Entwicklungen in den Informations- und Kommunikationstechnologien

Größe: px
Ab Seite anzeigen:

Download "Entwicklungen in den Informations- und Kommunikationstechnologien"

Transkript

1 Entwicklungen in den Informations- und Kommunikationstechnologien Herausgeber: Friedrich-L. Holl Band 3 Study Criteria for success of identification, authentication and signing methods based on asymmetric cryptographic algorithms (EKIAS) On behalf of Federal Ministry of Education and Research Commissary: Fachhochschule Brandenburg Brandenburg University of Applied Sciences TeleTrusT e.v. Authors: Anja Beyer Sophie Hellmann Malte Hesse Friedrich-L. Holl Peter Morcinek Sachar Paulus Helmut Reimer Contributors: Markus Dahms Karsten Kausmann Simone Friedrich-Meier Jens Ziegler

2 Entwicklungen in den Informations- und Kommunikationstechnologien Herausgeber: Friedrich-L. Holl Band 3 Study Criteria for success of identification, authentication and signing methods based on asymmetric cryptographic algorithms (EKIAS) On behalf of Federal Ministry of Education and Research Commissary: Fachhochschule Brandenburg Brandenburg University of Applied Sciences TeleTrusT e.v. Authors: Anja Beyer Sophie Hellmann Malte Hesse Friedrich-L. Holl Peter Morcinek Sachar Paulus Helmut Reimer Contributors: Markus Dahms Karsten Kausmann Simone Friedrich-Meier Jens Ziegler

3 Editor: Prof. Dr. Friedrich-L. Holl, Fachhochschule Brandenburg Brandenburg University of Applied Sciences 2007 Self-published, Berlin Design: Martin Schüngel Translation: Stefanie Otersen and Peter Morcinek Print: digital business and printing GmbH, D Berlin ISSN All rights reserved. No part of this publication may be used or reproduced by any means including public reading, public broadcasting, television, translation into foreign languages, electronic, mechanical or computational processing, apart from the exceptions mentioned in 53, 54 URHG.

4 Table of Contents Introduction 9 Executive Summary Technical Outlook Methodology Cryptography Man between the conflicting priorities of technology and economics Tokens & Trusted Computing PKI applications Authentication, identification and signatures PKI standards and protocols Protocols Formatting standards Did asymmetric cryptography dash the vision of simple PKI solutions? Alternative concepts Symmetric encryption and key management methods Hybrid Methods Biometry Biometric authentication Biometric identification 33 Table of Contents 5

5 Rating of biometric methods Outlook Evaluation Summary Economic Insights Methodology Usage Scenarios Objective Classification approaches Classification according to involved players Classification according to security objectives Classification according to stakeholders Conclusions Successful business processes applications Economic considerations Measurement IT investments Frequently used key figure methods Return on Investment Return on Security Investment Net Present Value Balanced Scorecards Total Cost of Ownership Exemplary cost-benefit analysis ROSI calculation for a security process Balanced Scorecard-based examination Summary Operating Conditions Methodology Products Project procedure Operation Liability Synopsis Workshop Findings Methodology and course of the workshop Comments about results achieved so far Comments on Technical Outlook Comments on Economic Insights Comments on Operating Conditions 88 6 Table of Contents

6 4.3 Results of the Break-out Sessions Green Group Red Group Blue Group Conclusion Results of the Workshop Technology Economic Aspects Socio-scientific Aspects The Government s Role Recommendations Technology Economics Operating conditions Further Research Bibliography 107 Anhang 117 A. Fragebogen Technische Perspektiven 118 B. Interviewpartner zu Technischen Perspektiven 121 C. PKI 123 D. Return on Security Investment (ROSI) 139 E. Fragebogen zur Erfassung von Kriterien für die Nutzung von PKI 156 F. Details zum Workshop 167 Table of Contents 7

7 Introduction By establishing the Signature Law, the Federal Republic of German has achieved an early orientation towards using asymmetric encryption methods when ensuring electronically aided methods. From today s point of view, using PKI infrastructures which are implemented accordingly and serve as a basis for authenticating, identifying and singing, cross-company business processes can be secured. Using asymmetric cryptographic technologies together with smart card (or similar tokens) as security means, however, is still of no relevance. Rather, application access is still realised using the hardly reliable combination of user ID and password. One time passwords or other, secure methods are rarely used. New developments also rarely account other (stronger) identification and authentication methods and when they do were talking about designated security applications in most cases. Based on this problem the questions to be answered within the course of the project arose. In particular, we wanted find out why asymmetric methods are only used in a limited way and why companies still rely on payment systems which are not secure, despite the fact that the risk are substantial and commonly known. In the chapter on Operating Conditions (cf. chapter 3) this questions are discussed in detail. There we outline the criteria which usually determine the success of an implementation - and above all its use. Our approach for identifying these criteria consisted of developing them using appropriate literature like field reports. Since there are nearly no suitable publications on this field (publicly) available, we anonymously interviewed expert having a lot of experience with planning, implementation and operation of Introduction 9

8 public key infrastructure. By promising anonymity, we could obtain results we consider to be genuine and uncensored. In conjunction with the conducted interviews, we also determined aspects that militate for or against PKI, as well as consequences for the user, and questions of liability. Regarding implementation, we surveyed the solutions or, rather, products, as well as reasons for the use of this specific product, and the time needed for deployment. The part asking questions on operating PKI regarded advises and challenges of PKI use, as well as needed and actually used documentation. When addressing the issues of cross-company communication, technical realisations and the corresponding experiences where regarded amongst other things. All in all, we tried to identify possible obstacles of using PKI applications and concepts and have them rated. In the following, we examined the existing of new technical developments in connection to development of public key infrastructures, as well as possible mediumterm and long-term trends in this field. The information gained (as described in chapter 1 Technical Outlook ) was determined using two distinct approaches: We conducted an international literature study which regarded the topics of cryptography, tokens, PKI, alternative concepts without PKI, biometry, and security evaluations as well as security certifications. Additionally, we interviewed 13 experts coming from the fields of research, PKI industry, and commerce on the topics mentioned above. All in all, this chapter regards means which companies could use when increasingly handling B2C transactions as well as B2B transactions online. Laws like the Sarbanes-Oxley Act or Basel II require companies to follow a structured, efficient, and proactive approach of IT security. Thereby, significance of IT security technologies gains importance. We demonstrate that approaches for lasting solutions can be found in the domain of PKI technologies. On major goal of the chapter Economic Insights was to point out cost-benefit rate arising for the implementation of PKI systems. For that purpose we examined possible concepts and applications which clearly can be identified as scenarios for PKI use. Using literature surveys and practical experiences, we could identify according criteria and develop a classification. Subsequently, we investigated to which extent PKI use could be viewed from business process level, and to which extent PKI can be awarded an enabling function. For this to achieve, we conducted interviews with those responsible for such processes, in order to identify criteria for success as well as the economic background. All in all, we observed that orientation on business processes is currently not relevant for practical use, because of PKI use still being considered as an infrastructure investment. Based on this, we determined which key figure systems might have an effect on decisions of PKI investment and to what extent. Doing so, we analysed quanti- 10 Introduction

9 tative as well as qualitative methods. Using real, anonymised business data, we did a cost-benefit analyses which was based on our findings. The analysis demonstrated that regarding PKI investment decisions a complete picture can only be provided by a combination of different key figure methods. This picture is needed for making a detailed and realistic decision on PKI implementation. Based on the results of the preceding chapters we hosted a workshop which is described in chapter 4 Workshop Findings. The goal of this workshop was to identify criteria of success and point out prospects. Workshop structure and group line-up aimed for these objectives. Different groups of competence were represented: Vendors and service providers from the PKI market, chief information security officers, which already implemented successful multinational PKI projects, researchers, consultants with security and anti-fraud expertise, and IT managers. Long-time experience was emphasised in particular. In order to prepare the participants for the work groups planned, they were filled in on the present results of the project team s work. Based on this information as well as their practical experiences they were to identify problems and come up with matching ideal conditions, as well as solutions/fields of action. Due to the broadly differentiated competence of the workshop participants, resulting in contributions originating from different points of interest, and the detailed consideration of these topics within work groups, focus on the main topic was achieved. Especially, mixing technicians and non-technicians, IT managers and security managers, vendors and many others proved to be a major success factor for achieving differentiated and controversial aspects which were still aimed at the success of public key infrastructures as well as the according applications and technologies. Additionally we gained important details and practical information as well as personal opinions we probably would never have gained otherwise. In particular, this applies to opinions and assessment conflicting with the prevalent expert opinion which maybe due to political motivation has not been publicly discussed like this before. We used these results to suggest further approaches for PKI implementations. One major goal of this project was to identify possible further developments, need for support or practical advice which helps to push PKI. Additionally we intended to identify obstacles and phrase suggestions how to eliminate them. Therefore, chapter 5 Recommendations contains a summary of the most important findings for the fields of technology, business and practical use. Based on this, we suggest possible further research projects and give concrete advice for successful PKI implementations. As an overall result this study is intended to provide indication of conditions which are needed for successful PKI implementation and use, possible actions that can be taken maybe by the Government as well and which fields should be further researched. Introduction 11

