IT Security. Workshop Hot-Spots der Software-Entwicklung. 19. Februar Technische Universität München Institut für Informatik

Größe: px
Ab Seite anzeigen:

Download "IT Security. Workshop Hot-Spots der Software-Entwicklung. 19. Februar 2013. Technische Universität München Institut für Informatik"

Transkript

1 Workshop Hot-Spots der Software-Entwicklung IT Security 19. Februar 2013 Technische Universität München Institut für Informatik Software & Systems Engineering Prof. Dr. Dr. h.c. Manfred Broy BICC-NET Bavarian Information and Communication Technology Cluster Florian Deißenböck Daniel Méndez Fernández

2 Inhaltsverzeichnis 1 Einleitung 3 2 Teilnehmerliste 4 3 Programm 5 4 Das Sicherheitsnetzwerk München Peter Möhring 6 5 Sicherer Browser Schutz des Einfallstors Reto Weber 21 6 Einsatz von Zertifikatssystemen im Internet Jamshid Shokrollahi 42 7 Chipkartenbetriebssysteme Gefahrenpotentiale und Gegenmaßnahmen Helmut Scherzer 51 8 Cybersecurity-as-a-Service: strategische und technische Herausforderungen Philipp Müller, PeterRehäusser 66 2

3 1 Einleitung Durch die fortschreitende Digitalisierung und Vernetzung von Software-intensiven Systemen und Diensten sowie die daraus resultierende Bedrohung durch Angriffe nimmt das Thema IT Security eine immer zentralere Rolle ein. Ein besonderes Augenmerk gilt dabei der Sicherstellung der Verfügbarkeit, Integrität und Vertraulichkeit von Software-Systemen und deren Infrastruktur. Diese Aspekte müssen in allen Phasen des Software-Entwicklungsprozesses unter Einsatz geeigneter Methoden und Verfahren berücksichtigt werden. Betroffen hiervon sind nicht nur klassische betriebliche Informationssysteme, wie sie beispielsweise im Finanzdienstleistungssektor vorzufinden sind, sondern auch eingebettete Systeme, z.b. in den Bereichen Automobil und Avionik. Ziel dieses Workshops ist es, zum besseren grundsätzlichen Verständnis des Themas IT Security beizutragen und konkrete Erfahrungen aus der Praxis bzgl. des erfolgreichen Einsatzes unterschiedlicher Verfahren auszutauschen, aber auch über Erfahrungen mit dem Einsatz von Verfahren, die sich als weniger geeignet erwiesen. Themen sind unter anderem: Strategische und technische Herausforderungen der IT Security Überblick über Konzepte und Methoden zur Lösung derselben Einsatz von Zertifikatssystemen Cybersecurity & Zugangskontrolle 3

4 2 Teilnehmerliste Josef Wernke, Eurocopter Deutschland GmbH Stefan Finkenzeller, BLB Thomas Mey, Münchner Rück Dr. Florian Deißenböck, Technische Universität München Thomas Schön, Software Tomography Dr. Claudia Salazar Dorn, NTT Data Deutschland GmbH Helga Stephan-Dreinhoff, IBM Stefan Prechtl, ESG GmbH Alexander Bluhm, Gesellschaft fÿr Netzwerk- und Unix-Administration mbh Olaf Kaudelka, EADS Gabriele Käsberger-Hoschek, EADS Dr. Heinrich Hördegen Ingenieurbüro Guttenberg & Hördegen Dr. Martin Wechs, BMW Group Jan Philipps, Validas AG Manuel Then, Technische Universität München Bertram Janositz, CIBOteam esolutions AG Michael Schulz, EADS Michael Greulich, Interface AG Dr. Oscar Slotosch, Validas AG Klaus Lochmann, Technische Universität München Nils Oppermann, Audi Electronics Venture GmbH Dr. Daniel Méndez, Technische Universität München Christopher Schulz, SYRACOM Consulting AG Helmut Scherzer, Giesecke & Devrient GmbH Dr. Jamshid Shokrollahi, Bosch GmbH Peter Möhring, BICCNET-Clusterbüro I&K Dr. Philipp Müller, CSC Reto Weber, Consecom AG Martin Luy, ESG GmbH Roman Kochanek, Audi Stefan Kassal, MaibornWolff et al GmbH Jakob Tewes, MaibornWolff et al GmbH Kurt Meindl, Lorenz Software GmbH Norman Thomson, ATOSS Ovidiu Stan, ATOSS Dr. Philipp Guttenberg, Ingenieurbüro Guttenberg & Hördegen Bernhard Weber, msg systems ag Carsten Genth, ASM Assembly Systems Michael Spreng, Arcor AG & Co. KG Prof. Dr. Reiner Hüttl, Fachhochschule Rosenheim Walter Trapa, BMW Group Rainer Bitzer, Bosch GmbH Ümit Kusdogan, ABSC GmbH Carsten Tauss, ABSC GmbH Peter Rehäusser, CSC Christine Rittinger, Münchner Rück Tomas Benes, OSD Open Systems Design GmbH 4

