vulnerabilities to cyberattacks. It is critical to preserve information systems and address and prevent weaknesses in cyber protection efforts. This webinar examines the means for companies to reach data goals ethically, efficiently and legally. The panel will also discuss the evolving regulatory approaches of the European Union, United States Federal government and significant developments in U.S. state regimes, including California. Best practices and model comprehensive privacy and cybersecurity policies are discussed. And, data breach response and related litigation, including class action litigation issues and fiduciary duty violations under corporate law, are discussed.
Part of the webinar series: CORPORATE & REGULATORY COMPLIANCE BOOTCAMP 2022 - PART I
See more at https://www.financialpoise.com/webinars/
- SAP has two main warehouse management solutions: ERP WM (included with SAP ERP) and SCM Extended Warehouse Management (EWM, a separate component).
- ERP WM is suited for basic to complex warehouse requirements while EWM is designed for large, high-volume warehouses with very complex requirements.
- A number of choice criteria were presented to help determine which solution is better suited for different warehouse characteristics and requirements such as volume, complexity, integration needs, and type of processes performed.
- The presentation provided an overview of the history and functionalities of the two solutions and was meant to help customers choose the optimal warehouse management offering from SAP.
The document discusses Enterprise Resource Planning (ERP) systems. It defines ERP as a business application that integrates all business processes in an organization. ERP provides an integrated view of various functions to help effectively manage resources and improve efficiency. Benefits of ERP include improved productivity, lower costs, reduced inventory and lead times, better analysis and planning capabilities, and increased organizational transparency. The document also discusses key ERP modules, features, vendors, implementation considerations, and common myths about ERP systems.
Order to Cash. Cash is King. Prime elements, points that block successful ETE flow. KPI's/metics and how to guage where your company really ranks: a Business leader, Average, or Laggard.
This document outlines an training agenda for SAP Extended Warehouse Management (EWM). It will provide an introduction to EWM, how to deploy it, key terminology, and executing basic inbound processes. The training will cover organizational elements and master data, warehouse process types, integration with ERP, goods receipt, goods issue, storage control, warehouse orders, and additional special processes like quality inspection, production integration, and physical inventory. It aims to help professionals build their career in EWM.
O documento discute a importância crescente da cibersegurança, destacando estatísticas sobre o uso da Internet, ameaças cibernéticas e ataques de Estados-nação. Também enfatiza que cada usuário deve assumir responsabilidade pela própria segurança online.
This document provides an overview of SAP Material Management (MM) and outlines the steps to configure the organizational and master data structures needed to perform procurement processes in SAP. Key points include: SAP MM allows companies to manage procurement and inventory; configuration involves setting up organizational units like plants, purchasing organizations and defining master data; and the procurement cycle follows the steps of determining requirements, creating a purchase order, goods receipt, and invoice posting.
This 26-day course provides an overview of key concepts and processes in SAP Sales and Distribution (SD) module including order fulfillment. The course agenda covers configuring organizational units and master data, sales documents, pricing, availability checks, free goods, billing, credit management, variant configuration, and rebate processing. Daily topics include organizational structure, pricing conditions, tax determination, material determination, and intercompany sales. The objective is for participants to understand and configure the end-to-end sales order fulfillment cycle in SAP SD.
This document provides information on SAP training courses for the oil and gas industry. It includes courses that cover:
- Primary and secondary distribution processes with SAP for oil and gas
- Production and ownership accounting with SAP's Production Revenue Accounting (PRA) module
- Joint venture accounting (JVA) with SAP
- Remote logistics management (RLM) for supplying offshore oil platforms
- Production sharing accounting (PSA) for production sharing contracts
- An overview of SAP's secondary distribution functionality for oil and gas
- Oil and gas business processes and organizational structures
Each course listing provides details on duration, target audience, prerequisites, goals, content, and software used.
Inroduction to ERP system core functions and challenages.pptxnagarajan740445
An ERP system allows an organization to integrate applications across business functions like accounting, manufacturing, sales, and marketing. Implementing an ERP system is a complex process that typically involves planning, configuring, and deploying the system over several phases. Key benefits of ERP implementation include improved information accuracy and availability, enhanced reporting, cost savings, and better customer service. However, ERP projects also face challenges such as inadequate requirements definition, resistance to change, unrealistic timelines, and poor communication. Careful planning is required to successfully implement an ERP system.