10 Executive Summary The EKIAS study addresses criteria for success of identification, authentication and signing methods based on asymmetric cryptographic algorithms and therefore primarily on criteria having a positive influence on PKI as well as those that are limiting. The most important findings are that user matters have more influence on PKI than assumed before and economic arguments are only relevant when considered within the context of one particular process. Furthermore it is important to guide users during the implementation stage in order for them to accept the PKI applications. The goal of this survey has been to identify areas of PKI technology and applications needing further research and support as well as areas still having potential for innovation. The following was found: Technical Outlook In order to be cost effective, long-time use (guaranty of durability of algorithms and key length) needs to be technical realisable since establishing a PKI requires high initial costs which are continuously incurred for a long time. Long-term use is more important with regards to governmental applications (identity docu- Executive Summary 13

11 ments, documents to be digitally preserved by law) mainly; business applications are typically more market-oriented and therefore designed to be rather shortdated. Interoperability is important for successful use of PKI technology. With multi-procedural applications (e.g. encryption) this has to be assured through standards. In order to allow for successful application integration, the key management has to provide shared keys for several applications or alternatively allow for managing shared keys. In order to reach an enhanced security level, use of tokens (e.g. smart cards, USB-tokens) as a supplement of software-based certificates is desirable. With tokens, attention must be paid to expandability (replacement of algorithms etc.) the shape of tokens will evolve and adjust to the applications used. In the future, biometric techniques will be increasingly used in addition to tokens to identify people. Economic Insights PKI technology can act as a business process enabler. Possible applications can be economically justified within the context of specific processes only though. For the use of PKI two financially motivated reasons exist: PKI as a cost saving measure (PKI allows for digitalising processes, e.g. electronic invoices) and PKI for accelerating and standardising processes, in order to electronically represent them more elegantly and with less effort (e.g. authentication using certificates with business process outsourcing). The fact that the persons in charge of processes often do not know the corresponding costs is problematic. It results from the processes being attached to infrastructure and system components which are hard to understand and evaluate. The corresponding benefits and the risks are hard to quantify as well. Therefore reductions of costs are seldom objectively accounted for. In order to be a business process enabler, PKI demands an initial investment, which is why decision makers need to be persuaded of its reasonability. Single key figures like ROI/ROSI or NVP can aid the decision process, but often provide a negative result. This methodology would often argue against investing in PKI even though the investment would actually make sense. Therefore a mix of accepted methods (e.g. ROSI including TCO supplemented by NVP and Balanced Scorecard) should be generally used for a more detailed examination of costs. Another problem lies within the fact that the bearer of PKI costs is often not able to capitalise his investment. On infrastructural level transferring costs and benefits is often not possible not until the process level is considered and even here in-house processes are required. Therefore cross-company payment and cost allocation models have not been accepted by the market. It should be noted that PKI without specific applications is just an infrastructure, offering no actual use to anyone, even from the point of view of security. However, 14 Executive Summary

12 when it is established, the obvious benefits of PKI use are soon evident through support facilities for business processes. Operating Conditions PKI technology is not really suitable for daily use yet, and interoperability of different PKI applications is not given to the extent desired by costumers. This particularly applies to key management, necessary for PKI use. PKI projects are to be categorised as sensitive, therefore success of such a project may be compromised by changing requirements and specifications within the project. Furthermore PKI centralises trust decisions and assures a designated process sequence. In practice this may result in substantial problems, since such developments (may) conflict with personal interests of the parties involved. Acceptance of PKI applications could be enhanced if those were simple and transparent, meaning easy to understand within the context and language of business processes. But, even when this had been accomplished it turned out that the efforts for supporting PKI applications are still higher than those of other applications. In this context it needs to be guaranteed that the support can rely on qualified employees, so that security specifications are not compromised by wrongly recommended actions. With cross-company processes the problem of acceptance is much higher, since the trust decisions to be made are complex. Therefore certain requirements for PKI applications must be taken into account. We differentiate between three scenarios, all of which are following their own market drive: 1. For the mass market (e.g. home banking, online shopping) simplicity, transparency and minimal costs come first, making the use of a complex technology like PKI difficult. 2. In the business environment flexibility is the most important aspect, since PKI use depends on the level of security requirements and the technologies used, for an instance. Successful isolated solutions (i.e. information silos) show that standardisations are not given the highest priority and can only be established when paying attention to market rules. 3. When used for governmental purposes (e.g. electronic identity documents) though, standardisation combined with high security and sustainability (replacement of algorithms, use of biometry, and so on) is compulsory. Simple and understandable trust decisions still remain the most important requirement. Therefore, it needs to be taken into account that security results from control and trust and that reducing control is possible only by increasing trust. Executive Summary 15

13 Recommended Actions Amongst other things, the goal of this project was to point out options for eliminating obstacles associated with PKI technology and the corresponding operating conditions. Building on that, recommendations that will promote PKI were developed. Among the technical recommendations are suggestions for research on interchangeability of cryptographic algorithms, which we consider to be necessary. This is of particular interest for long-term PKI use within a governmental environment. We identified integration of PKI in applications as another object of investigation since supporting framework development allows for standardised methods. Interoperability of applications and key management is another important aspect, especially within a governmental environment. In this vein, further form aspects beyond smart cards as well as standardised access of cryptographic key are to be examined. Last but not least further fundamental research in the field of quantum computers and their effects on the crypto-algorithms used in PKI needs to be conducted. From the economical point of view costs for the infrastructure investment PKI are to be made transparent and compared with generated benefits. As a result of the complex processes, the business models are based on, the focus should be on core processes where PKI could act as an enabler. Security has to become an implicit part of business process modelling/development thereby. On a management level understanding of the importance of security must be improved by appropriate measures. In order to accomplish a more detailed examination of a PKI project s costs we suggest applying a mix of methods from different key figure systems. When realising PKI, direct and diversified support of applications often leads to problems, which is why we are of the opinion that PKI pilot projects should be integrated into the entire environment step by step. In order to reduce possible problems and help with decision making, we additionally recommend publishing positive and negative field reports on PKI use. Furthermore, the interdependence of technology, economics and aspects of use should be examined regarding PKI so as to find options for improving trust relationships for electronic business transfer. The trust decisions necessary for PKI applications need to be simple and understandable for the user. Thereby direct user contact allows for enhanced awareness of trust building and trust decisions within (internet) applications. It should be refrained from enacting technical requirements into law; instead we suggest specifying them in directives, so that leeway can be used when establishing PKI applications. 16 Executive Summary

14 1. Technical Outlook IT security technologies are gaining more and more importance. The rise in handling B2C as well as B2B transactions online notably contributes to this development. Laws and regulations like the Sarbanes Oxley Act or Basel II demand that companies address IT security in an organized, efficient and pro-active way. (cf. [Booker 2006]). In order to guard systems, data, and communication channels, several techniques for encryption, signing, identification, and authorisation can be utilised. 1.1 Methodology Two distinct approaches were chosen to gather information for the current chapter, Technical Outlook. Y Y 13 experts from research, industry and commerce agreed to participate in a guided telephone interview that addressed questions concerning cryptography, tokens, PKI, alternative concepts sans PKI, biometry, and security evaluation as well as security certification. (The interview guide and list of interview subjects can be found in the appendix). At the same time a survey of international literature referring to the topics mentioned was conducted. This report follows the thematic structure of the questionnaire used. Chapter 1 Technical Outlook 17