5 3 Programm 13:30 Begrüßung Manfred Broy, Technische Universität München 13:45 Das Sicherheitsnetzwerk München Peter Möhrung, Sichernetzwerk München 14:30 Sicherer Browser Schutz des Einfallstors Reto Weber, Consecom AG 15:15 Kaffee-Pause 15:30 Einsatz von Zertifikatssystemen im Internet Jamshid Shokrollahi, Robert Bosch GmbH 16:15 Chipkartenbetriebssysteme Gefahrenpotentiale und Gegenmaßnahmen Helmut Scherzer, Giesecke & Devrient 17:00 Kaffee-Pause 17:15 Cybersecurity-as-a-Service: strategische und technische Herausforderungen Philipp Müller, PeterRehäusser, CSC 18:00 Abschlussdiskussion 18:30 Empfang 5

6 4 Das Sicherheitsnetzwerk München Peter Möhring Sicherheitsnetzwerk München Peter Möhring 19. Februar 2013, TU München, Garching 6

7 Vorgeschichte BMBF Spitzenclusterwettbewerb 2011 AISEC & G&D initiieren Netzwerk Skizze und Strategie Nominierung scheitert Januar 2012 Positive Netzwerkeffekte, Relevanz der Thematik Fortsetzung des Clusters Unterstützung durch Bay. Wirtschaftsministerium Einrichtung einer Geschäftsstelle am 1. Oktober 2012 Sicherheitsnetzwerk München, 19. Februar 2013 Forschung Sicherheitsnetzwerk München, 19. Februar

8 Forschung Industrie Sicherheitsnetzwerk München, 19. Februar 2013 Forschung Industrie Anwender Sicherheitsnetzwerk München, 19. Februar

9 Bündelung von Innovationskompetenzen Sicherheitsnetzwerk München, 19. Februar 2013 Warum dieses Netzwerk? IKT als Innovationstreiber IT-Sicherheit ist ein Wirtschaftsfaktor und schafft neue Märkte IT-Sicherheit unterstützt relevante Exportindustrien Vertrauenswürdigkeit, Manipulationsschutz, Wahrung der Privatsphäre, Verläßlichkeit in den Anwendungen notwendig München hat höchstes Wirtschafts- und Forschungsniveau in Deutschland und Europa im Bereich IT-Sicherheit Sicherheitstechnologien Made in Germany als langfristiger Wettbewerbsvorteil deutscher Anbieter Sicherheitsnetzwerk München, 19. Februar

