T H R EAT S A R E H I D I N G I N E N C RY P T E D T R A F F I C O N YO U R N E T WO R K

Size: px
Start display at page:

Download "T H R EAT S A R E H I D I N G I N E N C RY P T E D T R A F F I C O N YO U R N E T WO R K"

Transcription

1 1 T H R EAT S A R E H I D I N G I N E N C RY P T E D T R A F F I C O N YO U R N E T WO R K Manoj Sharma Technical Director Symantec Corp Mark Sanders Lead Security Architect Venafi

2 T H R E A T S A R E H I D I N G I N E N2 W H AT YO U W I L L L E A R N Why encryption and digital certificates are helping our adversaries How to architect for today and tomorrow s SSL/TLS threatscape What you need to successfully run your operations What s your 90 day action plan 2

3 S S L / T L S T H R E AT S U P D AT E 3

4 T H R E A T S A R E H I D I N G I N E N4 P R O B L E M : Σ Κ Ό Τ Ο Σ = S C O T O M A = B L I N D S P O T

5 T H R E A T S A R E H I D I N G I N E N % A N D C L I M B I N G Of enterprise network traffic is encrypted with SSL/TLS today 5

6 T H R E A T S A R E H I D I N G I N E N6 L E S S T H A N 2 0 % Of organizations with a FW, IPS/IDS or UTM decrypt SSL/TLS traffic Source: D Hoinne, Jeremy and Hils, Adam. Gartner. Security Leaders Must Address Threats from Rising SSL Traffic. Gartner Doc: G December 9, 2013.

7 T H R E A T S A R E H I D I N G I N E N7 5 0 % O F N E T W O R K AT TA C K S W I L L U S E S S L / T L S B Y % N E T W O R K AT TA C K S W I L L U S E S S L / T L S B Y % of 7

8 T H R E A T S A R E H I D I N G I N E N8 E N T U N N E L S M E A N S E C U R I T Y S Y S T E M S C A N T S E E W H AT S C O M I N G 8

9 T H R E A T S A R E H I D I N G I N E N9 T R A D I T I O N A L S E C U R I T Y S Y S T E M S C A N T K E E P U P W I T H P E R F O R M A N C E N E E D E D T O D E C R Y P T A N D I N S P E C T S S L / T L S N E T W O R K 9

10 NGFW IDS / IPS Host AV Traditional Web Gateway SIEM Gateway DLP Web Application Firewall T H R E A T S A R E H I D I N G I N E N10 B A D G U Y S A R E E VA D I N G D E F E N S E S Traditional Enterprise Defenses Threat Actors Traditional Threats Advanced Threats Nation States Cybercrime Known Threats, Novel Malware Hactivists Known Malware, Zero-Day Threats Insider-Threats Known Files Targeted Attacks Known IPs/URLs Modern HTTPs

11 T H R E A T S A R E H I D I N G I N E N11 S S L / T L S : H I D D E N D A N G E R S Bad Actors are using encryption to: Hiding Malicious Actions and Messages Hiding the Initial Infection Hiding the Command and Control Channel Hiding Data Exfiltration 2987 blacklisted SSL certificates: Most (recently) are Dyre C&C, KINS C&C, Vawtrak MITM, Shylock C&C, URLzone C&C, TorrentLocker C&C, CryptoWall C&C, Upatre C&C, Spambot C&C, Retefe C&C, ZeuS MITM, etc. * TCP Ports used by Dyre Trojan for Hidden Command & Control - Blue Coat Labs 11

12 T H R E A T S A R E H I D I N G I N E N12 S S L / T L S : H I D D E N D A N G E R S Users: Are they SSL Aware? 12

13 T H R E A T S A R E H I D I N G I N E N13 N E X T B I G H A C K E R M A R K E T P L A C E W I L L B E I N S T O L E N C E R T I F I C AT E S 13

14 14 A R C H I T E C T I N G F O R S S L / T L S T H R E AT S

15 T H R E A T S A R E H I D I N G I N E N15 Today Ready for Threats A R C H I T E C T U R E G A P A N A LY S I S Role of Decryption Non-Existent/Tactical Strategic Inspection Points Few Performance Struggling Wirespeed Outbound Decryption: Internal trusted root CA Inbound Decryption: all keys & certs available Inbound Decryption: keys & certs securely distributed Few , flash drive, file server All available Encryption distribution w/o people 15

16 T H R E A T S A R E H I D I N G I N E N16 I N B O U N D A N D O U T B O U N D T R A F F I C Inbound SSL Decryption Web & Servers, Customer Web Portals Outbound SSL Decryption Encrypted , Social Networks, CRM, etc. IPS & IDS AV DLP APM SIM & SIEM Forensics Security Solution IPS & IDS AV DLP APM SIM & SIEM Forensics Security Solution Internet Internet Web, & Portal Servers Clients

17 T H R E A T S A R E H I D I N G I N E N17 W H AT D O Y O U T H I N K T H I N G S L O O K L I K E? Secure Communications

18 T H R E A T S A R E H I D I N G I N E N18 SSL & SSH Keys & Certificates T H I S I S W H AT I T R E A L LY L O O K S L I K E SSL Keys & Certificates Secure Communications Server Authentication Client-side Server Authentication Secure Communications Server Authentication Client-side Authentication

19 T H R E A T S A R E H I D I N G I N E N19 M O R E K E Y S, M O R E C E R T I F I C A T E S, M O R E E N C R Y P T I O N

20 T H R E A T S A R E H I D I N G I N E N20 B A L A N C I N G C O M P L I A N C E A N D D ATA P R I VA C Y DATA PRIVACY CONCERNS RISK OF ADVANCED THREATS LEAD TO REQUIREMENTS 1) Manage what type of information is decrypted 2) Assure custody and integrity of encrypted data 20

21 21 D I F F E R E N C E S I N E N T E R P R I S E E N C R Y P T I O N S T R AT E G I E S B Y C O U N T R Y S o u r c e : P o n e m o n I n s t i t u t e G l o b a l 21 E n c r y p t i o n T r e n d s S t u d y