15 1.2 Cryptography Based on the German signature law, the Federal Network Agency recommends cryptographic algorithms for qualified signatures, hash functions, and random number generators every year (cf. [Bundesnetzagentur Algorithmenkatalog 2006]). The suggestions for qualified signatures listed in this catalogue are intended to provide for security for at least six years after being evaluated and published [SigV 2001]. When it comes to deployment this timeframe is not reasonable, since investments and associated amortisations are aimed at a longer timeframe. The 2006 algorithm catalogue recommends SHA 1 (until the end of 2009), RIPEMD (until the end of 2010) and SHA-224, SHA-256, SHA-384, SHA 512 (until the end of 2011). Qualified for electronic signatures: 1. RSA (until the end of 2007), RSA-1976 (until the end of 2011), suggested use of RSA DSA (until the end of 2007), DSA-2048 (until the end of 2011), suggested use of DSA DSA variants based on elliptic curves (bit-length of used prime number q at least 180 (until the end of 2009) and 224 (until the end of 2011)), especially: a. EC 5 -DSA, b. EC-KDSA, c. EC-GDSA 6, d. Nyberg-Rueppel signatures (cf. [Bundesnetzagentur Algorithmenkatalog 2006]) Using a physical random number generator for key generation is strongly recommended. If no physical random number generator is available a pseudo-random number generator might be considered. The inner state is being initialised using the [ ] seed. With every step the state has to be renewed and a random number derived. The seed has to be guarded against being read out or manipulated... ([Bundesnetzagentur Algorithmenkatalog 2006]). Every pseudo-random number generator has to be a class K3 (evaluation class 3, strength high ) deterministic random number generator in terms of AIS-20 (cf. [BSI 2006a]). The seeds entropy is at least 80 bit -100 and 120 bit are recommended (until the end of 2009), 100 or 120 (starting 2010) (cf. [Bundesnetzagentur Algorithmenkatalog 2006]). An algorithm catalogue like that of the Federal Network Agency can be regarded as a basic requirement for keeping systems reliable over a longer timeframe. Addition Secure Hash Algorithm RACE Integrity Primitives Evaluation Message Digest Asymmetric cryptographic system named after Rivest, Shamir and Adleman Digital Signature Algorithm Elliptic Curves KDSA and GDSA are DSA variants based on elliptic curves 18 Chapter 1 Technical Outlook

16 ally it serves as an adequate means of establishing standardised procedures (cf. [Giessmann 2006]). There is no national specification of algorithms and parameters for securing digital signature methods. Generally the catalogue s recommendations are useful when it comes to interoperability (cf. [Preneel 2006]). On an international level, the recommendations the NSA provided in Suite B are crucial and valuable (cf. [Temple 2006], [Preneel 2006]). This catalogue suggests: Y Encryption: AES-128 or AES-256 (Advanced Encryption Standard) (cf. [NSA A 2007]) Y Digital signatures: ECDSA-256 or ECDSA-384 (Elliptic-Curve Digital Signature Algorithm) (cf. [NSA B 2007]) Y Key agreement: EC DH (Elliptic Curve Diffie-Hellman) or EC MQV (Menezes-Qu-Vanstone) with NIST P-256 respectively NIST P-384 (cf. [NSA C 2007]) Y Hash functions: SHA-256 and SHA-384 (Secure Hash Algorithm) (cf. [NSA D 2007]) Unfortunately the functions recommend by the NSA are often lacking implementation. (cf. [Temple 2006]). Security of the methods mentioned accordingly relies on: 1. the factorising problem of integers, 2. the discrete logarithm problem for the multiplicative group of a prime field Fp, 3. the discrete logarithm problem for the groups E(Fp) and E(F2m). [Bundesnetzagentur Algorithmenkatalog 2006] Additionally one needs to take into account that security of today s methods is affected by a combination of computers capability and the mathematical foundations of the cryptographic algorithms used. This will be outlined in detail below. Security also relies on nobody having found a better mathematical algorithm. When evaluating, progress in this area has to be considered carefully, even though it is hard to rate. In 1978, Rivest, Shamir, and Adleman introduced the RSA algorithm (cf. [RSA 1978]), which is still the application standard of asymmetric cryptography. It is implemented in widespread smart card families (signature cards, cards used for financial transactions SECCOS, health cards) as well. This algorithm s security relies on an effectively complicated mathematical problem: Prime factorisation, which is impossible for large numbers using today's methods (cf. [Buchmann 2006]). Given a sufficient key length, a RSA-encrypted document cannot be decrypted within a reasonable frame of time, assuming one does not possess the private key. Current developments in the area of quantum mechanics could annihilate this protection. Due to their construction, quantum computers are able to make calculations Chapter 1 Technical Outlook 19

17 much more quickly than traditional computers. But it is not only the hypothetical quantum computer that is putting algorithms security at risk. In 1996 Shor demonstrated that quantum computers will make factorising RSA moduli possible and thus break RSA (cf. [Shor 1996]), which would make currently used algorithms, similar to RSA, unsafe (cf. [Schmidt 2006], [Brassard 1996]). According to Schmidt, there are two methods to counteract this: 1. develop alternative crypto-systems, e.g. lattice-based crypto-systems 2. raise the key length of currently used algorithms To what extent the first option really does pose an alternative has yet to be determined. Every deterministically unique mathematical problem could probably be solved in polynomial time by using quantum computers. Today one cannot definitively say whether it is possible to build quantum computers in sufficient size (cf. [Buchmann 2006], [Schmidt 2006]). Schmidt acts on the assumption that quantum computer size increases rather slowly (cf. [Schmidt 2006]). As long as no large quantum computers exist the second option seems to be the better choice (cf. [Schmidt 2006]). The largest quantum computer existing today is able to factorise the number 15 (cf. [Buchmann 2006]), therefore quantum computers do not pose an immediate threat (cf. [Okamoto 2003]). Against this background one can say that the algorithms, like RSA and cryptographic algorithms based on elliptic curves, are safe for the time being (short-term, up to 10 years) at least (cf. [Buchmann 2006b], [Preneel 2006]). Some applications, e.g. code signing and SSL authentication, merely need short-term security (cf. [Buchmann 2006a]). Progression in the field of DNA computers is relevant for evaluating cryptographic algorithms security as well. Boneh et al. did demonstrate that massive parallel processing is possible using molecular computers (cf. [Boneh 1995], [Boneh 1996]). Might this lead to the breaking of encryption keys? For now hash functions seem to be much less durable than encryption algorithms. The first collisions were discovered six years after MD4 had been launched (cf. [Dobbertin 1996]). SHA-0 and SHA-1 are based on a similar algorithm, thus in theory those became vulnerable too (cf. [Buchmann 2006a]). In this respect hash functions turn out to be a complex of problems by themselves (cf. [Leitold 2006]), forcing the cryptographic community to work hard on developing better design criteria for long-term security of hash functions (cf. [Weis 2005], [Buchmann 2006a]). For applications like the electronic patient record, law demands methods that are secure for at least 30 years (the legal obligation for medical records). Today s algorithms do not meet this requirement (cf. [Buchmann 2006b]). It is not possible to say what we will do in 20 years (cf. [Buchmann 2006b]). In order to be prepared for the future and unforeseen attacks, two things are necessary: 20 Chapter 1 Technical Outlook

18 Y a stock of secure alternative cryptographic algorithms needs to be made available Y the applications, using cryptographic algorithms, need to be designed in a modular way, making it easy to replace algorithms that have become vulnerable (cf. [Buchmann 2006a]). Giessmann also deems this pragmatic approach to make sense: implementing a secure solution and substituting alternatives by degrees. For this reason, algorithm catalogues are warranted too (cf. [Giessmann 2006]). The main problem concerning interchangeability of algorithms is the implementation (cf. Preneel 2006]). Software and protocols need to be coded in a way that makes replacing algorithms simple. As of today, this is not generally the case (e.g. the Microsoft Windows operating system) (cf. Buchmann 2006b]). Buchmann suggests designing applications in such a manner that they import the cryptographic algorithms needed from a corresponding crypto-api like the Java Cryptographic Architecture (JCA) or the Microsoft Crypto API. Keys, certificates, etc. need to be interchangeable too (cf. [Buchmann 2006a]). Buchmann introduces the crypto-library FlexiProvider, having all mainstream and alternative cryptographic algorithms implemented on base of JCA. The trustcenter application Flexitrust is based on FlexiProvider and is used by the German Root Certification Authority (CA) and the German Country Signing CA. Some experimental algorithms, which are intended to provide a certain security against quantum computers, are integrated in FlexiProvider via PostQuantumProvider (cf. Buchmann 2006a]). FlexiProvider is subject to the GNU GPL (General Public License) and LGPL (Lesser General Public License). It is freely available on the internet (cf. [FlexiProvider 2006]). In an interview on the topic, Christoph Busch said that he was in favour of the Flexi-PKI concept (cf. [Busch 2006]). The IEEE (Institute of Electrical and Electronics Engineers) P1363 is a task force working on standardisation of specifications of public key cryptography. The emphasis of standardising efforts is on traditional algorithms (e.g. RSA, DSA, etc.) as well as on new ones like lattice-based public-key cryptography (e.g. NTRU), which are intended to remain secure once quantum computers arrive (cf. [Buchmann 2006a]). NTRU is a public-key crypto-system that is much quicker than conventional algorithms (like RSA). Development and distribution are done by NTRU Cryptosystems Inc. Due to this system s speed, it is geared to the embedded systems market and can be utilised for telephones and RFID chips amongst others things. The corresponding algorithms for encryption and signing are called NTRUEncrypt and NTRUSign. They are already being used. NTRU Cryptosystems Inc. distributes its security suite for wireless networks Aerolink containing the NTRU cryptosystem (cf. [NTRU 2006]). Quantum cryptographic algorithms, using the possibilities of quantum mechanics, are another option for generating long-term security. Brennet and Brassard have already prepared the ground, demonstrating experimental distribution of quantum keys (Quantum Key Distribution) in 1989 (cf. [Brassard 1996]). Most experimental quantum cryptographic algorithm prototypes existing today are based on the QKD protocol BD84 published in The question that has to be met during further Chapter 1 Technical Outlook 21

