SlideShare ist ein Scribd-Unternehmen logo

Flak+technologies

Als PPTX, PDF herunterladen
Tatyana Kobets
Tatyana Kobets
SoftwareTechnologie
1 von 16
DigiFLAK 2013 FLAK Technologies DIGIFLAK PROJECT
DigiFLAK 2013 CONTENTS DIGIFLAK PROJECT 1. SeOS – SecuritOS 2. FLiC – FLAK Licensee 3. LogME 4. FLAKmobile 5. FLAKstream 6. FLAKnet …build total digital safety zone …care for your values …login with NO passwords …be protected everywhere …prevent viruses and malware …connect to each other HOW TO…
SeOS. Main Technology Principles DigiFLAK 2013 SeOS (SecuritOS) SeOS is an embedded Operating System for FLAK devices which performs high-speed cryptographic calculations on big data arrays running within the FLAK Secure Core  Decryption and sign check of applications before every start  Allocation of separate secured address space to applications  Provision of special API to high-speed cryptographic accelerators to applications: DES, 3DES, AES, SHA1, SHA128, SHA256, MD5 and others  PCSC#11 standard support  Multilevel key management system – key ladder with all level keys protection from illegal access  Asymmetric algorithms ECC and RSA support  High-speed data filtering according to various criteria  License management technology (FLiC) support  SeOS API functions support for multi application environment Main Functions DIGIFLAK PROJECT Apps SeOS API API Linux Main Core Secure Core SeOS
FLiC. Main Technology Principles DigiFLAK 2013 * Secuter (Eng. Security Computer ) – a dedicated device, minicomputer with secure cores inside FLiC (FLAK Licensee Control) DigiFlak proprietary flexible and high-capacity mechanism for processing and management of license rights to any digital data such as video, audio, software, eBooks, etc. License processing takes place in isolated and secured environment which guarantees no illegal access to the keys and prevents license rights interference. With FLiC technology it is possible to re-encrypt data in real time which means that technology supports DRM (CAS)  DTCP-IP and DRM (CAS)  HDCP bridges. Smart, fast and secured DIGIFLAK PROJECT Easy to trust and integrate FLiC is fully consistent with the FLAK basic concept on simple and convenient usage of information security technologies. FLiC can both be used as a standalone DRM-solution (with its own software for the server side), and provide a "safe" framework for third-party CAS and DRM solutions. DRM and CAS support With FLic it is possible to make easy integration to with all well-known DRM and CAS solutions extending its their security Based on the FLAK platform the FLiC technology provides a totally safe license management and mechanism to control access to all digital entities Unique content security
FLAK secuter processes DRM-protected content and encrypts output data either according to DTCP-IP specification or to HDMI standard. In the first instance the output content can be played by a PC (a built-in player with DTCP-IP support) or transmitted to connected home devices such as TVs or tablets. The second case can be applied to the FLAK devices with HDMI interface which guarantees maximum level of protection to exclusive content. All content goes from the secuter to HDMI and can be received by any device with an HDMI support. How it works DigiFLAK 2013 DRM (CAS) -> DTCP-IP or HDCP BRIDGE HIGHEST LEVEL OF PROTECTION FOR VALUABLE CONTENT WITH A “CONTENT PROVIDER – USER SCREEN” SCHEME!!! DIGIFLAK PROJECT Isolated trusted environmentTablet Content provider DRM protected content HDCP iDTV with HDMI PC with a DTCP player DTCP-IP encryption
In most cases a license for commercial software looks like a file with different parameters used: permissions / restrictions of operations, license duration, number of users, etc. The license file which is unique to each copy of software is stored within a protected memory of FLAK secuter and can never be extracted outside. All transactions with licenses (installation, control, update, review) are executed in an isolated environment of the secuter with either a FLiC software module or software developers’ module. !NB Developers can move part of the basic software functionality into the secuter which is strongly recommended !!! How it works DigiFLAK 2013 SOFTWARE PROTECTION FORGET THE PROBLEM OF YOUR SW ILLEGAL DISTRIBUTION OR USAGE!!! Isolated trusted environment Software running on PC License server SW License providing PC-Secuter protected session License storage DIGIFLAK PROJECT
LogME. Threats and Recommendations  Use only “rules to follow” passwords  Limit number of wrong password entries  Don’t save passwords on PC  Don’t login via keyboard  Check source of WEB login form  Don’t store passwords on WEB servers  Use open/public keys and certificates methods for authentication  Provide maximum security to the email account itself Password lexical algorithms’ match Password theft from user PC (imitation, key loggers, browser cash analyzers) Password theft from WEB service servers All user accounts are dependent on email account security DigiFLAK 2013 DIGIFLAK PROJECT Are you really able to follow all these mazy rules???
 No less than 20 random symbols’ auto-password generated by hardware facilities of the FLAK secuter;  Password is unique for every user account;  User doesn’t know the password;  Password never comes out of the device  secured internal core in unencrypted form;  Could not be simpler and securer. Password based and certificate based solutions are provided: LogME. Main Technology Principles DigiFLAK 2013 DigiFlak proprietary chrysalis intended for safe and easy authentication procedure on remote WEB sites DIGIFLAK PROJECT