22 T H R E A T S A R E H I D I N G I N E N22 A R C H I T E C T U R E F O R V I S I B I L I T Y CLIENT INTERNET SERVER GLOBAL INTELLIGENCE NETWORK GATEWAY / FIREWALL SECURITY ANALYTICS CORPORATE SERVERS ❷ SSL VISIBILITY APPLIANCE ❸ ❶ ❹ SANDBOX CLIENT NG IPS Encrypted traffic Decrypted traffic 22

23 T H R E A T S A R E H I D I N G I N E N23 P K I A R C H I T E C T U R E F O R I N S P E C T I O N Inbound Outbound Enterprise Root STATIC SSL Decryption Intermediate STATIC www app.. v125.. GENERATED ON THE FLY google.com outlook.com dropbox.com

24 T H R E A T S A R E H I D I N G I N E N24 S S L B L I N D S P O T S I N A C T I O N : D ATA I N F I LT R AT I O N + E X F I LT R AT I O N U S I N G S S L Malware Infiltration and Data Exfiltration using Wireshark Compare pcaps from identical operations with and without SSL Inspection enabled in the network. Download from a file magnetic* from sourceforge.net (HTTP Download) Download a known file using HTTPS: Infiltration Upload sensitive data using HTTPS: Exfiltration 24

25 T H R E A T S A R E H I D I N G I N E N25 V I D E O 25

26 S S L B L I N D S P O T S : D ATA E X F I LT R AT I O N E X P E R I M E N T Symantec DLP Network Prevent Details: Base OS: MS Windows 2012 R2 DLP Network Prevent Software Version: 14 DLP Network Prevent configured to monitor HTTP and HTTPS ports. SSL Inspection Device: Hardware Mode:SV800 / Software Version Experiment: 1. Upload sensitive data using HTTP 2. SSL Inspection Disabled: Upload sensitive data using HTTPS 3. SSL Inspection Enabled: Upload sensitive data using HTTPS T H R E A T S A R E H I D I N G I N E N26 NOTE: SYMANTEC DOES NOT CLAIM THEY CAN INSPECT SSL TRAFFIC ON THEIR NETWORK DLP PRODUCTS 26

27 T H R E A T S A R E H I D I N G I N E N27 V I D E O 27

28 E C O N O M I C S O F S S L D E C R Y P T I O N Cost of No-Action =Infection=Intrusion=Breach=$ Direct Low performance -> higher cost to reach needed throughput Incomplete support for latest ciphers creates unseen blindspots Indirect Time and effort to identify, gather, distribute, and update keys & certificates T H R E A T S A R E H I D I N G I N E N28 28

29 O N G O I N G O P E R AT I O N S 29

30 T H R E A T S A R E H I D I N G I N E N30 M A I N TA I N I N G D E C R Y P T I O N Capture new keys and certificates (including those generated outside of IT security) Update renewed, rekey keys and certificates throughout SSL/TLS chain (e.g. firewall, load balancer, WAF, etc.)

31 4 5 D AY A C T I O N P L A N 31

32 T H R E A T S A R E H I D I N G I N E N32 YO U R 4 5 D AY A C T I O N P L A N Map your SSL footprint = Risk Exposure Decrypt once feed many v/s decryption in many places in network Performance impact of decryption on existing network/security devices Local regulations and compliance requirements Outbound: HR and Legal must be consulted to ensure user privacy is respected and preserved. Inbound: Obtaining keys/certificates, how will you keep them secure, how will you keep them updated 32

33 T H R E A T S A R E H I D I N G I N E N33 M A P Y O U R I N B O U N D S S L / T L S F O O T P R I N T Where and how many SSL/TLS enabled entities? What are all systems involved in SSL/TLS through DMZ? (e.g. firewall, load balancer, WAF, etc.) What are the security controls that need visibility in to encrypted traffic? How will you track keys and certificates? How frequently are they renewed and rekeyed? Who and how many are responsible for each key and certificate? How will you get them? How will you transfer keys and certificates? How will you update keys and certificates? 33

34 T H R E A T S A R E H I D I N G I N E N34 M A P Y O U R O U T B O U N D S S L / T L S F O O T P R I N T % of Total North-South Traffic is SSL/TLS encrypted SSL Versions seen on the networks SSL Versions have known vulnerabilities. SSL: Bad; TLS: Good BP: Do not allow known bad protocols Certificate Status Valid certificate v/s invalid certs Should not see any traffic with invalid certificate. BP: Do not allow not-valid cert traffic SSL/TLS traffic that isn t on port 443 Non-SSL traffic that is using port 443 Protocol versions in-use Ciphers used Strong v/s Weak cipher suites Logjam/Freak/Heartbleed BP: Do not allow connections with weak ciphers Top N SSL Sites by Request Users of SSL/TLS Traffic North-South communication 34

35 35 Manoj Sharma Technical Director Symantec Corp Mark Sanders Lead Security Architect Venafi THANK YOU

T H R EAT S A R E H I D I N G I N E N C RY P T E D T R A F F I C O N YO U R N E T W O R K

T H R EAT S A R E H I D I N G I N E N C RY P T E D T R A F F I C O N YO U R N E T W O R K 1 T H R EAT S A R E H I D I N G I N E N C RY P T E D T R A F F I C O N YO U R N E T W O R K Manoj Sharma Technical Director Symantec Corp Mark Sanders Lead Security Architect Venafi T H R E A T S A R E

More information

Patrol: Revealing Zero-day Attack Paths through Network-wide System Object Dependencies

Patrol: Revealing Zero-day Attack Paths through Network-wide System Object Dependencies Patrol: Revealing Zero-day Attack Paths through Network-wide System Object Dependencies Jun Dai, Xiaoyan Sun, and Peng Liu College of Information Sciences and Technology Pennsylvania State University,

More information

FIS' Partnership with Zelle for P2P Payments

FIS' Partnership with Zelle for P2P Payments FIS' Partnership with Zelle for P2P Payments Chris Burfield, SVP, Digital Market Strategy Norman Marraccini, VP, Director of Digital Payment Product Strategy & Marketing Peter Tapling, Chief Revenue Officer,

