Entwicklungen in den Informations- und Kommunikationstechnologien

Größe: px
Ab Seite anzeigen:

Download "Entwicklungen in den Informations- und Kommunikationstechnologien"

Transkript

1 Entwicklungen in den Informations- und Kommunikationstechnologien Herausgeber: Friedrich-L. Holl Band 3 Study Criteria for success of identification, authentication and signing methods based on asymmetric cryptographic algorithms (EKIAS) On behalf of Federal Ministry of Education and Research Commissary: Fachhochschule Brandenburg Brandenburg University of Applied Sciences TeleTrusT e.v. Authors: Anja Beyer Sophie Hellmann Malte Hesse Friedrich-L. Holl Peter Morcinek Sachar Paulus Helmut Reimer Contributors: Markus Dahms Karsten Kausmann Simone Friedrich-Meier Jens Ziegler

2 Entwicklungen in den Informations- und Kommunikationstechnologien Herausgeber: Friedrich-L. Holl Band 3 Study Criteria for success of identification, authentication and signing methods based on asymmetric cryptographic algorithms (EKIAS) On behalf of Federal Ministry of Education and Research Commissary: Fachhochschule Brandenburg Brandenburg University of Applied Sciences TeleTrusT e.v. Authors: Anja Beyer Sophie Hellmann Malte Hesse Friedrich-L. Holl Peter Morcinek Sachar Paulus Helmut Reimer Contributors: Markus Dahms Karsten Kausmann Simone Friedrich-Meier Jens Ziegler

3 Editor: Prof. Dr. Friedrich-L. Holl, Fachhochschule Brandenburg Brandenburg University of Applied Sciences 2007 Self-published, Berlin Design: Martin Schüngel Translation: Stefanie Otersen and Peter Morcinek Print: digital business and printing GmbH, D Berlin ISSN All rights reserved. No part of this publication may be used or reproduced by any means including public reading, public broadcasting, television, translation into foreign languages, electronic, mechanical or computational processing, apart from the exceptions mentioned in 53, 54 URHG.

4 Table of Contents Introduction 9 Executive Summary Technical Outlook Methodology Cryptography Man between the conflicting priorities of technology and economics Tokens & Trusted Computing PKI applications Authentication, identification and signatures PKI standards and protocols Protocols Formatting standards Did asymmetric cryptography dash the vision of simple PKI solutions? Alternative concepts Symmetric encryption and key management methods Hybrid Methods Biometry Biometric authentication Biometric identification 33 Table of Contents 5

5 Rating of biometric methods Outlook Evaluation Summary Economic Insights Methodology Usage Scenarios Objective Classification approaches Classification according to involved players Classification according to security objectives Classification according to stakeholders Conclusions Successful business processes applications Economic considerations Measurement IT investments Frequently used key figure methods Return on Investment Return on Security Investment Net Present Value Balanced Scorecards Total Cost of Ownership Exemplary cost-benefit analysis ROSI calculation for a security process Balanced Scorecard-based examination Summary Operating Conditions Methodology Products Project procedure Operation Liability Synopsis Workshop Findings Methodology and course of the workshop Comments about results achieved so far Comments on Technical Outlook Comments on Economic Insights Comments on Operating Conditions 88 6 Table of Contents

6 4.3 Results of the Break-out Sessions Green Group Red Group Blue Group Conclusion Results of the Workshop Technology Economic Aspects Socio-scientific Aspects The Government s Role Recommendations Technology Economics Operating conditions Further Research Bibliography 107 Anhang 117 A. Fragebogen Technische Perspektiven 118 B. Interviewpartner zu Technischen Perspektiven 121 C. PKI 123 D. Return on Security Investment (ROSI) 139 E. Fragebogen zur Erfassung von Kriterien für die Nutzung von PKI 156 F. Details zum Workshop 167 Table of Contents 7

7 Introduction By establishing the Signature Law, the Federal Republic of German has achieved an early orientation towards using asymmetric encryption methods when ensuring electronically aided methods. From today s point of view, using PKI infrastructures which are implemented accordingly and serve as a basis for authenticating, identifying and singing, cross-company business processes can be secured. Using asymmetric cryptographic technologies together with smart card (or similar tokens) as security means, however, is still of no relevance. Rather, application access is still realised using the hardly reliable combination of user ID and password. One time passwords or other, secure methods are rarely used. New developments also rarely account other (stronger) identification and authentication methods and when they do were talking about designated security applications in most cases. Based on this problem the questions to be answered within the course of the project arose. In particular, we wanted find out why asymmetric methods are only used in a limited way and why companies still rely on payment systems which are not secure, despite the fact that the risk are substantial and commonly known. In the chapter on Operating Conditions (cf. chapter 3) this questions are discussed in detail. There we outline the criteria which usually determine the success of an implementation - and above all its use. Our approach for identifying these criteria consisted of developing them using appropriate literature like field reports. Since there are nearly no suitable publications on this field (publicly) available, we anonymously interviewed expert having a lot of experience with planning, implementation and operation of Introduction 9

8 public key infrastructure. By promising anonymity, we could obtain results we consider to be genuine and uncensored. In conjunction with the conducted interviews, we also determined aspects that militate for or against PKI, as well as consequences for the user, and questions of liability. Regarding implementation, we surveyed the solutions or, rather, products, as well as reasons for the use of this specific product, and the time needed for deployment. The part asking questions on operating PKI regarded advises and challenges of PKI use, as well as needed and actually used documentation. When addressing the issues of cross-company communication, technical realisations and the corresponding experiences where regarded amongst other things. All in all, we tried to identify possible obstacles of using PKI applications and concepts and have them rated. In the following, we examined the existing of new technical developments in connection to development of public key infrastructures, as well as possible mediumterm and long-term trends in this field. The information gained (as described in chapter 1 Technical Outlook ) was determined using two distinct approaches: We conducted an international literature study which regarded the topics of cryptography, tokens, PKI, alternative concepts without PKI, biometry, and security evaluations as well as security certifications. Additionally, we interviewed 13 experts coming from the fields of research, PKI industry, and commerce on the topics mentioned above. All in all, this chapter regards means which companies could use when increasingly handling B2C transactions as well as B2B transactions online. Laws like the Sarbanes-Oxley Act or Basel II require companies to follow a structured, efficient, and proactive approach of IT security. Thereby, significance of IT security technologies gains importance. We demonstrate that approaches for lasting solutions can be found in the domain of PKI technologies. On major goal of the chapter Economic Insights was to point out cost-benefit rate arising for the implementation of PKI systems. For that purpose we examined possible concepts and applications which clearly can be identified as scenarios for PKI use. Using literature surveys and practical experiences, we could identify according criteria and develop a classification. Subsequently, we investigated to which extent PKI use could be viewed from business process level, and to which extent PKI can be awarded an enabling function. For this to achieve, we conducted interviews with those responsible for such processes, in order to identify criteria for success as well as the economic background. All in all, we observed that orientation on business processes is currently not relevant for practical use, because of PKI use still being considered as an infrastructure investment. Based on this, we determined which key figure systems might have an effect on decisions of PKI investment and to what extent. Doing so, we analysed quanti- 10 Introduction

9 tative as well as qualitative methods. Using real, anonymised business data, we did a cost-benefit analyses which was based on our findings. The analysis demonstrated that regarding PKI investment decisions a complete picture can only be provided by a combination of different key figure methods. This picture is needed for making a detailed and realistic decision on PKI implementation. Based on the results of the preceding chapters we hosted a workshop which is described in chapter 4 Workshop Findings. The goal of this workshop was to identify criteria of success and point out prospects. Workshop structure and group line-up aimed for these objectives. Different groups of competence were represented: Vendors and service providers from the PKI market, chief information security officers, which already implemented successful multinational PKI projects, researchers, consultants with security and anti-fraud expertise, and IT managers. Long-time experience was emphasised in particular. In order to prepare the participants for the work groups planned, they were filled in on the present results of the project team s work. Based on this information as well as their practical experiences they were to identify problems and come up with matching ideal conditions, as well as solutions/fields of action. Due to the broadly differentiated competence of the workshop participants, resulting in contributions originating from different points of interest, and the detailed consideration of these topics within work groups, focus on the main topic was achieved. Especially, mixing technicians and non-technicians, IT managers and security managers, vendors and many others proved to be a major success factor for achieving differentiated and controversial aspects which were still aimed at the success of public key infrastructures as well as the according applications and technologies. Additionally we gained important details and practical information as well as personal opinions we probably would never have gained otherwise. In particular, this applies to opinions and assessment conflicting with the prevalent expert opinion which maybe due to political motivation has not been publicly discussed like this before. We used these results to suggest further approaches for PKI implementations. One major goal of this project was to identify possible further developments, need for support or practical advice which helps to push PKI. Additionally we intended to identify obstacles and phrase suggestions how to eliminate them. Therefore, chapter 5 Recommendations contains a summary of the most important findings for the fields of technology, business and practical use. Based on this, we suggest possible further research projects and give concrete advice for successful PKI implementations. As an overall result this study is intended to provide indication of conditions which are needed for successful PKI implementation and use, possible actions that can be taken maybe by the Government as well and which fields should be further researched. Introduction 11

