SlideShare une entreprise Scribd logo

The CDO Agenda - Data Security and Encryption

DATAVERSITY
DATAVERSITY

If you're not terrified, you're not paying attention. Every organization in the world, large and small, should be concerned about Data Security. Virtually every week there’s a well-publicized and embarrassing data breach that serves to remind how important it is to protect both customer and enterprise information. Tools and techniques exist to help, for managing identity, authentication, and authorization. Encryption is also an effective way of making it harder for people to steal your secrets. But it isn't magical, it isn't fool proof and, depending on how you are using it, may be completely useless. You don't have to understand the math (although that will help), but you do have to understand what encryption will and won't do for you. Data and web security today Protecting data in transit Protecting data at rest What advantage does Encryption provide? How can you build encrypted data protection into your software and systems? Are there business trade-offs? Implications for specific industries (financial, health)

TechnologieFormation
1  sur  56
Télécharger pour lire hors ligne
www.cdovision.com Moderator: Tony Shaw CEO, DATAVERSITY Speaker: Brian Sletten President Bosatsu Consulting, Inc. #CDOVision Sponsored today by:
CDO Agenda DataSecurityandEncryption Brian Sletten ! @bsletten 07/01/2014
Speaker Qualifications Specialize in next-generation technologies Author of "Resource-Oriented Architecture Patterns for Webs of Data" Speaks internationally about REST, Semantic Web, Security, Visualization, Architecture Worked in Defense, Finance, Retail, Hospitality, Video Game, Health Care and Publishing Industries One of Top 100 Semantic Web People · · · · · 2/55
Agenda Intro Encryption The World We Live In Secure Systems · · · · 3/55
Intro
Whoever thinks his problem can be solved using cryptography, doesn't understand his problem and doesn't understand cryptography. “ ” Roger Needham/Butler Lampson
CC BY-SA 3.0 (http://en.wikipedia.org/wiki/Scytale) 6/55
Shift Cipher Et tu, Brute? PLAIN TEXT Rg gh, Oehgr? CIPHER TEXT (ROT13) 7/55
Shift Cipher Rg gh, Oehgr? CIPHER TEXT Et tu, Brute? PLAIN TEXT (ROT 13) 8/55
CC BY-SA 3.0 (http://en.wikipedia.org/wiki/Caesar_cipher) 9/55
Effective Cryptography Confusion Diffusion · · 10/55
CC BY-SA 3.0 (http://en.wikipedia.org/wiki/Enigma_machine) 11/55
Recent Crypto Developments 1970s: Data Encryption System (DES) 1970s: Diffie-Hellman(-Merkle) Key Exchange 1980s: RSA 1990s: Attacking DES 2000s: Advanced Encryption System (AES) · · · · · 12/55
Attacking Cryptography Cryptanalysis Social Engineering Side Channel Attacks · · · 13/55
A cryptosystem should be secure even if the attacker knows all details about the system, with the exception of the secret key. In particular, the system should be secure when the attacker knows the encryption and decryption algorithms. “ ” Auguste Kerckhoffs (1883)
Bulletproof SSL and TLS 15/55
Encryption
Understanding Cryptography: A Textbook for Students and Practitioners 17/55
Understanding Cryptography: A Textbook for Students and Practitioners 18/55
http://legacy.kingston.com/secure/XTSmostsecureencryption.asp 19/55
Symmetric Encryption By Bananenfalter (Own work) [CC0], via Wikimedia Commons 20/55
Data Encryption Standard (DES) http://en.wikipedia.org/wiki/Feistel_cipher 21/55
22/55
Triple DES 23/55
Advanced Encryption Standard (AES) 24/55
Asymmetric Encryption By Bananenfalter (Own work) [CC0], via Wikimedia Commons 25/55
Diffie-Helman Key Exchange (DHKE) First published asymmetric crypto scheme (1976) Influenced by work of Ralph Merkle Discovered earlier at GCHQ but was classified Allows derivation of a secret key over public channels Based upon the Discrete Logarithm Problem · · · · · 26/55
http://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange 27/55
DHKE Uses SSH TLS IPSec · · · 28/55
29/55
30/55
31/55
32/55
33/55
34/55
35/55
Data at Rest and Encryption Context Regulatory Compliance Querying Key rotation Archival quality · · · · · 36/55
The World We Live In
Known TLS Hacks BEAST CRIME BREACH Lucky Thirteen Heartbleed · · · · · 38/55
Dual_EC_DRBG Dual Elliptic Curve Deterministic Random Bit Generator PRNG algorithm (ISO 18031 and NIST Standard) In 2007, concern about a backdoor Required for FIPS 140-2 BULLRUN revelations implicated Dual_EC_DRBG NIST recommends against use NSA reportedly paid RSA to make Dual_EC_DRBG default PRNG NSA requested RSA add TLS extension to expose more PRNG data · · · · · · · · 39/55
RdRand Intel instruction for returning random numbers from on-chip RNG with its own source of entropy Compliant with NIST SP 800-90A, FIPS 140-2 and ANSI X9.82 SP 800-90 requires CTR DRBG, Hash DRBG, HMAC DRBG and Dual_EC_DRBG Not pulled from Linux Pulled from FreeBSD · · · · · 40/55
Secure Systems
The main objective of secure system design is to make breaking the system more costly than the value of the protected assets , where the 'cost' should be measured in monetary value but also in more abstract terms such as effort or reputation . “ ” Christof Paar and Jan Pelzl Understanding Cryptography: A Textbook for Students and Practitioners
[Security Engineering] is about building systems to remain dependable in the face of malice, error, or mischance. “ ” Ross J. Anderson Security Engineering
Solutions Principle of Least Privilege Defense in Depth Build Security In · · · 44/55
Security is an emergent property of your system. “ ” Gary McGraw
Approach Risk Management Touchpoints Knowledge · · · 46/55
Requirements and Use Cases Architecture and Design Test Plans Code Tests and Test Results Feedback from Deployed Systems External Review 47/55
Requirements and Use Cases Architecture and Design Test Plans Code Tests and Test Results Feedback from Deployed Systems Code Review Risk Analysis Penetration Testing Security Operations Risk-based Security Tests External Review Risk Analysis Security Requirements Abuse Cases 1 2 2 3 4 5 6 7 48/55
Books
50/55
51/55
https://www.feistyduck.com/books/bulletproof-ssl-and-tls/ 52/55
http://www.crypto-textbook.com 53/55
54/55
Questions? " brian@bosatsu.net ! @bsletten + http://tinyurl.com/bjs-gplus $ bsletten