10 Sicherheitsnetzwerk München, 19. Februar 2013 Warum dieses Netzwerk? IKT als Innovationstreiber IT-Sicherheit ist ein Wirtschaftsfaktor und schafft neue Märkte IT-Sicherheit unterstützt relevante Exportindustrien Vertrauenswürdigkeit, Manipulationsschutz, Wahrung der Privatsphäre, Verläßlichkeit in den Anwendungen notwendig München hat höchstes Wirtschafts- und Forschungsniveau in Deutschland und Europa im Bereich IT-Sicherheit Sicherheitstechnologien Made in Germany als langfristiger Wettbewerbsvorteil deutscher Anbieter Sicherheitsnetzwerk München, 19. Februar

11 Sicherheitsnetzwerk München, 19. Februar 2013 Industriegetrieben mit wirtschaftlichem Fokus Integrierte Erforschung, Entwicklung und schnelle Vermarktung innovativer Sicherheitstechnologien und Produkte Made in Germany Ausbau von Weltmarktstellung der beteiligten Unternehmen Deutschland mit München zum weltweit führenden Standort im Bereich IT-Sicherheit entwickeln Sicherheitsnetzwerk München, 19. Februar

12 Sicherheitsnetzwerk München, 19. Februar 2013 Umfeld des Clusters Politik IT Gipfel Underground economy Digitale Gesellschaft Mobilgeräte und Vernetzung Neue Geschäftsmodelle Sicherheitskonferenz Sicherheitsnetzwerk München, 19. Februar

13 Geschäftsstelle: Schwerpunktziele Aufstellung und Koordinierung von F&E Kooperationsprojekten Standort- und Branchenstärkung Netzwerkarbeit Übergreifende Themen: Forschung, Fachkräfte, Trends, Sicherheitsnetzwerk München, 19. Februar 2013 Maßnahmen 2013 Clusterkonferenz: Ermittlung neuer Kooperationspotenziale Kompetenzübersicht aller Mitglieder Anbahnung von Fördervorhaben, Konsortienbildung Platzieren von Themen in Förderprogrammen Bildung von Arbeitskreisen Schaffung einer Kommunikationsplattform Neue Partnerschaften (auch international) Schaffung informeller Austauschmöglichkeiten Beeinflussung politischer Gestaltungsaufgaben Gewinnung neuer Mitglieder Sicherheitsnetzwerk München, 19. Februar

14 Projektvorhaben Sicherheitsnetzwerk München, 19. Februar 2013 Verbundprojekte 1. SIBASE 2. ICEMAN 3. SIKOMFAN 4. Ambient security (neu) 5. Trust ME 6. Secure Appstore (neu) 7. Lagebild (neu) Sicherheitsnetzwerk München, 19. Februar

15 Schwerpunkt Mobile Endgeräte Sicherheitsnetzwerk München, 19. Februar 2013 Mobile werthaltige Dienste Sicherheitsnetzwerk München, 19. Februar

16 Eisattacke (cold boot) Sicherheitsnetzwerk München, 19. Februar 2013 TEE Sicherheitsnetzwerk München, 19. Februar

17 Sichere eingebettete Systeme Sicherheitsnetzwerk München, 19. Februar 2013 Schutz kritischer Infrastrukturen Sicherheitsnetzwerk München, 19. Februar

18 Sicheres Cloud Computing Sicherheitsnetzwerk München, 19. Februar 2013 Anwendungsorientierte Technologien Sicherheitsnetzwerk München, 19. Februar

19 Verbundprojekte: Zukünftige Fördermöglichkeiten LANDESEBENE Hoher Freiheitsgrad, Direktbeantragung auch ohne calls Kleine, effiziente Konsortien, geringeres Projektvolumen Industrieorientiert (wenn von Bay. WiMi gefördert) BUNDESEBENE Geringerer Freiheitsgrad durch vorgebene calls Größere Konsortien mit höherem Projektvolumen möglich Eher forschungsorientiert (speziell BMBF) EU-EBENE Horizon 2020 Internationale Konsortien, hohes Projektvolumen möglich Sicherheitsnetzwerk München, 19. Februar 2013 Verbundprojekte: Organisation, Rolle der Geschäftsstelle ORGANISATION Konsortien mit eigener Projektkoordination Konsortien sind für Beantragung und Durchführung der Verbundprojekte selbst verantwortlich ROLLE DER GESCHÄFTSSTELLE Unterstützung in Anbahnung, Beantragung und Durchführung Schaffung von Projekttransparenz für alle Mitglieder Plattform und Drehscheibe für Mitgliederkoordination, sowohl inhaltlich als auch organisatorisch Sicherheitsnetzwerk München, 19. Februar