10 Executive Summary The EKIAS study addresses criteria for success of identification, authentication and signing methods based on asymmetric cryptographic algorithms and therefore primarily on criteria having a positive influence on PKI as well as those that are limiting. The most important findings are that user matters have more influence on PKI than assumed before and economic arguments are only relevant when considered within the context of one particular process. Furthermore it is important to guide users during the implementation stage in order for them to accept the PKI applications. The goal of this survey has been to identify areas of PKI technology and applications needing further research and support as well as areas still having potential for innovation. The following was found: Technical Outlook In order to be cost effective, long-time use (guaranty of durability of algorithms and key length) needs to be technical realisable since establishing a PKI requires high initial costs which are continuously incurred for a long time. Long-term use is more important with regards to governmental applications (identity docu- Executive Summary 13

11 ments, documents to be digitally preserved by law) mainly; business applications are typically more market-oriented and therefore designed to be rather shortdated. Interoperability is important for successful use of PKI technology. With multi-procedural applications (e.g. encryption) this has to be assured through standards. In order to allow for successful application integration, the key management has to provide shared keys for several applications or alternatively allow for managing shared keys. In order to reach an enhanced security level, use of tokens (e.g. smart cards, USB-tokens) as a supplement of software-based certificates is desirable. With tokens, attention must be paid to expandability (replacement of algorithms etc.) the shape of tokens will evolve and adjust to the applications used. In the future, biometric techniques will be increasingly used in addition to tokens to identify people. Economic Insights PKI technology can act as a business process enabler. Possible applications can be economically justified within the context of specific processes only though. For the use of PKI two financially motivated reasons exist: PKI as a cost saving measure (PKI allows for digitalising processes, e.g. electronic invoices) and PKI for accelerating and standardising processes, in order to electronically represent them more elegantly and with less effort (e.g. authentication using certificates with business process outsourcing). The fact that the persons in charge of processes often do not know the corresponding costs is problematic. It results from the processes being attached to infrastructure and system components which are hard to understand and evaluate. The corresponding benefits and the risks are hard to quantify as well. Therefore reductions of costs are seldom objectively accounted for. In order to be a business process enabler, PKI demands an initial investment, which is why decision makers need to be persuaded of its reasonability. Single key figures like ROI/ROSI or NVP can aid the decision process, but often provide a negative result. This methodology would often argue against investing in PKI even though the investment would actually make sense. Therefore a mix of accepted methods (e.g. ROSI including TCO supplemented by NVP and Balanced Scorecard) should be generally used for a more detailed examination of costs. Another problem lies within the fact that the bearer of PKI costs is often not able to capitalise his investment. On infrastructural level transferring costs and benefits is often not possible not until the process level is considered and even here in-house processes are required. Therefore cross-company payment and cost allocation models have not been accepted by the market. It should be noted that PKI without specific applications is just an infrastructure, offering no actual use to anyone, even from the point of view of security. However, 14 Executive Summary

12 when it is established, the obvious benefits of PKI use are soon evident through support facilities for business processes. Operating Conditions PKI technology is not really suitable for daily use yet, and interoperability of different PKI applications is not given to the extent desired by costumers. This particularly applies to key management, necessary for PKI use. PKI projects are to be categorised as sensitive, therefore success of such a project may be compromised by changing requirements and specifications within the project. Furthermore PKI centralises trust decisions and assures a designated process sequence. In practice this may result in substantial problems, since such developments (may) conflict with personal interests of the parties involved. Acceptance of PKI applications could be enhanced if those were simple and transparent, meaning easy to understand within the context and language of business processes. But, even when this had been accomplished it turned out that the efforts for supporting PKI applications are still higher than those of other applications. In this context it needs to be guaranteed that the support can rely on qualified employees, so that security specifications are not compromised by wrongly recommended actions. With cross-company processes the problem of acceptance is much higher, since the trust decisions to be made are complex. Therefore certain requirements for PKI applications must be taken into account. We differentiate between three scenarios, all of which are following their own market drive: 1. For the mass market (e.g. home banking, online shopping) simplicity, transparency and minimal costs come first, making the use of a complex technology like PKI difficult. 2. In the business environment flexibility is the most important aspect, since PKI use depends on the level of security requirements and the technologies used, for an instance. Successful isolated solutions (i.e. information silos) show that standardisations are not given the highest priority and can only be established when paying attention to market rules. 3. When used for governmental purposes (e.g. electronic identity documents) though, standardisation combined with high security and sustainability (replacement of algorithms, use of biometry, and so on) is compulsory. Simple and understandable trust decisions still remain the most important requirement. Therefore, it needs to be taken into account that security results from control and trust and that reducing control is possible only by increasing trust. Executive Summary 15

13 Recommended Actions Amongst other things, the goal of this project was to point out options for eliminating obstacles associated with PKI technology and the corresponding operating conditions. Building on that, recommendations that will promote PKI were developed. Among the technical recommendations are suggestions for research on interchangeability of cryptographic algorithms, which we consider to be necessary. This is of particular interest for long-term PKI use within a governmental environment. We identified integration of PKI in applications as another object of investigation since supporting framework development allows for standardised methods. Interoperability of applications and key management is another important aspect, especially within a governmental environment. In this vein, further form aspects beyond smart cards as well as standardised access of cryptographic key are to be examined. Last but not least further fundamental research in the field of quantum computers and their effects on the crypto-algorithms used in PKI needs to be conducted. From the economical point of view costs for the infrastructure investment PKI are to be made transparent and compared with generated benefits. As a result of the complex processes, the business models are based on, the focus should be on core processes where PKI could act as an enabler. Security has to become an implicit part of business process modelling/development thereby. On a management level understanding of the importance of security must be improved by appropriate measures. In order to accomplish a more detailed examination of a PKI project s costs we suggest applying a mix of methods from different key figure systems. When realising PKI, direct and diversified support of applications often leads to problems, which is why we are of the opinion that PKI pilot projects should be integrated into the entire environment step by step. In order to reduce possible problems and help with decision making, we additionally recommend publishing positive and negative field reports on PKI use. Furthermore, the interdependence of technology, economics and aspects of use should be examined regarding PKI so as to find options for improving trust relationships for electronic business transfer. The trust decisions necessary for PKI applications need to be simple and understandable for the user. Thereby direct user contact allows for enhanced awareness of trust building and trust decisions within (internet) applications. It should be refrained from enacting technical requirements into law; instead we suggest specifying them in directives, so that leeway can be used when establishing PKI applications. 16 Executive Summary

14 1. Technical Outlook IT security technologies are gaining more and more importance. The rise in handling B2C as well as B2B transactions online notably contributes to this development. Laws and regulations like the Sarbanes Oxley Act or Basel II demand that companies address IT security in an organized, efficient and pro-active way. (cf. [Booker 2006]). In order to guard systems, data, and communication channels, several techniques for encryption, signing, identification, and authorisation can be utilised. 1.1 Methodology Two distinct approaches were chosen to gather information for the current chapter, Technical Outlook. Y Y 13 experts from research, industry and commerce agreed to participate in a guided telephone interview that addressed questions concerning cryptography, tokens, PKI, alternative concepts sans PKI, biometry, and security evaluation as well as security certification. (The interview guide and list of interview subjects can be found in the appendix). At the same time a survey of international literature referring to the topics mentioned was conducted. This report follows the thematic structure of the questionnaire used. Chapter 1 Technical Outlook 17