More information

MySQL Attack Mitigation Using Deception Technology

MySQL Attack Mitigation Using Deception Technology 1 RESEARCH REPORT : MySQL Attack Mitigation Using Deception Technology RESEARCH REPORT MySQL Attack Mitigation Using Deception Technology A Report by TrapX Labs December 31, 2016 2 RESEARCH REPORT : MySQL

More information

Android Security Mechanisms (2)

Android Security Mechanisms (2) Android Security Mechanisms (2) Lecture 9 Operating Systems Practical 14 December 2016 This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy of this license,

More information

Quantum Computing: it s the end of the world as we know it? Giesecke+Devrient Munich, June 2018

Quantum Computing: it s the end of the world as we know it? Giesecke+Devrient Munich, June 2018 Quantum Computing: it s the end of the world as we know it? Giesecke+Devrient Munich, June 2018 What drives a company s digital strategy in 2020 and beyond? Quantum Computing it s the end of the world

More information

ArcGIS Deployment Pattern. Azlina Mahad

ArcGIS Deployment Pattern. Azlina Mahad ArcGIS Deployment Pattern Azlina Mahad Agenda Deployment Options Cloud Portal ArcGIS Server Data Publication Mobile System Management Desktop Web Device ArcGIS An Integrated Web GIS Platform Portal Providing

More information

BEST PRACTICES FOR EDISCOVERY ON DATA IN THE AZURE OR AWS CLOUD TAKEAWAYS FROM THE WEBINAR

BEST PRACTICES FOR EDISCOVERY ON DATA IN THE AZURE OR AWS CLOUD TAKEAWAYS FROM THE WEBINAR BEST PRACTICES FOR EDISCOVERY ON DATA IN THE AZURE OR AWS CLOUD TAKEAWAYS FROM THE WEBINAR 1 1 0 1 1 0 1 1 1 0 0 0 1 0 1 1 0 1 1 1 0 1 1 1 1 1 1 0 1 1 1 0 1 1 1 1 0 0 0 0 1 0 1 0 0 0 0 1 1 1 1 0 1 1 1

More information

Attack Graph Modeling and Generation

Attack Graph Modeling and Generation Attack Graph Modeling and Generation Ratnesh Kumar, Professor, IEEE Fellow Electrical and Computer Engineering, Iowa State University PhD Students: Mariam Ibrahim German Jordanian University Attack Graph:

More information

ARGUS.net IS THREE SOLUTIONS IN ONE

ARGUS.net IS THREE SOLUTIONS IN ONE OVERVIEW H i g h l y c o n f i g u r a b l e s o f t w a r e a c c o m m o d a t e s a w i d e r a n g e o f c o l l e c t i o n s T h r e e s o l u t i o n s c o v e r P o r t a l s, C o l l e c t i o

More information

Leveraging Web GIS: An Introduction to the ArcGIS portal

Leveraging Web GIS: An Introduction to the ArcGIS portal Leveraging Web GIS: An Introduction to the ArcGIS portal Derek Law Product Management DLaw@esri.com Agenda Web GIS pattern Product overview Installation and deployment Configuration options Security options

More information

GeoComply Overview. 666 Burrard Street, Suite 1530, Vancouver BC V6C 2X8

GeoComply Overview. 666 Burrard Street, Suite 1530, Vancouver BC V6C 2X8 GeoComply Overview 666 Burrard Street, Suite 1530, Vancouver BC V6C 2X8 EXECUTIVE SUMMARY GeoComply is a global leader in geolocation technology. Since launching in 2011, GeoComply has quickly become the

More information

Compensation Planning Application

Compensation Planning Application Compensation Planning Application Why Physician Compensation? More and more organizations are formally aligning with physicians. These organizations require large support structures to effectively manage

More information

ST-Links. SpatialKit. Version 3.0.x. For ArcMap. ArcMap Extension for Directly Connecting to Spatial Databases. ST-Links Corporation.

ST-Links. SpatialKit. Version 3.0.x. For ArcMap. ArcMap Extension for Directly Connecting to Spatial Databases. ST-Links Corporation. ST-Links SpatialKit For ArcMap Version 3.0.x ArcMap Extension for Directly Connecting to Spatial Databases ST-Links Corporation www.st-links.com 2012 Contents Introduction... 3 Installation... 3 Database

More information

JOB TITLE: CURRENT CLASSIFICATION/GRID POSITION # GIS Coordinator AD Grid Level 6(c) # 420

JOB TITLE: CURRENT CLASSIFICATION/GRID POSITION # GIS Coordinator AD Grid Level 6(c) # 420 COUNTY OF GRANDE PRAIRIE JOB DESCRIPTION JOB TITLE: CURRENT CLASSIFICATION/GRID POSITION # GIS Coordinator AD Grid Level 6(c) # 420 NOC CODE: 2255 STANDARD HOURS: 35 hours/week (non-management) JOB TITLE

More information

The science behind these computers originates in

The science behind these computers originates in A Methodology for Quantum Risk Assessment Author: Dr. Michele Mosca & John Mulholland DISRUPTIVE TECHNOLOGY INTRODUCTION Until recently, quantum computing was often viewed as a capability that might emerge

More information

ArcGIS Earth for Enterprises DARRON PUSTAM ARCGIS EARTH CHRIS ANDREWS 3D

ArcGIS Earth for Enterprises DARRON PUSTAM ARCGIS EARTH CHRIS ANDREWS 3D ArcGIS Earth for Enterprises DARRON PUSTAM ARCGIS EARTH CHRIS ANDREWS 3D ArcGIS Earth is ArcGIS Earth is a lightweight globe desktop application that helps you explore any part of the world and investigate

More information

Portal for ArcGIS: An Introduction. Catherine Hynes and Derek Law

Portal for ArcGIS: An Introduction. Catherine Hynes and Derek Law Portal for ArcGIS: An Introduction Catherine Hynes and Derek Law Agenda Web GIS pattern Product overview Installation and deployment Configuration options Security options and groups Portal for ArcGIS