Old Dominion Freight Line provides warehousing and logistics services across the United States using SAP's yard management functionality. Yard management allows companies to efficiently manage the flow of vehicles and materials through the yard by tracking activities like check-in, loading, scheduling docks, and check-out. Implementing yard management requires understanding SAP's features, integrating it with warehouse and transportation processes, and following best practices like setting clear goals, making fast decisions, and leveraging industry expertise.
Baan 4 to Infor LN differences training on how to upgrade from Baan to LN. This presentation is for the new Order Management (Sales, Purchasing, Pricing) functionality. If you still have Baan 4, FourthShift, Microsoft Dynamics GP, SAP R/3 or any other legacy ERP, then you might want to consider Infor LN. We specialize in Baan 4 to LN migrations but can handle upgrades from virtually any manufacturing ERP to the new Infor CloudSuites. For more information and how-to content, visit http://inforln.com or contact Dan Aldridge at 703.251.4504 for the full presentations.
This document provides an overview of enterprise resource planning (ERP) systems. It defines ERP as a business strategy and set of applications that optimize collaborative processes across an enterprise. The goal of ERP is to acquire, retain, and grow profitable customers. ERP offers integrated solutions for key business functions. Implementing an ERP system is a complex, costly, and time-intensive process that typically takes over a year and $10 million. The benefits of ERP include increased integration, efficiency, accuracy and cost reduction, while the challenges include time needed for implementation and ongoing security issues.
Présentation synthétique de SAP Extended Warehouse Management (SAP EWM. SAP EWM est la solution de gestion de centre de distribution de SAP. SAP EWM permet de répondre efficacement aux enjeux des entrepôts et centres de distribution complexes grâce à sa richesse fonctionnelle.
Webinar: Transforming Warehouse Operations with SAP EWMWise Men
Requirements for data volume, performance and process flexibility made a new architecture necessary
Extends the basic concept of Transfer Orders to enable process flexibility – moves away from just Managing Stocks to Controlling Processes
High risk to change existing architecture in a mature application (WM) with thousands of live customers
Follows on from the Decentralised SAP warehouse concept
Closing the Loop in Your Procure-to-Pay ProcessSAP Ariba
Without connecting invoice processing to the broader source-to-settle process, a P2P transformation project will have limited success. In this session, you will hear how you can implement a "closed-loop" P2P process that enforces invoices against catalogs, orders, and contracts; monitors supplier performance; and improves control over your spend.
SAP Extended Warehouse Management (SAP EWM) can be used to increase efficiency and accuracy for production processes. SAP EWM integrates warehouse management with production execution by facilitating the dynamic needs of production. It can leverage tools like radio frequency, conveyors, and barcodes. Key concepts include handling units, batch management, quality inspection, and stock management. The organizational structure and master data setup are critical for integrating SAP EWM with production order management and compliance.
Litle & Co. is a leading financial technology company that provides card payment processing solutions. They have processing centers in Massachusetts and Colorado and serve clients in industries like online retail, media, and bill payment. Litle recently launched Litle Vault, an integrated tokenization service that replaces card numbers with unique tokens to improve security and reduce PCI compliance scope for merchants. Tokenization benefits merchants by limiting data breaches and liability from stolen card numbers while still allowing transactions to be processed. Litle Vault generates tokens that preserve the card number format and can be used across multiple merchants to process payments securely.
This document proposes a decentralized KYC (Know Your Customer) system using blockchain and IPFS. The current centralized KYC systems have issues like single points of failure, data redundancy, and third party involvement. The proposed system stores user identity data like documents and photos in a distributed IPFS database for redundancy and security. It then stores the IPFS hash and username on an Ethereum blockchain to make the data immutable. This removes single points of failure and third party involvement. Testing showed the proposed system uses less gas, making it more cost efficient than alternatives without using IPFS for storage. The system provides the same functionality as traditional KYC systems in a decentralized manner with improved security, efficiency and trust.
Ramnath has over 9 years of experience in telecom CRM, billing and charging solutions. He currently works as a Principal Engineer at Quintiles Technologies where he is involved in implementing rating and billing systems using Oracle databases. He has expertise in requirement gathering, documentation, database design, and testing. Ramnath seeks a role that utilizes his experience in information technology and telecom domains.
Token has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement no 825268. The TOKEN project has developed an experimental ecosystem that simplifies the implementation and adoption of Blockchain and Decentralized technologies within Public Services via 4 use cases and a plug and play platform offering various blockchain services and components. The TOKEN platform can be used by any developer to build decentralized apps and services without needing to deploy their own infrastructure.
