With digital technology so much a part of our daily lives, it’s easy to take software for granted. If an application on our desktop, laptop, or mobile system works, that’s all we’re concerned about. We may not even think of it as software, at all. But if a system or app malfunctions, or if there’s an unwanted intrusion from viruses … Read More
The Origins of Kerckhoff’s Principle and How it is Used in Encryption Today
In this era of disclosure, transparency, and the public internet, maintaining exclusive rights or control over knowledge and techniques is a virtual impossibility. Any measures put in place to safeguard the transfer and storage of information have to contend not only with external threats, but also with the intervention of higher authorities (as in the case of investigations by government … Read More
Identity Access Management – How It Is Used to Protect the Enterprise
With advances in technology and the growth of the digital economy, enterprise computer networks have expanded beyond the in-house data center to include wireless and mobile applications and networks, and to embrace the internet at large. Good business practice and the demands of regulatory compliance regimes now oblige commercial organizations to take proper measures to safeguard the security and integrity … Read More
Facial Recognition Technology
For some years now, biometric measures have been touted as “The Next Big Thing” in cyber-security, with the potential to do away with the hassle of remembering, storing, and periodically changing passwords or access codes. Though validation procedures using unique physical and behavioral traits have been adopted as part of two or multi-factor authentication processes, these technologies have yet to … Read More
VPN Restrictions in China, Russia and Other Countries
Although authorities in Europe have taken a stand on data privacy which comes down firmly on the side of the consumer, internet users in other parts of the world haven’t been so lucky. This has sparked a renewed interest in Virtual Private Network or VPN services and applications, as a hedge against government surveillance, targeted advertising, and the attention of … Read More
IoT Security Flaws
With current estimates suggesting that the global network of online and inter-connected smart hardware and applications known as the IoT or Internet of Things will expand to over 20 billion devices by 2020, the market for self-monitoring cars, household appliances that check in regularly with your local supermarket, and numerous other such gadgets, looks set to grow at a steady … Read More
Flaws in the GMR-2 Cipher Used in Cellular Service
In areas where conventional network coverage isn’t available, cellular service is routinely parceled out via satellite telephone systems, which provide encryption security for their data transmission through what’s known as the GMR-2 cipher. Such services may be the only option for users in remote or isolated environments, like ocean-going vessels or high-altitude locations – and they’re also a critical choice … Read More
How to Prevent a SQL Injection
If you’re a fan of contemporary thriller movies or television, you’ll no doubt have watched a scene where some enterprising (usually young, and quirky) “hacker” sits in front of a keyboard, flexes their fingers, and spouts knowledgeably about the various methods he/she will use to break into the Pentagon/bank security system, or whatever. The words, “SQL injection” may likely come … Read More
Artificial Intelligence vs Ransomware – Creating More Effective Defenses with Machine Learning
Since 2016 – when a hospital in Los Angeles paid US$17,000 (£14,000) to cure itself of an infection – the healthcare sector in particular and the world, in general, have suffered the effects of a sporadic outbreak of ransomware attacks. Though viruses and other strains of malware can cause headaches, data corruption, and financial losses, they tend to do so … Read More
A Closer Look at Multilevel Lattice Security Models
Organizations looking to regulate access to the information they routinely work with, and computer systems and communications networks seeking to preserve the confidentiality and integrity of the data they store or transmit will typically require some kind of formalized framework to govern how this is done. Information classifications such as Universal, Unclassified, Confidential, Secret, and Top Secret are one manifestation … Read More