Recommandé

TrustLeap Multipass - Unbreakable Passwords For Cloud Services
TrustLeap Multipass - Unbreakable Passwords For Cloud ServicesTrustLeap Multipass - Unbreakable Passwords For Cloud Services
TrustLeap Multipass - Unbreakable Passwords For Cloud ServicesTWD Industries AG
 
hashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. Reality
hashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. Realityhashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. Reality
hashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. RealityArea41
 
Trustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTrustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTWD Industries AG
 
Global-WAN - The Swiss Neutral Data Haven
Global-WAN - The Swiss Neutral Data HavenGlobal-WAN - The Swiss Neutral Data Haven
Global-WAN - The Swiss Neutral Data HavenTWD Industries AG
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziNCCOMMS
 
Hacking Closed Networks
Hacking Closed NetworksHacking Closed Networks
Hacking Closed NetworksPriyanka Aash
 
系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰
系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰
系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰Galaxy Software Services
 

Recommandé

TrustLeap Multipass - Unbreakable Passwords For Cloud Services
TrustLeap Multipass - Unbreakable Passwords For Cloud ServicesTrustLeap Multipass - Unbreakable Passwords For Cloud Services
TrustLeap Multipass - Unbreakable Passwords For Cloud ServicesTWD Industries AG
 
hashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. Reality
hashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. Realityhashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. Reality
hashdays 2011: Jean-Philippe Aumasson - Cryptanalysis vs. RealityArea41
 
Trustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTrustleap - Mathematically-Proven Unbreakable Security
Trustleap - Mathematically-Proven Unbreakable SecurityTWD Industries AG
 