Blockchain and Internet of Things: Why a Perfect MatchFabio Antonelli
While blockchain gained a lot of interest particularly in the FinTech domain, it is in the IoT space that most of the advantages brought by blockchain could be exploited. In this talk you will see how blockchain can help in addressing some of the most challenging problems of IoT such as scalability, security, data privacy and why the decentralised nature of blockchain perfectly matches with the intrinsic distributed and decentralised nature of IoT.
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
This document discusses privacy and security considerations for financial institutions using cloud services. It begins with an introduction of the speaker, Ulf Mattsson, and his background working with standards bodies. The rest of the document discusses opportunities and challenges around analytics, machine learning, and complying with privacy laws in the cloud. It provides examples of how techniques like homomorphic encryption, differential privacy, and secure multi-party computation can be applied to use cases in areas like payments, risk assessment, and secondary data usage. The document concludes with a discussion of hybrid cloud environments and maintaining consistent security policies across on-premises and cloud platforms.
This document summarizes a presentation on API and data security. The agenda includes introductions of the speaker and organizers, an overview of API security threats and vulnerabilities, and demonstrations of OAuth, JWT, cryptography techniques for data encryption, and API security policies. The presentation covers best practices for API security such as enabling HTTPS, using OAuth and JWT for authentication, restricting payload sizes to prevent DDoS attacks, and applying API policies for rate limiting and threat protection. It also demonstrates client management and identity management use cases using OpenID Connect and SAML with Okta.
This document proposes a blockchain-based system for recording building permit data in Indonesia. It identifies problems with the current manual paper-based system such as lack of transparency, vulnerability to manipulation, and inefficiency. The proposed blockchain system would address these by providing an immutable, decentralized digital record of permits. The design identifies key assets, participants and transactions. It proposes implementing the system using the Hyperledger platform with Composer tools. Testing showed the blockchain network could process permit transactions within 30 seconds on average. The conclusion is that blockchain is capable of supporting an electronic building permit recording system by maintaining integrity and transparency of permit records.
Order to Cash. Cash is King. Prime elements, points that block successful ETE flow. KPI's/metics and how to guage where your company really ranks: a Business leader, Average, or Laggard.
This document outlines an training agenda for SAP Extended Warehouse Management (EWM). It will provide an introduction to EWM, how to deploy it, key terminology, and executing basic inbound processes. The training will cover organizational elements and master data, warehouse process types, integration with ERP, goods receipt, goods issue, storage control, warehouse orders, and additional special processes like quality inspection, production integration, and physical inventory. It aims to help professionals build their career in EWM.
O documento discute a importância crescente da cibersegurança, destacando estatísticas sobre o uso da Internet, ameaças cibernéticas e ataques de Estados-nação. Também enfatiza que cada usuário deve assumir responsabilidade pela própria segurança online.
This document provides an overview of SAP Material Management (MM) and outlines the steps to configure the organizational and master data structures needed to perform procurement processes in SAP. Key points include: SAP MM allows companies to manage procurement and inventory; configuration involves setting up organizational units like plants, purchasing organizations and defining master data; and the procurement cycle follows the steps of determining requirements, creating a purchase order, goods receipt, and invoice posting.
This 26-day course provides an overview of key concepts and processes in SAP Sales and Distribution (SD) module including order fulfillment. The course agenda covers configuring organizational units and master data, sales documents, pricing, availability checks, free goods, billing, credit management, variant configuration, and rebate processing. Daily topics include organizational structure, pricing conditions, tax determination, material determination, and intercompany sales. The objective is for participants to understand and configure the end-to-end sales order fulfillment cycle in SAP SD.
This document provides information on SAP training courses for the oil and gas industry. It includes courses that cover:
- Primary and secondary distribution processes with SAP for oil and gas
- Production and ownership accounting with SAP's Production Revenue Accounting (PRA) module
- Joint venture accounting (JVA) with SAP
- Remote logistics management (RLM) for supplying offshore oil platforms
- Production sharing accounting (PSA) for production sharing contracts
- An overview of SAP's secondary distribution functionality for oil and gas
- Oil and gas business processes and organizational structures
Each course listing provides details on duration, target audience, prerequisites, goals, content, and software used.
Inroduction to ERP system core functions and challenages.pptxnagarajan740445
An ERP system allows an organization to integrate applications across business functions like accounting, manufacturing, sales, and marketing. Implementing an ERP system is a complex process that typically involves planning, configuring, and deploying the system over several phases. Key benefits of ERP implementation include improved information accuracy and availability, enhanced reporting, cost savings, and better customer service. However, ERP projects also face challenges such as inadequate requirements definition, resistance to change, unrealistic timelines, and poor communication. Careful planning is required to successfully implement an ERP system.