More information

Data-Sharing Agreement

Data-Sharing Agreement Data-Sharing Agreement Contributions to LandMark: The Global Platform of Indigenous and Community Lands This Data-Sharing Agreement provides the standards for contributing data to the LandMark: The Global

More information

Broadband Internet Access Disclosure

Broadband Internet Access Disclosure Broadband Internet Access Disclosure This document provides information about the network practices, performance characteristics, and commercial terms applicable broadband Internet access services provided

More information

Foundations of Network and Computer Security

Foundations of Network and Computer Security Foundations of Network and Computer Security John Black Lecture #6 Sep 8 th 2005 CSCI 6268/TLEN 5831, Fall 2005 Announcements Quiz #1 later today Still some have not signed up for class mailing list Perhaps

More information

Using OGC standards to improve the common

Using OGC standards to improve the common Using OGC standards to improve the common operational picture Abstract A "Common Operational Picture", or a, is a single identical display of relevant operational information shared by many users. The

More information

Incident Response tactics with Compromise Indicators

Incident Response tactics with Compromise Indicators Vladimir Kropotov, Vitaly Chetvertakov, Fyodor Yarochkin RusCrypto 2014 March 25-28, 2014 Outline Basics Standards Tools Sharing IOCs IOCs composites Case Study More on Tools Questions Introduction Indicators

More information

Imagery and the Location-enabled Platform in State and Local Government

Imagery and the Location-enabled Platform in State and Local Government Imagery and the Location-enabled Platform in State and Local Government Fred Limp, Director, CAST Jim Farley, Vice President, Leica Geosystems Oracle Spatial Users Group Denver, March 10, 2005 TM TM Discussion

More information

Web GIS Deployment for Administrators. Vanessa Ramirez Solution Engineer, Natural Resources, Esri

Web GIS Deployment for Administrators. Vanessa Ramirez Solution Engineer, Natural Resources, Esri Web GIS Deployment for Administrators Vanessa Ramirez Solution Engineer, Natural Resources, Esri Agenda Web GIS Concepts Web GIS Deployment Patterns Components of an On-Premises Web GIS Federation of Server

More information

#$% &'!&()&*&'(+(!"(",!%, (!(!!- &( '!&( '!&(& (! (!(!%-&!

#$% &'!&()&*&'(+(!(,!%, (!(!!- &( '!&( '!&(& (! (!(!%-&! !"!!" #$% &'!&()&*&'(+(!"(",!%, (!(!!- &( '!&( '!&(& (! #$%(!& &("(&-" "(&& (!(!%-&! #$%( -""(&-( %%!&,. %'!&(-"&%%/0' #&.!"(%% "(&, #$%&*& *-( 12%"!1'3'14 15"! #$%- -!6!&&,% ""(&,7 #1-"!"(8 #1-"!"(8 #1-"!"(8

More information

Enforcing honesty of certification authorities: Tagged one-time signature schemes

Enforcing honesty of certification authorities: Tagged one-time signature schemes Enforcing honesty of certification authorities: Tagged one-time signature schemes Information Security Group Royal Holloway, University of London bertram.poettering@rhul.ac.uk Stanford, January 11, 2013

More information

Portal for ArcGIS: An Introduction

Portal for ArcGIS: An Introduction Portal for ArcGIS: An Introduction Derek Law Esri Product Management Esri UC 2014 Technical Workshop Agenda Web GIS pattern Product overview Installation and deployment Security and groups Configuration

More information

Lectures 1&2: Introduction to Secure Computation, Yao s and GMW Protocols

Lectures 1&2: Introduction to Secure Computation, Yao s and GMW Protocols CS 294 Secure Computation January 19, 2016 Lectures 1&2: Introduction to Secure Computation, Yao s and GMW Protocols Instructor: Sanjam Garg Scribe: Pratyush Mishra 1 Introduction Secure multiparty computation

More information

Arcgis Enterprise Performance And Scalability Best Practices

Arcgis Enterprise Performance And Scalability Best Practices Arcgis Enterprise Performance And Scalability Best Practices We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer,

More information

Introduction to Portal for ArcGIS. Hao LEE November 12, 2015

Introduction to Portal for ArcGIS. Hao LEE November 12, 2015 Introduction to Portal for ArcGIS Hao LEE November 12, 2015 Agenda Web GIS pattern Product overview Installation and deployment Security and groups Configuration options Portal for ArcGIS + ArcGIS for

More information

Innovation. The Push and Pull at ESRI. September Kevin Daugherty Cadastral/Land Records Industry Solutions Manager

Innovation. The Push and Pull at ESRI. September Kevin Daugherty Cadastral/Land Records Industry Solutions Manager Innovation The Push and Pull at ESRI September 2004 Kevin Daugherty Cadastral/Land Records Industry Solutions Manager The Push and The Pull The Push is the information technology that drives research and

More information

Sophos Mobile 8.1. Feature Matrix. Server. Admin User Interface. Self Service Portal. User Directory and Management

Sophos Mobile 8.1. Feature Matrix. Server. Admin User Interface. Self Service Portal. User Directory and Management Sophos 8.1 Feature Matrix Deployment Device Platform Server Admin User Interface Easy-to-use web interface P P P P P P P Flexible Dashboard with 29 different widgets P P P P P P P Flexible filter mechanism

More information

Foundations of Network and Computer Security

Foundations of Network and Computer Security Foundations of Network and Computer Security John Black Lecture #5 Sep 7 th 2004 CSCI 6268/TLEN 5831, Fall 2004 Announcements Please sign up for class mailing list by end of today Quiz #1 will be on Thursday,

More information

Sophos Mobile 7. Feature Matrix. Server. Admin User Interface. Self Service Portal. User Directory and Management. Device compliance enforcement rules

Sophos Mobile 7. Feature Matrix. Server. Admin User Interface. Self Service Portal. User Directory and Management. Device compliance enforcement rules Sophos 7 Feature Matrix Deployment Device Platform Server Admin User Interface Easy-to-use web interface P P P P P P Flexible Dashboard with 23 different widgets P P P P P P Flexible filter mechanism P

