Development of a Cryptographic Module

Wednesday, February 11th, 2009

A proper development process provides assurance that the implementation of a cryptographic module corresponds to the module functional specification and Security Policy, that the cryptographic module is maintainable, and that the validated cryptographic module is reproducible.

We specifies the security requirements for the representation of a cryptographic module’s security functionality at various levels of abstraction from the functional specification to the implementation [..]

The following requirements shall apply to cryptographic

Social tagging: , ,

Digital Data Preservation | Program CD and DVD Archiving

Saturday, February 7th, 2009

Do:

  • Handle discs by the outer edge or the center hole.
  • Use a non solvent-based felt-tip permanent marker to mark the label side of the disc.
  • Keep dirt or other foreign matter from the disc.
  • Store discs upright (book style) in plastic cases specified for CDs and DVDs.
  • Return discs to storage cases immediately after use.
  • Leave discs in their packaging (or cases) to minimize the effects of environmental changes.
  • Open a recordable disc package only when [..]

Social tagging: ,

The Elliptic Curve Digital Signature Algorithm (ECDSA)

Saturday, February 7th, 2009

Public-Key Cryptography Standard (PKCS)
Public-Key Cryptography Standard (PKCS) #1, RSA Cryptography Standard, defines mechanisms for encrypting and signing data using the RSA algorithm. PKCS #1 v2.1 specifies
two digital signature processes and corresponding formats:

  1. RSASSA-PKCS1-v1.5 and
  2. RSASSA-PSS.

Both signature schemes are Approved for use, but additional constraints are imposed beyond those specified in PKCS #1 v2.1.

  1. Implementations that generate RSA key pairs shall use the RSA criteria and the method in B.3.2 to generate those key [..]

Social tagging: , , ,

Digital Signatures – Key Pair Management

Saturday, February 7th, 2009

The secure use of digital signatures depends on the management of an entity’s digital signature key pair as follows:

  1. The validity of the domain parameters shall be assured prior to the generation of the key pair, or the verification and validation of a digital signature .
  2. Each key pair shall be associated with the domain parameters under which the key pair was generated.
  3. Key pairs shall only be used to generate [..]

Social tagging: , , ,

PIV Cards Interoperability

Thursday, February 5th, 2009

The data objects and keys placed on a PIV Card during issuance use specific cryptographic algorithms selected from the acceptable algorithms in [SP800-78]. A PACS application can interrogate the card to learn which algorithms are used.

To attain full interoperability, a relying PACS application will need to support all acceptable algorithms, key lengths, and key material that could be presented, either by a PIV Card [..]

Social tagging: ,

PIV Cards | Counterfeiting | Skimming | Cloning | Social Engineering

Thursday, February 5th, 2009

Terminated PIV Cards

PIV Cards may be terminated for a number of reasons, including a lost or stolen card. A terminated PIV Card could continue to open doors with the CHUID authentication mechanism long after the card has been terminated.

The check for termination should be performed by a status check, using either the Online Certificate Status Protocol (OCSP) or Certificate Revocation Lists (CRL), on a PIV authentication certificate. Credential validation is [..]

Social tagging: ,

Mobile | Electronic Tracking | Cloning | Server-Resident Data

Thursday, February 5th, 2009

Electronic Tracking

Several companies offer location tracking services for registered cell phones to allow the whereabouts of the user to be known by friends and family . It is also touted as a means to track employees’ whereabouts .

Registration can take place quickly, making temporary misplaced devices or unattended devices a possible target. Some tracking services periodically send the phone a notification for the user that monitoring is taking place, and [..]

Social tagging: , ,

Smartphones and PDAS – Threats

Thursday, February 5th, 2009

A simple way to consider threats to handheld devices is to compare them with those for desktop computers, which are more familiar to everyone and documented elsewhere. Essentially, the threat profile for handheld devices is a superset of the profile for desktop computers.

The additional threats for cellular handheld devices stem mainly from two sources:

  • Their size and portability
  • Their available wireless interfaces and associated services.

Size and portability can result in the loss [..]

Social tagging: , ,

Firewalls – Dedicated Proxy Servers

Friday, January 30th, 2009

Dedicated proxy servers differ from application-proxy and circuit-level gateways in that while they retain proxy control of traffic, they do not have firewalling capabilities.

Although dedicated proxy servers are not firewalls, they are described in this section because of their close relationship to application-proxy gateway firewalls and circuit-level gateway firewalls. Many proxies are application-specific, and some actually perform analysis and [..]

Social tagging: , ,

Firewalls – Application Proxy Gateways

Friday, January 30th, 2009

An application-proxy gateway is a feature of advanced firewalls that combines lower layer access control with upper layer functionality. These firewalls contain a proxy agent that acts as an intermediary between two hosts that wish to communicate with each other, and never allows a direct connection between the two hosts.

Each successful connection attempt actually results in the creation of two separate connections—one between the client and the proxy server, and [..]

Social tagging: , ,

Page 1 of 212»
Privacy | About Us | Contact
Copyright © 2008 Home Automation - JAEC - All the rights reserved