DATA SECURITY MANAGEMENT ARCHIVE
Browse an archive of past issues of our magazine

back  Back to DSM magazine...

DSM 2010/4

2010 4

Main topic: Electronic elections, visual systems, smart cards.

 PUBLISHED: 06.12.2010

6) Interview with Sven Heiberg
The Editor-in-chief of DSM, Jaroslav Dočkal, interviewed a member of the team honored by the Estonian Academy of Sciences for the work that enabled the electronic voting in Estonia in 2005.

10) Virtualization in Networks
Martin Diviš
An interesting development in data network brings an advance of virtualization of servers and desktops into production environment of data centers. The article describes new trends in technologies of data networks that support an efficient implementation of server and desktop virtualization taking into account security, ease of administration and the necessary functionality.

14) How to Protect Chip Cards
Jiří Kůr, Tobiáš Smolka, Petr Švenda 
The article presents several practical attacks on applications running on a chip card. At the same time is shows possibilities how to protect users against these attacks on a software level and how to implement this software protection using an automated tool called CesTa.

18) New German Identification Cards
Zdeněk Říha
New identification cards are being issued in Germany from November 2010. Technologically they are based on the specification of advanced security mechanisms, version 2. They enable identification and authentication of holders and optionally also creation of digital signatures based on qualified certificates from accredited certification authorities. The article discusses the properties and use of the new identification cards, mainly from the point of view of the holder.

22) (In)Secure HTTPS – Part II
Radek Krejčí, Pavel Čeleda  
The second article from the series of two articles presents attacks against HTTPS based on man-in-the-middle approach. It describes possibilities to eavesdropping and modifying secured HTTPS connections. Finally principles to prevent and defend such attacks are discussed.

28) Experience with anti-spam protection
Tomáš Sochor 
The article is devoted to the protection against spam, especially evaluation of the efficiency of anti-spam measures. Using long-term data from several servers the author documents that the protection based on greylisting does not decrease its efficiency and especially in combination with filtering in Postfix on entry is still very efficient. The article mentions also experience with blacklists.

32) The Experiences of a Penetration Tester – Part II
Martin Mačok
Security weaknesses that a tester finds in company networks correlate with traditional recommendations whether they relate to passwords, security patches, security policies or regular checks. Users are regularly informed about security rules but, as the second part of the article shows, in many cases apparently in vain.

36) View of a public sector person on BCM
Ondřej Bos 
This is an essay of a DSM reader inspired by the book “Route map for Business Continuity Management in the Czech Republic“. The author describes what a local organization that considers implementation of BCM should devote its attention to.

38) Everyday Fight of a Security Officer: from Standards to the Real Life
Karin Gubalová 
The text considers possibilities of integration of standards for various management systems in one company. It analyzes individual requirements and demonstrates, how can be standards aligned for management of quality, security and other services. It also shows on a specific example of personal data protection how to integrate ISO 27001 with legislative requirements.

42) Interview with Sophie Chew
The editor-in-chief of DSM Jaroslav Dočkal interviewed an important manager of Service Program Office of the company Intel. She is a vice-president of the Sales and Marketing group and general manager for services in the Worldwide Sales and Operations group.

44) Book Review:  Danielle Ruest, Nelson Ruest: Virtualization – A Detailed Guide
Vlastimil Malý 
According to the reviewer the book published by Computer Press is a good starting point for everybody who would like to commence a virtualization project. 

45) Viral page The Autumn is engrossed by an INF/Autorun
The company ESET issues every month an overview of the most frequent computer threats. Last time the DSM used their data to review the period from June till August 2010. This time we look at the following two months.

The articles on pages 10-45 were subject to an expert opponency by the Editorial Board of DSM.

Contact us

TATE International s.r.o.
Hořejší nábřeží 21, 150 00 Praha 5

phone  Phone: +420 737 215 220
email  E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

 
 

Na naší webové stránce používáme cookies. Některé z nich jsou nutné pro běh stránky, zatímco jiné nám pomáhají vylepšit vlastnosti stránky na základě uživatelských zkušeností (tracking cookies). Sami můžete rozhodnout, zda cookies povolíte. Mějte prosím na paměti, že při odmítnutí, nemusí být stránka zcela funkční.

Přijmout
Back to top