More information

What s New. August 2013

What s New. August 2013 What s New. August 2013 Tom Schwartzman Esri tschwartzman@esri.com Esri UC2013. Technical Workshop. What is new in ArcGIS 10.2 for Server ArcGIS 10.2 for Desktop Major Themes Why should I use ArcGIS 10.2

More information

No. of Days. Building 3D cities Using Esri City Engine ,859. Creating & Analyzing Surfaces Using ArcGIS Spatial Analyst 1 7 3,139

No. of Days. Building 3D cities Using Esri City Engine ,859. Creating & Analyzing Surfaces Using ArcGIS Spatial Analyst 1 7 3,139 Q3 What s New? Creating and Editing Data with ArcGIS Pro Editing and Maintaining Parcels Using ArcGIS Spatial Analysis Using ArcGIS Pro User Workflows for ArcGIS Online Organizations Q3-2018 ArcGIS Desktop

More information

Data-Sharing Agreement

Data-Sharing Agreement Data-Sharing Agreement Contributions to LandMark: The Global Platform of Indigenous and Community Lands This Data-Sharing Agreement provides the standards for contributing data to the LandMark: The Global

More information

Quantum Wireless Sensor Networks

Quantum Wireless Sensor Networks Quantum Wireless Sensor Networks School of Computing Queen s University Canada ntional Computation Vienna, August 2008 Main Result Quantum cryptography can solve the problem of security in sensor networks.

More information

Web GIS & ArcGIS Pro. Zena Pelletier Nick Popovich

Web GIS & ArcGIS Pro. Zena Pelletier Nick Popovich Web GIS & ArcGIS Pro Zena Pelletier Nick Popovich Web GIS Transformation of the ArcGIS Platform Desktop Apps GIS Web Maps Web Scenes Layers Evolution of the modern GIS Desktop GIS (standalone GIS) GIS

More information

Web GIS Patterns and Practices

Web GIS Patterns and Practices FedGIS Conference February 24 25, 2016 Washington, DC Web GIS Patterns and Practices Philip Heede Jay Theodore Witt Mathot Web GIS Transformation of the ArcGIS Platform Desktop Apps Web Maps Web Scenes

More information

R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H.

R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H. R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H. 5 S O F T W A R E E N G I N E E R I N G B Y S O M M E R V I L L E S E

More information

Random Number Generation Is Getting Harder It s Time to Pay Attention

Random Number Generation Is Getting Harder It s Time to Pay Attention SESSION ID: PDAC-F03 Random Number Generation Is Getting Harder It s Time to Pay Attention Richard Moulds General Manager Whitewood Richard Hughes Laboratory Fellow (Retired) Los Alamos National Laboratory

More information

STRIBOB : Authenticated Encryption

STRIBOB : Authenticated Encryption 1 / 19 STRIBOB : Authenticated Encryption from GOST R 34.11-2012 or Whirlpool Markku-Juhani O. Saarinen mjos@item.ntnu.no Norwegian University of Science and Technology Directions in Authentication Ciphers

More information

Portals: Standards in Action

Portals: Standards in Action Portals: Standards in Action David Danko ISO TC 211 Metadata Project Leader GIS Standards Consultant-ESRI. Metadata Portals Portal gateway, place of entry Producers Advertise, expose products Share information

More information

IMPLEMENTING GOVERNMENT-WIDE ENTERPRISE GIS; THE FEDERATED MODEL

IMPLEMENTING GOVERNMENT-WIDE ENTERPRISE GIS; THE FEDERATED MODEL IMPLEMENTING GOVERNMENT-WIDE ENTERPRISE GIS; THE FEDERATED MODEL James E. Mitchell, Ph. D. IT GIS Manager Louisiana Department of Transportation and Development presented at the ESRI International Users

More information

Forecast solutions for the energy sector

Forecast solutions for the energy sector Forecast solutions for the energy sector A/S Lyngsø Allé 3 DK-2970 Hørsholm Henrik Aalborg Nielsen, A/S 1 Consumption and production forecasts Heat load forecasts for district heating systems usually for

More information

ArcGIS. for Server. Understanding our World

ArcGIS. for Server. Understanding our World ArcGIS for Server Understanding our World ArcGIS for Server Create, Distribute, and Manage GIS Services You can use ArcGIS for Server to create services from your mapping and geographic information system

More information

Markov Chain analysis of packet sequence for intrusion detection

Markov Chain analysis of packet sequence for intrusion detection Graduate Theses and Dissertations Iowa State University Capstones, Theses and Dissertations 2017 Markov Chain analysis of packet sequence for intrusion detection Chad Bockholt Iowa State University Follow

More information

6TH ANNUAL BUILDING EMERGENCY PLAN SUMMIT

6TH ANNUAL BUILDING EMERGENCY PLAN SUMMIT CAMPUS EMERGENCY PREPAREDNESS TRAINING SERIES 6TH ANNUAL BUILDING EMERGENCY PLAN SUMMIT Ron Wright, Director Jefferson Howells, Asst Director Campus Emergency Preparedness & Planning Office 205 South Martin

More information

Management of Geological Information for Mining Sector Development and Investment Attraction Examples from Uganda and Tanzania

Management of Geological Information for Mining Sector Development and Investment Attraction Examples from Uganda and Tanzania Mineral Wealth Conference 2016 Kampala / Uganda Management of Geological Information for Mining Sector Development and Investment Attraction Examples from Uganda and Tanzania Andreas Barth 1, Andreas Knobloch

More information

Experimental Study of DIGIPASS GO3 and the Security of Authentication

Experimental Study of DIGIPASS GO3 and the Security of Authentication Experimental Study of DIGIPASS GO3 and the Security of Authentication Igor Semaev Department of Informatics, University of Bergen, Norway e-mail: igor@ii.uib.no arxiv:1506.06332v1 [cs.cr] 21 Jun 2015 Abstract.

More information

WordPress and CRM. Match Made In Heaven... or Hell?

