dsm 1997 2017


The prestigious peer-reviewed scholarly magazine on information systems security, administration and risk management

ISSN 1211-8737
ISSN 2336-6745 (online)

About magazine
What's DSM, editorial board, peer review policy.
Let's Start...

DSM Archive
See the back issues for DSM

Check Archive...

My subscription
DSM subscriber section


The current issue

2019 1 PC
Main topic:
 Artificial intelligence, data centers, usable security, ...

YEAR: 2019  |  ISSUE: 1  |  PUBLISHED: 25.3.2019



rr These articles were subject to peer-to-peer review.

Click on headline to see more about article

Interview with Udo Helmbrecht, ENISA Director rr

Adam Lamser
In this issue, we took a look at the work of the European Union Agency for Network and Information Security (ENISA). We spoke with its executive director, Udo Helmbrecht, about fulfilling the agency’s mission, which is to educate the public in the field of cyber security, and also about the forthcoming implementation of security certifications.
DSM | page 8

Moving a data centre as a test of Business Continuity rr

Josef Rech
May I expect help of Business Continuity and Disaster Recovery during activities like change of data centre locality? Definitely! And not only help appreciated but help expected. Short story about Raiffeisenbank data centre location change described from early planning stage, over new location preparation and movement actions step by step. Benefits, best practice and details included.
DSM | page 12

The serious vulnerability of (not only) electronic identification  documents: ROCA (CVE-2017-15361) year after rr

Petr Švenda, Václav Matyáš
The authors present a retrospective review of the critical vulnerability in a generation of the cryptographic keys inside smart cards (known as ”ROCA“ attack), which was estimated to affect 1-2 billion chips. The design error in a prime number generation was overlooked during the NIST FIPS 140-2 and Common Criteria EAL 5+ security certifications and remained undetected for more than 15 years. It led to vulnerable widespread devices, including electronic identity documents of several European countries, TPM chips used to support full disk encryption by Microsoft BitLocker and security tokens used to produce qualified electronic signatures. The vulnerability allows an attacker to calculate a corresponding private key just from the knowledge of public one extracted from a certificate. The attack can be easily  parallelized using multiple computing cores, accelerating the attack time arbitrarily.
DSM | page 15

What does TLS 1.3 bring to us rr

Jaroslav Dočkal
The article discusses what does the new version of the TLS provide in terms of security and performance. It further analyzes how is the progress in cryptography integrated. It points out that the dilemma between performance and security requirements is reflected in TLS 1.3 itself, in the decision making between two variants of the session resumption.
DSM | page 21

How to deploy cloud services securely – Part V. rr

Martin Zbořil, Michal Wojnar
PricewaterhouseCoopers in cooperation with TATE International performed a research on awareness of cloud services security in Czech organizations. The research focused on cloud services usage, their security risks, benefits, measures, and controls. Besides, questions regarding compliance and Czech national cloud were included in the research. This article brings the second part of a survey of interesting results.
DSM | page 27

DevOps – Part III. rr

Vladimír Kufner
This article discusses basic key principles and concepts applied within DevOps, incl. probably the most famous principle of the Three ways. The author also describes some fundamental practices, their definitions and more detailed explanation.
DSM | page 31

Experience and interactivity of children’s education  in the field of cyber security rr

Pavlína Jedličková
This paper focuses on the education of children and adolescents in cyber security. It highlights the importance of integrating the issue into the educational process at the elementary schools. The article provides suggestions on how to teach cyber security, including introduction of a specific interactive activity.
DSM | page 38

Dynamic biometric signature for organizations rr

František Hortai
Signature is a natural, easily accessible and well-known tool for proving your personal identity. The Dynamic Biometric Signature (DBS) authentication enables organizations to increase their cyber security and make communication more efficient. The article focuses on the benefits and pitfalls of the DBS by representing solutions and advice for organizations on how to successfully implement DBS.
DSM | page 42

Information assets and risks – Part II. rr

Miroslav Buda
The article describes solutions to the problems that are connected to information asset and risk management, which were presented in the first part of the series. The author utilizes his experience earned on customer projects that were focused on possibilities of dedicated information systems and their usage, compared with manual processing. The article summarizes the cornerstones that are essential for any organization improving its information asset risk management processes.
DSM | page 48



About DSM - peer-reviewed magazine

DSM (Data Security Management) magazine was established in the second half of 1997 to create a professional-level periodical magazine, which would bring high quality and up-to date information on the status and development in the area of information security. It publishes theoretical works, the results of research activities and practical applications, reviews and consultations. Top experts participate in creation of DSM, which guarantees a high quality of the contents.

Editorial Policies...

dsm about en

Get a subscription

  • Pritned and Digital DSM Quarterly Magazine (Czech language ONLY)
  • Easy-to-download PDF format
  • Anytime, anywhere access for the subscribed content
  • Annual subscription or subscribe specific issues
  • Student discount - 15%
  • Bank transfer payment


Printed + digital subscription

4 issues

Digital subscription only

4 issues

See the back issues for DSM and all topics

  • DSM 2019/1 13-Dec-2018

    Main topic: Artificial intelligence, data centers,...

  • DSM 2017/4 09-Oct-2017

    Main topic: Endpoint device security (IoT)

  • DSM 2017/3 09-Oct-2017

    Main topic: Identity, identification, authentication

  • DSM 2017/2 28-Mar-2017

    Main topic: Intelligent Network and security

  • DSM 2017/1 28-Mar-2017

    Main topic: Malware, adware, spyware, ransomware, allware … virus protection (principles, technology,...

  • DSM 2016/4 08-Dec-2016

    Main Topic: Internet of Things

  • DSM 2016/3 27-Sep-2016

    Main topic: eIDAS

Contact us

TATE International s.r.o.
Hořejší nábřeží 21, 150 00 Praha 5

phone  Phone: +420 737 215 220
email  E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

Back to top