15 1.2 Cryptography Based on the German signature law, the Federal Network Agency recommends cryptographic algorithms for qualified signatures, hash functions, and random number generators every year (cf. [Bundesnetzagentur Algorithmenkatalog 2006]). The suggestions for qualified signatures listed in this catalogue are intended to provide for security for at least six years after being evaluated and published [SigV 2001]. When it comes to deployment this timeframe is not reasonable, since investments and associated amortisations are aimed at a longer timeframe. The 2006 algorithm catalogue recommends SHA 1 (until the end of 2009), RIPEMD (until the end of 2010) and SHA-224, SHA-256, SHA-384, SHA 512 (until the end of 2011). Qualified for electronic signatures: 1. RSA (until the end of 2007), RSA-1976 (until the end of 2011), suggested use of RSA DSA (until the end of 2007), DSA-2048 (until the end of 2011), suggested use of DSA DSA variants based on elliptic curves (bit-length of used prime number q at least 180 (until the end of 2009) and 224 (until the end of 2011)), especially: a. EC 5 -DSA, b. EC-KDSA, c. EC-GDSA 6, d. Nyberg-Rueppel signatures (cf. [Bundesnetzagentur Algorithmenkatalog 2006]) Using a physical random number generator for key generation is strongly recommended. If no physical random number generator is available a pseudo-random number generator might be considered. The inner state is being initialised using the [ ] seed. With every step the state has to be renewed and a random number derived. The seed has to be guarded against being read out or manipulated... ([Bundesnetzagentur Algorithmenkatalog 2006]). Every pseudo-random number generator has to be a class K3 (evaluation class 3, strength high ) deterministic random number generator in terms of AIS-20 (cf. [BSI 2006a]). The seeds entropy is at least 80 bit -100 and 120 bit are recommended (until the end of 2009), 100 or 120 (starting 2010) (cf. [Bundesnetzagentur Algorithmenkatalog 2006]). An algorithm catalogue like that of the Federal Network Agency can be regarded as a basic requirement for keeping systems reliable over a longer timeframe. Addition Secure Hash Algorithm RACE Integrity Primitives Evaluation Message Digest Asymmetric cryptographic system named after Rivest, Shamir and Adleman Digital Signature Algorithm Elliptic Curves KDSA and GDSA are DSA variants based on elliptic curves 18 Chapter 1 Technical Outlook

16 ally it serves as an adequate means of establishing standardised procedures (cf. [Giessmann 2006]). There is no national specification of algorithms and parameters for securing digital signature methods. Generally the catalogue s recommendations are useful when it comes to interoperability (cf. [Preneel 2006]). On an international level, the recommendations the NSA provided in Suite B are crucial and valuable (cf. [Temple 2006], [Preneel 2006]). This catalogue suggests: Y Encryption: AES-128 or AES-256 (Advanced Encryption Standard) (cf. [NSA A 2007]) Y Digital signatures: ECDSA-256 or ECDSA-384 (Elliptic-Curve Digital Signature Algorithm) (cf. [NSA B 2007]) Y Key agreement: EC DH (Elliptic Curve Diffie-Hellman) or EC MQV (Menezes-Qu-Vanstone) with NIST P-256 respectively NIST P-384 (cf. [NSA C 2007]) Y Hash functions: SHA-256 and SHA-384 (Secure Hash Algorithm) (cf. [NSA D 2007]) Unfortunately the functions recommend by the NSA are often lacking implementation. (cf. [Temple 2006]). Security of the methods mentioned accordingly relies on: 1. the factorising problem of integers, 2. the discrete logarithm problem for the multiplicative group of a prime field Fp, 3. the discrete logarithm problem for the groups E(Fp) and E(F2m). [Bundesnetzagentur Algorithmenkatalog 2006] Additionally one needs to take into account that security of today s methods is affected by a combination of computers capability and the mathematical foundations of the cryptographic algorithms used. This will be outlined in detail below. Security also relies on nobody having found a better mathematical algorithm. When evaluating, progress in this area has to be considered carefully, even though it is hard to rate. In 1978, Rivest, Shamir, and Adleman introduced the RSA algorithm (cf. [RSA 1978]), which is still the application standard of asymmetric cryptography. It is implemented in widespread smart card families (signature cards, cards used for financial transactions SECCOS, health cards) as well. This algorithm s security relies on an effectively complicated mathematical problem: Prime factorisation, which is impossible for large numbers using today's methods (cf. [Buchmann 2006]). Given a sufficient key length, a RSA-encrypted document cannot be decrypted within a reasonable frame of time, assuming one does not possess the private key. Current developments in the area of quantum mechanics could annihilate this protection. Due to their construction, quantum computers are able to make calculations Chapter 1 Technical Outlook 19

17 much more quickly than traditional computers. But it is not only the hypothetical quantum computer that is putting algorithms security at risk. In 1996 Shor demonstrated that quantum computers will make factorising RSA moduli possible and thus break RSA (cf. [Shor 1996]), which would make currently used algorithms, similar to RSA, unsafe (cf. [Schmidt 2006], [Brassard 1996]). According to Schmidt, there are two methods to counteract this: 1. develop alternative crypto-systems, e.g. lattice-based crypto-systems 2. raise the key length of currently used algorithms To what extent the first option really does pose an alternative has yet to be determined. Every deterministically unique mathematical problem could probably be solved in polynomial time by using quantum computers. Today one cannot definitively say whether it is possible to build quantum computers in sufficient size (cf. [Buchmann 2006], [Schmidt 2006]). Schmidt acts on the assumption that quantum computer size increases rather slowly (cf. [Schmidt 2006]). As long as no large quantum computers exist the second option seems to be the better choice (cf. [Schmidt 2006]). The largest quantum computer existing today is able to factorise the number 15 (cf. [Buchmann 2006]), therefore quantum computers do not pose an immediate threat (cf. [Okamoto 2003]). Against this background one can say that the algorithms, like RSA and cryptographic algorithms based on elliptic curves, are safe for the time being (short-term, up to 10 years) at least (cf. [Buchmann 2006b], [Preneel 2006]). Some applications, e.g. code signing and SSL authentication, merely need short-term security (cf. [Buchmann 2006a]). Progression in the field of DNA computers is relevant for evaluating cryptographic algorithms security as well. Boneh et al. did demonstrate that massive parallel processing is possible using molecular computers (cf. [Boneh 1995], [Boneh 1996]). Might this lead to the breaking of encryption keys? For now hash functions seem to be much less durable than encryption algorithms. The first collisions were discovered six years after MD4 had been launched (cf. [Dobbertin 1996]). SHA-0 and SHA-1 are based on a similar algorithm, thus in theory those became vulnerable too (cf. [Buchmann 2006a]). In this respect hash functions turn out to be a complex of problems by themselves (cf. [Leitold 2006]), forcing the cryptographic community to work hard on developing better design criteria for long-term security of hash functions (cf. [Weis 2005], [Buchmann 2006a]). For applications like the electronic patient record, law demands methods that are secure for at least 30 years (the legal obligation for medical records). Today s algorithms do not meet this requirement (cf. [Buchmann 2006b]). It is not possible to say what we will do in 20 years (cf. [Buchmann 2006b]). In order to be prepared for the future and unforeseen attacks, two things are necessary: 20 Chapter 1 Technical Outlook

18 Y a stock of secure alternative cryptographic algorithms needs to be made available Y the applications, using cryptographic algorithms, need to be designed in a modular way, making it easy to replace algorithms that have become vulnerable (cf. [Buchmann 2006a]). Giessmann also deems this pragmatic approach to make sense: implementing a secure solution and substituting alternatives by degrees. For this reason, algorithm catalogues are warranted too (cf. [Giessmann 2006]). The main problem concerning interchangeability of algorithms is the implementation (cf. Preneel 2006]). Software and protocols need to be coded in a way that makes replacing algorithms simple. As of today, this is not generally the case (e.g. the Microsoft Windows operating system) (cf. Buchmann 2006b]). Buchmann suggests designing applications in such a manner that they import the cryptographic algorithms needed from a corresponding crypto-api like the Java Cryptographic Architecture (JCA) or the Microsoft Crypto API. Keys, certificates, etc. need to be interchangeable too (cf. [Buchmann 2006a]). Buchmann introduces the crypto-library FlexiProvider, having all mainstream and alternative cryptographic algorithms implemented on base of JCA. The trustcenter application Flexitrust is based on FlexiProvider and is used by the German Root Certification Authority (CA) and the German Country Signing CA. Some experimental algorithms, which are intended to provide a certain security against quantum computers, are integrated in FlexiProvider via PostQuantumProvider (cf. Buchmann 2006a]). FlexiProvider is subject to the GNU GPL (General Public License) and LGPL (Lesser General Public License). It is freely available on the internet (cf. [FlexiProvider 2006]). In an interview on the topic, Christoph Busch said that he was in favour of the Flexi-PKI concept (cf. [Busch 2006]). The IEEE (Institute of Electrical and Electronics Engineers) P1363 is a task force working on standardisation of specifications of public key cryptography. The emphasis of standardising efforts is on traditional algorithms (e.g. RSA, DSA, etc.) as well as on new ones like lattice-based public-key cryptography (e.g. NTRU), which are intended to remain secure once quantum computers arrive (cf. [Buchmann 2006a]). NTRU is a public-key crypto-system that is much quicker than conventional algorithms (like RSA). Development and distribution are done by NTRU Cryptosystems Inc. Due to this system s speed, it is geared to the embedded systems market and can be utilised for telephones and RFID chips amongst others things. The corresponding algorithms for encryption and signing are called NTRUEncrypt and NTRUSign. They are already being used. NTRU Cryptosystems Inc. distributes its security suite for wireless networks Aerolink containing the NTRU cryptosystem (cf. [NTRU 2006]). Quantum cryptographic algorithms, using the possibilities of quantum mechanics, are another option for generating long-term security. Brennet and Brassard have already prepared the ground, demonstrating experimental distribution of quantum keys (Quantum Key Distribution) in 1989 (cf. [Brassard 1996]). Most experimental quantum cryptographic algorithm prototypes existing today are based on the QKD protocol BD84 published in The question that has to be met during further Chapter 1 Technical Outlook 21

