attestation

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

An Approach to a Trustworthy System Architecture Using Virtualization

This paper presents a system architecture for trusted transactions in highly sensitive environments. This architecture takes advantage of techniques provided by the Trusted Computing Group TCG to attest the system state of the communication partners, to guarantee that the system is free of malware and that its software has not...

Tags: Attestation, Springer Science+Business Media, Trusted Platform Module, Virtualization, Cloud Computing, Storage Management, Utility Computing, Hardware, Storage

White papers 2007-08-11

Distributed Software-Based Attestation for Node Compromise Detection in Sensor Networks

Sensors that operate in an unattended, harsh or hostile environment are vulnerable to compromises because their low costs preclude the use of expensive tamper-resistant hardware. Thus, an adversary may reprogram them with malicious code to launch various insider attacks. Based on verifying the genuineness of the running program, the paper...

Tags: Software, Pennsylvania State University, Network, Sensor, Attestation

White papers 2007-07-19

Attestation of Identity Information

This Oracle white paper discusses the fundamental premise of attestation and the role of identity management in achieving cost-effective, sustainable compliance. Attestation is the requirement that management periodically certifies that only appropriate individuals have accessed sensitive information. While the cost of complying with the provisions of regulations like Sarbanes Oxley...

Tags: Oracle Corp., Attestation, Authentication/Encryption, Regulatory Compliance, Security, Human Resources, Policies And Procedures

White papers 2006-05-01

Additional Resources

Hacker demos persistent Mac keyboard attack

Apple's sleek $49 Mac keyboards can be hacked and infected with keystroke loggers and impossible-to-detect rootkits, according to a security researcher presenting at this year's Black Hat/DEFCON conferences. The researcher, known only as "K. Chen," found a way to...

Tags: Apple Macintosh, Hacker, Firmware, Attack, Keyboards, Rootkits, Hardware, Peripherals, Security, Spyware, Adware & Malware, Ryan Naraine

Blog posts 2009-08-03

Why Microsoft, Google, and Amazon are racing to run your data center

Why Microsoft, Google, and Amazon are racing to run your data centerOld news repackagedCloud and utility computing which might be one and the same are a multibillion dollar business in 2009. Are you guys for real about reporting this like news? We have been running our business at...

Tags: Data centers, cloud computing, Network technology, Amazon.com Inc., Google Inc., Microsoft Corp., data center

Discussion threads 2009-06-15

Automated Procedural Controls Self Assessments, the Missing Piece to the Compliance Puzzle

This webcast is targeted to organizations that are struggling with the costly, manual processes associated with IT compliance and passing audits. A majority of IT controls are procedural and must have a human provide attestation that the procedure or control is in place and enforced. Manually distributing requests, collecting the...

Tags: Symantec Corp., Audit, Assessment, Compliance, Financial Accounting, Strategy, Finance, Management

Webcasts 2008-11-12

Pairings in Trusted Computing

Pairings have now been used for constructive applications in cryptography for around eight years. In that time the range of applications has grown from a relatively narrow one of identity based encryption and signatures, through to more advanced protocols. In addition implementors have realised that pairing protocols once presented can...

Tags: Hewlett-Packard Co., Trusted Computing, Protocol, Digital Security, Quality, Security, Business Operations

White papers 2008-06-21

Will Sarbox change ding IT vendors?

The Securities and Exchange Commission tweaked its Sarbanes-Oxley requirements and that could be bad news for the technology companies, consultants and accountants on the Sarbox gravy train. The SEC said Wednesday that it was making changes to the Sarbanes-Oxley Act, known in some quarters as the accountant and consultant employment...

Tags: General, IT Management, Software Infrastructure

Blog posts 2007-05-24

TJX's failure to secure Wi-Fi causes $1B damage

TJX's failure to secure Wi-Fi causes $1B damage$1 billion?You cite "many" estimates that this will cost hundreds of millions or even a billion dollars worth of losses. Could you provide an actual citation?Security is important, but it fails when sold through hyperbole, too.ShockingIn my own survey of neighborhoods, my N800...

Tags: Wi-Fi, TJX, wireless, card, security

Discussion threads 2007-05-07

WS-Attestation: Enabling Trusted Computing on Web Services

This paper proposes WS-Attestation, an attestation architecture based upon a Web Services framework. The increasing prevalence of security breaches caused by malicious software shows that the conventional identity based trust model is insufficient as a protection mechanism. It is unfortunately common for a computing platform in the care of a...

Tags: Web, Trusted Computing, Web Service, WS-Attestation, Web Services, Cloud Computing, Channel Management, Enterprise Software, Software, Marketing

White papers 2006-10-31

Oct 3 (tomorrow): DRM lovers' day of reckoning?