Old Dominion Freight Line provides warehousing and logistics services across the United States using SAP's yard management functionality. Yard management allows companies to efficiently manage the flow of vehicles and materials through the yard by tracking activities like check-in, loading, scheduling docks, and check-out. Implementing yard management requires understanding SAP's features, integrating it with warehouse and transportation processes, and following best practices like setting clear goals, making fast decisions, and leveraging industry expertise.
Baan 4 to Infor LN differences training on how to upgrade from Baan to LN. This presentation is for the new Order Management (Sales, Purchasing, Pricing) functionality. If you still have Baan 4, FourthShift, Microsoft Dynamics GP, SAP R/3 or any other legacy ERP, then you might want to consider Infor LN. We specialize in Baan 4 to LN migrations but can handle upgrades from virtually any manufacturing ERP to the new Infor CloudSuites. For more information and how-to content, visit http://inforln.com or contact Dan Aldridge at 703.251.4504 for the full presentations.
This document provides an overview of enterprise resource planning (ERP) systems. It defines ERP as a business strategy and set of applications that optimize collaborative processes across an enterprise. The goal of ERP is to acquire, retain, and grow profitable customers. ERP offers integrated solutions for key business functions. Implementing an ERP system is a complex, costly, and time-intensive process that typically takes over a year and $10 million. The benefits of ERP include increased integration, efficiency, accuracy and cost reduction, while the challenges include time needed for implementation and ongoing security issues.
Présentation synthétique de SAP Extended Warehouse Management (SAP EWM. SAP EWM est la solution de gestion de centre de distribution de SAP. SAP EWM permet de répondre efficacement aux enjeux des entrepôts et centres de distribution complexes grâce à sa richesse fonctionnelle.
Webinar: Transforming Warehouse Operations with SAP EWMWise Men
Requirements for data volume, performance and process flexibility made a new architecture necessary
Extends the basic concept of Transfer Orders to enable process flexibility – moves away from just Managing Stocks to Controlling Processes
High risk to change existing architecture in a mature application (WM) with thousands of live customers
Follows on from the Decentralised SAP warehouse concept
Closing the Loop in Your Procure-to-Pay ProcessSAP Ariba
Without connecting invoice processing to the broader source-to-settle process, a P2P transformation project will have limited success. In this session, you will hear how you can implement a "closed-loop" P2P process that enforces invoices against catalogs, orders, and contracts; monitors supplier performance; and improves control over your spend.
SAP Extended Warehouse Management (SAP EWM) can be used to increase efficiency and accuracy for production processes. SAP EWM integrates warehouse management with production execution by facilitating the dynamic needs of production. It can leverage tools like radio frequency, conveyors, and barcodes. Key concepts include handling units, batch management, quality inspection, and stock management. The organizational structure and master data setup are critical for integrating SAP EWM with production order management and compliance.
Litle & Co. is a leading financial technology company that provides card payment processing solutions. They have processing centers in Massachusetts and Colorado and serve clients in industries like online retail, media, and bill payment. Litle recently launched Litle Vault, an integrated tokenization service that replaces card numbers with unique tokens to improve security and reduce PCI compliance scope for merchants. Tokenization benefits merchants by limiting data breaches and liability from stolen card numbers while still allowing transactions to be processed. Litle Vault generates tokens that preserve the card number format and can be used across multiple merchants to process payments securely.
This document proposes a decentralized KYC (Know Your Customer) system using blockchain and IPFS. The current centralized KYC systems have issues like single points of failure, data redundancy, and third party involvement. The proposed system stores user identity data like documents and photos in a distributed IPFS database for redundancy and security. It then stores the IPFS hash and username on an Ethereum blockchain to make the data immutable. This removes single points of failure and third party involvement. Testing showed the proposed system uses less gas, making it more cost efficient than alternatives without using IPFS for storage. The system provides the same functionality as traditional KYC systems in a decentralized manner with improved security, efficiency and trust.
Ramnath has over 9 years of experience in telecom CRM, billing and charging solutions. He currently works as a Principal Engineer at Quintiles Technologies where he is involved in implementing rating and billing systems using Oracle databases. He has expertise in requirement gathering, documentation, database design, and testing. Ramnath seeks a role that utilizes his experience in information technology and telecom domains.
Token has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement no 825268. The TOKEN project has developed an experimental ecosystem that simplifies the implementation and adoption of Blockchain and Decentralized technologies within Public Services via 4 use cases and a plug and play platform offering various blockchain services and components. The TOKEN platform can be used by any developer to build decentralized apps and services without needing to deploy their own infrastructure.