19 research is: how secure is QKD actually? (cf. [Brassard 1996]). QKD would not be a solution for internet applications or end-to-end communication for those who need a common channel (electro-magnetic wave or wired channels). Conventional quantum cryptography demands a quantum channel (cf. [Okamoto 2003]). Currently no applicable quantum cryptographic algorithm exists. More research is needed on this topic. Even though there are preliminary methods of securing bank transfers via quantum cryptography (cf. [Wissenschaft.de 2005]) none of them is functional. Despite companies already offering products covering this area, practical usability has to be considered nonexistent (cf. [ID Quantique 2007], [SmartQuantum 2007]). 1.3 Man between the conflicting priorities of technology and economics Another problem being discussed in conjunction with IT security is the threat posed by the human factor. Experts often consider the person operating a system or application the number one vulnerability (cf. [Preneel 2006], [Temple 2006]). In fact, systems are secure on a technological level but are not designed to be used by human beings since they forget or (sometimes involuntary) give away theirs passwords amongst other things. Attackers do not try to break cryptographic algorithms but rather take aim at elements promising an easier break-through: On the one hand, this is the implementation; on the other hand, it is the user (social engineering) (cf. [Hilton 2007]). Additional awareness measures (cf. [Busch 2006]) could be one option, as well as other measures like biometry (cf. [Giessmann 2006]) or Single sign-on (SSO) combined with smart cards and biometry. Those could gain more acceptance by providing better usability (cf. [Kuppinger 2006a]). Tagging the user as being weak is short-sighted though. IT users are hard to reshape, even when using awareness measures. Technology is much easier to configure. Man should not have to conform to the system: the system should conform to man. IT has to be designed in a way encouraging users to make simple decisions instead of being overwhelmed by the system s complexity (cf. [Kuppinger 2006a]). Chapter 3 Operating Conditions contains a detailed discussion on this topic. 1.4 Tokens & Trusted Computing A token is a sort of bit pattern used for authentication. The term originates from network engineering, featuring the token ring technology which has been developed for linking computer networks. The device holding the token is allowed to send data. In the field of security a token is defined similarly. A token is represented either by software (e.g. the access token used for logging into MS Windows contains access permissions too) or in combination with hardware devices (e.g. a chip on a smart 22 Chapter 1 Technical Outlook

20 card, an USB memory stick) and is also called a crypto-token. With the token, applications can be used as authorised. Hardware tokens add the aspect of physical ownership. Nobody but the person holding the token is able to authenticate him or herself to a system or an application. The systems called tokens are being used for a variety of applications (electronic health cards, ticketing, finances, etc.) (cf. [Williamson 2006]). Chip cards holding an embedded chip, hardware logic, and memory are called smart cards. Shelfer s paper provides an overview of smart card types, infrastructures and standards (cf. [Shelfer 2002]). RFID chips, which provide all functions smart cards offer, are available as well. They are based on the same concept and allow for realising contactless chip cards. This extended the scope of possible shapes. Smart card chips can be easily blended in portable (and personalised) devices (e.g. USB memory sticks, mobile phone, etc.). The lack of a viable method of identification has kept smart cards from gaining much popularity, but the situation has been improving. Currently, there are no standards defined, but this is being worked on. ISO standard sounds promising with respect to interoperability. (cf. [Williamson 2006]). In (cf. [Spitz 2006]) it is described in detail. Bakdi introduces a method for combining several smart cards in one. The approach of virtual tokens allows for the operation of several applications on one hardware token (cf. [Bakdi 2006]). RFID systems, being used en mass, will be a future hot topic in security discussions. Providing for privacy and data integrity using these systems still poses a challenge (cf. [Calmels 2006]). A trusted platform module (TPM) is a smart card derivative associated with an API and protocols for enhancing trustworthiness of computing platforms or other devices (trusted platform). The goal is to form a cryptographic hash chain, representing the current execution status, and to store this value securely in one register of the TPM. By asking the TPM to generate a signed data block having the value of the hash chain, the counterpart is able to verify whether the platform resides in a secure mode of operation (cf. [Portitz 2006]). TPMs have been developed by the Trusted Computing Group (cf. [TCG 2006]). TPMs being bound to systems and not persons is the most important difference between them and smart cards. TPMs were developed to provide a more appropriate base for high trust platforms (cf. [Sandhu 2005]) and are supposed to form a root of trust (cf. [Sadeghi 2006]). Many platforms containing a TPM have already been rolled out (cf. [Sadeghi 2006]). The architecture allows for later integration of newer methods, like lattice-based access control (cf. [Sandhu 2005]). The BSI appreciates the security initiative regarding trusted computing initiated by Microsoft. That is because of the fact that at the present time PCs are fairly vulnerable to malware, since the operating systems currently used especially the Microsoft Windows family can fend of those threats imperfectly at best. The BSI expects IT Chapter 1 Technical Outlook 23

eurex rundschreiben 094/10

eurex rundschreiben 094/10 eurex rundschreiben 094/10 Datum: Frankfurt, 21. Mai 2010 Empfänger: Alle Handelsteilnehmer der Eurex Deutschland und Eurex Zürich sowie Vendoren Autorisiert von: Jürg Spillmann Weitere Informationen zur

Mehr

Instruktionen Mozilla Thunderbird Seite 1

Instruktionen Mozilla Thunderbird Seite 1 Instruktionen Mozilla Thunderbird Seite 1 Instruktionen Mozilla Thunderbird Dieses Handbuch wird für Benutzer geschrieben, die bereits ein E-Mail-Konto zusammenbauen lassen im Mozilla Thunderbird und wird

Mehr

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena http://www.im.uni-jena.de Contents I. Learning Objectives II. III. IV. Recap

Mehr

Bayerisches Landesamt für Statistik und Datenverarbeitung Rechenzentrum Süd. z/os Requirements 95. z/os Guide in Lahnstein 13.

Bayerisches Landesamt für Statistik und Datenverarbeitung Rechenzentrum Süd. z/os Requirements 95. z/os Guide in Lahnstein 13. z/os Requirements 95. z/os Guide in Lahnstein 13. März 2009 0 1) LOGROTATE in z/os USS 2) KERBEROS (KRB5) in DFS/SMB 3) GSE Requirements System 1 Requirement Details Description Benefit Time Limit Impact

Mehr

Titelbild1 ANSYS. Customer Portal LogIn

Titelbild1 ANSYS. Customer Portal LogIn Titelbild1 ANSYS Customer Portal LogIn 1 Neuanmeldung Neuanmeldung: Bitte Not yet a member anklicken Adressen-Check Adressdaten eintragen Customer No. ist hier bereits erforderlich HERE - Button Hier nochmal

Mehr

Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation

Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation Eine Betrachtung im Kontext der Ausgliederung von Chrysler Daniel Rheinbay Abstract Betriebliche Informationssysteme

Mehr

Labour law and Consumer protection principles usage in non-state pension system

Labour law and Consumer protection principles usage in non-state pension system Labour law and Consumer protection principles usage in non-state pension system by Prof. Dr. Heinz-Dietrich Steinmeyer General Remarks In private non state pensions systems usually three actors Employer

Mehr

1. General information... 2 2. Login... 2 3. Home... 3 4. Current applications... 3

1. General information... 2 2. Login... 2 3. Home... 3 4. Current applications... 3 User Manual for Marketing Authorisation and Lifecycle Management of Medicines Inhalt: User Manual for Marketing Authorisation and Lifecycle Management of Medicines... 1 1. General information... 2 2. Login...