Global-WAN - The Swiss Neutral Data Haven
Global-WAN - The Swiss Neutral Data HavenGlobal-WAN - The Swiss Neutral Data Haven
Global-WAN - The Swiss Neutral Data HavenTWD Industries AG
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziNCCOMMS
 
Hacking Closed Networks
Hacking Closed NetworksHacking Closed Networks
Hacking Closed NetworksPriyanka Aash
 
系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰
系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰
系統02_關鍵的「特權+資料安全」最後一哩防線 解忠翰Galaxy Software Services
 
Advanced Encryption on the JVM v0.2.8
Advanced Encryption on the JVM v0.2.8Advanced Encryption on the JVM v0.2.8
Advanced Encryption on the JVM v0.2.8Matthew McCullough
 
Distributed systems in practice, in theory
Distributed systems in practice, in theoryDistributed systems in practice, in theory
Distributed systems in practice, in theoryAysylu Greenberg
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacNCCOMMS
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
The Revolution of Crypto Funding - Building towards a Scamless Future
The Revolution of Crypto Funding - Building towards a Scamless FutureThe Revolution of Crypto Funding - Building towards a Scamless Future
The Revolution of Crypto Funding - Building towards a Scamless FutureRuben Merre
 
Encryption Boot Camp at JavaZone 2010
Encryption Boot Camp at JavaZone 2010Encryption Boot Camp at JavaZone 2010
Encryption Boot Camp at JavaZone 2010Matthew McCullough
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"Christiaan Beek
 
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill ChainThreat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill ChainSuwitcha Musijaral CISSP,CISA,GWAPT,SNORTCP
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Security theatre (Scotland php)
Security theatre (Scotland php)Security theatre (Scotland php)
Security theatre (Scotland php)xsist10
 
Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)xsist10
 
TXGX 2019_Sam_Challenges for Blockchain Mass Adoption
TXGX 2019_Sam_Challenges for Blockchain Mass AdoptionTXGX 2019_Sam_Challenges for Blockchain Mass Adoption
TXGX 2019_Sam_Challenges for Blockchain Mass AdoptionKlaytn
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDebra Baker, CISSP CSSP
 
Gdpr encryption and tokenization
Gdpr encryption and tokenizationGdpr encryption and tokenization
Gdpr encryption and tokenizationUlf Mattsson
 
Blockchain presentation-tech ontap-tv-v1
Blockchain presentation-tech ontap-tv-v1Blockchain presentation-tech ontap-tv-v1
Blockchain presentation-tech ontap-tv-v1Tony Vernall
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...JPCERT Coordination Center
 
Improving privacy in blockchain using homomorphic encryption
Improving privacy in blockchain using homomorphic encryption Improving privacy in blockchain using homomorphic encryption
Improving privacy in blockchain using homomorphic encryption Razi Rais
 
Security Theatre - PHP UK Conference
Security Theatre - PHP UK ConferenceSecurity Theatre - PHP UK Conference
Security Theatre - PHP UK Conferencexsist10
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementationsTrupti Shiralkar, CISSP
 
cryptography
cryptographycryptography
cryptographyBalaji Ravi
 
50+ Frequently Asked Cryptography Interview Questions in 2022
50+ Frequently Asked Cryptography Interview Questions in 202250+ Frequently Asked Cryptography Interview Questions in 2022
50+ Frequently Asked Cryptography Interview Questions in 2022Temok IT Services
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 Aaron Zauner
 

Contenu connexe

Tendances

Advanced Encryption on the JVM v0.2.8
Advanced Encryption on the JVM v0.2.8Advanced Encryption on the JVM v0.2.8
Advanced Encryption on the JVM v0.2.8Matthew McCullough
 
Distributed systems in practice, in theory
Distributed systems in practice, in theoryDistributed systems in practice, in theory
Distributed systems in practice, in theoryAysylu Greenberg
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacNCCOMMS
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
The Revolution of Crypto Funding - Building towards a Scamless Future
The Revolution of Crypto Funding - Building towards a Scamless FutureThe Revolution of Crypto Funding - Building towards a Scamless Future
The Revolution of Crypto Funding - Building towards a Scamless FutureRuben Merre
 
