Protecting truckloads of data on the information superhighway

SSL Journal

Subscribe to SSL Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SSL Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Chris Soghoian is giving a Berkman lunchtime talk called: “Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era,” based on paper he’s just written. In the interest of time, he’s not going to talk about the “miscreants in government” today. Pew says that “over 69% of Americans use webmail services, store data online, or other use software programs such as word processing applications whose functionality is in the cloud.” Chris’ question: Why have cloud providers failed to provide adequate security for the customers. (”Cloud computing” = users’ data is stored on a company server and the app is delivered through a browser.) NOTE: Live-blogging. Getting things wrong. Missing points. Omitting key information. Introducing artificial choppiness. Over-emphasizing small matters. Paraphrasing badly. Not running a spellpchecker. Mangling othe... (more)

Tip of the Red Hat - Entrust Updates PKI Platform, Adds Linux Support

Building on the continued success of the public key infrastructure (PKI) platform, Entrust  is advancing the technology to bring it to new markets. With the introduction of Entrust Authority Security Manager 8.0, Entrust customers can implement one of the most trusted PKI security solutions available on the cost-effective Linux Red Hat platform. This release introduces Entrust to the open-source platform market and expands the potential overall installation base for the PKI solution. "Linux is recognized as one of the most popular operating systems installed on servers globally, and provides Entrust with an active new market segment for PKI deployments," said Entrust President and CEO Bill Conner. "This is a key milestone for Entrust and the entire PKI platform. We're eager to see how the Linux community embraces and implements our PKI technology." In a recent publi... (more)

Top Ten Managed File Transfer Considerations

Before looking for a managed file transfer solution, it is important to determine how data is currently being transferred from your organization. You should find out what users and applications are performing the data transfers, where the source of the data resides, how sensitive the data is, how the data is formatted for the partners and what protocols are used to transmit the information. If the files are encrypted or compressed before transmission, find out what tools and standards are being utilized. After you’ve done your in-house analysis, then start a search for a secure file transfer solution that best fits your needs. Listed below are the Top 10 managed file transfer considerations: 1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed ... (more)

Twenty-Five Linux Server Hardening Tips

When it comes to having a Linux server hosted in a data center or it is not behind any kind of Firewall or NAT device there are a number of security requirements that need to be addressed. Linux servers generally come with no protection configured by default and depending on the hosting company or distro can come preconfigured with many services installed that are not required, including Web Servers, FTP Servers, Mail Servers and SSH Remote Access. The following is a compilation of various settings and techniques you can employ to harden the security of your vulnerable Linux systems. While I have tried to put them in order of the most important features first I would recommend all of these options be used on your critical production servers. TIP #1 – Strong Passwords Always create long passwords that contain upper and lower case letters, numbers and non alpha-numeri... (more)

Securing Cloud Data from Cybercrime, Intrusion and Surveillance

By John Sotiropoulos - In my previous post  (Cloud Data, Security, Privacy & Confidentiality/ The ISV Perspective) I talked about the increasing exposure of data, the changing landscape of data confidentiality and the need to shield data rather than retreat into – largely mythical  -“safe heavens” of on premise.  When storing data in the cloud, key management becomes a critical aspect of data confidentiality and a new crop of vendors are beginning to emerge simplifying encryption and key management. Having looked at most of the new crop of cloud encryption vendors, we liked Porticor for its innovative application of homomorphic algorithm to split key encryption and its use of a customer-owned security appliance.   The combination of two eliminates the need to expose the encryption key and minimizes the risks offering a unique approach to comply with EU data protect... (more)

Ericom Software Extends Microsoft Windows Server 2003 x64 Edition Terminal Servers

CLOSTER, NJ -- (MARKET WIRE) -- 04/25/05 -- Ericom® Software, Inc., a leading provider of enterprise application access & Server Based Computing solutions, today at Microsoft's WinHEC, announced the release of PowerTerm® WebConnect with newly added 64-bit support, in tandem with Microsoft's exciting Windows Server 2003 x64 Editions release. PowerTerm WebConnect is a comprehensive solution for secure local and remote access to enterprise applications, residing on Windows Terminal Servers and Legacy systems. Ericom's support for servers running Microsoft's Windows Server 2003 x64 Edition operating system will enable users to take advantage of the latest 64-bit hardware based on Intel EM64T and AMD64 processors. Ericom supports the Microsoft Terminal Server platform with features including Application Publishing, Seamless Windows applications, Load Balancing, SSL Gatew... (more)