Mehr

Support Technologies based on Bi-Modal Network Analysis. H. Ulrich Hoppe. Virtuelles Arbeiten und Lernen in projektartigen Netzwerken

Support Technologies based on Bi-Modal Network Analysis. H. Ulrich Hoppe. Virtuelles Arbeiten und Lernen in projektartigen Netzwerken Support Technologies based on Bi-Modal Network Analysis H. Agenda 1. Network analysis short introduction 2. Supporting the development of virtual organizations 3. Supporting the development of compentences

Mehr

Security Planning Basics

Security Planning Basics Einführung in die Wirtschaftsinformatik VO WS 2009/2010 Security Planning Basics Gerald.Quirchmayr@univie.ac.at Textbook used as basis for these slides and recommended as reading: Whitman, M. E. & Mattord,

Mehr

Prediction Market, 28th July 2012 Information and Instructions. Prognosemärkte Lehrstuhl für Betriebswirtschaftslehre insbes.

Prediction Market, 28th July 2012 Information and Instructions. Prognosemärkte Lehrstuhl für Betriebswirtschaftslehre insbes. Prediction Market, 28th July 2012 Information and Instructions S. 1 Welcome, and thanks for your participation Sensational prices are waiting for you 1000 Euro in amazon vouchers: The winner has the chance

Mehr

Addressing the Location in Spontaneous Networks

Addressing the Location in Spontaneous Networks Addressing the Location in Spontaneous Networks Enabling BOTH: Privacy and E-Commerce Design by Moritz Strasser 1 Disappearing computers Trends Mobility and Spontaneous Networks (MANET = Mobile Ad hoc

Mehr

Possible Solutions for Development of Multilevel Pension System in the Republic of Azerbaijan

Possible Solutions for Development of Multilevel Pension System in the Republic of Azerbaijan Possible Solutions for Development of Multilevel Pension System in the Republic of Azerbaijan by Prof. Dr. Heinz-Dietrich Steinmeyer Introduction Multi-level pension systems Different approaches Different

Mehr

Frequently asked Questions for Kaercher Citrix (apps.kaercher.com)

Frequently asked Questions for Kaercher Citrix (apps.kaercher.com) Frequently asked Questions for Kaercher Citrix (apps.kaercher.com) Inhalt Content Citrix-Anmeldung Login to Citrix Was bedeutet PIN und Token (bei Anmeldungen aus dem Internet)? What does PIN and Token

Mehr

Customer-specific software for autonomous driving and driver assistance (ADAS)

Customer-specific software for autonomous driving and driver assistance (ADAS) This press release is approved for publication. Press Release Chemnitz, February 6 th, 2014 Customer-specific software for autonomous driving and driver assistance (ADAS) With the new product line Baselabs

Mehr

p^db=`oj===pìééçêíáåñçêã~íáçå=

p^db=`oj===pìééçêíáåñçêã~íáçå= p^db=`oj===pìééçêíáåñçêã~íáçå= Error: "Could not connect to the SQL Server Instance" or "Failed to open a connection to the database." When you attempt to launch ACT! by Sage or ACT by Sage Premium for

Mehr

SAP PPM Enhanced Field and Tab Control

SAP PPM Enhanced Field and Tab Control SAP PPM Enhanced Field and Tab Control A PPM Consulting Solution Public Enhanced Field and Tab Control Enhanced Field and Tab Control gives you the opportunity to control your fields of items and decision

Mehr

Group and Session Management for Collaborative Applications

Group and Session Management for Collaborative Applications Diss. ETH No. 12075 Group and Session Management for Collaborative Applications A dissertation submitted to the SWISS FEDERAL INSTITUTE OF TECHNOLOGY ZÜRICH for the degree of Doctor of Technical Seiences

Mehr

Ingenics Project Portal

Ingenics Project Portal Version: 00; Status: E Seite: 1/6 This document is drawn to show the functions of the project portal developed by Ingenics AG. To use the portal enter the following URL in your Browser: https://projectportal.ingenics.de

Mehr

GIPS 2010 Gesamtüberblick. Dr. Stefan J. Illmer Credit Suisse. Seminar der SBVg "GIPS Aperitif" 15. April 2010 Referat von Stefan Illmer

GIPS 2010 Gesamtüberblick. Dr. Stefan J. Illmer Credit Suisse. Seminar der SBVg GIPS Aperitif 15. April 2010 Referat von Stefan Illmer GIPS 2010 Gesamtüberblick Dr. Stefan J. Illmer Credit Suisse Agenda Ein bisschen Historie - GIPS 2010 Fundamentals of Compliance Compliance Statement Seite 3 15.04.2010 Agenda Ein bisschen Historie - GIPS

Mehr

E-Discovery the EU Data Protection Authorities approach

E-Discovery the EU Data Protection Authorities approach E-Discovery the EU Data Protection Authorities approach Breakout Session Mind the Gap: Bridging U.S. Cross-border E-discovery and EU Data Protection Obligations Dr. Alexander Dix, LL.M. Berlin Commissioner

Mehr

Open Source. Legal Dos, Don ts and Maybes. openlaws Open Source Workshop 26 June 2015, Federal Chancellery Vienna

Open Source. Legal Dos, Don ts and Maybes. openlaws Open Source Workshop 26 June 2015, Federal Chancellery Vienna Open Source Legal Dos, Don ts and Maybes openlaws Open Source Workshop 26 June 2015, Federal Chancellery Vienna 1 2 3 A Case + vs cooperation since 2003 lawsuit initiated 2008 for violation of i.a. GPL

Mehr

USBASIC SAFETY IN NUMBERS

USBASIC SAFETY IN NUMBERS USBASIC SAFETY IN NUMBERS #1.Current Normalisation Ropes Courses and Ropes Course Elements can conform to one or more of the following European Norms: -EN 362 Carabiner Norm -EN 795B Connector Norm -EN

Mehr

XML Template Transfer Transfer project templates easily between systems

XML Template Transfer Transfer project templates easily between systems Transfer project templates easily between systems A PLM Consulting Solution Public The consulting solution XML Template Transfer enables you to easily reuse existing project templates in different PPM

Mehr

ISO 15504 Reference Model

ISO 15504 Reference Model Prozess Dimension von SPICE/ISO 15504 Process flow Remarks Role Documents, data, tools input, output Start Define purpose and scope Define process overview Define process details Define roles no Define

Mehr

Inequality Utilitarian and Capabilities Perspectives (and what they may imply for public health)

Inequality Utilitarian and Capabilities Perspectives (and what they may imply for public health) Inequality Utilitarian and Capabilities Perspectives (and what they may imply for public health) 1 Utilitarian Perspectives on Inequality 2 Inequalities matter most in terms of their impact onthelivesthatpeopleseektoliveandthethings,

Mehr

A Practical Approach for Reliable Pre-Project Effort Estimation

A Practical Approach for Reliable Pre-Project Effort Estimation A Practical Approach for Reliable Pre-Project Effort Estimation Carl Friedrich Kreß 1, Oliver Hummel 2, Mahmudul Huq 1 1 Cost Xpert AG, Augsburg, Germany {Carl.Friedrich.Kress,Mahmudul.Huq}@CostXpert.de

Mehr

Challenges in Systems Engineering and a Pragmatic Solution Approach

Challenges in Systems Engineering and a Pragmatic Solution Approach Pure Passion. Systems Engineering and a Pragmatic Solution Approach HELVETING Dr. Thomas Stöckli Director Business Unit Systems Engineering Dr. Daniel Hösli Member of the Executive Board 1 Agenda Different

Mehr

Wie agil kann Business Analyse sein?

Wie agil kann Business Analyse sein? Wie agil kann Business Analyse sein? Chapter Meeting Michael Leber 2012-01-24 ANECON Software Design und Beratung G.m.b.H. Alser Str. 4/Hof 1 A-1090 Wien Tel.: +43 1 409 58 90 www.anecon.com office@anecon.com

Mehr

Prof. Dr. Margit Scholl, Mr. RD Guldner Mr. Coskun, Mr. Yigitbas. Mr. Niemczik, Mr. Koppatz (SuDiLe GbR)

Prof. Dr. Margit Scholl, Mr. RD Guldner Mr. Coskun, Mr. Yigitbas. Mr. Niemczik, Mr. Koppatz (SuDiLe GbR) Prof. Dr. Margit Scholl, Mr. RD Guldner Mr. Coskun, Mr. Yigitbas in cooperation with Mr. Niemczik, Mr. Koppatz (SuDiLe GbR) Our idea: Fachbereich Wirtschaft, Verwaltung und Recht Simple strategies of lifelong

Mehr

Software development with continuous integration

Software development with continuous integration Software development with continuous integration (FESG/MPIfR) ettl@fs.wettzell.de (FESG) neidhardt@fs.wettzell.de 1 A critical view on scientific software Tendency to become complex and unstructured Highly

Mehr

CHAMPIONS Communication and Dissemination

CHAMPIONS Communication and Dissemination CHAMPIONS Communication and Dissemination Europa Programm Center Im Freistaat Thüringen In Trägerschaft des TIAW e. V. 1 CENTRAL EUROPE PROGRAMME CENTRAL EUROPE PROGRAMME -ist als größtes Aufbauprogramm

Mehr

The poetry of school.