(password based) During initial registration on a remote WEB site the secuter acquires an SSL certificate from the server. Then it initiates its own SSL session with the WEB browser (with a FLAK certificate), gets the login name from the user and generates a random password according to certain security rules. After that the secuter gets login name from the browser, encrypts both the login name and generated password and sends it to the remote WEB site. Simultaneously, the server certificate, login name and generated key are stored in a secure file system of the secuter. Initial registration Login procedure 1. SSL certificate acquisition 2. Login request 3. Login dispatch 6. Encrypted login name and password sending 4. Password generation 5. Certificate and login/password pair safekeeping SSL server SSL client SSL client SSL server DigiFLAK 2013 At the next login the secuter authenticates the server with the stored certificate and if it is a success both the login name and password are sent to the server in SSL session. The user communicates with the site via the secuter certificate which is a guarantor of safe c o n n e c t i o n . Positive Advantages Following proven technology principles like secure login/password storage and easy registration/login procedures this approach allows implementation with no expenses on the server side since all sites now support password authentication. NO SERVER MODIFICATION REQUIRED!!! DIGIFLAK PROJECT
(certificate based) The approach is based on mutual SSL authentication with a client-authenticated TLS handshake. The client certificate authenticates the user and instead of a password, a private key is stored in the secuter. In this case there are only public keys on the server side and their theft will not work to potential attackers. DigiFLAK 2013 This approach solves security problems with the account data stored on the server. It also doesn’t require upgrade of the server and can be activated on the server side with a s y s t e m s e t u p . 1. SSL certificate acquisition 2. Login request 3. Login dispatch 5. SSL client certificate sending 4. Certificate generation and safekeeping SSL server SSL client SSL client SSL server Authentication Advantages TOTAL SECURITY PROVIDED!!! DIGIFLAK PROJECT
DigiFLAK 2013 FLAK server site Home Your backup FLAKYour FLAK Everywhere LogME. Useful features Data sync With Data Sync approach you can forget about your fear to forget! Afraid to forget your device? in bar, taxi, friend’s home, old suit.. OR Backup with FLAK servers will allow you to enjoy mobile security as well! Android or iOS LogME app Your FLAK DIGIFLAK PROJECT
FLAKstream. Main Principles DigiFLAK 2013 FLAKstream FLAK proprietary technology of high throughput real-time network traffic scanning and analysis powered by Kaspersky SafeStream HOW IT WORKS DIGIFLAK PROJECT FLAKstream technology allows for filtering incoming and outgoing IP packets based on specified criteria and signature analysis according to given ​​URL values. This technology efficiently implements functions of streaming antivirus, firewall, parental control, Data Leakage Prevention, etc. All incoming and outgoing IP traffic to/from the host PC is intercepted by the secuter, where all data is filtered and scanned by the FLAK engine employing dedicated hardware accelerators. After detecting a potential or real threat the secuter blocks the infected object and warns the user of a possible danger. NO NEGATIVE INFLUENCE ON HOST PERFORMANCE. TREATS, VIRUSES AND MALWARE ARE BLOCKED BEFORE GETTING INTO PC. FLAK Device Internet Untrusted Internet data Verified internet to the user Redirect to FLAK Firewall Stream antivirus Parental control DLP
FREE WIFI Business dinner FLAK mobile FLAKnet. Main Principles DigiFLAK 2013 FLAKnet With FLAKnet proprietary technology you can create secure virtual networks with no specific knowledge or surplus cost HOW IT WORKS DIGIFLAK PROJECT With FLAKnet technology the FLAK secuter users can integrate their personal computers and mobile devices in a secure virtual network without complicated settings and profound knowledge. It is just enough to enter flak-ID of the device to be connected to the network and get a mutual confirmation on the connection. A virtual network can be based on any physical connections to Internet. The secuter will automatically determine and configure all connection settings. To compare flak-id and the current IP address of the device FLAKnet sync server is used. After setting up a connection the secuter sends information about its current IP address to the sync server and gets back information about the IP address of the connected device. Connections and network management are supported by open source software, like openVPN. CREATE A SECURE VIRTUAL NET? FLAK MAKES IT EASY!!! Company Headquarters Secured Network FLAK PRO Business trip FREE WIFI FLAK Classic
FLAKmobile. Main Principles DigiFLAK 2013 FLAKmobile DigiFlak proprietary solution, applying FLAK platform and technologies like FLiC, LogMe, FLAKstream, FLAKnet, etc. to mobile domain Solution for USB OTG devices DIGIFLAK PROJECT The solution assumes FLAK mobile secuter connection to microUSB interfaces of mobile devices. The Flak Mobile (as FLAK Classic (non mobile) does) supports USB 2.0 and NFC interfaces as well as basic FLAK applications including Firewall and VPN. It doesn’t have external network interface – the FLAK driver on Host intercepts all incoming and outgoing traffic and forwards it to the secuter via a microUSB.  SMALL DIMENTIONS 1x2cm  LOW CONSUMPTION  microUSB INTERFACE microUSB NFC
FLAK Mobile. Main Principles DigiFLAK 2013 DIGIFLAK PROJECT This solution consists of SeOS implementation for ARM TrustZone and LogMe, FLiC, FLAKNet, FLAKstream technologies as applications for Android/IOS/Windows OS. Thus, if a mobile device supports TrustZone, then SeOS is installed as a complementary OS. The FLAK technologies are implemented as SW applications for the primary OS. Solution for devices with ARM TrustZone or Intel TxT support NO EXTERNAL DEVICE USAGE OF WELL-RECOMMENDED TECHNOLOGIES FLAK APPS IN ANDROID PLAY MARKET AND IOS APP STORE Secure OS Within this approach the FLAK secuter is required for primary personalization of the mobile device and sync or backup of confidential information and licenses. The same approach is applicable for mobile devices with Intel Trusted eXecution Technology (Intel TxT) support
Thank you for your attention! www.digiFLAK.com DigiFLAK 2013 DIGIFLAK PROJECT

