Authentication - Encryption - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Digital Signatures for Insurance Applications 2009-01-13 ARX

Insurance organizations and agents know that today's process for reviewing, approving, and archiving paper-based insurance documentation consumes a tremendous amount of time and money. As such, insurance companies are moving away from traditional, time-consuming paper processes and searching for new and innovative technologies to improve efficiencies. As a result, electronic documents are increasingly used in multiple phases of the business process, from policy submission to inner-office documentation.

Tags: Authentication - Encryption

Digital Signature System - Ten Tips for Selecting the Best Electronic Signature Solution 2009-01-01 ARX

As the traditional "Paper-based" world gives way to digital documentation and transactions, enterprises are demanding innovative solutions for digitally signing and authenticating such documents, files, and forms with iron-clad protection against forgery. Solutions must guarantee non-repudiation and promise the same level of security and trust that exists with conventional documentation. At the same time, such a solution should be simple to use, easy to deploy and offer a rapid Return on Investment (ROI). With the rise of global digital businesses, transactions and documents may need to be signed by many people in different parts of the world. Users should be able to sign documents directly from their desktop or via a zero technology footprint using any web browser.

Tags: Authentication - Encryption

Enterprise Portal Rationalization: Using a Service-Oriented Architecture to Stop Web Asset Sprawl 2009-01-01 Oracle

Many IT organizations today are struggling under the burden of Web sprawl. Disparate ebusiness initiatives, mergers and acquisitions, and a rapidly consolidating software industry have combined to create complex and heterogeneous Web environments that are enormously costly to manage. Too much time and effort are spent maintaining and upgrading disparate sites and architectures, while too little is invested in new initiatives. Security and user management is inefficient, and often must be re-architected for each new application. New projects end up requiring duplicative development, as heterogeneity prevents re-use or requires extensive custom integration of existing systems. What few new assets do manage to get developed end up undersubscribed, as users find themselves overwhelmed by a vast number of sites, portals, and services. Bogged down in the sprawl, many IT managers find it impossible to get a panoptic view of what is going on in the business, and struggle to meet the ever-more-quickly evolving needs of customers, partners, and employees.

Tags: Internet and Web, Authentication - Encryption, E-commerce - E-Business, IT Infrastructure

Exploiting Weaknesses in the MD5 Hash Algorithm to Subvert Security on the Web 2009-01-01 Entrust

A group of renowned researchers has published some of the details of their exploitation of a vulnerability in the MD5 hash algorithm. The advance they describe would allow an attacker to create fraudulent Web-site certificates with which they could launch a phishing or man-in-the-middle attack on an eCommerce, eBanking or eGovernment Web-site, resulting in identity theft and/or financial loss for the site's users. This advance has been anticipated for some time. And, it confirms, once and for all, that MD5 is no longer secure for use in signature applications, such as SSL certificates. Platform suppliers may, in the near future, eliminate the MD5 algorithm from their cryptographic suites, thereby causing site certificates that use MD5 to fail.

Tags: Security Administration, Authentication - Encryption

Quantum Computing and Cryptography: Their Impact on Cryptographic Practice 2009-01-01 Entrust

Quantum cryptography may find application in certain specific applications. For example, in securing metropolitan area data links. However, the constraints upon its use do not make it a practical solution for many popular applications of cryptography at this time. If research into quantum routers and quantum digital signatures bears fruit, though, this situation might change. It will likely be at least five to 10 years before quantum cryptography can address these limitations. Even then, it is not clear that the marginal improvement in security will justify the cost. Quantum computing (if it were to become practical on a large scale) will cause some reengineering of current cryptographic systems. Symmetric ciphers will be weakened.

Tags: Authentication - Encryption, Mobile and Wireless

Compliance With EU Electronic Signature Regulations in Microsoft BizTalk Server Environment 2009-01-01 EldoS

All the software targeted at electronic commerce enterprises, both in Europe and elsewhere, will have to take into account local and unionwide laws and regulations regarding electronic document formats, signatures, authentication, and validation. This white paper suggests ways to make the enterprise IT infrastructure based on Microsoft BizTalk Server compliant with laws of European Union. Here the author gives snapshots of unionwide legislation, and, as an example, national French, German, and Spanish laws related to electronic signatures and e-commerce.