The poetry of school. International Week 2015 The poetry of school. The pedagogy of transfers and transitions at the Lower Austrian University College of Teacher Education(PH NÖ) Andreas Bieringer In M. Bernard s class, school

Mehr

Technical Thermodynamics

Technical Thermodynamics Technical Thermodynamics Chapter 1: Introduction, some nomenclature, table of contents Prof. Dr.-Ing. habil. Egon Hassel University of Rostock, Germany Faculty of Mechanical Engineering and Ship Building

Mehr

TMF projects on IT infrastructure for clinical research

TMF projects on IT infrastructure for clinical research Welcome! TMF projects on IT infrastructure for clinical research R. Speer Telematikplattform für Medizinische Forschungsnetze (TMF) e.v. Berlin Telematikplattform für Medizinische Forschungsnetze (TMF)

Mehr

Role Play I: Ms Minor Role Card. Ms Minor, accountant at BIGBOSS Inc.

Role Play I: Ms Minor Role Card. Ms Minor, accountant at BIGBOSS Inc. Role Play I: Ms Minor Role Card Conversation between Ms Boss, CEO of BIGBOSS Inc. and Ms Minor, accountant at BIGBOSS Inc. Ms Boss: Guten Morgen, Frau Minor! Guten Morgen, Herr Boss! Frau Minor, bald steht

Mehr

How to access licensed products from providers who are already operating productively in. General Information... 2. Shibboleth login...

How to access licensed products from providers who are already operating productively in. General Information... 2. Shibboleth login... Shibboleth Tutorial How to access licensed products from providers who are already operating productively in the SWITCHaai federation. General Information... 2 Shibboleth login... 2 Separate registration

Mehr

Understanding and Improving Collaboration in Distributed Software Development

Understanding and Improving Collaboration in Distributed Software Development Diss. ETH No. 22473 Understanding and Improving Collaboration in Distributed Software Development A thesis submitted to attain the degree of DOCTOR OF SCIENCES of ETH ZURICH (Dr. sc. ETH Zurich) presented

Mehr

Exercise (Part II) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1

Exercise (Part II) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1 Exercise (Part II) Notes: The exercise is based on Microsoft Dynamics CRM Online. For all screenshots: Copyright Microsoft Corporation. The sign ## is you personal number to be used in all exercises. All

Mehr

Disclaimer & Legal Notice. Haftungsausschluss & Impressum

Disclaimer & Legal Notice. Haftungsausschluss & Impressum Disclaimer & Legal Notice Haftungsausschluss & Impressum 1. Disclaimer Limitation of liability for internal content The content of our website has been compiled with meticulous care and to the best of

Mehr

MindestanforderungenanDokumentationvon Lieferanten

MindestanforderungenanDokumentationvon Lieferanten andokumentationvon Lieferanten X.0010 3.02de_en/2014-11-07 Erstellt:J.Wesseloh/EN-M6 Standardvorgabe TK SY Standort Bremen Standard requirements TK SY Location Bremen 07.11.14 DieInformationenindieserUnterlagewurdenmitgrößterSorgfalterarbeitet.DennochkönnenFehlernichtimmervollständig

Mehr

XV1100K(C)/XV1100SK(C)

XV1100K(C)/XV1100SK(C) Lexware Financial Office Premium Handwerk XV1100K(C)/XV1100SK(C) All rights reserverd. Any reprinting or unauthorized use wihout the written permission of Lexware Financial Office Premium Handwerk Corporation,

Mehr

Delivering services in a user-focussed way - The new DFN-CERT Portal -

Delivering services in a user-focussed way - The new DFN-CERT Portal - Delivering services in a user-focussed way - The new DFN-CERT Portal - 29th TF-CSIRT Meeting in Hamburg 25. January 2010 Marcus Pattloch (cert@dfn.de) How do we deal with the ever growing workload? 29th

Mehr

Patentrelevante Aspekte der GPLv2/LGPLv2

Patentrelevante Aspekte der GPLv2/LGPLv2 Patentrelevante Aspekte der GPLv2/LGPLv2 von RA Dr. Till Jaeger OSADL Seminar on Software Patents and Open Source Licensing, Berlin, 6./7. November 2008 Agenda 1. Regelungen der GPLv2 zu Patenten 2. Implizite

Mehr

Algorithms for graph visualization

Algorithms for graph visualization Algorithms for graph visualization Project - Orthogonal Grid Layout with Small Area W INTER SEMESTER 2013/2014 Martin No llenburg KIT Universita t des Landes Baden-Wu rttemberg und nationales Forschungszentrum

Mehr

AS Path-Prepending in the Internet And Its Impact on Routing Decisions

AS Path-Prepending in the Internet And Its Impact on Routing Decisions (SEP) Its Impact on Routing Decisions Zhi Qi ytqz@mytum.de Advisor: Wolfgang Mühlbauer Lehrstuhl für Netzwerkarchitekturen Background Motivation BGP -> core routing protocol BGP relies on policy routing

Mehr

Abteilung Internationales CampusCenter

Abteilung Internationales CampusCenter Abteilung Internationales CampusCenter Instructions for the STiNE Online Enrollment Application for Exchange Students 1. Please go to www.uni-hamburg.de/online-bewerbung and click on Bewerberaccount anlegen

Mehr

German English Firmware translation for T-Sinus 154 Access Point

German English Firmware translation for T-Sinus 154 Access Point German English Firmware translation for T-Sinus 154 Access Point Konfigurationsprogramm Configuration program (english translation italic type) Dieses Programm ermöglicht Ihnen Einstellungen in Ihrem Wireless

Mehr

RailMaster New Version 7.00.p26.01 / 01.08.2014

RailMaster New Version 7.00.p26.01 / 01.08.2014 RailMaster New Version 7.00.p26.01 / 01.08.2014 English Version Bahnbuchungen so einfach und effizient wie noch nie! Copyright Copyright 2014 Travelport und/oder Tochtergesellschaften. Alle Rechte vorbehalten.

Mehr

Kongsberg Automotive GmbH Vehicle Industry supplier

Kongsberg Automotive GmbH Vehicle Industry supplier Kongsberg Automotive GmbH Vehicle Industry supplier Kongsberg Automotive has its HQ in Hallbergmoos, 40 locations worldwide and more than 10.000 employees. We provide world class products to the global

Mehr

Employment and Salary Verification in the Internet (PA-PA-US)

Employment and Salary Verification in the Internet (PA-PA-US) Employment and Salary Verification in the Internet (PA-PA-US) HELP.PYUS Release 4.6C Employment and Salary Verification in the Internet (PA-PA-US SAP AG Copyright Copyright 2001 SAP AG. Alle Rechte vorbehalten.

Mehr

Distributed testing. Demo Video

Distributed testing. Demo Video distributed testing Das intunify Team An der Entwicklung der Testsystem-Software arbeiten wir als Team von Software-Spezialisten und Designern der soft2tec GmbH in Kooperation mit der Universität Osnabrück.

Mehr

Beschwerdemanagement / Complaint Management

Beschwerdemanagement / Complaint Management Beschwerdemanagement / Complaint Management Structure: 1. Basics 2. Requirements for the implementation 3. Strategic possibilities 4. Direct Complaint Management processes 5. Indirect Complaint Management

Mehr

Lesen Sie die Bedienungs-, Wartungs- und Sicherheitsanleitungen des mit REMUC zu steuernden Gerätes

Lesen Sie die Bedienungs-, Wartungs- und Sicherheitsanleitungen des mit REMUC zu steuernden Gerätes KURZANLEITUNG VORAUSSETZUNGEN Lesen Sie die Bedienungs-, Wartungs- und Sicherheitsanleitungen des mit REMUC zu steuernden Gerätes Überprüfen Sie, dass eine funktionsfähige SIM-Karte mit Datenpaket im REMUC-

Mehr

Exercise (Part XI) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1

Exercise (Part XI) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1 Exercise (Part XI) Notes: The exercise is based on Microsoft Dynamics CRM Online. For all screenshots: Copyright Microsoft Corporation. The sign ## is you personal number to be used in all exercises. All

Mehr

An Introduction to Monetary Theory. Rudolf Peto

An Introduction to Monetary Theory. Rudolf Peto An Introduction to Monetary Theory Rudolf Peto 0 Copyright 2013 by Prof. Rudolf Peto, Bielefeld (Germany), www.peto-online.net 1 2 Preface This book is mainly a translation of the theoretical part of my

