DSM 2017/3

2017 3

Main topic: Identity, identification, authentication

PUBLISHED: 09.10.2017

These articles were subject to peer-to-peer review

Click on headline to see more about article

Pavel Krátký
In an interview with Mr. Josef Postránecký, Deputy Minister of the Interior Civil Service, who was appointed as a so called super-official from February 2015, we asked about Civil Service law, GDPR and even about the salaries of civil servants.
DSM | page 6

Consumer Identity and Access Management (CIAM)

Miloš Hurdálek
Author describes challenges related to providing access to applications for external identities of those not em-ployed with the organization, such as employees of partnering organizations and consumers. The article looks at finding answers to questions: how to perform identity registration; how to perform identity proofing; how to use appropriate and secure authentication? Article further explores capabilities, technologies and approaches related to CIAM.
DSM | page 11

Security aspects of videogame identities

Ondřej Koch, Anna Roubíčková
The article analyzes the security of personal data and virtual goods associated with playing video games. Following a brief historical excursion into the development of players’ identification, it focuses on the current principles of securing identities and on the authentication methods. Real-life examples illustrate the most common criminal practices associated with video game identities. The text evaluates how to protect yourself, and describes the still functioning effective methods of attack. In the end, the article briefly discusses the legal and social aspects of compromising the accounts.
DSM | page 17

Introduction to priviliged access management software

Michal Wojnar
The article describes privileged access management (PAM) and connected software solutions. Analysis of operation and implementation of software follows a simplified risk assessment of privileged user accounts. Emphasis should be put in particular on historical experience with identity management solutions. Focus is also on new perspectives in comparison to IdM as well as thoughts on the future development.
DSM | page 23

Security Framework for IIoT - Part IV.

Jaroslav Dočkal
The final part of the series is dedicated to areas that are often neglected in the IIoT, ie security configurations and management and security monitoring and analysis. The article provides a functional breakdown of these areas. Par-ticular attention is paid to „security policy“, which is seen in the article as an umbrella term for specific policy types.
DSM | page 26

Protecting back-bone from DDoS attacks

Pavel Minařík, Martin Žádník
Volumetric DDoS attacks represent a typical mean of disrupting online services. The impact of such attacks can be vital - let’s consider the impact in critical infrastructure, healthcare, banking or transport. The first line of defence can be applied in network infrastructure by telco operators. Such a defence is capable of stopping or minimizing the impact on end-users or services. Among the wide range of anti-DDoS techniques, this article selects and describes typical ones and discusses their deployment.
DSM | page 30

Cyber Resilience

Josef Kaderka
The article focuses on resilience in the wider area of cyber security. It points to different conditions of building resilience in smaller organizations and large institutions or countries. It also provides selected information on NATO’s approach to this issue.
DSM | page 33

Preparation for GDPR in practise – Part II.

Survey on the state of preparedness for GDPR in the Czech Republic

Back...