Encryption Boot Camp at JavaZone 2010
Encryption Boot Camp at JavaZone 2010Encryption Boot Camp at JavaZone 2010
Encryption Boot Camp at JavaZone 2010Matthew McCullough
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"Christiaan Beek
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 

Tendances (9)

Advanced Encryption on the JVM v0.2.8
Advanced Encryption on the JVM v0.2.8Advanced Encryption on the JVM v0.2.8
Advanced Encryption on the JVM v0.2.8
 
Distributed systems in practice, in theory
Distributed systems in practice, in theoryDistributed systems in practice, in theory
Distributed systems in practice, in theory
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri Diogenes
 
The Revolution of Crypto Funding - Building towards a Scamless Future
The Revolution of Crypto Funding - Building towards a Scamless FutureThe Revolution of Crypto Funding - Building towards a Scamless Future
The Revolution of Crypto Funding - Building towards a Scamless Future
 
Encryption Boot Camp at JavaZone 2010
Encryption Boot Camp at JavaZone 2010Encryption Boot Camp at JavaZone 2010
Encryption Boot Camp at JavaZone 2010
 
"Giving the bad guys no sleep"
"Giving the bad guys no sleep""Giving the bad guys no sleep"
"Giving the bad guys no sleep"
 
Threat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill ChainThreat Hunting with Cyber Kill Chain
Threat Hunting with Cyber Kill Chain
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 

Similaire à The CDO Agenda - Data Security and Encryption

Security theatre (Scotland php)
Security theatre (Scotland php)Security theatre (Scotland php)
Security theatre (Scotland php)xsist10
 
Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)xsist10
 
TXGX 2019_Sam_Challenges for Blockchain Mass Adoption
TXGX 2019_Sam_Challenges for Blockchain Mass AdoptionTXGX 2019_Sam_Challenges for Blockchain Mass Adoption
TXGX 2019_Sam_Challenges for Blockchain Mass AdoptionKlaytn
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDebra Baker, CISSP CSSP
 
Gdpr encryption and tokenization
Gdpr encryption and tokenizationGdpr encryption and tokenization
Gdpr encryption and tokenizationUlf Mattsson
 
Blockchain presentation-tech ontap-tv-v1
Blockchain presentation-tech ontap-tv-v1Blockchain presentation-tech ontap-tv-v1
Blockchain presentation-tech ontap-tv-v1Tony Vernall
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...JPCERT Coordination Center
 
Improving privacy in blockchain using homomorphic encryption
Improving privacy in blockchain using homomorphic encryption Improving privacy in blockchain using homomorphic encryption
Improving privacy in blockchain using homomorphic encryption Razi Rais
 
Security Theatre - PHP UK Conference
Security Theatre - PHP UK ConferenceSecurity Theatre - PHP UK Conference
Security Theatre - PHP UK Conferencexsist10
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementationsTrupti Shiralkar, CISSP
 
50+ Frequently Asked Cryptography Interview Questions in 2022
50+ Frequently Asked Cryptography Interview Questions in 202250+ Frequently Asked Cryptography Interview Questions in 2022
50+ Frequently Asked Cryptography Interview Questions in 2022Temok IT Services
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 Aaron Zauner
 
Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)Aaron Zauner
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)irjes
 
Security Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHPSecurity Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHPxsist10
 
Chapter 4 access control fundamental ii
Chapter 4 access control fundamental iiChapter 4 access control fundamental ii
Chapter 4 access control fundamental iiSyaiful Ahdan
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackPriyanka Aash
 

Similaire à The CDO Agenda - Data Security and Encryption (20)

Security theatre (Scotland php)
Security theatre (Scotland php)Security theatre (Scotland php)
Security theatre (Scotland php)
 
Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)
 
TXGX 2019_Sam_Challenges for Blockchain Mass Adoption
TXGX 2019_Sam_Challenges for Blockchain Mass AdoptionTXGX 2019_Sam_Challenges for Blockchain Mass Adoption
TXGX 2019_Sam_Challenges for Blockchain Mass Adoption
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptx
 