Tags: Security Administration, Authentication - Encryption

PCI DSS Compliance in the UNIX/Linux Datacenter 2009-01-01 Symark Software

This paper discusses how creating a secure access control infrastructure in heterogeneous UNIX/Linux environments supports PCI DSS compliance. Symark Software's PowerBroker controls access to systems and cardholder data, creates comprehensive logs and audit trails, and has an Entitlement Report that shows auditors that you have created a baseline to assess accountability. Various tables show how PowerBroker's functionality maps to the Payment Card Industry Data Security Standard (PCI DSS).

Tags: Authentication - Encryption, Security Administration, Security Administration, Intrusion - Tampering, Server Platforms - OS, Data Tools, Server Platforms - OS

Safelayer Case Study: Universitat Oberta de Catalunya 2009-01-01 Safelayer

The Universitat Oberta de Catalunya (UOC) is a higher level educational institution that is a pioneer in the intensive use of the Internet as a resource to create structure, share and disseminate knowledge. It needed to lay the foundations for the subsequent deployment of the technology in the remaining processes: it was essential to have a series of universal security functions that were the same for all current and future procedures. UOC decided to use Safelayer's TrustedX platform to make the process of hiring teaching staff more efficient, eliminating the need for paper thanks to the electronic signature.

Tags: Authentication - Encryption

Digital Signature System - Ten Tips for Selecting the Best Digital Signature Solution 2009-01-01 ARX

As the traditional "Paper-Based" world gives way to digital documentation and transactions, enterprises are demanding innovative solutions for digitally signing and authenticating such documents, files, and forms with iron-clad protection against forgery. Solutions must guarantee non-repudiation and promise the same level of security and trust that exists with conventional documentation. At the same time, such a solution should be simple to use, easy to deploy and offer a rapid Return on Investment (ROI). With the rise of global digital businesses, transactions and documents may need to be signed by many people in different parts of the world. Users should be able to sign documents directly from their desktop or via a zero technology footprint using any web browser.

Tags: Authentication - Encryption

Password Interception in a SSL/TLS Channel 2009-01-01 Ecole Polytechnique Federale de Lausanne

Simple password authentication is often used e.g. from an email software application to a remote IMAP server. This is frequently done in a protected peer-to-peer tunnel, e.g. by SSL/TLS. At Eurocrypt'02, Vaudenay presented vulnerabilities in padding schemes used for block ciphers in CBC mode. He used a side channel, namely error information in the padding verification. This attack was not possible against SSL/TLS due to both unavailability of the side channel (errors are encrypted) and premature abortion of the session in case of errors. This paper extends the attack and optimizes it. The paper shows it is actually applicable against latest and most popular implementations of SSL/TLS (at the time this paper was written) for password interception.

Tags: Authentication - Encryption

Jump to 1 2 3 4 5 6 7 8 9 [10]