WordPress and CRM. Match Made In Heaven... or Hell? WordPress and CRM Match Made In Heaven... or Hell? Who Am I? Colin Pizarek Product Manager, NeonCRM Board Member, Ridgeville Foundation Alumnus, Idealware Disclaimer: I m opinionated. Moving data from

More information

Introduction to Portal for ArcGIS

Introduction to Portal for ArcGIS Introduction to Portal for ArcGIS Derek Law Product Management March 10 th, 2015 Esri Developer Summit 2015 Agenda Web GIS pattern Product overview Installation and deployment Security and groups Configuration

More information

Information Security in the Age of Quantum Technologies

Information Security in the Age of Quantum Technologies www.pwc.ru Information Security in the Age of Quantum Technologies Algorithms that enable a quantum computer to reduce the time for password generation and data decryption to several hours or even minutes

More information

Working with ArcGIS Online

Working with ArcGIS Online Esri International User Conference San Diego, CA Technical Workshops July 12, 2011 Working with ArcGIS Online Bern Szukalski, Deane Kensok Topics for this Session ArcGIS Online Overview ArcGIS Online Content

More information

PAX2S Modbus Register Table REVISED 2/20/12 LP0894A

PAX2S Modbus Register Table REVISED 2/20/12 LP0894A PAX2S Modbus Register Table REVISED 2/2/12 LP894A REGISTER 41 42 43 44 45 46 47 48 49 41 411 412 413 414 415 416 417 418 419 42 421 422 423 424 425 426 427 428 429 43 431 432 481 482 483 484 485 486 487

More information

C L O U D S E C U R I T Y A L L I A N C E : W H E R E W E A R E & W H E R E W E A R E G O I N G

C L O U D S E C U R I T Y A L L I A N C E : W H E R E W E A R E & W H E R E W E A R E G O I N G C L O U D S E C U R I T Y A L L I A N C E : W H E R E W E A R E & W H E R E W E A R E G O I N G S C E N A R I C L O U D N E L P R O S S I M O F U T U R O Daniele Catteddu CTO, Cloud Security Alliance 9

More information

DATA SCIENCE SIMPLIFIED USING ARCGIS API FOR PYTHON

DATA SCIENCE SIMPLIFIED USING ARCGIS API FOR PYTHON DATA SCIENCE SIMPLIFIED USING ARCGIS API FOR PYTHON LEAD CONSULTANT, INFOSYS LIMITED SEZ Survey No. 41 (pt) 50 (pt), Singapore Township PO, Ghatkesar Mandal, Hyderabad, Telengana 500088 Word Limit of the

More information

An Optimization Approach In Information Security Risk Management

An Optimization Approach In Information Security Risk Management Advances in Management & Applied Economics, vol.2, no.3, 2012, 1-12 ISSN: 1792-7544 (print version), 1792-7552 (online) Scienpress Ltd, 2012 An Optimization Approach In Information Security Risk Management

More information

Clock Synchronization Procedure

Clock Synchronization Procedure Clock Synchronization Procedure Reference No. xx Revision No. 1 Relevant ISO Control No. 10.10.6 Issue Date: June 19, 2013 Revision Date: June 19, 2013 Approved by: Title: Ted Harvey Director, Technology

More information

Enabling Web GIS. Dal Hunter Jeff Shaner

Enabling Web GIS. Dal Hunter Jeff Shaner Enabling Web GIS Dal Hunter Jeff Shaner Enabling Web GIS In Your Infrastructure Agenda Quick Overview Web GIS Deployment Server GIS Deployment Security and Identity Management Web GIS Operations Web GIS

More information

PARASITIC COMPUTING: PROBLEMS AND ETHICAL

PARASITIC COMPUTING: PROBLEMS AND ETHICAL ISSN 2320-9194 8 International Journal of Advance Research, IJOAR.org Volume 1, Issue 11, November 2013, Online: ISSN 2320-9194 PARASITIC COMPUTING: PROBLEMS AND ETHICAL CONSIDERATION Abstract Parasitic

More information

Integrated Electricity Demand and Price Forecasting

Integrated Electricity Demand and Price Forecasting Integrated Electricity Demand and Price Forecasting Create and Evaluate Forecasting Models The many interrelated factors which influence demand for electricity cannot be directly modeled by closed-form

More information

Overview of Geospatial Open Source Software which is Robust, Feature Rich and Standards Compliant

Overview of Geospatial Open Source Software which is Robust, Feature Rich and Standards Compliant Overview of Geospatial Open Source Software which is Robust, Feature Rich and Standards Compliant Cameron SHORTER, Australia Key words: Open Source Geospatial Foundation, OSGeo, Open Standards, Open Geospatial

More information

Annual TTFO Meeting April 10, 2018 Michael J. Wittman, P.S. Chief Surveyor / GIS Coordinator

Annual TTFO Meeting April 10, 2018 Michael J. Wittman, P.S. Chief Surveyor / GIS Coordinator Annual TTFO Meeting April 10, 2018 Michael J. Wittman, P.S. Chief Surveyor / GIS Coordinator Text Book Definition: Layman Terms: An organized collection of hardware, software and geographic data designed

More information

ArcGIS Enterprise: What s New. Philip Heede Shannon Kalisky Melanie Summers Sam Williamson

ArcGIS Enterprise: What s New. Philip Heede Shannon Kalisky Melanie Summers Sam Williamson ArcGIS Enterprise: What s New Philip Heede Shannon Kalisky Melanie Summers Sam Williamson ArcGIS Enterprise is the new name for ArcGIS for Server What is ArcGIS Enterprise ArcGIS Enterprise is powerful

More information

SAFMC Habitat and Ecosystem IMS. Habitat and Environmental Protection Advisory Panel Meeting

SAFMC Habitat and Ecosystem IMS. Habitat and Environmental Protection Advisory Panel Meeting SAFMC Habitat and Ecosystem IMS Habitat and Environmental Protection Advisory Panel Meeting Charleston, SC November 18, 2008 Project Overview Phase 1 develop and host an Internet Map Server (IMS) application

More information

GIS Data Conversion: Strategies, Techniques, and Management

GIS Data Conversion: Strategies, Techniques, and Management GIS Data Conversion: Strategies, Techniques, and Management Pat Hohl, Editor SUB G6ttlngen 208 494219 98 A11838 ONWORD P R E S S V Contents SECTION 1: Introduction 1 Introduction and Overview 3 Ensuring