Empfohlen

Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIArash Ramez
 
RSA Secur id for windows
RSA Secur id for windowsRSA Secur id for windows
RSA Secur id for windowsarpit06055
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 
Rsa authentication manager 8.2 presentation
Rsa authentication manager 8.2 presentationRsa authentication manager 8.2 presentation
Rsa authentication manager 8.2 presentationZeev Shetach
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Application layer Security in IoT: A Survey
Application layer Security in IoT: A SurveyApplication layer Security in IoT: A Survey
Application layer Security in IoT: A SurveyAdeel Ahmed
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 

Empfohlen

Anti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIAnti-tampering in Android and Take Look at Google SafetyNet Attestation API
Anti-tampering in Android and Take Look at Google SafetyNet Attestation APIArash Ramez
 
RSA Secur id for windows
RSA Secur id for windowsRSA Secur id for windows
RSA Secur id for windowsarpit06055
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 
Rsa authentication manager 8.2 presentation
Rsa authentication manager 8.2 presentationRsa authentication manager 8.2 presentation
Rsa authentication manager 8.2 presentationZeev Shetach
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Application layer Security in IoT: A Survey
Application layer Security in IoT: A SurveyApplication layer Security in IoT: A Survey
Application layer Security in IoT: A SurveyAdeel Ahmed
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
Flak general v2 5
Flak general v2 5Flak general v2 5
Flak general v2 5digiflak
 
Zero trust Architecture
Zero trust Architecture Zero trust Architecture
Zero trust Architecture AddWeb Solution Pvt. Ltd.
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor AuthenticationPortalGuard dba PistolStar, Inc.
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
RSA SecurID Access
RSA SecurID AccessRSA SecurID Access
RSA SecurID AccessMarketingArrowECS_CZ
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 
Identify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesIdentify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesGENIANS, INC.
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Chris Ryu
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere générationSylvain Maret
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SASrobbuddingh
 
Genian NAC Datasheet
Genian NAC Datasheet Genian NAC Datasheet
Genian NAC Datasheet GENIANS, INC.
 