19 research is: how secure is QKD actually? (cf. [Brassard 1996]). QKD would not be a solution for internet applications or end-to-end communication for those who need a common channel (electro-magnetic wave or wired channels). Conventional quantum cryptography demands a quantum channel (cf. [Okamoto 2003]). Currently no applicable quantum cryptographic algorithm exists. More research is needed on this topic. Even though there are preliminary methods of securing bank transfers via quantum cryptography (cf. [Wissenschaft.de 2005]) none of them is functional. Despite companies already offering products covering this area, practical usability has to be considered nonexistent (cf. [ID Quantique 2007], [SmartQuantum 2007]). 1.3 Man between the conflicting priorities of technology and economics Another problem being discussed in conjunction with IT security is the threat posed by the human factor. Experts often consider the person operating a system or application the number one vulnerability (cf. [Preneel 2006], [Temple 2006]). In fact, systems are secure on a technological level but are not designed to be used by human beings since they forget or (sometimes involuntary) give away theirs passwords amongst other things. Attackers do not try to break cryptographic algorithms but rather take aim at elements promising an easier break-through: On the one hand, this is the implementation; on the other hand, it is the user (social engineering) (cf. [Hilton 2007]). Additional awareness measures (cf. [Busch 2006]) could be one option, as well as other measures like biometry (cf. [Giessmann 2006]) or Single sign-on (SSO) combined with smart cards and biometry. Those could gain more acceptance by providing better usability (cf. [Kuppinger 2006a]). Tagging the user as being weak is short-sighted though. IT users are hard to reshape, even when using awareness measures. Technology is much easier to configure. Man should not have to conform to the system: the system should conform to man. IT has to be designed in a way encouraging users to make simple decisions instead of being overwhelmed by the system s complexity (cf. [Kuppinger 2006a]). Chapter 3 Operating Conditions contains a detailed discussion on this topic. 1.4 Tokens & Trusted Computing A token is a sort of bit pattern used for authentication. The term originates from network engineering, featuring the token ring technology which has been developed for linking computer networks. The device holding the token is allowed to send data. In the field of security a token is defined similarly. A token is represented either by software (e.g. the access token used for logging into MS Windows contains access permissions too) or in combination with hardware devices (e.g. a chip on a smart 22 Chapter 1 Technical Outlook

20 card, an USB memory stick) and is also called a crypto-token. With the token, applications can be used as authorised. Hardware tokens add the aspect of physical ownership. Nobody but the person holding the token is able to authenticate him or herself to a system or an application. The systems called tokens are being used for a variety of applications (electronic health cards, ticketing, finances, etc.) (cf. [Williamson 2006]). Chip cards holding an embedded chip, hardware logic, and memory are called smart cards. Shelfer s paper provides an overview of smart card types, infrastructures and standards (cf. [Shelfer 2002]). RFID chips, which provide all functions smart cards offer, are available as well. They are based on the same concept and allow for realising contactless chip cards. This extended the scope of possible shapes. Smart card chips can be easily blended in portable (and personalised) devices (e.g. USB memory sticks, mobile phone, etc.). The lack of a viable method of identification has kept smart cards from gaining much popularity, but the situation has been improving. Currently, there are no standards defined, but this is being worked on. ISO standard sounds promising with respect to interoperability. (cf. [Williamson 2006]). In (cf. [Spitz 2006]) it is described in detail. Bakdi introduces a method for combining several smart cards in one. The approach of virtual tokens allows for the operation of several applications on one hardware token (cf. [Bakdi 2006]). RFID systems, being used en mass, will be a future hot topic in security discussions. Providing for privacy and data integrity using these systems still poses a challenge (cf. [Calmels 2006]). A trusted platform module (TPM) is a smart card derivative associated with an API and protocols for enhancing trustworthiness of computing platforms or other devices (trusted platform). The goal is to form a cryptographic hash chain, representing the current execution status, and to store this value securely in one register of the TPM. By asking the TPM to generate a signed data block having the value of the hash chain, the counterpart is able to verify whether the platform resides in a secure mode of operation (cf. [Portitz 2006]). TPMs have been developed by the Trusted Computing Group (cf. [TCG 2006]). TPMs being bound to systems and not persons is the most important difference between them and smart cards. TPMs were developed to provide a more appropriate base for high trust platforms (cf. [Sandhu 2005]) and are supposed to form a root of trust (cf. [Sadeghi 2006]). Many platforms containing a TPM have already been rolled out (cf. [Sadeghi 2006]). The architecture allows for later integration of newer methods, like lattice-based access control (cf. [Sandhu 2005]). The BSI appreciates the security initiative regarding trusted computing initiated by Microsoft. That is because of the fact that at the present time PCs are fairly vulnerable to malware, since the operating systems currently used especially the Microsoft Windows family can fend of those threats imperfectly at best. The BSI expects IT Chapter 1 Technical Outlook 23

Mitglied der Leibniz-Gemeinschaft

Mitglied der Leibniz-Gemeinschaft Methods of research into dictionary use: online questionnaires Annette Klosa (Institut für Deutsche Sprache, Mannheim) 5. Arbeitstreffen Netzwerk Internetlexikografie, Leiden, 25./26. März 2013 Content

Mehr

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena http://www.im.uni-jena.de Contents I. Learning Objectives II. III. IV. Recap

Mehr

Corporate Digital Learning, How to Get It Right. Learning Café

Corporate Digital Learning, How to Get It Right. Learning Café 0 Corporate Digital Learning, How to Get It Right Learning Café Online Educa Berlin, 3 December 2015 Key Questions 1 1. 1. What is the unique proposition of digital learning? 2. 2. What is the right digital

Mehr

ELBA2 ILIAS TOOLS AS SINGLE APPLICATIONS

ELBA2 ILIAS TOOLS AS SINGLE APPLICATIONS ELBA2 ILIAS TOOLS AS SINGLE APPLICATIONS An AAA/Switch cooperative project run by LET, ETH Zurich, and ilub, University of Bern Martin Studer, ilub, University of Bern Julia Kehl, LET, ETH Zurich 1 Contents

Mehr

Titelbild1 ANSYS. Customer Portal LogIn

Titelbild1 ANSYS. Customer Portal LogIn Titelbild1 ANSYS Customer Portal LogIn 1 Neuanmeldung Neuanmeldung: Bitte Not yet a member anklicken Adressen-Check Adressdaten eintragen Customer No. ist hier bereits erforderlich HERE - Button Hier nochmal

Mehr

Instruktionen Mozilla Thunderbird Seite 1

Instruktionen Mozilla Thunderbird Seite 1 Instruktionen Mozilla Thunderbird Seite 1 Instruktionen Mozilla Thunderbird Dieses Handbuch wird für Benutzer geschrieben, die bereits ein E-Mail-Konto zusammenbauen lassen im Mozilla Thunderbird und wird

Mehr

eurex rundschreiben 094/10

eurex rundschreiben 094/10 eurex rundschreiben 094/10 Datum: Frankfurt, 21. Mai 2010 Empfänger: Alle Handelsteilnehmer der Eurex Deutschland und Eurex Zürich sowie Vendoren Autorisiert von: Jürg Spillmann Weitere Informationen zur

Mehr

Support Technologies based on Bi-Modal Network Analysis. H. Ulrich Hoppe. Virtuelles Arbeiten und Lernen in projektartigen Netzwerken

Support Technologies based on Bi-Modal Network Analysis. H. Ulrich Hoppe. Virtuelles Arbeiten und Lernen in projektartigen Netzwerken Support Technologies based on Bi-Modal Network Analysis H. Agenda 1. Network analysis short introduction 2. Supporting the development of virtual organizations 3. Supporting the development of compentences

Mehr

Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation

Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation Eine Betrachtung im Kontext der Ausgliederung von Chrysler Daniel Rheinbay Abstract Betriebliche Informationssysteme

Mehr

Labour law and Consumer protection principles usage in non-state pension system

Labour law and Consumer protection principles usage in non-state pension system Labour law and Consumer protection principles usage in non-state pension system by Prof. Dr. Heinz-Dietrich Steinmeyer General Remarks In private non state pensions systems usually three actors Employer

Mehr

Franke & Bornberg award AachenMünchener private annuity insurance schemes top grades

Franke & Bornberg award AachenMünchener private annuity insurance schemes top grades Franke & Bornberg award private annuity insurance schemes top grades Press Release, December 22, 2009 WUNSCHPOLICE STRATEGIE No. 1 gets best possible grade FFF ( Excellent ) WUNSCHPOLICE conventional annuity

Mehr

Bayerisches Landesamt für Statistik und Datenverarbeitung Rechenzentrum Süd. z/os Requirements 95. z/os Guide in Lahnstein 13.