Title	Date Added	Company
Digital Signatures for Insurance Applications	2009-01-13	ARX
Insurance organizations and agents know that today's process for reviewing, approving, and archiving paper-based insurance documentation consumes a tremendous amount of time and money. As such, insurance companies are moving away from traditional, time-consuming paper processes and searching for new and innovative technologies to improve efficiencies. As a result, electronic documents are increasingly used in multiple phases of the business process, from policy submission to inner-office documentation. Tags: Authentication - Encryption
Digital Signature System - Ten Tips for Selecting the Best Electronic Signature Solution	2009-01-01	ARX
As the traditional "Paper-based" world gives way to digital documentation and transactions, enterprises are demanding innovative solutions for digitally signing and authenticating such documents, files, and forms with iron-clad protection against forgery. Solutions must guarantee non-repudiation and promise the same level of security and trust that exists with conventional documentation. At the same time, such a solution should be simple to use, easy to deploy and offer a rapid Return on Investment (ROI). With the rise of global digital businesses, transactions and documents may need to be signed by many people in different parts of the world. Users should be able to sign documents directly from their desktop or via a zero technology footprint using any web browser. Tags: Authentication - Encryption
Enterprise Portal Rationalization: Using a Service-Oriented Architecture to Stop Web Asset Sprawl	2009-01-01	Oracle
Many IT organizations today are struggling under the burden of Web sprawl. Disparate ebusiness initiatives, mergers and acquisitions, and a rapidly consolidating software industry have combined to create complex and heterogeneous Web environments that are enormously costly to manage. Too much time and effort are spent maintaining and upgrading disparate sites and architectures, while too little is invested in new initiatives. Security and user management is inefficient, and often must be re-architected for each new application. New projects end up requiring duplicative development, as heterogeneity prevents re-use or requires extensive custom integration of existing systems. What few new assets do manage to get developed end up undersubscribed, as users find themselves overwhelmed by a vast number of sites, portals, and services. Bogged down in the sprawl, many IT managers find it impossible to get a panoptic view of what is going on in the business, and struggle to meet the ever-more-quickly evolving needs of customers, partners, and employees. Tags: Internet and Web, Authentication - Encryption, E-commerce - E-Business, IT Infrastructure
Exploiting Weaknesses in the MD5 Hash Algorithm to Subvert Security on the Web	2009-01-01	Entrust
A group of renowned researchers has published some of the details of their exploitation of a vulnerability in the MD5 hash algorithm. The advance they describe would allow an attacker to create fraudulent Web-site certificates with which they could launch a phishing or man-in-the-middle attack on an eCommerce, eBanking or eGovernment Web-site, resulting in identity theft and/or financial loss for the site's users. This advance has been anticipated for some time. And, it confirms, once and for all, that MD5 is no longer secure for use in signature applications, such as SSL certificates. Platform suppliers may, in the near future, eliminate the MD5 algorithm from their cryptographic suites, thereby causing site certificates that use MD5 to fail. Tags: Security Administration, Authentication - Encryption
Quantum Computing and Cryptography: Their Impact on Cryptographic Practice	2009-01-01	Entrust
Quantum cryptography may find application in certain specific applications. For example, in securing metropolitan area data links. However, the constraints upon its use do not make it a practical solution for many popular applications of cryptography at this time. If research into quantum routers and quantum digital signatures bears fruit, though, this situation might change. It will likely be at least five to 10 years before quantum cryptography can address these limitations. Even then, it is not clear that the marginal improvement in security will justify the cost. Quantum computing (if it were to become practical on a large scale) will cause some reengineering of current cryptographic systems. Symmetric ciphers will be weakened. Tags: Authentication - Encryption, Mobile and Wireless
Compliance With EU Electronic Signature Regulations in Microsoft BizTalk Server Environment	2009-01-01	EldoS
All the software targeted at electronic commerce enterprises, both in Europe and elsewhere, will have to take into account local and unionwide laws and regulations regarding electronic document formats, signatures, authentication, and validation. This white paper suggests ways to make the enterprise IT infrastructure based on Microsoft BizTalk Server compliant with laws of European Union. Here the author gives snapshots of unionwide legislation, and, as an example, national French, German, and Spanish laws related to electronic signatures and e-commerce. Tags: Security Administration, Authentication - Encryption
PCI DSS Compliance in the UNIX/Linux Datacenter	2009-01-01	Symark Software
This paper discusses how creating a secure access control infrastructure in heterogeneous UNIX/Linux environments supports PCI DSS compliance. Symark Software's PowerBroker controls access to systems and cardholder data, creates comprehensive logs and audit trails, and has an Entitlement Report that shows auditors that you have created a baseline to assess accountability. Various tables show how PowerBroker's functionality maps to the Payment Card Industry Data Security Standard (PCI DSS). Tags: Authentication - Encryption, Security Administration, Security Administration, Intrusion - Tampering, Server Platforms - OS, Data Tools, Server Platforms - OS
Safelayer Case Study: Universitat Oberta de Catalunya	2009-01-01	Safelayer
The Universitat Oberta de Catalunya (UOC) is a higher level educational institution that is a pioneer in the intensive use of the Internet as a resource to create structure, share and disseminate knowledge. It needed to lay the foundations for the subsequent deployment of the technology in the remaining processes: it was essential to have a series of universal security functions that were the same for all current and future procedures. UOC decided to use Safelayer's TrustedX platform to make the process of hiring teaching staff more efficient, eliminating the need for paper thanks to the electronic signature. Tags: Authentication - Encryption
Digital Signature System - Ten Tips for Selecting the Best Digital Signature Solution	2009-01-01	ARX
As the traditional "Paper-Based" world gives way to digital documentation and transactions, enterprises are demanding innovative solutions for digitally signing and authenticating such documents, files, and forms with iron-clad protection against forgery. Solutions must guarantee non-repudiation and promise the same level of security and trust that exists with conventional documentation. At the same time, such a solution should be simple to use, easy to deploy and offer a rapid Return on Investment (ROI). With the rise of global digital businesses, transactions and documents may need to be signed by many people in different parts of the world. Users should be able to sign documents directly from their desktop or via a zero technology footprint using any web browser. Tags: Authentication - Encryption
Password Interception in a SSL/TLS Channel	2009-01-01	Ecole Polytechnique Federale de Lausanne
Simple password authentication is often used e.g. from an email software application to a remote IMAP server. This is frequently done in a protected peer-to-peer tunnel, e.g. by SSL/TLS. At Eurocrypt'02, Vaudenay presented vulnerabilities in padding schemes used for block ciphers in CBC mode. He used a side channel, namely error information in the padding verification. This attack was not possible against SSL/TLS due to both unavailability of the side channel (errors are encrypted) and premature abortion of the session in case of errors. This paper extends the attack and optimizes it. The paper shows it is actually applicable against latest and most popular implementations of SSL/TLS (at the time this paper was written) for password interception. Tags: Authentication - Encryption