What we learned from MISA Ontario 2020 Infosec
What we learned from MISA Ontario 2020 InfosecWhat we learned from MISA Ontario 2020 Infosec
What we learned from MISA Ontario 2020 InfosecGENIANS, INC.
 
SkypeShield - Securing Skype for Business
SkypeShield - Securing Skype for BusinessSkypeShield - Securing Skype for Business
SkypeShield - Securing Skype for BusinessYoav Crombie
 
Genian NAC Overview
Genian NAC Overview Genian NAC Overview
Genian NAC Overview GENIANS, INC.
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axel de Blok
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFWGroup of company MUK
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...DevOps.com
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Securitysyrinxtech
 
Computer copy
Computer copyComputer copy
Computer copy0dvonk
 
Preventive maintainnance
Preventive maintainnancePreventive maintainnance
Preventive maintainnancemawarbeduri97
 

Weitere ähnliche Inhalte

Was ist angesagt?

Flak general v2 5
Flak general v2 5Flak general v2 5
Flak general v2 5digiflak
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesST_World
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 
Identify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesIdentify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesGENIANS, INC.
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Chris Ryu
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere générationSylvain Maret
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SASrobbuddingh
 
Genian NAC Datasheet
Genian NAC Datasheet Genian NAC Datasheet
Genian NAC Datasheet GENIANS, INC.
 
What we learned from MISA Ontario 2020 Infosec
What we learned from MISA Ontario 2020 InfosecWhat we learned from MISA Ontario 2020 Infosec
What we learned from MISA Ontario 2020 InfosecGENIANS, INC.
 
SkypeShield - Securing Skype for Business
SkypeShield - Securing Skype for BusinessSkypeShield - Securing Skype for Business
SkypeShield - Securing Skype for BusinessYoav Crombie
 
Genian NAC Overview
Genian NAC Overview Genian NAC Overview
Genian NAC Overview GENIANS, INC.
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axel de Blok
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...DevOps.com
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Securitysyrinxtech
 

Was ist angesagt? (20)

Flak general v2 5
Flak general v2 5Flak general v2 5
Flak general v2 5
 
Zero trust Architecture
Zero trust Architecture Zero trust Architecture
Zero trust Architecture
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
Track 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practicesTrack 5 session 2 - st dev con 2016 - security iot best practices
Track 5 session 2 - st dev con 2016 - security iot best practices
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
RSA SecurID Access
RSA SecurID AccessRSA SecurID Access
RSA SecurID Access
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
 
Identify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilitiesIdentify and mitigate high risk port vulnerabilities
Identify and mitigate high risk port vulnerabilities
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
 
Safenet Authentication Service, SAS
Safenet Authentication Service, SASSafenet Authentication Service, SAS
Safenet Authentication Service, SAS
 
Genian NAC Datasheet
Genian NAC Datasheet Genian NAC Datasheet
Genian NAC Datasheet
 
What we learned from MISA Ontario 2020 Infosec
What we learned from MISA Ontario 2020 InfosecWhat we learned from MISA Ontario 2020 Infosec
What we learned from MISA Ontario 2020 Infosec
 
SkypeShield - Securing Skype for Business
SkypeShield - Securing Skype for BusinessSkypeShield - Securing Skype for Business
SkypeShield - Securing Skype for Business
 
Genian NAC Overview
Genian NAC Overview Genian NAC Overview
Genian NAC Overview
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16
 
Check Point NGFW
Check Point NGFWCheck Point NGFW
Check Point NGFW
 
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
Centralize and Simplify Secrets Management for Red Hat OpenShift Container En...
 