Bayerisches Landesamt für Statistik und Datenverarbeitung Rechenzentrum Süd. z/os Requirements 95. z/os Guide in Lahnstein 13. z/os Requirements 95. z/os Guide in Lahnstein 13. März 2009 0 1) LOGROTATE in z/os USS 2) KERBEROS (KRB5) in DFS/SMB 3) GSE Requirements System 1 Requirement Details Description Benefit Time Limit Impact

Mehr

1. General information... 2 2. Login... 2 3. Home... 3 4. Current applications... 3

1. General information... 2 2. Login... 2 3. Home... 3 4. Current applications... 3 User Manual for Marketing Authorisation and Lifecycle Management of Medicines Inhalt: User Manual for Marketing Authorisation and Lifecycle Management of Medicines... 1 1. General information... 2 2. Login...

Mehr

Addressing the Location in Spontaneous Networks

Addressing the Location in Spontaneous Networks Addressing the Location in Spontaneous Networks Enabling BOTH: Privacy and E-Commerce Design by Moritz Strasser 1 Disappearing computers Trends Mobility and Spontaneous Networks (MANET = Mobile Ad hoc

Mehr

Customer-specific software for autonomous driving and driver assistance (ADAS)

Customer-specific software for autonomous driving and driver assistance (ADAS) This press release is approved for publication. Press Release Chemnitz, February 6 th, 2014 Customer-specific software for autonomous driving and driver assistance (ADAS) With the new product line Baselabs

Mehr

HIR Method & Tools for Fit Gap analysis

HIR Method & Tools for Fit Gap analysis HIR Method & Tools for Fit Gap analysis Based on a Powermax APML example 1 Base for all: The Processes HIR-Method for Template Checks, Fit Gap-Analysis, Change-, Quality- & Risk- Management etc. Main processes

Mehr

STRATEGISCHES BETEILIGUNGSCONTROLLING BEI KOMMUNALEN UNTERNEHMEN DER FFENTLICHE ZWECK ALS RICHTSCHNUR FR EIN ZIELGERICHTETE

STRATEGISCHES BETEILIGUNGSCONTROLLING BEI KOMMUNALEN UNTERNEHMEN DER FFENTLICHE ZWECK ALS RICHTSCHNUR FR EIN ZIELGERICHTETE BETEILIGUNGSCONTROLLING BEI KOMMUNALEN UNTERNEHMEN DER FFENTLICHE ZWECK ALS RICHTSCHNUR FR EIN ZIELGERICHTETE PDF-SBBKUDFZARFEZ41-APOM3 123 Page File Size 5,348 KB 3 Feb, 2002 TABLE OF CONTENT Introduction

Mehr

STRATEGISCHES BETEILIGUNGSCONTROLLING BEI KOMMUNALEN UNTERNEHMEN DER FFENTLICHE ZWECK ALS RICHTSCHNUR FR EIN ZIELGERICHTETE

STRATEGISCHES BETEILIGUNGSCONTROLLING BEI KOMMUNALEN UNTERNEHMEN DER FFENTLICHE ZWECK ALS RICHTSCHNUR FR EIN ZIELGERICHTETE BETEILIGUNGSCONTROLLING BEI KOMMUNALEN UNTERNEHMEN DER FFENTLICHE ZWECK ALS RICHTSCHNUR FR EIN ZIELGERICHTETE PDF-SBBKUDFZARFEZ41-SEOM3 123 Page File Size 5,348 KB 3 Feb, 2002 TABLE OF CONTENT Introduction

Mehr

p^db=`oj===pìééçêíáåñçêã~íáçå=

p^db=`oj===pìééçêíáåñçêã~íáçå= p^db=`oj===pìééçêíáåñçêã~íáçå= Error: "Could not connect to the SQL Server Instance" or "Failed to open a connection to the database." When you attempt to launch ACT! by Sage or ACT by Sage Premium for

Mehr

Possible Solutions for Development of Multilevel Pension System in the Republic of Azerbaijan

Possible Solutions for Development of Multilevel Pension System in the Republic of Azerbaijan Possible Solutions for Development of Multilevel Pension System in the Republic of Azerbaijan by Prof. Dr. Heinz-Dietrich Steinmeyer Introduction Multi-level pension systems Different approaches Different

Mehr

DIE NEUORGANISATION IM BEREICH DES SGB II AUSWIRKUNGEN AUF DIE ZUSAMMENARBEIT VON BUND LNDERN UND KOMMUNEN

DIE NEUORGANISATION IM BEREICH DES SGB II AUSWIRKUNGEN AUF DIE ZUSAMMENARBEIT VON BUND LNDERN UND KOMMUNEN DIE NEUORGANISATION IM BEREICH DES SGB II AUSWIRKUNGEN AUF DIE ZUSAMMENARBEIT VON BUND LNDERN UND KOMMUNEN WWOM537-PDFDNIBDSIAADZVBLUK 106 Page File Size 4,077 KB 16 Feb, 2002 COPYRIGHT 2002, ALL RIGHT

Mehr

European Qualification Strategies in Information and Communications Technology (ICT)

European Qualification Strategies in Information and Communications Technology (ICT) European Qualification Strategies in Information and Communications Technology (ICT) Towards a European (reference) ICT Skills and Qualification Framework Results and Recommendations from the Leornardo-da-Vinci-II

Mehr

Darstellung und Anwendung der Assessmentergebnisse

Darstellung und Anwendung der Assessmentergebnisse Process flow Remarks Role Documents, data, tool input, output Important: Involve as many PZU as possible PZO Start Use appropriate templates for the process documentation Define purpose and scope Define

Mehr

J RG IMMENDORFF STANDORT F R KRITIK MALEREI UND INSPIRATION ERSCHEINT ZUR AUSSTELLUNG IM MUSEUM LU

J RG IMMENDORFF STANDORT F R KRITIK MALEREI UND INSPIRATION ERSCHEINT ZUR AUSSTELLUNG IM MUSEUM LU J RG IMMENDORFF STANDORT F R KRITIK MALEREI UND INSPIRATION ERSCHEINT ZUR AUSSTELLUNG IM MUSEUM LU 8 Feb, 2016 JRISFRKMUIEZAIMLAPOM-PDF33-0 File 4,455 KB 96 Page If you want to possess a one-stop search

Mehr

Hazards and measures against hazards by implementation of safe pneumatic circuits

Hazards and measures against hazards by implementation of safe pneumatic circuits Application of EN ISO 13849-1 in electro-pneumatic control systems Hazards and measures against hazards by implementation of safe pneumatic circuits These examples of switching circuits are offered free

Mehr

Security Planning Basics

Security Planning Basics Einführung in die Wirtschaftsinformatik VO WS 2009/2010 Security Planning Basics Gerald.Quirchmayr@univie.ac.at Textbook used as basis for these slides and recommended as reading: Whitman, M. E. & Mattord,

Mehr

Notice: All mentioned inventors have to sign the Report of Invention (see page 3)!!!

Notice: All mentioned inventors have to sign the Report of Invention (see page 3)!!! REPORT OF INVENTION Please send a copy to An die Abteilung Technologietransfer der Universität/Hochschule An die Technologie-Lizenz-Büro (TLB) der Baden-Württembergischen Hochschulen GmbH Ettlinger Straße

Mehr

SuisseID Digital passport and signature

SuisseID Digital passport and signature Bilder einfügen: Post-Menü > Bild > Fotografie einfügen. Weitere Bilder unter www.brandingnet.ch Technische Angaben Bildgrösse vollflächig B 25,4 cm x H 19,05 cm entsprechen B 1500 Pixel x H 1125 Pixel

Mehr

Prediction Market, 28th July 2012 Information and Instructions. Prognosemärkte Lehrstuhl für Betriebswirtschaftslehre insbes.