Mehr

Scrum @FH Biel. Scrum Einführung mit «Electronical Newsletter» FH Biel, 12. Januar 2012. Folie 1 12. Januar 2012. Frank Buchli

Scrum @FH Biel. Scrum Einführung mit «Electronical Newsletter» FH Biel, 12. Januar 2012. Folie 1 12. Januar 2012. Frank Buchli Scrum @FH Biel Scrum Einführung mit «Electronical Newsletter» FH Biel, 12. Januar 2012 Folie 1 12. Januar 2012 Frank Buchli Zu meiner Person Frank Buchli MS in Computer Science, Uni Bern 2003 3 Jahre IT

Mehr

Klausur Verteilte Systeme

Klausur Verteilte Systeme Klausur Verteilte Systeme SS 2005 by Prof. Walter Kriha Klausur Verteilte Systeme: SS 2005 by Prof. Walter Kriha Note Bitte ausfüllen (Fill in please): Vorname: Nachname: Matrikelnummer: Studiengang: Table

Mehr

SECURING PROCESSES FOR OUTSOURCING INTO THE CLOUD

SECURING PROCESSES FOR OUTSOURCING INTO THE CLOUD SECURING PROCESSES FOR OUTSOURCING INTO THE CLOUD Sven Wenzel 1, Christian Wessel 1, Thorsten Humberg 2, Jan Jürjens 1,2 1 2 SecGov, 19.4.2012 Overview Toolsupport: analysis analysis analysis 2 Computing

Mehr

Introducing PAThWay. Structured and methodical performance engineering. Isaías A. Comprés Ureña Ventsislav Petkov Michael Firbach Michael Gerndt

Introducing PAThWay. Structured and methodical performance engineering. Isaías A. Comprés Ureña Ventsislav Petkov Michael Firbach Michael Gerndt Introducing PAThWay Structured and methodical performance engineering Isaías A. Comprés Ureña Ventsislav Petkov Michael Firbach Michael Gerndt Technical University of Munich Overview Tuning Challenges

Mehr

Umstellung Versand der täglichen Rechnungen Auktionsmarkt

Umstellung Versand der täglichen Rechnungen Auktionsmarkt EEX Kundeninformation 2004-05-04 Umstellung Versand der täglichen Rechnungen Auktionsmarkt Sehr geehrte Damen und Herren, die Rechnungen für den Handel am Auktionsmarkt werden täglich versandt. Dabei stehen

Mehr

Challenges and solutions for field device integration in design and maintenance tools

Challenges and solutions for field device integration in design and maintenance tools Integrated Engineering Workshop 1 Challenges and solutions for field device integration in design and maintenance tools Christian Kleindienst, Productmanager Processinstrumentation, Siemens Karlsruhe Wartungstools

Mehr

In vier Schritten zum Titel. erfolgreichen Messeauftritt. Four steps to a successful trade fair. Hier beginnt Zukunft! The future starts here!

In vier Schritten zum Titel. erfolgreichen Messeauftritt. Four steps to a successful trade fair. Hier beginnt Zukunft! The future starts here! In vier Schritten zum Titel erfolgreichen Messeauftritt. Four steps to a successful trade fair. Hier beginnt Zukunft! The future starts here! Einleitung Intro Um Sie dabei zu unterstützen, Ihren Messeauftritt

Mehr

Markus BöhmB Account Technology Architect Microsoft Schweiz GmbH

Markus BöhmB Account Technology Architect Microsoft Schweiz GmbH Markus BöhmB Account Technology Architect Microsoft Schweiz GmbH What is a GEVER??? Office Strategy OXBA How we used SharePoint Geschäft Verwaltung Case Management Manage Dossiers Create and Manage Activities

Mehr

Praktikum Entwicklung von Mediensystemen mit ios

Praktikum Entwicklung von Mediensystemen mit ios Praktikum Entwicklung von Mediensystemen mit ios WS 2011 Prof. Dr. Michael Rohs michael.rohs@ifi.lmu.de MHCI Lab, LMU München Today Heuristische Evaluation vorstellen Aktuellen Stand Software Prototyp

Mehr

Porsche Consulting. Operational excellence successful processes from the automotive industry and their applications in medical technology

Porsche Consulting. Operational excellence successful processes from the automotive industry and their applications in medical technology Porsche Consulting Operational excellence successful processes from the automotive industry and their applications in medical technology Especially crucial in medical technology: a healthy company. Germany

Mehr

Cooperation Project Sao Paulo - Bavaria. Licensing of Waste to Energy Plants (WEP/URE)

Cooperation Project Sao Paulo - Bavaria. Licensing of Waste to Energy Plants (WEP/URE) Cooperation Project Sao Paulo - Bavaria Licensing of Waste to Energy Plants (WEP/URE) SMA 15.10.2007 W. Scholz Legal framework Bayerisches Staatsministerium für European Directive on Waste incineration

Mehr

A central repository for gridded data in the MeteoSwiss Data Warehouse

A central repository for gridded data in the MeteoSwiss Data Warehouse A central repository for gridded data in the MeteoSwiss Data Warehouse, Zürich M2: Data Rescue management, quality and homogenization September 16th, 2010 Data Coordination, MeteoSwiss 1 Agenda Short introduction

Mehr

ReadMe zur Installation der BRICKware for Windows, Version 6.1.2. ReadMe on Installing BRICKware for Windows, Version 6.1.2

ReadMe zur Installation der BRICKware for Windows, Version 6.1.2. ReadMe on Installing BRICKware for Windows, Version 6.1.2 ReadMe zur Installation der BRICKware for Windows, Version 6.1.2 Seiten 2-4 ReadMe on Installing BRICKware for Windows, Version 6.1.2 Pages 5/6 BRICKware for Windows ReadMe 1 1 BRICKware for Windows, Version

Mehr

Service Design. Dirk Hemmerden - Appseleration GmbH. Mittwoch, 18. September 13

Service Design. Dirk Hemmerden - Appseleration GmbH. Mittwoch, 18. September 13 Service Design Dirk Hemmerden - Appseleration GmbH An increasing number of customers is tied in a mobile eco-system Hardware Advertising Software Devices Operating System Apps and App Stores Payment and

Mehr

Implementierung von IEC 61508

Implementierung von IEC 61508 Implementierung von IEC 61508 1 Qualität & Informatik -www.itq.ch Ziele Verständnis für eine mögliche Vorgehensweise mit IEC 61508 schaffen Bewusstes Erkennen und Behandeln bon Opportunitäten unmittelbaren

Mehr

Ways and methods to secure customer satisfaction at the example of a building subcontractor

Ways and methods to secure customer satisfaction at the example of a building subcontractor Abstract The thesis on hand deals with customer satisfaction at the example of a building subcontractor. Due to the problems in the building branch, it is nowadays necessary to act customer oriented. Customer

Mehr

VPPR Stab Sicherheit, Gesundheit und Umwelt Safety, Security, Health and Environment. Laser which rules apply in Switzerland?

VPPR Stab Sicherheit, Gesundheit und Umwelt Safety, Security, Health and Environment. Laser which rules apply in Switzerland? Laser which rules apply in Switzerland? ETH Zürich KT/07.07.2008 When in danger say STOP! VPPR Laser classes Class 1 Eye safe < 0.39 mw Class 1M Eye safe without optical instruments 400 700 nm < 0.39 mw

Mehr

City Development Plan for Vienna 2005 www.wien.at / stadtentwicklung / step

City Development Plan for Vienna 2005 www.wien.at / stadtentwicklung / step Lebensqualität City Development Plan for Vienna 2005 wwwwienat / stadtentwicklung / step Results of COMET Project which will be part of the new City Development Plan Vienna 2005 Suggestions in the draft-version

Mehr

H. Enke, Sprecher des AK Forschungsdaten der WGL

H. Enke, Sprecher des AK Forschungsdaten der WGL https://escience.aip.de/ak-forschungsdaten H. Enke, Sprecher des AK Forschungsdaten der WGL 20.01.2015 / Forschungsdaten - DataCite Workshop 1 AK Forschungsdaten der WGL 2009 gegründet - Arbeit für die

Mehr

Modul Strategic Management (PGM-07)

Modul Strategic Management (PGM-07) Modul Strategic Management (PGM-07) Beschreibung u. Ziele des Moduls Dieses Modul stellt als eine der wesentlichen Formen wirtschaftlichen Denkens und Handelns den strategischen Ansatz vor. Es gibt einen

Mehr

1.1 Media Gateway - SIP-Sicherheit verbessert

1.1 Media Gateway - SIP-Sicherheit verbessert Deutsch Read Me System Software 7.10.6 PATCH 2 Diese Version unserer Systemsoftware ist für die Gateways der Rxxx2- und der RTxxx2-Serie verfügbar. Beachten Sie, dass ggf. nicht alle hier beschriebenen