Blockchain and Internet of Things: Why a Perfect MatchFabio Antonelli
While blockchain gained a lot of interest particularly in the FinTech domain, it is in the IoT space that most of the advantages brought by blockchain could be exploited. In this talk you will see how blockchain can help in addressing some of the most challenging problems of IoT such as scalability, security, data privacy and why the decentralised nature of blockchain perfectly matches with the intrinsic distributed and decentralised nature of IoT.
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
This document discusses privacy and security considerations for financial institutions using cloud services. It begins with an introduction of the speaker, Ulf Mattsson, and his background working with standards bodies. The rest of the document discusses opportunities and challenges around analytics, machine learning, and complying with privacy laws in the cloud. It provides examples of how techniques like homomorphic encryption, differential privacy, and secure multi-party computation can be applied to use cases in areas like payments, risk assessment, and secondary data usage. The document concludes with a discussion of hybrid cloud environments and maintaining consistent security policies across on-premises and cloud platforms.
This document summarizes a presentation on API and data security. The agenda includes introductions of the speaker and organizers, an overview of API security threats and vulnerabilities, and demonstrations of OAuth, JWT, cryptography techniques for data encryption, and API security policies. The presentation covers best practices for API security such as enabling HTTPS, using OAuth and JWT for authentication, restricting payload sizes to prevent DDoS attacks, and applying API policies for rate limiting and threat protection. It also demonstrates client management and identity management use cases using OpenID Connect and SAML with Okta.
This document proposes a blockchain-based system for recording building permit data in Indonesia. It identifies problems with the current manual paper-based system such as lack of transparency, vulnerability to manipulation, and inefficiency. The proposed blockchain system would address these by providing an immutable, decentralized digital record of permits. The design identifies key assets, participants and transactions. It proposes implementing the system using the Hyperledger platform with Composer tools. Testing showed the blockchain network could process permit transactions within 30 seconds on average. The conclusion is that blockchain is capable of supporting an electronic building permit recording system by maintaining integrity and transparency of permit records.
Blockchain Based Electronic Ballot SystemIRJET Journal
This document proposes a blockchain-based electronic ballot system using Ethereum smart contracts. Key features include anonymity, transparency, immutability and end-to-end verifiability of votes. The system involves users, a server, hosts and the Ethereum blockchain. Users register and are assigned a public address. When voting, they sign a token with their private key and encrypt their candidate selection, which is stored on the blockchain. Election results can be viewed by decrypting votes using the smart contract's private key. The system aims to provide a secure online alternative to traditional paper ballots.
This presentation focuses on the Service Design Phase. There are seven processes in this phase: Service Catalog and Service Level Management, and Availability, Capacity, Continuity, and Security Management. For each process we will discuss the objectives, benefits, and, at a high level, the activities undertaken. Finally we will look at the inputs to Service Design and the outputs that can be expected from this phase.
Learning Objectives
The participants will be able to:
• Identify the key differences and similarities between ITILV2 & ITILV3
• Not only get a better understanding of the processes in the Service Design Phase of ITILV3 but also the underlying activities
• Define the inputs and outputs for this phase and how they relate to the full service life cycle
• Identify key action points after the presentation for their respective organizations
The document discusses setting up a business intelligence (BI) shared service at a large multinational bank with over 150 years of history. It describes the bank's current size and geographic presence, as well as the challenges with the previous BI approach that relied heavily on Excel. The shared service aims to standardize reporting through a centralized team that will deliver dashboards, canned reports, and empower self-service analytics using MicroStrategy. Key aspects of the shared service include the governance model, templates, and staffing structure to support the Center of Excellence.
IRJET- Probabilistic Stress Distribution in Thick Cylindrical Pipe using Fini...IRJET Journal
1) Blockchain is a distributed ledger technology that records transactions in a way that is secure, anonymous, and maintains data integrity without requiring a central authority.
2) While blockchain has potential applications beyond cryptocurrencies, it faces technical challenges including limited throughput, latency in transactions, scalability issues, and lack of skills that may limit widespread adoption.
3) The document discusses the background of blockchain and bitcoin, use cases for blockchain technology, and key challenges including throughput, latency, size and bandwidth limitations, security issues, wasted resources from mining, and lack of development skills.