20 Fragen Sicherheitsnetzwerk München, 19. Februar

21 5 Sicherer Browser Schutz des Einfallstors Reto Weber Bleicherweg 64a, CH-8002 Zürich,

22 Experienced IT Risk/Security Professional Consecom AG Senior Security Consultant Reto Weber Employment History IT Risk Officer, Credit Suisse AG CERT Analyst, Credit Suisse AG IT Security Engineer, UBS AG Education CAS in Risk Management, University of Zürich emba in International Management, Kalaidos Zürich Master in Information Technology, Bond University Australia Consecom AG -- We Secure Your Solutions Slide 2 Consecom your partner for securing technology Clients Main clients: SME, and major Swiss/international enterprises and organization of all sectors. Location of work: primarily in Switzerland and neighboring countries. Services Design Build Review concepts, strategies, policies, organization, processes, secure solutions programming, integration, special engineering audits, security reviews, risk assessments, penetration tests, technology assessments, organizational and process reviews History Founded in 2007 as a management buy out. Privately owned, substantial growth to seven employees today Consecom AG -- We Secure Your Solutions Slide 3 22

23 Agenda Problem Method Analysis Solution Experience Objectives Present lesson learned from a joining development with a University Exchange of experience of product development lifecycle Show result: a secure browser solution Consecom AG -- We Secure Your Solutions Slide 4 Global news about virus infections Earlier this month, security researchers discovered a new piece of malware had infected more than half a million Apple computers in what was the largest-scale attack on Apple s Mac OS X operating system to date. Nytimes, 04/2012 Unbekannte haben einem Bericht von Amorize zufolge zahlreiche Onlineshops mit einer veralteten Version von oscommerce zur Verbreitung von Schadcode missbraucht. Die Angreifer nutzten mindestens drei bekannte Schwachstellen in der Version 2.2. heise.de 08/2011 A serious flaw in the Java software found on most personal computers could expose the machines to being taken over by malicious attacks over the internet, the US agency responsible for policing such vulnerabilities warned on Thursday. ft, 01/2013 It s a scenario security researchers have long worried about, a man-in-the-middle attack that allows someone to impersonate Microsoft Update to deliver malware disguised as legitimate Microsoft code to unsuspecting users. wired.com 06/2012 A new piece of Mac malware has been discovered on a Web site linked to the Dalai Lama, using a well-documented Java exploit to install a Trojan on visitors' computers and steal personal information. cnet.com 12/2012 Hackers are increasingly targeting childfocused gaming websites, according to a leading anti-virus firm. Avast says it detected malware threats at more than 60 sites that contained "game" or "arcade" in their title, in the 30 days running up to 12 January. 01/2012 bbc.co.uk Consecom AG -- We Secure Your Solutions Slide 5 23

24 Malware is today one of the major threats and frequently used to attack Threat Agent: No clear pictures of attacking agents. Educated guesses possible e.g. profit driven, organized crime. Threat Facts: Malware shows an exponential growth since years. Various method of infection vectors: mail, USB, social engineering, remote exploit, web-browsing. Impact: Massive infection rate on end-user desktop environments. Key question, are you at risk or not (large unreported cases)? Results: Breaches in Confidentiality, Integrity and Availability Multiple second order effects Consecom AG -- We Secure Your Solutions Slide 6 Most infections come through the browser channel Infected systems: Web technologies are mostly used to place malware. Source Microsft.com Consecom AG -- We Secure Your Solutions Slide 7 24

