Protecting truckloads of data on the information superhighway

SSL Journal

Subscribe to SSL Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SSL Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

LOS GATOS, Calif. and ARLINGTON, Va., May 2 /PRNewswire-FirstCall/ -- Network security and flow classification market leader Hifn(TM) and Global Technologies Group, Inc. announced today that Global Technologies Group's new PowerCrypt 5x-PMC card features Hifn's 7956 security processor. GTGI's PowerCrypt 5x-PMC is an encryption accelerator card that provides hardware-assisted encryption, decryption and one-way hash functions to programs that could benefit from such assistance, such as IPsec implementations and bulk file encryption. The PowerCrypt 5X is intended to operate in blade servers with PMC slots. The 5x-PMC is 32- and 64-bit compatible, at either 33 or 66 MHz bus clock. Driver support for the 5x-PMC is already included in OpenBSD 3.4, as well as FreeBSD; Linux support is forthcoming. The Hifn 7956 security processor utilized in the PowerCrypt 5x-PMC performs ... (more)

Sandstorm Gold Announces Record Gold Sales and Revenue in Fourth Quarter 2013

VANCOUVER, March 11, 2014 /PRNewswire/ - Sandstorm Gold Ltd. ("Sandstorm" or the "Company") (NYSE MKT: SAND, TSX: SSL) has released its unaudited results for the fourth quarter and year ended December 31, 2013 (all figures in U.S. dollars). Fourth Quarter Highlights (3 Months) Record gold sales of 10,523 ounces, excluding Premier Royalty Inc.'s ("Premier Royalty") attributable ounces. Record revenue of $15.8 million. Average cash cost per ounce1 of $407 resulting in cash operating margins1 of $863 per ounce. Operating cash flow of $8.1 million. Net loss of $39.9 million primarily due to a non-cash impairment charge of $52.2 million relating to the Serra Pelada Gold Stream. 2013 Highlights (12 Months) Record gold sales of 36,146 ounces, excluding Premier Royalty's attributable ounces. Record revenue of $59.8 million. Operating cash flow of $32.2 million. Average cas... (more)

Jill Tummler Singer of the CIA Speaks on "Cloud Safety" : +1

I saw this tweet this morning and I thought "+1" (I guess I am a geek if I am thinking in Digg/Slashdot shorthand). The problem is that in Information Security, "security" is all-too-often used to mean only encryption. A line is considered "secure" if it's encrypted. But often, the real "security" requirements are much broader and include management (as in access management, identity management), business continuity defense against denial-of-service, and privacy. I think language is a big issue here. I've always found it interesting that in German, the words for "security" and "certainty" (sicherheit, literally "sureness") are the same. In French, the words for "safety" and "security" are also the same (sûreté, again literally "sureness"). So, in those languages, "security" has a broad definition, incorporating senses of dependability, management, and safety. I can s... (more)

Dear Slashdot: You Get What You Pay For

Open Source SSL Accelerator solution not as cost effective or well-performing as you think o3 Magazine has a write up on building an SSL accelerator out of Open Source components. It's a compelling piece, to be sure, that was picked up by Slashdot and discussed extensively. If o3 had stuck to its original goal - building an SSL accelerator on the cheap - it might have had better luck making its arguments. But it wanted to compare an Open Source solution to a commercial solution. That makes sense, the author was trying to show value in Open Source and that you don't need to shell out big bucks to achieve similar functionality. The problem is that there are very few - if any - commercial SSL accelerators on the market today. SSL acceleration has long been subsumed by load balancers/application delivery controllers and therefore a direct comparison between o3's Open ... (more)

How to Secure REST and JSON

Here at Layer 7 we get asked a lot about our support for REST. We actually have a lot to offer to secure, monitor and manage REST-style transactions. The truth is, although we really like SOAP and XML here at Layer 7, we also really like REST and alternative data encapsulations like JSON. We use both REST and JSON all the time in our own development. Suppose you have a REST-based service that you would like to publish to the world, but you are concerned about access control, confidentiality, integrity, and the risk from incoming threats. We have an answer for this: SecureSpan Gateway clusters, deployed in the DMZ, give you the ability to implement run time governance across all of your services: Pictures are nice, but this scenario is best understood using a concrete example. For the services, Yahoo’s REST-based search API offers us everything we need–it even retur... (more), Twitter, Security & You