Remote Access Security
Remote Access SecurityRemote Access Security
Remote Access Security
 

Andere mochten auch

Computer copy
Computer copyComputer copy
Computer copy0dvonk
 
Preventive maintainnance
Preventive maintainnancePreventive maintainnance
Preventive maintainnancemawarbeduri97
 
Networking non league company
Networking non league companyNetworking non league company
Networking non league companyJovi Diaz
 
FORMATO PARA ELABORAR EL PROYECTO I Y II-2016
FORMATO PARA ELABORAR EL PROYECTO I Y II-2016FORMATO PARA ELABORAR EL PROYECTO I Y II-2016
FORMATO PARA ELABORAR EL PROYECTO I Y II-2016Maria Serrada
 
Oanh presentation
Oanh presentationOanh presentation
Oanh presentationOneOanh
 
FORMATO PARA ELABORAR EL PROYECTO I Y II
FORMATO PARA ELABORAR EL PROYECTO I Y II FORMATO PARA ELABORAR EL PROYECTO I Y II
FORMATO PARA ELABORAR EL PROYECTO I Y II Maria Serrada
 

Andere mochten auch (7)

Computer copy
Computer copyComputer copy
Computer copy
 
Preventive maintainnance
Preventive maintainnancePreventive maintainnance
Preventive maintainnance
 
Networking non league company
Networking non league companyNetworking non league company
Networking non league company
 
FORMATO PARA ELABORAR EL PROYECTO I Y II-2016
FORMATO PARA ELABORAR EL PROYECTO I Y II-2016FORMATO PARA ELABORAR EL PROYECTO I Y II-2016
FORMATO PARA ELABORAR EL PROYECTO I Y II-2016
 
Oanh presentation
Oanh presentationOanh presentation
Oanh presentation
 
Retrieve error log
Retrieve error logRetrieve error log
Retrieve error log
 
FORMATO PARA ELABORAR EL PROYECTO I Y II
FORMATO PARA ELABORAR EL PROYECTO I Y II FORMATO PARA ELABORAR EL PROYECTO I Y II
FORMATO PARA ELABORAR EL PROYECTO I Y II
 

Ähnlich wie Flak+technologies

Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016Brian Spector
 
SphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecuritySphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecurityYoav Crombie
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemInductive Automation
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunitiesATMOSPHERE .
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
 
FlexNet Publisher Licensing Security
FlexNet Publisher Licensing SecurityFlexNet Publisher Licensing Security
FlexNet Publisher Licensing SecurityFlexera
 
SphereShield For Skype - Presentation
SphereShield For Skype - PresentationSphereShield For Skype - Presentation
SphereShield For Skype - PresentationAGATSoftware
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?William hendric
 
[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protectionHieu Le Dinh
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptxRushikeshChikane2
 
Securing Source Code on Endpoints
Securing Source Code on EndpointsSecuring Source Code on Endpoints
Securing Source Code on Endpointsthomashelsley
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaperrun_frictionless
 
Information Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric VanderburgInformation Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric VanderburgEric Vanderburg
 
10 server security hacks to secure your web servers
10 server security hacks to secure your web servers10 server security hacks to secure your web servers
10 server security hacks to secure your web serversTemok IT Services
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDPKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDDevOps.com
 

Ähnlich wie Flak+technologies (20)

Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016Apache Milagro Presentation at ApacheCon Europe 2016
Apache Milagro Presentation at ApacheCon Europe 2016
 
SphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and SecuritySphereShield for Skype for Business - Compliance and Security
SphereShield for Skype for Business - Compliance and Security
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities Secure containers for trustworthy cloud services: business opportunities
Secure containers for trustworthy cloud services: business opportunities
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?
 
FlexNet Publisher Licensing Security
FlexNet Publisher Licensing SecurityFlexNet Publisher Licensing Security
FlexNet Publisher Licensing Security
 
IoT Security: Cases and Methods
IoT Security: Cases and MethodsIoT Security: Cases and Methods
IoT Security: Cases and Methods
 
SphereShield For Skype - Presentation
SphereShield For Skype - PresentationSphereShield For Skype - Presentation
SphereShield For Skype - Presentation
 
Sangfor SSL VPN Datasheet
Sangfor SSL VPN DatasheetSangfor SSL VPN Datasheet
Sangfor SSL VPN Datasheet
 
How Endpoint Security works ?
How Endpoint Security works ?How Endpoint Security works ?
How Endpoint Security works ?
 