25 Drive By Infection is a common issue 1 Open page 2 Send Exploit 3. Compromise Consecom AG -- We Secure Your Solutions Slide 8 25

26 Problem Methods Analysis Solution Experience Consecom AG -- We Secure Your Solutions Slide 10 Multiple areas with limited influence Measure Reduce complexity in web-pages Improve security with web-pages Extend to cloud-av solutions Change user-behavior Reduce EuP flexibility and usability Myth: Keyboard encryption Feasibility / Applicability No governance; not applicability No governance; limited reach Partial success; confidentiality breach Only partially applicable Change in working model; limited reach There is no keyboard encryption! EuP: End-user Platform Consecom AG -- We Secure Your Solutions Slide 11 26

27 Where can we start Conclusion: Start with the web-browser Browsers, an integral part of the operating system. Provide a platform based on international standards/languages (HTML, http, CSS, JavaScript, ). Having a super secure browser would reduce the risk of infection dramatically Consecom AG -- We Secure Your Solutions Slide 12 EuP: End-user Platform 27

28 Problem Methods Analysis Solution Experience Consecom AG -- We Secure Your Solutions Slide 14 The security product has multiple dimentions Dimensions Criteria Trust Administrator and manufacturer trust (prerequisite) Life-cycle trust (deployment and update) Threat Coverage On-line (in-bound): Vulnerabilities in applications Off-line threats: Malicious host At run-time At rest Protection Methods to protect from infected hosts Isolation Methods to isolate applications from infected hosts Integration Capabilities to integrate into standard work process Deployment Method and scalability Maintenance Patch and update capabilities, and scalability Usability Technological user support Weaknesses Limitations and weaknesses Consecom AG -- We Secure Your Solutions Slide 15 EuP: End-user Platform 28

29 Overview Secure Browser Browser on USB Stick, Hardened Web-browsers Browser Sandbox, Hardened Web-browsers Browser on Native Boot-Platform VM Browser in VM Consecom AG -- We Secure Your Solutions Slide 16 A USB stick or «wrapper» approaches Design Paradigm Run on shared commodity platform Hardened Web-Browser Application Application Share of central operating system tables Commodity Operating System Interrupt Vectors Memory Map Exemplary implementation variants Hardened Web-Browser Application Application USB-stick based web-browser Windows Hardened web-browser by platform extension, e.g. Trusteer Rapport Consecom AG -- We Secure Your Solutions Slide 17 29

30 Main weakness is a shared platform Dimensions Criteria Details Trust Life-cycle trust High trust for stick rollout, common otherwise Threat Coverage On-line (in-bound) Off-line threats: Malicious host At run-time At rest Gradual improvement against known threads (Low) gradual improvement Only if stored on read-only medium Protection Capabilities Application internal only Isolation Method None Integration Capabilities Stick: limited; Platform: full Deployment Method and scalability Stick: shipment; Platform: software Maintenance Method and scalability Stick: replacement, both: incremental updates Usability Support by technology Stick: non-ie; browser independent Weaknesses Limitations Shared platform Web-browser only protection Consecom AG -- We Secure Your Solutions Slide 18 A USB stick or CD boot systems Design Paradigm Boot-off clean OS from dedicated media Requires respective interface Provides conceptual improvement only with trusted read-only media Exemplary implementation variants Controlled Application 1 Isolation LPS Controlled Application 2 Isolation Hardened OS User Space SELinux Mandatory Access Control Minimal Linux Kernel Controlled Application 3 stateful firewall c t bankix: Linux Knoppix (Debian)-based boot-cd Lightweight Portable Solution (LPS) by US DoD: Hardened Linux for remote access Consecom AG -- We Secure Your Solutions Slide 19 30