..or, what I did on my twitter vacation the other day.  This brief break from 26 Short Topics about Security is brought to you by, twitter, security and You.  I’ve been using for a little while both to shorten links and be able to track clicks placed on twitter (and other social sites) – as many of you do.  When the twitter outage hit last week, and many folks found themselves ‘lost’ without it, I decided to review my stats on the links I’ve sent and found something interesting; or frightening.  :-)  (Incidentally, there was a another DDoS attack yesterday that took twitter down for about 20 minutes) To set this up: as you might know, I cover Security within the Technical Marketing Team (Lori, Alan & Ken round out the TMM group – and we’re all interested in Security) at F5 and usually find 1 or 2 interesting ‘security’ stories that I actually t... (more)

Considering the SOA Reference Model

(SYS-CON Media) - The main drivers for SOA-based architectures are to facilitate the manageable growth of large-scale enterprise systems, to facilitate Internet-scale provisioning and the use of services, and to reduce the cost of organization-to-organization cooperation - SOA RM When approaching a SOA implementation, I would like to consider two fundamental questions that many developers ask: 1)  What's the difference between service-oriented and service-based architectures? 2)  What special architecture elements are defined by the SOA RM? In my opinion, the answer to the first is in the difference between the words oriented and based. I believe that smart IT organizations offer a lot of services already because the technical benefits of services have been well known for a while. However, the applications based on these services are still monolithic and don't provide ... (more)

HTML5 WebSocket Security is Strong

This is a two-part blog post that discusses HTML5 WebSocket and security. In this, the first post, I will talk about the security benefits that come from being HTTP-compatible and the WebSocket standard itself. In the second post (coming soon) I will highlight some of the extra security capabilities that Kaazing WebSocket Gateway offers, things that real-world WebSocket applications will want to be fully secure. A WebSocket connection starts its life as an HTTP handshake, which then upgrades in-place to speak the WebSocket wire protocol. As such, many existing HTTP security mechanisms also apply to a WebSocket connection — one of the reasons why the WebSocket standard deliberately chose the strategy of being HTTP compatible. Unified HTTP and WebSocket Security Thanks to the HTTP/WebSocket unified security model, the following is a list of some standard HTTP securit... (more)

Cloud Business Solutions, Social Media, and Platform Systems of Engagement Market Shares, Strategies, and Forecasts, Worldwide, 2013 to 2019

NEW YORK, May 13, 2013 /PRNewswire/ -- announces that a new market research report is available in its catalogue: Cloud Business Solutions, Social Media, and Platform Systems of Engagement Market Shares, Strategies, and Forecasts, Worldwide, 2013 to 2019 LEXINGTON, Massachusetts (May 1, 2013) – WinterGreen Research announces that it has published a new study Cloud Business Solutions, Social Media, and Platform Systems of Engagement: Market Shares, Strategy, and Forecasts, Worldwide, 2013 to 2018. The 2013 study has 673 pages, 165 tables and figures. Worldwide markets are poised to achieve continuing growth as the cloud com... (more)

Configuring JMX in WebSphere 8.5

Like most application servers, WebSphere 8.5 has a rich management infrastructure based on JMX, or Java Management Extensions. In fact, the WebSphere administration console uses JMX to connect to the server to issue queries and perform administrative operations. In a previous post I showed you how to secure JBoss’ JMX connector. While there is a lot of information out there on how to connect to WebSphere via JMX, most of the examples involve either disabling SSL, or worse – disabling security globally. So let’s see how we can access WebSphere’s JMX connector remotely in a secure way. Like most things WebSphere, this could look very daunting at first, but once done, you will have a reliable and secure setup. First, a Little Background Historically most JMX implementations used the simple JMXMP protocol as the underlying transport. The newer versions of the the JMX Spe... (more)

SPDY versus HTML5 WebSockets

A recent post on the HTTP 2.0 War beginning garnered a very relevant question regarding WebSockets and where it fits in (what might shape up to be) an epic battle. The answer to the question, “Why not consider WebSockets here?” could be easily answered with two words: HTTP headers. It could also be answered with two other words: infrastructure impact. But I’m guessing Nagesh (and others) would like a bit more detail on that, so here comes the (computer) science. Different Solutions Have Different Impacts Due to a simple (and yet profound) difference between the two implementations, WebSockets is less likely to make an impact on the web (and yet more likely to make an impact inside data centers, but more on that another time). Nagesh is correct in that in almost all the important aspects, WebSockets and SPDY are identical (if not in implementation, in effect). Both ... (more)