Member Login

E-mail:    Password:  




 TitleDate AddedCompany
whitepaper SAVE MONEY, IMPROVE SECURITY, MEET SECURITY COMPLIANCE REQUIREMENTS AND INCREASE EFFICIENCY BY SWITCHING FROM FTP TO SFTP FOR LEGACY SYSTEMS FILE TRANSFER2009-04-01 Wick Hill Group
  Ian Kilpatrick, chairman Wick Hill Group, explains how switching from FTP to SFTP for legacy systems file transfer can save money, improve security, help meet compliance security requirements and increase efficiency.

Tags: Authentication - Encryption, Security Administration, Authentication - Encryption, Security Administration		   
whitepaper VeriSign Enables a Major Satellite Internet Service Provider to Further Promote Security and Affordability2009-02-18 Verisign
  WildBlue Communications, Inc. is an Internet service provider that delivers reliable broadband connection via satellite for people in remote and rural areas requiring high-speed Internet connectivity. The challenge was to enhance security and integrity by leveraging open standards-based X.509 PKI digital certificates for device authentication, the need to keep the cost of equipment and service attractive and affordable for rural subscribers and the operational requirement to restrict service registration by subscriber to WildBlue's network in the presence of other spatially overlapping networks. WildBlue deployed VeriSign Device Certificate Service.

Tags: Security Administration, Staff Training		   
whitepaper The Essentials Series: Code-Signing Certificates2009-01-15 Verisign
  Code Signing certificates can make your enterprise more secure, make your software more accepted, and even stop malware in its tracks. Learn about the many ways in which code-signing certificates are being used.

Tags: Authentication - Encryption, Authentication - Encryption, Software Development Tools, Authentication - Encryption, Internet and Web, Security Administration, Authentication - Encryption		   
whitepaper Exploiting Weaknesses in the MD5 Hash Algorithm to Subvert Security on the Web2009-01-01 Entrust
  A group of renowned researchers has published some of the details of their exploitation of a vulnerability in the MD5 hash algorithm. The advance they describe would allow an attacker to create fraudulent Web-site certificates with which they could launch a phishing or man-in-the-middle attack on an eCommerce, eBanking or eGovernment Web-site, resulting in identity theft and/or financial loss for the site's users. This advance has been anticipated for some time. And, it confirms, once and for all, that MD5 is no longer secure for use in signature applications, such as SSL certificates. Platform suppliers may, in the near future, eliminate the MD5 algorithm from their cryptographic suites, thereby causing site certificates that use MD5 to fail.

Tags: Security Administration, Authentication - Encryption		   
whitepaper Digital Signatures and the Hidden Costs of PKI2008-11-01 ARX
  The implementation of a digital signature (standard electronic signature) solution can expedite and secure business operations, reduce costs, advance business processes, and improve an organization's competitive advantage. However, if an organization implements an incompatible digital signature solution, it could end up costing thousands, if not hundreds of thousands of dollars more than necessary. Previous to delving into the various financial distinctions of the digital signature options, it would be relevant to address the differences of electronic signatures in general. Electronic signatures can be broken down into two broad categories: Those that use Public Key Infrastructure (PKI)-based technology and those that do not.

Tags: Authentication - Encryption, Security Administration		   
whitepaper PKI Based Semi-Fragile Watermark for Visual Content Authentication2008-10-24 Hiroshima University
  Multimedia content owners always endure of copyright protection and ownership verification of their digital assets. Robust watermarking techniques are invented to defeat these problems. However evolution of the watermarks focused different security aspects of multimedia data such as content integrity, data authentication, etc. As a result, fragile watermarking was introduced which is contrary to robust watermarks. Evolution of the fragile watermarks derives a new prospective watermarking concept called semi-fragile watermark which overcomes several limitations of fragile watermarking technique such as fragility for trusted image processing manipulations. This paper propose a new PKI (Public Key Infrastructure) based semi-fragile watermarking technique to authenticate perceptible content (information perceived by Human Visual System) of the digital data (digital images).

Tags: Security Administration		   
whitepaper Off-Premise ATM Leader Is First-to-Market With Remote Key Transport by Utilizing VeriSign Managed PKI Service2008-10-23 Verisign
  Triton Systems of Delaware (Triton) is a leading provider of off-premise Automated Teller Machines (ATMs) in North America. Today, after 20 years of production at its Long Beach, Mississippi manufacturing plant, the company has shipped more than 180,000 units - many of which can be found stationed in convenience and grocery stores worldwide. The challenge was to eliminate the cost associated with two people having to physically visit each ATM to enter and change master keys, while still maintaining high security and to comply with the growing global requirement to support remote key transport for ATMs. Triton deployed VeriSign Managed PKI Service.

Tags: Authentication - Encryption, Security Administration		   
whitepaper Achieve Information Security by Preserving the Secrecy and Integrity of Keys2008-09-18 Arxan Technologies
  Cryptography forms the basis of information security infrastructure. Data encryption, network traffic encryption, PKI-based authentication and digital signatures all depend on the underlying confidentiality of secret keys and integrity of public certificate authority keys to function as intended. When keys are compromised, information security systems cannot protect data. First-tier technologies such as network, data and access security measures are used to protect confidentiality of consumers' personal information and to control financial fraud. However, they are ineffective against insider attacks - which can amount to nearly 60% of all targeted information security attacks. Additionally, today's sophisticated malware requires systems to be comprehensively defended against hacking and compromise.

Tags: Security Administration		   
whitepaper Protecting Biometric Data With Extended Access Control: Securing Biometric Datasets in Electronic Identification Documents2008-08-01 Entrust
  While extremely valuable for strong authentication, biometric datasets contain sensitive personally identifiable information that criminal organization could leverage to commit fraud, impersonate identities or gain unauthorized access into ePassport-protected countries. Extended Access Control technology helps protect these invaluable biometric datasets from being stolen and used for malicious gain. The requirements for Extended Access Control dictate a unique Public Key Infrastructure (PKI) design; one that does not include revocation of public keys. Strong protection for the confidentiality of the reader's private key must be relied upon instead. This is a more brittle solution than public-key revocation, because there is no way to recover when it goes wrong. However, with careful system design, sufficiently reliable and secure solutions can be created.

Tags: Security Administration, Data Tools		   
whitepaper Extending BAN Logic for Reasoning With Modern PKI-Based Protocols2008-08-01 National University of Singapore
  BAN Logic is a well-known authentication logic which, despite other more recent logics and formal methods, remains popular with many protocol designers. BAN Logic however does not properly deal with the issues of certificates and the use of Public Key Infrastructure (PKI). This paper proposes an extension to BAN Logic which focuses on certificate processing within the PKI setting. The extension is along the lines of the work by Gaarder and Snekkenes but better captures current aspects of PKI. In particular, the extension redresses the reasoning on the goodness of private keys, and considers certificate revocation. Common pitfalls in public-key based protocol design are due to insufficient attention placed on the "Intended recipient" as well as the "Stated sender" of a message.