[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection[Codientu.org] design of a microcontroller based circuit for software protection
[Codientu.org] design of a microcontroller based circuit for software protection
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
Securing Source Code on Endpoints
Securing Source Code on EndpointsSecuring Source Code on Endpoints
Securing Source Code on Endpoints
 
Information Security Whitepaper
Information Security WhitepaperInformation Security Whitepaper
Information Security Whitepaper
 
Information Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric VanderburgInformation Security Lesson 6 - Web Security - Eric Vanderburg
Information Security Lesson 6 - Web Security - Eric Vanderburg
 
10 server security hacks to secure your web servers
10 server security hacks to secure your web servers10 server security hacks to secure your web servers
10 server security hacks to secure your web servers
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forward
 
Code Signing Certificate
Code Signing CertificateCode Signing Certificate
Code Signing Certificate
 
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDPKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
 

Kürzlich hochgeladen

The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxRTS corp
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...OnePlan Solutions
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxRTS corp
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 
Patterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencePatterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencessuser9e7c64
 
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdfAndrey Devyatkin
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfmaor17
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxAndreas Kunz
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shardsChristopher Curtin
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 

Kürzlich hochgeladen (20)

The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
 
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptxReal-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
Real-time Tracking and Monitoring with Cargo Cloud Solutions.pptx
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 
Patterns for automating API delivery. API conference
Patterns for automating API delivery. API conferencePatterns for automating API delivery. API conference
Patterns for automating API delivery. API conference
 
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
2024-04-09 - From Complexity to Clarity - AWS Summit AMS.pdf
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdf
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 