GoDaddy.com(R) to Support Web Sites Built With Ruby on Rails

SCOTTSDALE, Ariz., April 21 /PRNewswire/ -- GoDaddy.com, the No. 1 registrar of domain names worldwide and the world's largest Web host in terms of hostnames, now supports Web sites created using Ruby on Rails. Ruby on Rails is an open-source framework which lets developers easily assemble rich and dynamic Web sites. Programming with Rails allows a Web designer to wrap applications easily around a database. It has been widely acclaimed in Web development and software engineering circles as a new standard for ease of development and speed of delivery. "Our customers are finding Ruby on Rails to be incredibly valuable in shaping their online presence," said Bob Parsons, GoDaddy.com CEO and Founder. "We are pleased to be able to offer support for a framework that increases the utility of the sites we host." "We came over to Go Daddy specifically because Ruby on Rails wa... (more)

Considering the SOA Reference Model

(SYS-CON Media) - The main drivers for SOA-based architectures are to facilitate the manageable growth of large-scale enterprise systems, to facilitate Internet-scale provisioning and the use of services, and to reduce the cost of organization-to-organization cooperation - SOA RM When approaching a SOA implementation, I would like to consider two fundamental questions that many developers ask: 1)  What's the difference between service-oriented and service-based architectures? 2)  What special architecture elements are defined by the SOA RM? In my opinion, the answer to the first is in the difference between the words oriented and based. I believe that smart IT organizations offer a lot of services already because the technical benefits of services have been well known for a while. However, the applications based on these services are still monolithic and don't provide ... (more)

Chip PC propose maintenant la dernière version de Windows CE 6.0 R2 et RDP 6.0 pour son offre de terminaux haut de gamme

PARIS, July 1 /PRNewswire/ -- Chip PC Technologies annonce aujourd'hui que ses terminaux haut de gamme seront livrés avec le dernier Windows Embedded CE 6.0 R2 incluant RDP 6.0. Le nouveau Windows Embedded CE 6.0 R2 permet une connexion intégrée et simplifiée à Windows Vista et Windows Server 2008. De plus, ce nouvel OS dispose de la dernière version de Remote Desktop Protocol (RDP) 6.0, qui procure d'importants avantages aux utilisateurs, comme le support de Secure Sockets Layer/Transport Layer Security (SSL/TLS), de Network Level Authentication, Server Authentication, et de couleurs 32-bit. Les terminaux Chip PC avec Windows Embedded CE 6.0 R2 sont optimisés pour une meilleure gestion, sécurité, un déploiement simplifié, un support avancé des périphériques USB couplé, RDP 6.0 optimisé pour une gestion graphique avancée (Wide Screen et haute résolution), authentif... (more)

Dear Slashdot: You Get What You Pay For

Open Source SSL Accelerator solution not as cost effective or well-performing as you think o3 Magazine has a write up on building an SSL accelerator out of Open Source components. It's a compelling piece, to be sure, that was picked up by Slashdot and discussed extensively. If o3 had stuck to its original goal - building an SSL accelerator on the cheap - it might have had better luck making its arguments. But it wanted to compare an Open Source solution to a commercial solution. That makes sense, the author was trying to show value in Open Source and that you don't need to shell out big bucks to achieve similar functionality. The problem is that there are very few - if any - commercial SSL accelerators on the market today. SSL acceleration has long been subsumed by load balancers/application delivery controllers and therefore a direct comparison between o3's Open ... (more)

Crescendo Networks Unveils New Purpose-built Application Delivery Platforms

Crescendo Networks has announced the Maestro CN-7000 series, a new line of advanced application delivery hardware platforms. The CN-7000 series includes the entry-level CN-7710, the CN-7740 for medium to large organizations, and the CN-7790 for the largest organizations, with up to 10 Gbps throughput. The new platform series allows Web-based businesses of all sizes to accelerate and optimize application delivery, boost server and network efficiency and dramatically reduce data center costs. It further expands the award-winning Maestro Platform, which is designed to work specifically with Crescendo’s flagship application delivery controller, AppBeat™ DC. “Unlike other application delivery controllers that rely on general purpose components that sacrifice performance and reliability under heavy traffic loads, the entire CN-7000 series leverages Crescendo’s unique custom... (more)