Prediction Market, 28th July 2012 Information and Instructions. Prognosemärkte Lehrstuhl für Betriebswirtschaftslehre insbes. Prediction Market, 28th July 2012 Information and Instructions S. 1 Welcome, and thanks for your participation Sensational prices are waiting for you 1000 Euro in amazon vouchers: The winner has the chance

Mehr

Elektronische Identifikation und Vertrauensdienste für Europa

Elektronische Identifikation und Vertrauensdienste für Europa Brüssel/Berlin Elektronische Identifikation und Vertrauensdienste für Europa Wir wären dann soweit --- oder? Thomas Walloschke Director EMEIA Security Technology Office eidas REGULATION No 910/2014 0 eidas

Mehr

NEWSLETTER. FileDirector Version 2.5 Novelties. Filing system designer. Filing system in WinClient

NEWSLETTER. FileDirector Version 2.5 Novelties. Filing system designer. Filing system in WinClient Filing system designer FileDirector Version 2.5 Novelties FileDirector offers an easy way to design the filing system in WinClient. The filing system provides an Explorer-like structure in WinClient. The

Mehr

Efficient Design Space Exploration for Embedded Systems

Efficient Design Space Exploration for Embedded Systems Diss. ETH No. 16589 Efficient Design Space Exploration for Embedded Systems A dissertation submitted to the SWISS FEDERAL INSTITUTE OF TECHNOLOGY ZURICH for the degree of Doctor of Sciences presented by

Mehr

Release Notes BRICKware 7.5.4. Copyright 23. March 2010 Funkwerk Enterprise Communications GmbH Version 1.0

Release Notes BRICKware 7.5.4. Copyright 23. March 2010 Funkwerk Enterprise Communications GmbH Version 1.0 Release Notes BRICKware 7.5.4 Copyright 23. March 2010 Funkwerk Enterprise Communications GmbH Version 1.0 Purpose This document describes new features, changes, and solved problems of BRICKware 7.5.4.

Mehr

USBASIC SAFETY IN NUMBERS

USBASIC SAFETY IN NUMBERS USBASIC SAFETY IN NUMBERS #1.Current Normalisation Ropes Courses and Ropes Course Elements can conform to one or more of the following European Norms: -EN 362 Carabiner Norm -EN 795B Connector Norm -EN

Mehr

Open Source. Legal Dos, Don ts and Maybes. openlaws Open Source Workshop 26 June 2015, Federal Chancellery Vienna

Open Source. Legal Dos, Don ts and Maybes. openlaws Open Source Workshop 26 June 2015, Federal Chancellery Vienna Open Source Legal Dos, Don ts and Maybes openlaws Open Source Workshop 26 June 2015, Federal Chancellery Vienna 1 2 3 A Case + vs cooperation since 2003 lawsuit initiated 2008 for violation of i.a. GPL

Mehr

ISO 15504 Reference Model

ISO 15504 Reference Model Process flow Remarks Role Documents, data, tools input, output Start Define purpose and scope Define process overview Define process details Define roles no Define metrics Pre-review Review yes Release

Mehr

Themen für Seminararbeiten WS 15/16

Themen für Seminararbeiten WS 15/16 Themen für Seminararbeiten WS 15/16 Institut für nachhaltige Unternehmensführung Themenblock A: 1) Carsharing worldwide - An international Comparison 2) The influence of Carsharing towards other mobility

Mehr

p^db=`oj===pìééçêíáåñçêã~íáçå=

p^db=`oj===pìééçêíáåñçêã~íáçå= p^db=`oj===pìééçêíáåñçêã~íáçå= How to Disable User Account Control (UAC) in Windows Vista You are attempting to install or uninstall ACT! when Windows does not allow you access to needed files or folders.

Mehr

Inequality Utilitarian and Capabilities Perspectives (and what they may imply for public health)

Inequality Utilitarian and Capabilities Perspectives (and what they may imply for public health) Inequality Utilitarian and Capabilities Perspectives (and what they may imply for public health) 1 Utilitarian Perspectives on Inequality 2 Inequalities matter most in terms of their impact onthelivesthatpeopleseektoliveandthethings,

Mehr

SELF-STUDY DIARY (or Lerntagebuch) GER102

SELF-STUDY DIARY (or Lerntagebuch) GER102 SELF-STUDY DIARY (or Lerntagebuch) GER102 This diary has several aims: To show evidence of your independent work by using an electronic Portfolio (i.e. the Mahara e-portfolio) To motivate you to work regularly

Mehr

Group and Session Management for Collaborative Applications

Group and Session Management for Collaborative Applications Diss. ETH No. 12075 Group and Session Management for Collaborative Applications A dissertation submitted to the SWISS FEDERAL INSTITUTE OF TECHNOLOGY ZÜRICH for the degree of Doctor of Technical Seiences

Mehr

SAP PPM Enhanced Field and Tab Control

SAP PPM Enhanced Field and Tab Control SAP PPM Enhanced Field and Tab Control A PPM Consulting Solution Public Enhanced Field and Tab Control Enhanced Field and Tab Control gives you the opportunity to control your fields of items and decision

Mehr

OEDIV SSL-VPN Portal Access for externals

OEDIV SSL-VPN Portal Access for externals OEDIV SSL-VPN Portal Access for externals Abteilung Serverbetreuung Andre Landwehr Date 31.07.2013 Version 1.2 Seite 1 von 9 Versionshistorie Version Datum Autor Bemerkung 1.0 06.08.2011 A. Landwehr Initial

Mehr

GIPS 2010 Gesamtüberblick. Dr. Stefan J. Illmer Credit Suisse. Seminar der SBVg "GIPS Aperitif" 15. April 2010 Referat von Stefan Illmer

GIPS 2010 Gesamtüberblick. Dr. Stefan J. Illmer Credit Suisse. Seminar der SBVg GIPS Aperitif 15. April 2010 Referat von Stefan Illmer GIPS 2010 Gesamtüberblick Dr. Stefan J. Illmer Credit Suisse Agenda Ein bisschen Historie - GIPS 2010 Fundamentals of Compliance Compliance Statement Seite 3 15.04.2010 Agenda Ein bisschen Historie - GIPS

Mehr

Frequently asked Questions for Kaercher Citrix (apps.kaercher.com)

Frequently asked Questions for Kaercher Citrix (apps.kaercher.com) Frequently asked Questions for Kaercher Citrix (apps.kaercher.com) Inhalt Content Citrix-Anmeldung Login to Citrix Was bedeutet PIN und Token (bei Anmeldungen aus dem Internet)? What does PIN and Token

Mehr

Developing the business case for investing in corporate health and workplace partnership indicators and instruments Input

Developing the business case for investing in corporate health and workplace partnership indicators and instruments Input Developing the business case for investing in corporate health and workplace partnership indicators and instruments Input Holger Pfaff Head of the department for Medical Sociology at the Institute of Occupational

Mehr

There are 10 weeks this summer vacation the weeks beginning: June 23, June 30, July 7, July 14, July 21, Jul 28, Aug 4, Aug 11, Aug 18, Aug 25

There are 10 weeks this summer vacation the weeks beginning: June 23, June 30, July 7, July 14, July 21, Jul 28, Aug 4, Aug 11, Aug 18, Aug 25 Name: AP Deutsch Sommerpaket 2014 The AP German exam is designed to test your language proficiency your ability to use the German language to speak, listen, read and write. All the grammar concepts and

Mehr

H Mcast Future Internet made in Hamburg?