Flak+technologies

  • 2. DigiFLAK 2013 CONTENTS DIGIFLAK PROJECT 1. SeOS – SecuritOS 2. FLiC – FLAK Licensee 3. LogME 4. FLAKmobile 5. FLAKstream 6. FLAKnet …build total digital safety zone …care for your values …login with NO passwords …be protected everywhere …prevent viruses and malware …connect to each other HOW TO…
  • 3. SeOS. Main Technology Principles DigiFLAK 2013 SeOS (SecuritOS) SeOS is an embedded Operating System for FLAK devices which performs high-speed cryptographic calculations on big data arrays running within the FLAK Secure Core  Decryption and sign check of applications before every start  Allocation of separate secured address space to applications  Provision of special API to high-speed cryptographic accelerators to applications: DES, 3DES, AES, SHA1, SHA128, SHA256, MD5 and others  PCSC#11 standard support  Multilevel key management system – key ladder with all level keys protection from illegal access  Asymmetric algorithms ECC and RSA support  High-speed data filtering according to various criteria  License management technology (FLiC) support  SeOS API functions support for multi application environment Main Functions DIGIFLAK PROJECT Apps SeOS API API Linux Main Core Secure Core SeOS
  • 4. FLiC. Main Technology Principles DigiFLAK 2013 * Secuter (Eng. Security Computer ) – a dedicated device, minicomputer with secure cores inside FLiC (FLAK Licensee Control) DigiFlak proprietary flexible and high-capacity mechanism for processing and management of license rights to any digital data such as video, audio, software, eBooks, etc. License processing takes place in isolated and secured environment which guarantees no illegal access to the keys and prevents license rights interference. With FLiC technology it is possible to re-encrypt data in real time which means that technology supports DRM (CAS)  DTCP-IP and DRM (CAS)  HDCP bridges. Smart, fast and secured DIGIFLAK PROJECT Easy to trust and integrate FLiC is fully consistent with the FLAK basic concept on simple and convenient usage of information security technologies. FLiC can both be used as a standalone DRM-solution (with its own software for the server side), and provide a "safe" framework for third-party CAS and DRM solutions. DRM and CAS support With FLic it is possible to make easy integration to with all well-known DRM and CAS solutions extending its their security Based on the FLAK platform the FLiC technology provides a totally safe license management and mechanism to control access to all digital entities Unique content security
  • 5. FLAK secuter processes DRM-protected content and encrypts output data either according to DTCP-IP specification or to HDMI standard. In the first instance the output content can be played by a PC (a built-in player with DTCP-IP support) or transmitted to connected home devices such as TVs or tablets. The second case can be applied to the FLAK devices with HDMI interface which guarantees maximum level of protection to exclusive content. All content goes from the secuter to HDMI and can be received by any device with an HDMI support. How it works DigiFLAK 2013 DRM (CAS) -> DTCP-IP or HDCP BRIDGE HIGHEST LEVEL OF PROTECTION FOR VALUABLE CONTENT WITH A “CONTENT PROVIDER – USER SCREEN” SCHEME!!! DIGIFLAK PROJECT Isolated trusted environmentTablet Content provider DRM protected content HDCP iDTV with HDMI PC with a DTCP player DTCP-IP encryption
  • 6. In most cases a license for commercial software looks like a file with different parameters used: permissions / restrictions of operations, license duration, number of users, etc. The license file which is unique to each copy of software is stored within a protected memory of FLAK secuter and can never be extracted outside. All transactions with licenses (installation, control, update, review) are executed in an isolated environment of the secuter with either a FLiC software module or software developers’ module. !NB Developers can move part of the basic software functionality into the secuter which is strongly recommended !!! How it works DigiFLAK 2013 SOFTWARE PROTECTION FORGET THE PROBLEM OF YOUR SW ILLEGAL DISTRIBUTION OR USAGE!!! Isolated trusted environment Software running on PC License server SW License providing PC-Secuter protected session License storage DIGIFLAK PROJECT
  • 7. LogME. Threats and Recommendations  Use only “rules to follow” passwords  Limit number of wrong password entries  Don’t save passwords on PC  Don’t login via keyboard  Check source of WEB login form  Don’t store passwords on WEB servers  Use open/public keys and certificates methods for authentication  Provide maximum security to the email account itself Password lexical algorithms’ match Password theft from user PC (imitation, key loggers, browser cash analyzers) Password theft from WEB service servers All user accounts are dependent on email account security DigiFLAK 2013 DIGIFLAK PROJECT Are you really able to follow all these mazy rules???
  • 8.  No less than 20 random symbols’ auto-password generated by hardware facilities of the FLAK secuter;  Password is unique for every user account;  User doesn’t know the password;  Password never comes out of the device  secured internal core in unencrypted form;  Could not be simpler and securer. Password based and certificate based solutions are provided: LogME. Main Technology Principles DigiFLAK 2013 DigiFlak proprietary chrysalis intended for safe and easy authentication procedure on remote WEB sites DIGIFLAK PROJECT