31 Usability and mobile technology makes it harder to use Dimensions Criteria Details Trust Life-cycle trust No protection of image at download Threat Coverage On-line (in-bound) Off-line threats: Malicious host At run-time At rest Platform hardening No exposure. If stored on read-only medium Protection Capabilities Hardened Linux platform Firewall Isolation Method Native boot Integration Capabilities None (remote access only) Deployment Method and scalability CD image download Maintenance Method and scalability None, full image deployment Usability Support by technology Base-installation too complicated Weaknesses Limitations No integration, no incremental maintenance no image-protection Consecom AG -- We Secure Your Solutions Slide 20 A VM system to browse resolves a lot problems. Design Paradigm Run web-browser in a VM Application 1 (Browser) Application 2 (PDF-Reader) Application 3 (Flashplayer) Isolate web-browser from host Virtualization layer Separate OS constrained disk access Debian Linux Virtual Machine Isolation Windows Exemplary implementation BitBox Browser in the Box by German BSI/Sirrix AG Consecom AG -- We Secure Your Solutions Slide 21 31

32 Generally OS independent Dimensions Criteria Details Trust Life-cycle trust Update-only Threat Coverage On-line (in-bound) Off-line threats: Malicious host At run-time At rest Technical improvement (Standard Linux) Gradual improvement Only if stored on read-only medium Protection Capabilities Isolation by VM, controlled read-write Isolation Method Platform virtualization by VMs Integration Capabilities Integrated for default-browser launch Constrained data exchange Deployment Method and scalability Full image deployment Maintenance Method and scalability Standard Debian update mechanisms Usability Support by technology Base-installation too complicated Weaknesses Limitations Protection by standard Linux combined with Oracle VirtualBox abstraction Consecom AG -- We Secure Your Solutions Slide 22 32

33 Problem Methods Analysis Solution Experience Consecom AG -- We Secure Your Solutions Slide 24 Security Enhanced Linux the answer to the web-infection problem Objective Protect a system against unauthorized access/execution Function A technical policy enforcement framework. Any operation executed is validated by a security filter prior to execution. Implementation A kernel module is compiled into the machine with predefined rules. The kernel s security filter preforms the checks. No one can overwrite the rules at run-time (since denied by the security filter) and compiled into the system. History Ref SELinux was originally a development project by the National Security Agency (NSA). It is an implementation of the Flask operating system security architecture. The Flask architecture defines MAC with focus on providing an administratively-defined security policy that can control all subjects and objects, basing decisions on all security-relevant information. Flask was then renamed to SELinux Consecom AG -- We Secure Your Solutions Slide 25 33

34 A combination of methods into a browsing platform SEBPS Controlled Application 1 (Firefox) Isolation SEBPS Controlled Application 2 (Acroread) Isolation SEBPS Controlled Application 3 (Flashplayer) Trusted Update Server Scalable Trusted Maintenance Hardened OS User Space SELinux Mandatory Access Control constrained disk access Minimal Linux Kernel Virtual Machine Isolation stateful firewall Commodity Operating System Consecom AG -- We Secure Your Solutions Slide 26 Multiple benefits and usability for end users are important Deployment Web-Installer abstracts installation complexity Prepare the platform: pre-required tools Reduce the installation to the minimally needed steps: Two Clicks to securebrowse Use Support the user Launch the Web-browser Support system hibernate and standby Logout shuts down securebrowse Administration Relieve the user from interfering with administrative tasks Consecom AG -- We Secure Your Solutions Slide 27 34

35 securebrowse -- the answer to the web-infection problem Dimensions Criteria Details Trust Life-cycle trust Full trust: Deployment, Maintenance Threat Coverage On-line (in-bound) Off-line threats: Malicious host At run-time At rest Platform hardening (MAC) Separate OS-addr- space, separate IVT If stored on read-only medium Protection Capabilities Hardened Linux platform (MAC) Isolation Method Virtualized platform Integration Capabilities Cut-and-Paste between host and platform Deployment Method and scalability Trusted web-based Installer Maintenance Method and scalability Trusted incremental updates Usability Support by technology Straightforward web-supported installer Standard applications Weaknesses Limitations Limited integration Consecom AG -- We Secure Your Solutions Slide 28 35