More information

Dan Boneh. Introduction. Course Overview

Dan Boneh. Introduction. Course Overview Online Cryptography Course Introduction Course Overview Welcome Course objectives: Learn how crypto primitives work Learn how to use them correctly and reason about security My recommendations: Take notes

More information

Administrivia. Course Objectives. Overview. Lecture Notes Week markem/cs333/ 2. Staff. 3. Prerequisites. 4. Grading. 1. Theory and application

Administrivia. Course Objectives. Overview. Lecture Notes Week markem/cs333/ 2. Staff. 3. Prerequisites. 4. Grading. 1. Theory and application Administrivia 1. markem/cs333/ 2. Staff 3. Prerequisites 4. Grading Course Objectives 1. Theory and application 2. Benefits 3. Labs TAs Overview 1. What is a computer system? CPU PC ALU System bus Memory

More information

The Internet of Things (IoT) and ArcGIS GeoEvent Processor

The Internet of Things (IoT) and ArcGIS GeoEvent Processor and ArcGIS GeoEvent Processor C. Adam Mollenkopf Product Lead ArcGIS GeoEvent Processor for Server amollenkopf@esri.com @amollenkopf Morakot Pilouk, PhD Senior Consultant ArcGIS GeoEvent Processor for

More information

A Governance Framework for Geographic Data, Services, and Applications. Colin MacDonald Esri UC 2017

A Governance Framework for Geographic Data, Services, and Applications. Colin MacDonald Esri UC 2017 A Governance Framework for Geographic Data, Services, and Applications Colin MacDonald Esri UC 2017 Some Context Nova Scotia, Canada Population ~1,000,000 Photos copyright Province of Nova Scotia Geomatics

More information

Acceptance Test Report. C CVII Task 2

Acceptance Test Report. C CVII Task 2 6980-02941-01-07 1.1 02-Feb-2010 1 (30) Customer Contract Number C030588 Customer Contract Start/Finish Dates 21-Jan-2009 to 31-Dec-2010 C030588 CVII Task 2 Task 2 provides the base VII infrastructure

More information

Counter-trafficking Integrated Display System (CIDS): A GIS-Based Command & Control Environment for Coalition Nations

Counter-trafficking Integrated Display System (CIDS): A GIS-Based Command & Control Environment for Coalition Nations 9 th International Command and Control Research and Technology Symposium Counter-trafficking Integrated Display System (CIDS): A GIS-Based Command & Control Environment for Coalition Nations Elizabeth

More information

The Future of the USAP Antarctic Internet Data Distribution System

The Future of the USAP Antarctic Internet Data Distribution System The Future of the USAP Antarctic Internet Data Distribution System A discussion on LDM Efforts at ASC with Satellite Ground Stations update Andrew B. Archer Antarctic Support Contract Matthew A. Lazzara

More information

TECDIS and TELchart ECS Weather Overlay Guide

TECDIS and TELchart ECS Weather Overlay Guide 1 of 24 TECDIS and TELchart ECS provides a very advanced weather overlay feature, using top quality commercial maritime weather forecast data available as a subscription service from Jeppesen Marine. The

More information

ArcGIS Web Tools, Templates, and Solutions for Defence & Intelligence. Renee Bernstein Esri Solutions Engineer

ArcGIS Web Tools, Templates, and Solutions for Defence & Intelligence. Renee Bernstein Esri Solutions Engineer ArcGIS Web Tools, Templates, and Solutions for Defence & Intelligence Renee Bernstein Esri Solutions Engineer ArcGIS Solutions Includes 450+ Industry Focused Apps and Capabilities Organized by 9 Primary

More information

No. of Days. ArcGIS 3: Performing Analysis ,431. Building 3D cities Using Esri City Engine ,859

No. of Days. ArcGIS 3: Performing Analysis ,431. Building 3D cities Using Esri City Engine ,859 What s New? Creating Story Maps with ArcGIS Field Data Collection and Management Using ArcGIS Get Started with Insights for ArcGIS Introduction to GIS Using ArcGIS & ArcGIS Pro: Essential Workflow Migrating

More information

No. of Days. ArcGIS Pro for GIS Professionals ,431. Building 3D cities Using Esri City Engine ,859

No. of Days. ArcGIS Pro for GIS Professionals ,431. Building 3D cities Using Esri City Engine ,859 What s New? Creating Story Maps with ArcGIS Field Data Collection and Management Using ArcGIS Get Started with Insights for ArcGIS Introduction to GIS Using ArcGIS & ArcGIS Pro: Essential Workflow Migrating

More information

Lecture 11. Data Standards and Quality & New Developments in GIS

Lecture 11. Data Standards and Quality & New Developments in GIS Lecture 11 Data Standards and Quality & New Developments in GIS Lecture 11: Outline I. Data Standards and Quality 1. Types of Spatial Data Standards 2. Data Accuracy II. New Developments/The Future of

More information

Information Security

Information Security SE 4472 / ECE 9064 Information Security Week 12: Random Number Generators and Picking Appropriate Key Lengths Fall 2015 Prof. Aleksander Essex Random Number Generation Where do keys come from? So far we

More information

Data Aggregation with InfraWorks and ArcGIS for Visualization, Analysis, and Planning

Data Aggregation with InfraWorks and ArcGIS for Visualization, Analysis, and Planning CI125230 Data Aggregation with InfraWorks and ArcGIS for Visualization, Analysis, and Planning Stephen Brockwell Brockwell IT Consulting Inc. Sean Kinahan Brockwell IT Consulting Inc. Learning Objectives

More information

Web GIS: Architectural Patterns and Practices. Shannon Kalisky Philip Heede

Web GIS: Architectural Patterns and Practices. Shannon Kalisky Philip Heede Web GIS: Architectural Patterns and Practices Shannon Kalisky Philip Heede Web GIS Transformation of the ArcGIS Platform Desktop Apps Server GIS Web Maps Web Scenes Layers Web GIS Transformation of the