Cutting-edge technology from premium sponsors

Adaptive Threat Management
High Performance Security for your Distributed Enterprise

Achieve lower TCO, agility, risk mitigation, compliance, and productivity

Webcast series: Cybercrime is a growth industry - is your organisation prepared?
More resources to optimize the security of your enterprise »

Brought to you by:

More Tech Showcases:

Hitachi Eco-Products
Juniper Networks

IDC's Powering the Enterprise Cloud Event 2009

12 Nov - 17 Dec 2009

Grand Copthorne Waterfront Hotel, Singapore

Cloud Computing Summit 2009

9 Dec 2009

Hong Kong Convention and Exhibition Center

4th Annual GovTech 2010

27 - 28 Jan 2010

Amara Hotel, Singapore

ZDNet Asia Top Tech 50 Index

AT&T

Asustek

Canon

Convergys

Ericsson

Hewlett-Packard

Infosys

LogicaCMG

NTT

Samsung

SingTel Group

Toshiba

Xerox

Accenture

Atos Origin

Capgemini

Dell

France Telecom

Hitachi

Intel

Microsoft

Nokia

Satyam Computer Services

Sony

Verizon Communications

ZTE

Alcatel-Lucent

British Telecom

China Mobile

Deutsche Telekom

Fujitsu

Huawei Technologies

LG Electronics

Motorola

Oracle

Seagate Technology

Sun Microsystems

Western Digital

Apple

CSC

Cisco Systems

EMC

Google

IBM

Lenovo Group

NEC

SAP

Siemens IT Solutions & Services

Tata Consultancy Services

Wipro

ZDNet Asia's Top Tech Index will be next updated in 2010.

The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products

The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power

Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.

Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.

Security Considerations for Cloud-Ready Data Centers - Download the whitepaper!
A network-centric approach to providing security in the data center delivers multiple benefits

IT Salary & Skills Report 2009
Join activeTechPros for free access to the report

More from CBS Interactive

CBS Interactive Inc Sites

About ZDNet Asia |

About CBS Interactive |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Security

Featured Whitepapers

Member Login

Adaptive Threat Management

ZDNet Asia Top Tech 50 Index