H Mcast Future Internet made in Hamburg? H Mcast Future Internet made in Hamburg? Thomas Schmidt (HAW Hamburg) schmidt@informatik.haw-hamburg.de Forschungsschwerpunkt: IMS Interagierende Multimediale Systeme 1 Prof. Dr. Thomas Schmidt http://www.haw-hamburg.de/inet

Mehr

Making quality visible. National Quality Certificate for Old Age and Nursing Homes in Austria (NQC)

Making quality visible. National Quality Certificate for Old Age and Nursing Homes in Austria (NQC) Making quality visible. National Quality Certificate for Old Age and Nursing Homes in Austria (NQC) Human Rights Council Genf, 15 September 2015 The Austrian System of Long Term Care System: 2 main components:

Mehr

Exercise (Part II) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1

Exercise (Part II) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1 Exercise (Part II) Notes: The exercise is based on Microsoft Dynamics CRM Online. For all screenshots: Copyright Microsoft Corporation. The sign ## is you personal number to be used in all exercises. All

Mehr

Ingenics Project Portal

Ingenics Project Portal Version: 00; Status: E Seite: 1/6 This document is drawn to show the functions of the project portal developed by Ingenics AG. To use the portal enter the following URL in your Browser: https://projectportal.ingenics.de

Mehr

ISO 15504 Reference Model

ISO 15504 Reference Model Prozess Dimension von SPICE/ISO 15504 Process flow Remarks Role Documents, data, tools input, output Start Define purpose and scope Define process overview Define process details Define roles no Define

Mehr

XML Template Transfer Transfer project templates easily between systems

XML Template Transfer Transfer project templates easily between systems Transfer project templates easily between systems A PLM Consulting Solution Public The consulting solution XML Template Transfer enables you to easily reuse existing project templates in different PPM

Mehr

E-Discovery the EU Data Protection Authorities approach

E-Discovery the EU Data Protection Authorities approach E-Discovery the EU Data Protection Authorities approach Breakout Session Mind the Gap: Bridging U.S. Cross-border E-discovery and EU Data Protection Obligations Dr. Alexander Dix, LL.M. Berlin Commissioner

Mehr

Rollen im Participant Portal

Rollen im Participant Portal Rollen im Participant Portal Stand Februar 2011 Inhaltsverzeichnis 1 Welche Aufteilung existiert grundsätzlich im PP?...3 1.1 Organisation Roles:...3 1.2 Project Roles:...4 1.2.1 1st level: Coordinator

Mehr

From a Qualification Project to the Foundation of a Logistics Network Thuringia. Logistik Netzwerk Thüringen e.v.

From a Qualification Project to the Foundation of a Logistics Network Thuringia. Logistik Netzwerk Thüringen e.v. From a Qualification Project to the Foundation of a Logistics Network Thuringia Strengthening the role of Logistics through Corporate Competence Development a pilot project by Bildungswerk der Thüringer

Mehr

How to access licensed products from providers who are already operating productively in. General Information... 2. Shibboleth login...

How to access licensed products from providers who are already operating productively in. General Information... 2. Shibboleth login... Shibboleth Tutorial How to access licensed products from providers who are already operating productively in the SWITCHaai federation. General Information... 2 Shibboleth login... 2 Separate registration

Mehr

Englische Fassung der Bescheinigung im Sinne der Rn. 5 des BMF-Schreibens vom 22. Juli 2005 (BStBl I 2005 S. 829)

Englische Fassung der Bescheinigung im Sinne der Rn. 5 des BMF-Schreibens vom 22. Juli 2005 (BStBl I 2005 S. 829) Postanschrift Berlin: Bundesministeriu m der Finanzen, 11016 Berlin Gerd Müller Gatermann Unterabteilungsleiter IV B POSTANSCHRIFT Bundesministerium der Finanzen, 11016 Berlin Zentraler Kreditausschuss

Mehr

A Practical Approach for Reliable Pre-Project Effort Estimation

A Practical Approach for Reliable Pre-Project Effort Estimation A Practical Approach for Reliable Pre-Project Effort Estimation Carl Friedrich Kreß 1, Oliver Hummel 2, Mahmudul Huq 1 1 Cost Xpert AG, Augsburg, Germany {Carl.Friedrich.Kress,Mahmudul.Huq}@CostXpert.de

Mehr

Workshop Quality Assurance Forum 2014

Workshop Quality Assurance Forum 2014 Workshop Quality Assurance Forum 2014 How do connotations of to learn and to teach influence learning and teaching? Andrea Trink Head of Quality Management Fachhochschule Burgenland - University of Applied

Mehr

WP2. Communication and Dissemination. Wirtschafts- und Wissenschaftsförderung im Freistaat Thüringen

WP2. Communication and Dissemination. Wirtschafts- und Wissenschaftsförderung im Freistaat Thüringen WP2 Communication and Dissemination Europa Programm Center Im Freistaat Thüringen In Trägerschaft des TIAW e. V. 1 GOALS for WP2: Knowledge information about CHAMPIONS and its content Direct communication

Mehr

Environmental management in German institutions of higher education: Lessons learnt and steps toward sustainable management

Environmental management in German institutions of higher education: Lessons learnt and steps toward sustainable management Environmental management in German institutions of higher education: Lessons learnt and steps toward sustainable management Lüneburg, Juni 23/24, 2005 Joachim Müller Sustainable Management of Higher Education

Mehr

Prof. Dr. Margit Scholl, Mr. RD Guldner Mr. Coskun, Mr. Yigitbas. Mr. Niemczik, Mr. Koppatz (SuDiLe GbR)

Prof. Dr. Margit Scholl, Mr. RD Guldner Mr. Coskun, Mr. Yigitbas. Mr. Niemczik, Mr. Koppatz (SuDiLe GbR) Prof. Dr. Margit Scholl, Mr. RD Guldner Mr. Coskun, Mr. Yigitbas in cooperation with Mr. Niemczik, Mr. Koppatz (SuDiLe GbR) Our idea: Fachbereich Wirtschaft, Verwaltung und Recht Simple strategies of lifelong

Mehr

TMF projects on IT infrastructure for clinical research

TMF projects on IT infrastructure for clinical research Welcome! TMF projects on IT infrastructure for clinical research R. Speer Telematikplattform für Medizinische Forschungsnetze (TMF) e.v. Berlin Telematikplattform für Medizinische Forschungsnetze (TMF)

Mehr

Algorithms for graph visualization

Algorithms for graph visualization Algorithms for graph visualization Project - Orthogonal Grid Layout with Small Area W INTER SEMESTER 2013/2014 Martin No llenburg KIT Universita t des Landes Baden-Wu rttemberg und nationales Forschungszentrum

Mehr

Lizenzmanagement auf Basis DBA Feature Usage Statistics?

Lizenzmanagement auf Basis DBA Feature Usage Statistics? Lizenzmanagement auf Basis DBA Feature Usage Statistics? Kersten Penni, Oracle Deutschland B.V. & Co. KG Düsseldorf Schlüsselworte Oracle License Management Services (LMS), Lizenzen, Lizenzierung, Nutzungserfassung,

Mehr

Advanced Availability Transfer Transfer absences from HR to PPM

Advanced Availability Transfer Transfer absences from HR to PPM Advanced Availability Transfer Transfer absences from HR to PPM A PLM Consulting Solution Public Advanced Availability Transfer With this solution you can include individual absences and attendances from

Mehr

Role Play I: Ms Minor Role Card. Ms Minor, accountant at BIGBOSS Inc.

Role Play I: Ms Minor Role Card. Ms Minor, accountant at BIGBOSS Inc. Role Play I: Ms Minor Role Card Conversation between Ms Boss, CEO of BIGBOSS Inc. and Ms Minor, accountant at BIGBOSS Inc. Ms Boss: Guten Morgen, Frau Minor! Guten Morgen, Herr Boss! Frau Minor, bald steht

Mehr

Context-adaptation based on Ontologies and Spreading Activation

Context-adaptation based on Ontologies and Spreading Activation -1- Context-adaptation based on Ontologies and Spreading Activation ABIS 2007, Halle, 24.09.07 {hussein,westheide,ziegler}@interactivesystems.info -2- Context Adaptation in Spreadr Pubs near my location

Mehr

CHAMPIONS Communication and Dissemination

CHAMPIONS Communication and Dissemination CHAMPIONS Communication and Dissemination Europa Programm Center Im Freistaat Thüringen In Trägerschaft des TIAW e. V. 1 CENTRAL EUROPE PROGRAMME CENTRAL EUROPE PROGRAMME -ist als größtes Aufbauprogramm

Mehr

Repositioning University Collections as Scientific Infrastructures.

Repositioning University Collections as Scientific Infrastructures. Repositioning University Collections as Scientific Infrastructures. HUMANE Seminar Academic Cultural Heritage: The Crown Jewels of Academia Rome, November 14-16, 2014 Dr. Cornelia Weber Humboldt University

Mehr

Approx. 2,000 frontlist books and 18,000 backlist books; list will be updated periodically

Approx. 2,000 frontlist books and 18,000 backlist books; list will be updated periodically This checklist provides an overview of the fees and features of the e-books and some additional details. This will simplify the evaluation of the product for the consortia partners. Checklist for e-books

Mehr

JONATHAN JONA WISLER WHD.global

JONATHAN JONA WISLER WHD.global JONATHAN WISLER JONATHAN WISLER WHD.global CLOUD IS THE FUTURE By 2014, the personal cloud will replace the personal computer at the center of users' digital lives Gartner CLOUD TYPES SaaS IaaS PaaS

Mehr

Rough copy for the art project >hardware/software< of the imbenge-dreamhouse artist Nele Ströbel.