  • 9. (password based) During initial registration on a remote WEB site the secuter acquires an SSL certificate from the server. Then it initiates its own SSL session with the WEB browser (with a FLAK certificate), gets the login name from the user and generates a random password according to certain security rules. After that the secuter gets login name from the browser, encrypts both the login name and generated password and sends it to the remote WEB site. Simultaneously, the server certificate, login name and generated key are stored in a secure file system of the secuter. Initial registration Login procedure 1. SSL certificate acquisition 2. Login request 3. Login dispatch 6. Encrypted login name and password sending 4. Password generation 5. Certificate and login/password pair safekeeping SSL server SSL client SSL client SSL server DigiFLAK 2013 At the next login the secuter authenticates the server with the stored certificate and if it is a success both the login name and password are sent to the server in SSL session. The user communicates with the site via the secuter certificate which is a guarantor of safe c o n n e c t i o n . Positive Advantages Following proven technology principles like secure login/password storage and easy registration/login procedures this approach allows implementation with no expenses on the server side since all sites now support password authentication. NO SERVER MODIFICATION REQUIRED!!! DIGIFLAK PROJECT
  • 10. (certificate based) The approach is based on mutual SSL authentication with a client-authenticated TLS handshake. The client certificate authenticates the user and instead of a password, a private key is stored in the secuter. In this case there are only public keys on the server side and their theft will not work to potential attackers. DigiFLAK 2013 This approach solves security problems with the account data stored on the server. It also doesn’t require upgrade of the server and can be activated on the server side with a s y s t e m s e t u p . 1. SSL certificate acquisition 2. Login request 3. Login dispatch 5. SSL client certificate sending 4. Certificate generation and safekeeping SSL server SSL client SSL client SSL server Authentication Advantages TOTAL SECURITY PROVIDED!!! DIGIFLAK PROJECT
  • 11. DigiFLAK 2013 FLAK server site Home Your backup FLAKYour FLAK Everywhere LogME. Useful features Data sync With Data Sync approach you can forget about your fear to forget! Afraid to forget your device? in bar, taxi, friend’s home, old suit.. OR Backup with FLAK servers will allow you to enjoy mobile security as well! Android or iOS LogME app Your FLAK DIGIFLAK PROJECT
  • 12. FLAKstream. Main Principles DigiFLAK 2013 FLAKstream FLAK proprietary technology of high throughput real-time network traffic scanning and analysis powered by Kaspersky SafeStream HOW IT WORKS DIGIFLAK PROJECT FLAKstream technology allows for filtering incoming and outgoing IP packets based on specified criteria and signature analysis according to given ​​URL values. This technology efficiently implements functions of streaming antivirus, firewall, parental control, Data Leakage Prevention, etc. All incoming and outgoing IP traffic to/from the host PC is intercepted by the secuter, where all data is filtered and scanned by the FLAK engine employing dedicated hardware accelerators. After detecting a potential or real threat the secuter blocks the infected object and warns the user of a possible danger. NO NEGATIVE INFLUENCE ON HOST PERFORMANCE. TREATS, VIRUSES AND MALWARE ARE BLOCKED BEFORE GETTING INTO PC. FLAK Device Internet Untrusted Internet data Verified internet to the user Redirect to FLAK Firewall Stream antivirus Parental control DLP
  • 13. FREE WIFI Business dinner FLAK mobile FLAKnet. Main Principles DigiFLAK 2013 FLAKnet With FLAKnet proprietary technology you can create secure virtual networks with no specific knowledge or surplus cost HOW IT WORKS DIGIFLAK PROJECT With FLAKnet technology the FLAK secuter users can integrate their personal computers and mobile devices in a secure virtual network without complicated settings and profound knowledge. It is just enough to enter flak-ID of the device to be connected to the network and get a mutual confirmation on the connection. A virtual network can be based on any physical connections to Internet. The secuter will automatically determine and configure all connection settings. To compare flak-id and the current IP address of the device FLAKnet sync server is used. After setting up a connection the secuter sends information about its current IP address to the sync server and gets back information about the IP address of the connected device. Connections and network management are supported by open source software, like openVPN. CREATE A SECURE VIRTUAL NET? FLAK MAKES IT EASY!!! Company Headquarters Secured Network FLAK PRO Business trip FREE WIFI FLAK Classic
  • 14. FLAKmobile. Main Principles DigiFLAK 2013 FLAKmobile DigiFlak proprietary solution, applying FLAK platform and technologies like FLiC, LogMe, FLAKstream, FLAKnet, etc. to mobile domain Solution for USB OTG devices DIGIFLAK PROJECT The solution assumes FLAK mobile secuter connection to microUSB interfaces of mobile devices. The Flak Mobile (as FLAK Classic (non mobile) does) supports USB 2.0 and NFC interfaces as well as basic FLAK applications including Firewall and VPN. It doesn’t have external network interface – the FLAK driver on Host intercepts all incoming and outgoing traffic and forwards it to the secuter via a microUSB.  SMALL DIMENTIONS 1x2cm  LOW CONSUMPTION  microUSB INTERFACE microUSB NFC
  • 15. FLAK Mobile. Main Principles DigiFLAK 2013 DIGIFLAK PROJECT This solution consists of SeOS implementation for ARM TrustZone and LogMe, FLiC, FLAKNet, FLAKstream technologies as applications for Android/IOS/Windows OS. Thus, if a mobile device supports TrustZone, then SeOS is installed as a complementary OS. The FLAK technologies are implemented as SW applications for the primary OS. Solution for devices with ARM TrustZone or Intel TxT support NO EXTERNAL DEVICE USAGE OF WELL-RECOMMENDED TECHNOLOGIES FLAK APPS IN ANDROID PLAY MARKET AND IOS APP STORE Secure OS Within this approach the FLAK secuter is required for primary personalization of the mobile device and sync or backup of confidential information and licenses. The same approach is applicable for mobile devices with Intel Trusted eXecution Technology (Intel TxT) support
  • 16. Thank you for your attention! www.digiFLAK.com DigiFLAK 2013 DIGIFLAK PROJECT