Tag Archives: Security

Java Card 3.0: Deploying and Running "Web applications" on Smartcard.

Java Card technology has been a passion of mine for so long and I always tried my best to keep updated on Smart card technologies…… not just because of my role at Sun, I did get several opportunities to work closely with citizen-scale Java Card deployments with multiple National ID, eID/ICAO, US DoD/CAC, PIV/FIPS-201 cards and related Identity management projects.  It is always been quite adventurous everytime to experience a card issuance… Read more »

Are you a victim of Identity theft ?

      No Comments on Are you a victim of Identity theft ?

Just came across this interesting web site – NationalIDWatch.org  a consumer protection web site by Liberty Coalition, which provides a registry of personalized data breach reports… that reports whether your personal identity information has been stolen or publicly exposed or not !  If your identity information is compromised, it indicates the size of exposure, sensitivity and how it is distributed and so… Read more »

Enabling FIPS-140 compliance for Java based SSL/TLS applications

FIPS-140* compliance has gained overwhelming attention these days and it has become a mandatory requirement for several security sensitive applications (mostly in Government and Security solutions and recently with select finance industry solutions and particularly for achieving compliance with regulatory mandates such as PCI DSS, FISMA, HIPPA, etc ). FIPS-140 also helps defining security requirements for supporting integration with cryptographic hardware and software tokens.  Ensuring… Read more »

Biometrics based Encryption & Digital Signatures ?

Just read this interesting research paper published by Prof. Bobby Tait and Prof. Basie von Solms of the University of Johannesburg (South Africa), explains how a person’s biometric fingerprints/Iris scans can be used as a protocol to perform private key based encryption and digital signatures.  The paper describes a biometric middleware infrastructure (BioVault) which requires users to performs biometric authentication for generating or retrieving a random… Read more »

The 6 Worst Cloud Security Mistakes…

I just had a chance to read this article at DarkReading….it enumerates the following six common security mistakes found with businesses while adopting to Cloud infrastructure based services : Mistake #1: Assuming the cloud is less secure than your data center. Mistake #2: Not verifying, testing, or auditing the security of your cloud-based service provider. Mistake #3: Failing to vet your… Read more »

Fortifying Sun Ray Desktops with Biometric Authentication

Lately I’ve been franctically busy with couple of my ISVs and an SI helping them out on a Citizen-scale National Healthcare Identity Infrastructure solution pilot for one of the populous countries in the Atlantic region – Sorry I cannot disclose the country’s name to abide their privacy laws and to protect my job :-). The solution aims to deliver an Unified Desktop/Voice Infrastructure via Sun Ray… Read more »

Microsoft's Cloud Infrastructure Security…….gets ISO/IEC 27001 certified.

I did’nt get a chance to experience with Microsoft’s Cloud infrastructure….but it’s quite interesting to see Microsoft gone “proactive” on Security with its Cloud infrastrusture ! When everyone else is still itching the head with a burning stick ….Microsoft cloud users may breathe a sigh of relief 🙂 Recently, Microsoft Cloud infrastructure team (Global Foundation Services division)  published a document on their security features which highlights… Read more »

Encrypted ZFS Automatic Snapshots to Amazon S3 Cloud

 Are you test driving Amazon S3 cloud as your backup storage and worried about your data security ?  Now, Amazon S3 users can have a compelling encrypted backup solution by adopting to OpenSolaris and ZFS.  Few months ago, I had my first experience with ZFS Automatic Snapshots which allows to backup and preserve the filesystem at timed intervals.  Last week I noted from Glenn Brunette that… Read more »

Cloud Security Guidelines from Cloud Security Alliance !

Cloud Computing Security is getting hot this summer ! Without a doubt, the Cloud security issues has emerged as a top concern and gained got a lot of interests in the RSA conference ’09 (held last week). To the surprise, the newly formed “Cloud Computing Security Alliance” presented a report covering the critical areas of focus and provided a comprehensive… Read more »