Rough copy for the art project >hardware/software< of the imbenge-dreamhouse artist Nele Ströbel. Rough copy for the art project >hardware/software< of the imbenge-dreamhouse artist. Title >hardware/software< This art project reflects different aspects of work and its meaning for human kind in our

Mehr

How to develop and improve the functioning of the audit committee The Auditor s View

How to develop and improve the functioning of the audit committee The Auditor s View How to develop and improve the functioning of the audit committee The Auditor s View May 22, 2013 Helmut Kerschbaumer KPMG Austria Audit Committees in Austria Introduced in 2008, applied since 2009 Audit

Mehr

Exercise (Part XI) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1

Exercise (Part XI) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1 Exercise (Part XI) Notes: The exercise is based on Microsoft Dynamics CRM Online. For all screenshots: Copyright Microsoft Corporation. The sign ## is you personal number to be used in all exercises. All

Mehr

Patentrelevante Aspekte der GPLv2/LGPLv2

Patentrelevante Aspekte der GPLv2/LGPLv2 Patentrelevante Aspekte der GPLv2/LGPLv2 von RA Dr. Till Jaeger OSADL Seminar on Software Patents and Open Source Licensing, Berlin, 6./7. November 2008 Agenda 1. Regelungen der GPLv2 zu Patenten 2. Implizite

Mehr

Beschwerdemanagement / Complaint Management

Beschwerdemanagement / Complaint Management Beschwerdemanagement / Complaint Management Structure: 1. Basics 2. Requirements for the implementation 3. Strategic possibilities 4. Direct Complaint Management processes 5. Indirect Complaint Management

Mehr

Wie agil kann Business Analyse sein?

Wie agil kann Business Analyse sein? Wie agil kann Business Analyse sein? Chapter Meeting Michael Leber 2012-01-24 ANECON Software Design und Beratung G.m.b.H. Alser Str. 4/Hof 1 A-1090 Wien Tel.: +43 1 409 58 90 www.anecon.com office@anecon.com

Mehr

XV1100K(C)/XV1100SK(C)

XV1100K(C)/XV1100SK(C) Wlan Telefon Aastra 312w XV1100K(C)/XV1100SK(C) All rights reserverd. Any reprinting or unauthorized use wihout the written permission of Wlan Telefon Aastra 312w Corporation, is expressly prohibited.

Mehr

MindestanforderungenanDokumentationvon Lieferanten

MindestanforderungenanDokumentationvon Lieferanten andokumentationvon Lieferanten X.0010 3.02de_en/2014-11-07 Erstellt:J.Wesseloh/EN-M6 Standardvorgabe TK SY Standort Bremen Standard requirements TK SY Location Bremen 07.11.14 DieInformationenindieserUnterlagewurdenmitgrößterSorgfalterarbeitet.DennochkönnenFehlernichtimmervollständig

Mehr

Sustainability Balanced Scorecard as a Framework for Eco-Efficiency Analysis

Sustainability Balanced Scorecard as a Framework for Eco-Efficiency Analysis Sustainability Balanced Scorecard as a Framework for Eco-Efficiency Analysis Andreas Möller amoeller@uni-lueneburg.de umweltinformatik.uni-lueneburg.de Stefan Schaltegger schaltegger@uni-lueneburgde www.uni-lueneburg.de/csm

Mehr

HUMANGENETIK IN DER WELT VON HEUTE: 12 SALZBURGER VORLESUNGEN (GERMAN EDITION) BY FRIEDRICH VOGEL

HUMANGENETIK IN DER WELT VON HEUTE: 12 SALZBURGER VORLESUNGEN (GERMAN EDITION) BY FRIEDRICH VOGEL FRIEDRICH VOGEL READ ONLINE AND DOWNLOAD EBOOK : HUMANGENETIK IN DER WELT VON HEUTE: 12 SALZBURGER VORLESUNGEN (GERMAN EDITION) BY Click button to download this ebook READ ONLINE AND DOWNLOAD HUMANGENETIK

Mehr

INTERREG IIIa Project R&D - Ready for Research and Development Project results and ongoing activities

INTERREG IIIa Project R&D - Ready for Research and Development Project results and ongoing activities INTERREG IIIa Project R&D - Ready for Research and Development Project results and ongoing activities Györ, 5th December 2007 Key regions + perifary for surveys Background objectives CENTROPE needs a strategy

Mehr

Overall Coordination- and Communication Platform. for electronic and standardised Data-Exchange between. Ports and Hinterland in Rail-Traffic

Overall Coordination- and Communication Platform. for electronic and standardised Data-Exchange between. Ports and Hinterland in Rail-Traffic Overall Coordination- and Communication Platform for electronic and standardised Data-xchange between Ports and Hinterland in Rail-Traffic KoKoBahn Hafenübergreifende Koordinations- und Kommunikationsplattform

Mehr

AS Path-Prepending in the Internet And Its Impact on Routing Decisions

AS Path-Prepending in the Internet And Its Impact on Routing Decisions (SEP) Its Impact on Routing Decisions Zhi Qi ytqz@mytum.de Advisor: Wolfgang Mühlbauer Lehrstuhl für Netzwerkarchitekturen Background Motivation BGP -> core routing protocol BGP relies on policy routing

Mehr

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena http://www.im.uni-jena.de Contents I. Learning Objectives II. III. IV. Recap

Mehr

Challenges in Systems Engineering and a Pragmatic Solution Approach

Challenges in Systems Engineering and a Pragmatic Solution Approach Pure Passion. Systems Engineering and a Pragmatic Solution Approach HELVETING Dr. Thomas Stöckli Director Business Unit Systems Engineering Dr. Daniel Hösli Member of the Executive Board 1 Agenda Different

Mehr

An Introduction to Monetary Theory. Rudolf Peto

An Introduction to Monetary Theory. Rudolf Peto An Introduction to Monetary Theory Rudolf Peto 0 Copyright 2013 by Prof. Rudolf Peto, Bielefeld (Germany), www.peto-online.net 1 2 Preface This book is mainly a translation of the theoretical part of my

Mehr

ONLINE LICENCE GENERATOR

ONLINE LICENCE GENERATOR Index Introduction... 2 Change language of the User Interface... 3 Menubar... 4 Sold Software... 5 Explanations of the choices:... 5 Call of a licence:... 7 Last query step... 9 Call multiple licenses:...

Mehr

GridMate The Grid Matlab Extension

GridMate The Grid Matlab Extension GridMate The Grid Matlab Extension Forschungszentrum Karlsruhe, Institute for Data Processing and Electronics T. Jejkal, R. Stotzka, M. Sutter, H. Gemmeke 1 What is the Motivation? Graphical development

Mehr

Abteilung Internationales CampusCenter

Abteilung Internationales CampusCenter Abteilung Internationales CampusCenter Instructions for the STiNE Online Enrollment Application for Exchange Students 1. Please go to www.uni-hamburg.de/online-bewerbung and click on Bewerberaccount anlegen

Mehr

The poetry of school.

The poetry of school. International Week 2015 The poetry of school. The pedagogy of transfers and transitions at the Lower Austrian University College of Teacher Education(PH NÖ) Andreas Bieringer In M. Bernard s class, school

Mehr

XONTRO Newsletter. Financial Institutes. No. 70

XONTRO Newsletter. Financial Institutes. No. 70 XONTRO Newsletter Financial Institutes No. 70 Page 1 This XONTRO Newsletter for Financial Institutes contains information covering the following topics: BCIN BV processing control handling ( Bearbeitung

Mehr

XV1100K(C)/XV1100SK(C)

XV1100K(C)/XV1100SK(C) Lexware Warenwirtschaft Pro XV1100K(C)/XV1100SK(C) All rights reserverd. Any reprinting or unauthorized use wihout the written permission of Lexware Warenwirtschaft Pro Corporation, is expressly prohibited.

Mehr

Einführung in das wissenschaftliche Arbeiten WS 2010/2011 am Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie

Einführung in das wissenschaftliche Arbeiten WS 2010/2011 am Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie Einführung in das wissenschaftliche Arbeiten WS 2010/2011 am Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie IT-Security Karl C. Posch (Karl.Posch@iaik.tugraz.at) http://www.iaik.tugraz.at/content/teaching/bachelor_courses/

Mehr

Level 1 German, 2015

Level 1 German, 2015 90886 908860 1SUPERVISOR S Level 1 German, 2015 90886 Demonstrate understanding of a variety of German texts on areas of most immediate relevance 2.00 p.m. Thursday 26 November 2015 Credits: Five Achievement

Mehr