Mehr

EEX Kundeninformation 2007-09-05

EEX Kundeninformation 2007-09-05 EEX Eurex Release 10.0: Dokumentation Windows Server 2003 auf Workstations; Windows Server 2003 Service Pack 2: Information bezüglich Support Sehr geehrte Handelsteilnehmer, Im Rahmen von Eurex Release

Mehr

JONATHAN JONA WISLER WHD.global

JONATHAN JONA WISLER WHD.global JONATHAN WISLER JONATHAN WISLER WHD.global CLOUD IS THE FUTURE By 2014, the personal cloud will replace the personal computer at the center of users' digital lives Gartner CLOUD TYPES SaaS IaaS PaaS

Mehr

Hochschule Esslingen. Modulbeschreibung TBB Internationale Technische Betriebswirtschaft. Inhaltsverzeichnis. Kanalstr. 33 73728 Esslingen

Hochschule Esslingen. Modulbeschreibung TBB Internationale Technische Betriebswirtschaft. Inhaltsverzeichnis. Kanalstr. 33 73728 Esslingen Kanalstr. 33 73728 Esslingen Inhaltsverzeichnis Seite 1 von 6 TBB602 MD International Business 2 Int.Marketing/-Finance & Case Studies Int.Business 3 International Conmmercial Law 5 Erläuterungen 6 Modul

Mehr

Mash-Up Personal Learning Environments. Dr. Hendrik Drachsler

Mash-Up Personal Learning Environments. Dr. Hendrik Drachsler Decision Support for Learners in Mash-Up Personal Learning Environments Dr. Hendrik Drachsler Personal Nowadays Environments Blog Reader More Information Providers Social Bookmarking Various Communities

Mehr

Operational Excellence with Bilfinger Advanced Services Plant management safe and efficient

Operational Excellence with Bilfinger Advanced Services Plant management safe and efficient Bilfinger GreyLogix GmbH Operational Excellence with Bilfinger Advanced Services Plant management safe and efficient Michael Kaiser ACHEMA 2015, Frankfurt am Main 15-19 June 2015 The future manufacturingplant

Mehr

Wie bekommt man zusätzliche TOEFL-Zertifikate? Wie kann man weitere Empfänger von TOEFL- Zertifikaten angeben?

Wie bekommt man zusätzliche TOEFL-Zertifikate? Wie kann man weitere Empfänger von TOEFL- Zertifikaten angeben? Wie bekommt man zusätzliche TOEFL-Zertifikate? Wie kann man weitere Empfänger von TOEFL- Zertifikaten angeben? How do I get additional TOEFL certificates? How can I add further recipients for TOEFL certificates?

Mehr

Application Form ABOUT YOU INFORMATION ABOUT YOUR SCHOOL. - Please affix a photo of yourself here (with your name written on the back) -

Application Form ABOUT YOU INFORMATION ABOUT YOUR SCHOOL. - Please affix a photo of yourself here (with your name written on the back) - Application Form ABOUT YOU First name(s): Surname: Date of birth : Gender : M F Address : Street: Postcode / Town: Telephone number: Email: - Please affix a photo of yourself here (with your name written

Mehr

Product Lifecycle Manager

Product Lifecycle Manager Product Lifecycle Manager ATLAS9000 GmbH Landauer Str. - 1 D-68766 Hockenheim +49(0)6205 / 202730 Product Lifecycle Management ATLAS PLM is powerful, economical and based on standard technologies. Directory

Mehr

Total Security Intelligence. Die nächste Generation von Log Management and SIEM. Markus Auer Sales Director Q1 Labs.

Total Security Intelligence. Die nächste Generation von Log Management and SIEM. Markus Auer Sales Director Q1 Labs. Total Security Intelligence Die nächste Generation von Log Management and SIEM Markus Auer Sales Director Q1 Labs IBM Deutschland 1 2012 IBM Corporation Gezielte Angriffe auf Unternehmen und Regierungen

Mehr

Cluster Health Care Economy has been established in 2008 Regional approach to develop health care industries Head of the cluster is Ms.

Cluster Health Care Economy has been established in 2008 Regional approach to develop health care industries Head of the cluster is Ms. How to develop health regions as driving forces for quality of life, growth and innovation? The experience of North Rhine-Westphalia Dr. rer. soc. Karin Scharfenorth WHO Collaborating Centre for Regional

Mehr

Projektrisikomanagement im Corporate Risk Management

Projektrisikomanagement im Corporate Risk Management VERTRAULICH Projektrisikomanagement im Corporate Risk Management Stefan Friesenecker 24. März 2009 Inhaltsverzeichnis Risikokategorien Projekt-Klassifizierung Gestaltungsdimensionen des Projektrisikomanagementes

Mehr

KURZANLEITUNG. Firmware-Upgrade: Wie geht das eigentlich?

KURZANLEITUNG. Firmware-Upgrade: Wie geht das eigentlich? KURZANLEITUNG Firmware-Upgrade: Wie geht das eigentlich? Die Firmware ist eine Software, die auf der IP-Kamera installiert ist und alle Funktionen des Gerätes steuert. Nach dem Firmware-Update stehen Ihnen

Mehr

Cloud Computing in der öffentlichen Verwaltung

Cloud Computing in der öffentlichen Verwaltung Cloud Computing in der öffentlichen Verwaltung Willy Müller - Open Cloud Day 19.6.2012 2 Plug and Cloud? 3 The plug tower BPaaS Software SaaS Platform PaaS Storage/ Computing IaaS Internet Power grid 4

Mehr

IoT Scopes and Criticisms

IoT Scopes and Criticisms IoT Scopes and Criticisms Rajkumar K Kulandaivelu S 1 What is IoT? Interconnection of multiple devices over internet medium 2 IoT Scope IoT brings lots of scope for development of applications that are

Mehr

Angewandte und eingebettete IT- Sicherheit

Angewandte und eingebettete IT- Sicherheit Angewandte und eingebettete IT- Sicherheit ESCRYPT Embedded Security System provider for embedded security Dr.-Ing. Thomas Wollinger ESCRYPT Executive Summary Profil: Systemhaus für eingebettete Sicherheit

Mehr

Optimizing Request for Quotation Processes at the Volkswagen Pre-Series Center

Optimizing Request for Quotation Processes at the Volkswagen Pre-Series Center Optimizing Request for Quotation Processes at the Volkswagen Pre-Series Center 28 April 2010 / Agenda 1 Pre-series center 2 Project target 3 Process description 4 Realization 5 Review 6 Forecast 28. April

Mehr

Virtual PBX and SMS-Server

Virtual PBX and SMS-Server Virtual PBX and SMS-Server Software solutions for more mobility and comfort * The software is delivered by e-mail and does not include the boxes 1 2007 com.sat GmbH Kommunikationssysteme Schwetzinger Str.

Mehr

Extended Ordered Paired Comparison Models An Application to the Data from Bundesliga Season 2013/14

Extended Ordered Paired Comparison Models An Application to the Data from Bundesliga Season 2013/14 Etended Ordered Paired Comparison Models An Application to the Data from Bundesliga Season 2013/14 Gerhard Tutz & Gunther Schauberger Ludwig-Maimilians-Universität München Akademiestraße 1, 80799 München

Mehr

Funktionale Sicherheit ISO 26262 Schwerpunkt Requirements Engineering,

Funktionale Sicherheit ISO 26262 Schwerpunkt Requirements Engineering, Funktionale Sicherheit ISO 26262 Schwerpunkt Requirements Engineering, Manfred Broy Lehrstuhl für Software & Systems Engineering Technische Universität München Institut für Informatik ISO 26262 Functional

Mehr

Working Sets for the Principle of Least Privilege in Role Based Access Control (RBAC) and Desktop Operating Systems DISSERTATION

Working Sets for the Principle of Least Privilege in Role Based Access Control (RBAC) and Desktop Operating Systems DISSERTATION UNIVERSITÄT JOHANNES KEPLER LINZ JKU Technisch-Naturwissenschaftliche Fakultät Working Sets for the Principle of Least Privilege in Role Based Access Control (RBAC) and Desktop Operating Systems DISSERTATION

Mehr

Mit Legacy-Systemen in die Zukunft. adviion. in die Zukunft. Dr. Roland Schätzle

Mit Legacy-Systemen in die Zukunft. adviion. in die Zukunft. Dr. Roland Schätzle Mit Legacy-Systemen in die Zukunft Dr. Roland Schätzle Der Weg zur Entscheidung 2 Situation Geschäftliche und softwaretechnische Qualität der aktuellen Lösung? Lohnen sich weitere Investitionen? Migration??

Mehr