Oct 3 tomorrow: DRM lovers' day of reckoning?Simple oneWebsite designers can thanks to MS detect whether clients connecting to them support some of the greasier DRMfoolishness such as remote attestation.Those infected get redirected to a "security fault detected" page with removal/repair instructions.It ain't free to make - it ain't free...

Tags: Digital rights management (DRM), Digital media, digital-rights management, DefectiveByDesign.org

Discussion threads 2006-10-02

On Similarities Between SOA-Based Web Service and Smart Card Application for Ease of Understanding and Securing the Former

This paper is to leverage familiarity with smart card application, i.e. understanding and practical experiences of implementing trustworthy smart card application, to uncover secret veil surrounding the SOA-Based Web Services, and further develop and implement effective strategies for achieving trustworthy Web Services. Aspects being compared, of smart card application and...

Tags: Web, Smart Card, Web Service, SOA, Smart Card Application, Smart Cards, Authentication/Encryption, Service-Oriented Architecture (SOA), Digital Security, Web Services, Security, Enterprise Software, Software

White papers 2006-04-25

Normative issues in the Cocoon strategy

Normative issues in the Cocoon strategyCentralization is not all rosyPlacing ALL of your documents in one "basket" means a major single-point-of-failure. If your network/server infrastructure is anything but rock-solid, don't do it.Not to mention SOx and the "separation of roles" issues! Any server with sensitive docs would need all sorts...

Tags: Groupware, Microsoft Office, centralization, strategy, Cocoon

Discussion threads 2006-04-21

Hasta la Vista Secure TPM

I spent some time last week reviewing the TPM-1.2 Trusted Platform Module implementation for Microsoft Vista because what Microsoft promised for Longhorn back in 2001 and 2002 seemed applicable to a current problem. As it turns out Vista doesn't deliver on any of that - in fact, the more I...

Tags: TPM

Blog posts 2006-03-28

MPAA demonstrating analog hole at CES

By way of Jim Hock & Co. over at 463 Communications, the Motion Picture Association of America is apparently demonstrating the awfulness of the proverbial analog hole that recently proposed legislation is looking to cork: ...And when Hollywood studios are concerned, presto, legislation appears. House Judiciary...

Tags: video

Blog posts 2006-01-05

Something for Congress to stick in its analog hole and smoke

Something for Congress to stick in its analog hole and smokeInteresting you mentioned thatMy future livingroom has but 3 electronic devices.1. A box - a set-top/cable-style "box" that is no more than a web browser that uses WiMAX to stream video/audio.2. The "big screen" - Not a television per se...

Tags: U.S. Congress, video capture, speaker, analog hole

Discussion threads 2006-01-04

'Bot' for Sony CD software spotted online

'Bot' for Sony CD software spotted onlineSony's EULA is worse than their DRMHas anyone read the EULA Sony includes with their cd's?http://www.eff.org/deeplinks/archives/004145.phpIf your house gets burgled, you have to delete all your music from your laptop when you get home. That's because the EULA says that your rights to any...

Tags: Digital rights management (DRM), PRODUCTIVITY, Digital media, bot, Sony EULA, software, EULA, digital-rights management, Sony Corp., music, computer, CD, operating system, Microsoft Corp.

Discussion threads 2005-11-10

IT employees--handle with care

IT employees--handle with careReal Problem?I really don't think the true problems were addressed in this article. Several people I know in the industry were let go because they were getting paid what they were worth. So they were either replaced by someone who knew 1/10th of their knowledge...

Tags: Strategy, .NET, Benefits, Recruitment & Selection, Workforce management, information technology, perk, salary

Discussion threads 2005-11-02

Relief from Sarbanes-Oxley on the way?

Relief from Sarbanes-Oxley on the way?Whats the problem?SOX for dummies:301, Independant auditors have to be independant.302, CFO & CEO have to state the accounts are not bogus.303, Company execs not allowed to coerce or bully independant auditors.304, If officers get a bonus based on false accounts they have to pay...

Tags: Sarbanes-Oxley, Regulatory compliance, Regulations, Financial accounting, Sarbanes-Oxley Act, issuer

Discussion threads 2005-06-09

Tech's big complaint of 2005

Tech's big complaint of 2005Careless mispellings" The reason: The law is making them miserable."Damn it zdnet, thats not how you spell 'liable'.Stop complainingHow to hide truth and poor accountability is why SOX-SEC filling regulation are a headache.For one thing, ...SOX was probably helped by some CEOs, especially those that stood...

Tags: Sarbanes-Oxley, Regulatory compliance, Regulations, SOX audit, Sarbanes-Oxley Act

Discussion threads 2005-04-29