Member Login

E-mail:    Password:  




 TitleDate AddedCompany
whitepaper Digital Signatures for Insurance Applications2009-01-13 ARX
  Insurance organizations and agents know that today's process for reviewing, approving, and archiving paper-based insurance documentation consumes a tremendous amount of time and money. As such, insurance companies are moving away from traditional, time-consuming paper processes and searching for new and innovative technologies to improve efficiencies. As a result, electronic documents are increasingly used in multiple phases of the business process, from policy submission to inner-office documentation.

Tags: Authentication - Encryption
  
whitepaper Digital Signature System - Ten Tips for Selecting the Best Electronic Signature Solution2009-01-01 ARX
  As the traditional "Paper-based" world gives way to digital documentation and transactions, enterprises are demanding innovative solutions for digitally signing and authenticating such documents, files, and forms with iron-clad protection against forgery. Solutions must guarantee non-repudiation and promise the same level of security and trust that exists with conventional documentation. At the same time, such a solution should be simple to use, easy to deploy and offer a rapid Return on Investment (ROI). With the rise of global digital businesses, transactions and documents may need to be signed by many people in different parts of the world. Users should be able to sign documents directly from their desktop or via a zero technology footprint using any web browser.

Tags: Authentication - Encryption
  
whitepaper Enterprise Portal Rationalization: Using a Service-Oriented Architecture to Stop Web Asset Sprawl2009-01-01 Oracle
  Many IT organizations today are struggling under the burden of Web sprawl. Disparate ebusiness initiatives, mergers and acquisitions, and a rapidly consolidating software industry have combined to create complex and heterogeneous Web environments that are enormously costly to manage. Too much time and effort are spent maintaining and upgrading disparate sites and architectures, while too little is invested in new initiatives. Security and user management is inefficient, and often must be re-architected for each new application. New projects end up requiring duplicative development, as heterogeneity prevents re-use or requires extensive custom integration of existing systems. What few new assets do manage to get developed end up undersubscribed, as users find themselves overwhelmed by a vast number of sites, portals, and services. Bogged down in the sprawl, many IT managers find it impossible to get a panoptic view of what is going on in the business, and struggle to meet the ever-more-quickly evolving needs of customers, partners, and employees.

Tags: Internet and Web, Authentication - Encryption, E-commerce - E-Business, IT Infrastructure
  
whitepaper Exploiting Weaknesses in the MD5 Hash Algorithm to Subvert Security on the Web2009-01-01 Entrust
  A group of renowned researchers has published some of the details of their exploitation of a vulnerability in the MD5 hash algorithm. The advance they describe would allow an attacker to create fraudulent Web-site certificates with which they could launch a phishing or man-in-the-middle attack on an eCommerce, eBanking or eGovernment Web-site, resulting in identity theft and/or financial loss for the site's users. This advance has been anticipated for some time. And, it confirms, once and for all, that MD5 is no longer secure for use in signature applications, such as SSL certificates. Platform suppliers may, in the near future, eliminate the MD5 algorithm from their cryptographic suites, thereby causing site certificates that use MD5 to fail.

Tags: Security Administration, Authentication - Encryption
  
whitepaper Quantum Computing and Cryptography: Their Impact on Cryptographic Practice2009-01-01 Entrust
  Quantum cryptography may find application in certain specific applications. For example, in securing metropolitan area data links. However, the constraints upon its use do not make it a practical solution for many popular applications of cryptography at this time. If research into quantum routers and quantum digital signatures bears fruit, though, this situation might change. It will likely be at least five to 10 years before quantum cryptography can address these limitations. Even then, it is not clear that the marginal improvement in security will justify the cost. Quantum computing (if it were to become practical on a large scale) will cause some reengineering of current cryptographic systems. Symmetric ciphers will be weakened.

Tags: Authentication - Encryption, Mobile and Wireless
  
whitepaper Compliance With EU Electronic Signature Regulations in Microsoft BizTalk Server Environment2009-01-01 EldoS
  All the software targeted at electronic commerce enterprises, both in Europe and elsewhere, will have to take into account local and unionwide laws and regulations regarding electronic document formats, signatures, authentication, and validation. This white paper suggests ways to make the enterprise IT infrastructure based on Microsoft BizTalk Server compliant with laws of European Union. Here the author gives snapshots of unionwide legislation, and, as an example, national French, German, and Spanish laws related to electronic signatures and e-commerce.

Tags: Security Administration, Authentication - Encryption
  
whitepaper PCI DSS Compliance in the UNIX/Linux Datacenter2009-01-01 Symark Software
  This paper discusses how creating a secure access control infrastructure in heterogeneous UNIX/Linux environments supports PCI DSS compliance. Symark Software's PowerBroker controls access to systems and cardholder data, creates comprehensive logs and audit trails, and has an Entitlement Report that shows auditors that you have created a baseline to assess accountability. Various tables show how PowerBroker's functionality maps to the Payment Card Industry Data Security Standard (PCI DSS).

Tags: Authentication - Encryption, Security Administration, Security Administration, Intrusion - Tampering, Server Platforms - OS, Data Tools, Server Platforms - OS
  
whitepaper Safelayer Case Study: Universitat Oberta de Catalunya2009-01-01 Safelayer
  The Universitat Oberta de Catalunya (UOC) is a higher level educational institution that is a pioneer in the intensive use of the Internet as a resource to create structure, share and disseminate knowledge. It needed to lay the foundations for the subsequent deployment of the technology in the remaining processes: it was essential to have a series of universal security functions that were the same for all current and future procedures. UOC decided to use Safelayer's TrustedX platform to make the process of hiring teaching staff more efficient, eliminating the need for paper thanks to the electronic signature.

Tags: Authentication - Encryption
  
whitepaper Digital Signature System - Ten Tips for Selecting the Best Digital Signature Solution2009-01-01 ARX
  As the traditional "Paper-Based" world gives way to digital documentation and transactions, enterprises are demanding innovative solutions for digitally signing and authenticating such documents, files, and forms with iron-clad protection against forgery. Solutions must guarantee non-repudiation and promise the same level of security and trust that exists with conventional documentation. At the same time, such a solution should be simple to use, easy to deploy and offer a rapid Return on Investment (ROI). With the rise of global digital businesses, transactions and documents may need to be signed by many people in different parts of the world. Users should be able to sign documents directly from their desktop or via a zero technology footprint using any web browser.

Tags: Authentication - Encryption
  
whitepaper Password Interception in a SSL/TLS Channel2009-01-01 Ecole Polytechnique Federale de Lausanne
  Simple password authentication is often used e.g. from an email software application to a remote IMAP server. This is frequently done in a protected peer-to-peer tunnel, e.g. by SSL/TLS. At Eurocrypt'02, Vaudenay presented vulnerabilities in padding schemes used for block ciphers in CBC mode. He used a side channel, namely error information in the padding verification. This attack was not possible against SSL/TLS due to both unavailability of the side channel (errors are encrypted) and premature abortion of the session in case of errors. This paper extends the attack and optimizes it. The paper shows it is actually applicable against latest and most popular implementations of SSL/TLS (at the time this paper was written) for password interception.

Tags: Authentication - Encryption