Gdpr encryption and tokenization
Gdpr encryption and tokenizationGdpr encryption and tokenization
Gdpr encryption and tokenization
 
Blockchain presentation-tech ontap-tv-v1
Blockchain presentation-tech ontap-tv-v1Blockchain presentation-tech ontap-tv-v1
Blockchain presentation-tech ontap-tv-v1
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
 
Improving privacy in blockchain using homomorphic encryption
Improving privacy in blockchain using homomorphic encryption Improving privacy in blockchain using homomorphic encryption
Improving privacy in blockchain using homomorphic encryption
 
Security Theatre - PHP UK Conference
Security Theatre - PHP UK ConferenceSecurity Theatre - PHP UK Conference
Security Theatre - PHP UK Conference
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementations
 
cryptography
cryptographycryptography
cryptography
 
50+ Frequently Asked Cryptography Interview Questions in 2022
50+ Frequently Asked Cryptography Interview Questions in 202250+ Frequently Asked Cryptography Interview Questions in 2022
50+ Frequently Asked Cryptography Interview Questions in 2022
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
 
Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)Introduction to and survey of TLS security (BsidesHH 2014)
Introduction to and survey of TLS security (BsidesHH 2014)
 
International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)International Refereed Journal of Engineering and Science (IRJES)
International Refereed Journal of Engineering and Science (IRJES)
 
Security Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHPSecurity Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHP
 
Chapter 4 access control fundamental ii
Chapter 4 access control fundamental iiChapter 4 access control fundamental ii
Chapter 4 access control fundamental ii
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation Track
 

Plus de DATAVERSITY

Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...DATAVERSITY
 
Data at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceData at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceDATAVERSITY
 
Exploring Levels of Data Literacy
Exploring Levels of Data LiteracyExploring Levels of Data Literacy
Exploring Levels of Data LiteracyDATAVERSITY
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsDATAVERSITY
 
Make Data Work for You
Make Data Work for YouMake Data Work for You
Make Data Work for YouDATAVERSITY
 
Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?DATAVERSITY
 
Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?DATAVERSITY
 
Data Modeling Fundamentals
Data Modeling FundamentalsData Modeling Fundamentals
Data Modeling FundamentalsDATAVERSITY
 
Showing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectShowing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectDATAVERSITY
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleDATAVERSITY
 
Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?DATAVERSITY
 
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...DATAVERSITY
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?DATAVERSITY
 
Data Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsData Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsDATAVERSITY
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayDATAVERSITY
 
2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics2023 Trends in Enterprise Analytics
2023 Trends in Enterprise AnalyticsDATAVERSITY
 
Data Strategy Best Practices
Data Strategy Best PracticesData Strategy Best Practices
Data Strategy Best PracticesDATAVERSITY
 
Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?DATAVERSITY
 
Data Management Best Practices
Data Management Best PracticesData Management Best Practices
Data Management Best PracticesDATAVERSITY
 
MLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageMLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageDATAVERSITY
 

Plus de DATAVERSITY (20)

Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
 
Data at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceData at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and Governance
 
Exploring Levels of Data Literacy
Exploring Levels of Data LiteracyExploring Levels of Data Literacy
Exploring Levels of Data Literacy
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business Goals
 
Make Data Work for You
Make Data Work for YouMake Data Work for You
Make Data Work for You
 
Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?
 
Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?
 
Data Modeling Fundamentals
Data Modeling FundamentalsData Modeling Fundamentals
Data Modeling Fundamentals
 
Showing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectShowing ROI for Your Analytic Project
Showing ROI for Your Analytic Project
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at Scale
 
Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?
 
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?
 
Data Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsData Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and Forwards
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement Today
 
2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics
 
Data Strategy Best Practices
Data Strategy Best PracticesData Strategy Best Practices
Data Strategy Best Practices
 
Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?
 
Data Management Best Practices
Data Management Best PracticesData Management Best Practices
Data Management Best Practices
 
MLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageMLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive Advantage
 

Dernier

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 

Dernier (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 

The CDO Agenda - Data Security and Encryption