More information

Features and Benefits

Features and Benefits Autodesk LandXplorer Features and Benefits Use the Autodesk LandXplorer software family to help improve decision making, lower costs, view and share changes, and avoid the expense of creating physical

More information

Web GIS Administration: Tips and Tricks

Web GIS Administration: Tips and Tricks EdUC 2017 July 8 th, 2017 Web GIS Administration: Tips and Tricks Geri Miller Agenda Concerns Acknowledged User Management Content Management Monitoring Licensing and logins Sophistication of IT support

More information

DIGITAL TWINS W A Z U G D e c e m b e r

DIGITAL TWINS W A Z U G D e c e m b e r DIGITAL TWINS W A Z U G - 1 3 D e c e m b e r 2 0 1 8 J o h a n H o e k J o h a n. H o e k @ W i n v i s i o n. n l F r a n k v a n H o u t e n F r a n k. v a n H o u t e n @ W i n v i s i o n. n l D E

More information

A Small Subgroup Attack on Arazi s Key Agreement Protocol

A Small Subgroup Attack on Arazi s Key Agreement Protocol Small Subgroup ttack on razi s Key greement Protocol Dan Brown Certicom Research, Canada dbrown@certicom.com lfred Menezes Dept. of C&O, University of Waterloo, Canada ajmeneze@uwaterloo.ca bstract In

More information

Improving Helios with Everlasting Privacy Towards the Public Denise Demirel, Jeroen van de Graaf, Roberto Araújo

Improving Helios with Everlasting Privacy Towards the Public Denise Demirel, Jeroen van de Graaf, Roberto Araújo Improving Helios with Everlasting Privacy Towards the Public Denise Demirel, Jeroen van de Graaf, Roberto Araúo 15.08.2012 Fachbereich 20 CDC Denise Demirel 1 Helios Introduced 2008 by Ben Adida Web application

More information

No#ons of Privacy: ID- Hiding, Untrace- ability, Anonymity & Deniability

No#ons of Privacy: ID- Hiding, Untrace- ability, Anonymity & Deniability No#ons of Privacy: ID- Hiding, Untrace- ability, Anonymity & Deniability Paris, 19/03/2014 CIDRE Cristina Onete Meet the girl Need authentication Marie-Claire Cris%na Onete 19/03/2014 2 Secure Authentication

More information

Proving Security Protocols Correct. Lawrence C. Paulson Computer Laboratory

Proving Security Protocols Correct. Lawrence C. Paulson Computer Laboratory Proving Security Protocols Correct Lawrence C. Paulson Computer Laboratory How Detailed Should a Model Be? too detailed too simple concrete abstract not usable not credible ``proves'' everything ``attacks''

More information

Troubleshooting Replication and Geodata Services. Liz Parrish & Ben Lin

Troubleshooting Replication and Geodata Services. Liz Parrish & Ben Lin Troubleshooting Replication and Geodata Services Liz Parrish & Ben Lin AGENDA: Troubleshooting Replication and Geodata Services Overview Demo Troubleshooting Q & A Overview of Replication Liz Parrish What

More information

New Cloud Solutions by My TimeZero

New Cloud Solutions by My TimeZero New Cloud Solutions by My TimeZero 1. TimeZero Products under My TimeZero 2. Creating and Logging into My TimeZero Account 3. Linking My TimeZero Products with Users 3-1 Finding Friends 3-2 Saving Settings

More information

Land Board, NW Services and SDI Tambet Tiits, FRICS

Land Board, NW Services and SDI Tambet Tiits, FRICS Land Board, NW Services and SDI Tambet Tiits, FRICS 07.09.2016 200th anniversary of the Struve Geodetic Arc Friedrich Georg Wilhelm Struve and Carl Friedrich Tenner Struve Geodetic Arc The Struve Geodetic

More information

Cryptography CS 555. Topic 25: Quantum Crpytography. CS555 Topic 25 1

Cryptography CS 555. Topic 25: Quantum Crpytography. CS555 Topic 25 1 Cryptography CS 555 Topic 25: Quantum Crpytography CS555 Topic 25 1 Outline and Readings Outline: What is Identity Based Encryption Quantum cryptography Readings: CS555 Topic 25 2 Identity Based Encryption

More information

Internal Audit Report

Internal Audit Report Internal Audit Report Right of Way Mapping TxDOT Internal Audit Division Objective To determine the efficiency and effectiveness of district mapping procedures. Opinion Based on the audit scope areas reviewed,

More information

M o n i t o r i n g O c e a n C o l o u r P y t h o n p r o c e d u r e f o r d o w n l o a d

M o n i t o r i n g O c e a n C o l o u r P y t h o n p r o c e d u r e f o r d o w n l o a d M o n i t o r i n g O c e a n C o l o u r P y t h o n p r o c e d u r e f o r d o w n l o a d Copernicus User Uptake Information Sessions Copernicus EU Copernicus EU Copernicus EU www.copernicus.eu I N

More information

PQ Crypto Panel. Bart Preneel Professor, imec-cosic KU Leuven. Adi Shamir Borman Professor of Computer Science, The Weizmann Institute, Israel

PQ Crypto Panel. Bart Preneel Professor, imec-cosic KU Leuven. Adi Shamir Borman Professor of Computer Science, The Weizmann Institute, Israel #RSAC SESSION ID: CRYP-W10 PQ Crypto Panel MODERATOR: Bart Preneel Professor, imec-cosic KU Leuven PANELISTS: Dr. Dan Boneh Professor, Stanford University Michele Mosca Professor, UWaterloo and evolutionq

More information

Android Security Mechanisms

Android Security Mechanisms Android Security Mechanisms Lecture 9 Android and Low-level Optimizations Summer School 1 August 2015 This work is licensed under the Creative Commons Attribution 4.0 International License. To view a copy

More information

Are you the one to share? Secret Transfer with Access Structure

Are you the one to share? Secret Transfer with Access Structure Are you the one to share? Secret Transfer with Access Structure Yongjun Zhao, Sherman S.M. Chow Department of Information Engineering The Chinese University of Hong Kong, Hong Kong Private Set Intersection

More information