BizDay: Digital Micro-Lending and Debt Crowd Funding Platform, JVenturesR3
This document discusses the growth of decentralized finance and digital assets in Thailand. It outlines key events from 2018-2019 that helped establish decentralized lending and investment opportunities in Thailand, including regulatory approvals and partnerships. The goal is to provide decentralized financial investment opportunities to those who are unbanked through peer-to-peer lending, debt crowdfunding, and tokenized assets that can be traded digitally on blockchain platforms. The system uses a decentralized digital lending platform powered by Corda that facilitates various types of loans and investments while complying with regulations.
Sample Request Order Tracking Functional Requirements Document V1Semon Wu
This document outlines the functional requirements for a material quotation system. It includes 3 sections: an introduction describing the purpose and scope of the system, general information on the technical environment, and functional requirements. The functional requirements section describes 5 key functions: 1) submitting sample requests, 2) generating request order forms, 3) assigning orders, 4) registering delivery notes, and 5) retrieving sample order information. It also includes sections on the system architecture and a business analysis.
Atos is a major European player in managed IT services, having executed the largest IT services merger in the last 5 years. It is recognized as a leader in several IT outsourcing fields and has a tier one global customer base. Atos emphasizes that 2014-2018 is a vital period for digital transformation and that those who do not embrace this change will struggle by 2020. The presentation outlines Atos' services and capabilities in supporting clients' digital transformations, including cloud services, security, business process redesign, and network virtualization use cases.
Secure ip payment networks what's available other than ssl - finalAlex Tan
GHL Systems’ NetMATRIX TLE uses symmetric key encryption and decryption which is more
suitable in an environment where processing power; memory and bandwidth are limited –
where up to 4 Billion unique keys per terminal application and also supports Unique Key Per
Transaction. Additionally, the NetMATRIX TLE uses Dynamic Key Derivation instead of Static
Keys for each transaction effectively preventing Terminal Cloning and reducing Key
Management issues. It further provides a Remote Key Injection (RKI) utility to ease the
deployment of Keys into terminals, remotely.
Bank Indonesia Regulation 9/15/2007 IT Risk ManagementAnjar Priandoyo
This document discusses why Bank Indonesia (BI) is a very powerful institution in Indonesia. It provides several key points:
1. BI has very effective monitoring of banks in Indonesia and would fine banks for late or inaccurate reports. It must approve all new banking technology products.
2. BI regulations cover all aspects of bank operations through various regulations (PBIs) and circular letters. Major PBIs include those on IT risk management, electronic banking, payment cards, internal auditing standards, and corporate governance.
3. PBI 9/15/2007 on IT risk management has become a de facto standard that many non-bank companies follow due to the importance of secure financial technology in Indonesia. IT audits are
Similar to Tokenisation and format preserving encryption, (20)
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
"Scaling RAG Applications to serve millions of users", Kevin GoedeckeFwdays
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
From Natural Language to Structured Solr Queries using LLMsSease
This talk draws on experimentation to enable AI applications with Solr. One important use case is to use AI for better accessibility and discoverability of the data: while User eXperience techniques, lexical search improvements, and data harmonization can take organizations to a good level of accessibility, a structural (or “cognitive” gap) remains between the data user needs and the data producer constraints.
That is where AI – and most importantly, Natural Language Processing and Large Language Model techniques – could make a difference. This natural language, conversational engine could facilitate access and usage of the data leveraging the semantics of any data source.
The objective of the presentation is to propose a technical approach and a way forward to achieve this goal.
The key concept is to enable users to express their search queries in natural language, which the LLM then enriches, interprets, and translates into structured queries based on the Solr index’s metadata.
This approach leverages the LLM’s ability to understand the nuances of natural language and the structure of documents within Apache Solr.
The LLM acts as an intermediary agent, offering a transparent experience to users automatically and potentially uncovering relevant documents that conventional search methods might overlook. The presentation will include the results of this experimental work, lessons learned, best practices, and the scope of future work that should improve the approach and make it production-ready.
What is an RPA CoE? Session 2 – CoE RolesDianaGray10
In this session, we will review the players involved in the CoE and how each role impacts opportunities.
Topics covered:
• What roles are essential?
• What place in the automation journey does each role play?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
"NATO Hackathon Winner: AI-Powered Drug Search", Taras KlobaFwdays
This is a session that details how PostgreSQL's features and Azure AI Services can be effectively used to significantly enhance the search functionality in any application.
In this session, we'll share insights on how we used PostgreSQL to facilitate precise searches across multiple fields in our mobile application. The techniques include using LIKE and ILIKE operators and integrating a trigram-based search to handle potential misspellings, thereby increasing the search accuracy.
