Security of Things Kelly Jagers op Akkerhuis

Slides:

Advertisements

Similar presentations

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Digital Signatures and Hash Functions. Digital Signatures.

Digital Rights Management © Knowledge Books & Software, 2012.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Principles of Information Security, 2nd edition1 Cryptography.

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Cryptography Basic (cont)

Chapter 5 Cryptography Protecting principals communication in systems.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Secure Software Updates via Integrity Protection Marcellus Buchheit President and CEO IoT Show North America, Chicago IL April 16, 2015 Page.

Public Key Infrastructure Ammar Hasayen ….

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Introduction to HASP ® Software DRM Solutions, Products, Benefits All Rights Reserved © Aladdin Knowledge Systems.

Windows Vista: Volume Activation 2.0

© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Sinaia, Romania August, TH Workshop “Software Engineering Education and Reverse Engineering” Dhuratë Hyseni, Betim Çiço South East European University.

©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science.

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Virtual Private Network (VPN). ©2001 Check Point Software Technologies Ltd. - Proprietary & Confidential “ If saving money is wrong, I don’t want.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.

ECE509 Cyber Security : Concept, Theory, and Practice Cryptography Spring 2014.

Chapter 8: Scrambling Through Cryptography Security+ Guide to Network Security Fundamentals Second Edition.

1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Copyright © 2012 Axceleon Intellectual Property All rights reserved HPC User Forum, Dearborn MI. Our Focus: Enable HPC solutions in the Cloud for our Customer.

Virtual Private Network (VPN) Topics Discussion What is a VPN? What is a VPN?  Types of VPN  Why we use VPN?  Disadvantage of VPN  Types of.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.

PAPER PRESENTATION ON NETWORK SECURITY ISSUES BY M.D SAMEER YASMEEN SULTHANA.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Symmetric Cryptography, Asymmetric Cryptography, and Digital Signatures.

| © 2007 Lenovo Utimaco SafeGuard Easy March 2007.

Cryptography Chapter 7 Part 3 Pages 812 to 833. Symmetric Cryptography Security Services – Only confidentiality, not authentication or non- repudiation.

Public Key Encryption.

Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman

Potential vulnerabilities of IPsec-based VPN

Azam Supervisor : Prof. Raj Jain

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

1 The e-Logistics of Securing Distributed Medical Data Andrew M. Snyder Alfred C. Weaver.

©2001 Check Point Software Technologies Ltd. - Proprietary & Confidential outline What is a VPN? What is a VPN?  Types of VPN.

Network Security Celia Li Computer Science and Engineering York University.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Cryptography Deffie hellman. organization Foundations Symmetric key Symmetric key weaknesses Assymmetric key Deffie hellman – key exchange RSA – public.

Security Issues in Information Technology

Hardware security: The use of a Trusted Platform Module

Security and Encryption

Hardware Cryptographic Coprocessor

OPERATING SYSTEMS CS 3502 Fall 2017

FICEER 2017 Docker as a Solution for Data Confidentiality Issues in Learning Management System.

IS3230 Access Security Unit 9 PKI and Encryption

CSE 484 Midterm Review “1st half of the quarter in 5 slides”

Designed for powerful live monitoring of larger installations

Presentation transcript:

Security of Things Kelly Jagers op Akkerhuis kelly.jagers@wibu-systems.nl Wibu-Systems sssss

Headquarters in Germany (Karlsruhe) Wibu-Systems Founded in 1989 Headquarters in Germany (Karlsruhe) Focus on Protection, Licensing and Security Top 2 in hardware based protection Top 3 in software licensing sssss

Internet of Things CODE_n15_internet_of_things_infographic

Scalable and flexible Advantages of the IoT Reducing costs  Efficient, flexible, safe Improve patient safety Share resources and knowledge Effective and proactive maintenance

Sharing knowledge Reverse engineering unauthorized use Manipulation Risks 4.0 Sharing knowledge Reverse engineering unauthorized use Manipulation

Internet of Medical Things Patient Safety Privacy Interoperability Security

More and more medical systems are cross-linked Current situation More and more medical systems are cross-linked 50 billion “Things” connnected by 2020 New attack vectors for Cyber Physical Systems (CPS) IoT = Mobile Phone, PLC, IP-CAM, etc…, every system with small processor linked to Internet (Wifi / Ethernet) CPS = networked embedded systems sssss

Challenges Piracy Reduction Know how Protection Production Data Features on Demand Access Control Integrity Protection

Safely stored in a License Security of Things 4.0 Encryption of IP Secure bootloader Safely stored in a License www.globalprivacyblog.com

Encryption I Feature Code Release Date Firm Code Product Code Feature Map Maintenance Period SHA 256 AES Black Key 128 bit Firm Key Encryption Code Enc. Code Options

Symmetric Encryption –> standard Encryption II Symmetric Encryption –> standard 128-Bit AES (Advanced Encryption Standard) Used for encryption of executable code and data Asymmetric Encryption –> more advanced and sophisticated 224-Bit ECC (Elliptic Curve Cryptography) 2048-Bit RSA (Rivest Shamir Adleman) Used for Signatures and Authentication (Certificates) Required today for security in Cloud, SaaS, Server, Desktop, PLC, Embedded & IoT

Integrity Protection starts at boot Integration into boot loader Secure Boot Integrity Protection starts at boot Integration into boot loader Signature and encryption of complete operating system Forward check and backward check (state engine) of integrity Anchor of Trust sssss

Secure Boot Loader Application / Runtime / PLC Check Check Load Start Operating System (Windows, Linux, …) Check Check Load Start Boot Loader (UEFI, U-Boot, …) Check Check Load Start Hardware / Pre-Boot Loader

Safely stored in a License Different solutions for different cases sssss

Sirona: CAD/CAM dental solutions CodeMeter Dongles for licensing Activate machine features Distribute production rights (only original composites can be used) AxProtector for: Protection of Intellectual Property Prevention of Reverse Engineering Integrity Protection to avoid manipulation

Agfa-Healthcare: NX for Digital Radiography Tool for technologist Image Identification Radiography workflow & Quality Control Different protection schemes WibuBox for licensing of features AxProtector for: IP Protection Integrity check Data Protection 16

More than 7000 Customers

Kelly Jagers op Akkerhuis kelly.jagers@wibu-systems.nl www.wibu.com Thank you Kelly Jagers op Akkerhuis kelly.jagers@wibu-systems.nl www.wibu.com sssss