We'll also discuss how the azure_ai extension on PostgreSQL databases in Azure and Azure AI Services were utilized to create vectors from user input, a feature beneficial when users wish to find specific items based on text prompts. While our application's case study involves a drug search, the techniques and principles shared in this session can be adapted to improve search functionality in a wide range of applications. Join us to learn how PostgreSQL and Azure AI can be harnessed to enhance your application's search capability.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
2. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Summary
2
What is Tokenization in two words
Definition & Functionalities
Use cases
How does it work ?
Random Token System
Format Preserving Encryption
Conclusion
3. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
What is tokenization in two words [DEFINITION]
▶ Definition
– Tokenization is a process of replacing sensitive data by non sensitive ones
(tokens) with respect of the following properties:
• Tokens bears enough information to be useful (e.g. The entity manipuling
token can accomplish transaction as it was the sensitive data).
• Tokens does not compromise security
– Tokenization system tries to minimize the integration impact on existing
infrastructure
▶ Who offer such service
3
4. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
What is tokenization in two words [FUNCTIONALITIES]
▶ Function description of a Tokenization system
– Conversion (Convert sensitive data into a token and vice versa)
– Conversion policy (Format definition, Mode of operation)
– Communication Canal : Authentication, Integrity, Confidentiality
4
Tokenization
System
External
System
5. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
What is tokenization in two words [USE-CASES]
▶ Focusing on payment (but not limited to)
– Context :
• Sensitive data : PAN,…
• PCI compliancy
– Use cases
• MOTO
• Face2Face
5
CardHolder
AcquirerIssuer
Acceptor
6. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
What is tokenization in two words [USE-CASES]
▶ Focusing on payment (but not limited to)
– Context :
• Sensitive data : PAN,…
• PCI compliancy
– Use cases
• MOTO
• Proximity payment
6
CardHolder
AcquirerIssuer
Acceptor
E2E-Encryption
7. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
What is tokenization in two words [USE-CASES]
▶ Focusing on payment (but not limited to)
– Context :
• Sensitive data : PAN,…
• PCI compliancy
– Use cases
• MOTO
• Proximity payment
7
CardHolder
AcquirerIssuer
Acceptor
Secure MOTO
8. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
What is tokenization in two words [USE-CASES]
▶ Focusing on payment (but not limited to)
– Context :
• Sensitive data : PAN,…
• PCI compliancy
– Use cases
• MOTO
• Proximity payment
8
CardHolder
AcquirerIssuer
Acceptor
Process
transaction
9. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Summary
9
What is Tokenization in two words
Definition & Functionalities
Use cases
How does it work ?
Random Token System
Format Preserving Encryption
Conclusion
10. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Tokenization and Format Preserving Encryption: A Case Study
▶PCI-DSS(Payment Card Industry Data Security Standard) :
• Security requirements for entities processing cards data
(processing, transmission and storage)
▶Objectives:
• Reduce PCI evaluation perimeter
• Choose a suitable algorithm that tokenize a PAN
▶Constraints:
• The algorithm must be collision free
• In a certain mode the algorithm must be “not reversible”
• In certain mode the algorithm must not takes secret parameters
10
How does it works ? [Objectives-Constraints]
11. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
How does it works [RandomToken]
▶ Random Token
– Card data are
• ciphered (classic algorithms)
• stored in a database
– System generate an associated token
• Format respect
• Checks for no Collision
11
Tokenization and Format Preserving Encryption: A Case Study
12. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Summary
12
What is Tokenization in two words
Definition & Functionalities
Use cases
How does it work ?
Random Token System
Format Preserving Encryption
Conclusion
13. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
▶ FPE : Format Preserving Encryption.
▶ Introduced by Brightwell [BS97]
o Encryption scheme with
o format preserving property
▶ Format definition is a key point
– Follow PCI guidelines :
• you have to differentiate a Token from a PAN
▶ NIST is considering 3 FPE algorithms
▶ Applications :
• Security Social Number
• Credit Card Number
13
How does it works [FPE based tokenization]
Tokenization and Format Preserving Encryption: A Case Study
First introduction of Format Preserving
Encryption [BS97]
14. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
▶ NIST is considering 3 FPE algorithms
• FFX [FFX10]
• BPS [BPS10]
• FCEM [FCEM10]
14
How does it works [FPE based tokenization]
Tokenization and Format Preserving Encryption: A Case Study
FFX BPS
FCEM
15. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
15
▶ Feistel
o Inventé par Horst Feistel .
o Round notion
o Input are split in 2
o F : cipher function
o Secret key K
o Key Derivation algorithm
o During a round
Ai+1 = Bi
Bi+1 = Ai Fki(Bi)
o Example
DES : 16 tours.
+
How does it works [Cryptographic-Approach]
Tokenization and Format Preserving Encryption: A Case Study
16. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Feature FFX BPS FCEM
Feistel based Yes Yes No
#Rounds 12 8 2
Cipher function AES AES/TDES/SHA AES
#Function is used 12 8 8
Reversibility Yes Yes Yes
Tweak Yes Yes No
16
How does it works [Cryptographic-Approach]
Tokenization and Format Preserving Encryption: A Case Study
▶ Cryptographic notions
– Tweak Notion : Add variability in cryptographic schemes
– Patarin attack : Differentiate ciphertext from random string
17. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Feature Random Token FPE
Multi Site Difficult Medium
Key deployment Medium Hard
Format preserving Easy Easy
Performance Low Fast
Token/Data link No (except in DB) Algorithm
17
Tokenization and Format Preserving Encryption: A Case Study
How does it works [Analysis]
18. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Summary
18
What is Tokenization in two words
Definition & Functionalities
Use cases
How does it work ?
Random Token System
Format Preserving Encryption
Conclusion
19. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
Conclusion [VISION]
▶ Which choice ?
19
CardHolder
AcquirerIssuer
Acceptor
Secure MOTO
Process
transaction
FPE
RTS
E2E-Encryption
FPE FPE
Tokenization and Format Preserving Encryption: A Case Study
20. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
▶ Tokenization in payment context
It allows the reduction of PCI audit perimeter in a payment application
Waiting for NIST approval.
▶ Depending on use case:
Random Tokenization:
In case of internal processing
FPE based Tokenzaton
In case of multi site,
In case of multi-party protocols
20
Tokenization and Format Preserving Encryption: A Case Study
Conclusion []
22. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
22
BPS
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
23. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
23
▶ BPS :
▶ Autor: Brier E, Peyrin T & Stern J.
▶ Published in 2010.
▶ BPS : "a Format Preserving Encryption
Proposal ".
▶ Features:
• 8 round.
• Tweak of 64 bits split in 2 sub tweak
o TL et TR
• F : AES or one way function.
• K : secret key
• reversible.
• Patarin resistant.
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
24. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
▶
24
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
25. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
25
FFX
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
26. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
▶ FFX :
▶ Autors : Bellare M, Rogaway P & Spies T.
▶ Published in 2009 and 2010.
▶ FFX : "Format Preserving Feistel-based Encryption"
▶ Features:
• 12 round,
• 64 bits tweak,
• FK : AES-128 or one-way function
• K : secret key
• reversible
26
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
27. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
27
27
FCEM
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
28. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
28
▶ Autor :Ulf T Matsson.
▶ Published in 2009.
▶ FCEM : "Format Controlling Encryption Mode".
▶ Features:
• 8 steps
o Index Value Data
o Encryption of Left
o Encryption of Right
o Scrambled
o Rippled Left to Right
o Rippled Right to Left
o Encryption and Update
o The last transformation
• F : AES-128
• K : secret key
• reversible
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
29. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
▶ Index Value data :
• Rewriting input as hexa values.
• Example:
o X : 1122334455667788
o Index Value data : 01010202030304040505060607070808
▶ Encryption of Left :
• left part encryption
• Example :
o Index Value data : 01010202030304040505060607070808
o Sortie de FK: 00C01F49D0C2C050188D8FDFADCDF846
o RightUpdate : 0507070905010008
▶ Encryption of Right :
• Same idea
• We get LeftUpdate : 0101080503060303
29
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
30. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
30
▶ Scrambled :
• Concat LeftUpdate and RightUpdate .
• Example:
o CipherScrambled : 01010805030603030507070905010008
▶ RippledLeftToRight :
• Scrambled modifying by :
o CipherScrambled : 01010805030603030507070905010008
o 01 ⊕ 01 = (0 × 16) + 1 + (0 × 16) + 1 = 02 ≡ 02 (mod10).
o RippledLeftToRight = 0102
o RippledLeftToRight = 01020005080407000503090803040402
▶ RippledRightToLeft :
• Same idea
• RippledLeftToRight = 04030101060804070702000103000602
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study
31. | 08-09-2011 | Cauchie stéphane
Carte & Identification 2011
31
31
▶ Encryption and Modular Sum :
• RippledLeftToRight : 04030101060804070702000103000602
Survey on FPE
Tokenization and Format Preserving Encryption: A Case Study