36 36

37 37

38 Problem is reality, solution is around. Companies are daily in the news because of incidents with malware. Moreover, old browsers are still used. The main entry gate, the Web-Browser, can be secured. Where and when infections happen really, remains undiscovered. Non of the frequently used standard products proves complete protection. A VM with Mandatory Access Control Browser is very secure approach. A solution is around and free to use Consecom AG -- We Secure Your Solutions Slide 35 38

39 Problem Methods Analysis Solution Experience Consecom AG -- We Secure Your Solutions Slide 36 Solving a problem doesn't make you millionaire but the knowledge brings you forward Product never reached the mass market (by now) Generally users and companies still accept the risk by drive-by infections. Windows / ios look and feel is absolutely essential. Usability change require a large investment and are not accepted. Nish market Forensic Investigators, Fraud Analyzers (Analyze Dangerous Websites). Selective usage for untrusted web-pages (i.e. all). Highly secured areas (Nuclear Power Plants, Military). New business by knowledge gain Expert in secure platforms. Providers of secure platform for Web Entry Systems. Provider of secure appliances for major financial institutes Consecom AG -- We Secure Your Solutions Slide 37 39

40 40

41 41

42 6 Einsatz von Zertifikatssystemen im Internet Jamshid Shokrollahi Certificates: How to Build Trust in the Internet Jamshid Shokrollahi, hi Corporate Research (CR/AEA) Robert Bosch GmbH 1 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 42

43 Certificates: How to Build Trust in the Internet Overview Solved problem (Public Key Infrastructure and Certificates) Symmetric Key Cryptography Public key Cryptography Man in the Middle attack X.509 Certificate Not Completely solved problem (Secure Deployment) Different levels of realization Potential Vulnerabilities 2 Department 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Mission Alice and Bob want to securely communicate in the presence of Eve and Mally! Eve: eavesdropping Mally: read, write, and modify the messages 3 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 43

44 Certificates: How to Build Trust in the Internet Bob shops in the Internet! What can go wrong? 4 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Eavesdropping Eve sees Bob s credit card number and uses it next time for shopping! What is the solution? 5 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 44

45 Certificates: How to Build Trust in the Internet Symmetric Encryption is a solution Enc. / Dec Enc /Dec. Communication partners have the secret common key 6 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Public Key Cryptography (PKC) Bob and the Server can establish the secret Key using asymmetric Encryption Bob can encrypt its symmetric key using Server s public key, but only the server has the private key to decrypt it. In practical realizations there are more details which are ignored here 7 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 45

46 Certificates: How to Build Trust in the Internet Verifying Public Keys How can Bob be sure that Mally is not performing man in the middle attack? Mally s public key Server s public key 8 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Public Key Infrastructure CA(Certification Authority) CA s public key is embedded into most of browsers Secure Connection User s browser Server s identity Server s public key: Signed by CA Certificate, e.g., X.509 Server s private ke ey 9 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 46

47 Certificates: How to Build Trust in the Internet Example: X.509 Certificate Structure (1) Version... Serial Number Certificate Signature Algorithm Algorithm ID Certificate t Signature Issuer (E.g. Certificate Authority) Validity Not Before Not After Subject (E.g., server) Subject Public Key Info Public Key Algorithm Subject Public Key Issuer Unique Identifier (optional) Subject Unique Identifier (optional) Extensions (optional) 10 1) Source: Wikipedia Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Server Authentication and Key Exchange (simplified) 3) Verifies the signature of the certificate, and if the subject matches the server 2) Provides the certificate 1) https: request a secure connection Browser 4) Generates a random 128 bit key, 8) encrypts using the public key in the Ensures certificate and send to the server the security 5) Generates a random 128 bit key 7) XORes the two by and sends to the browser (client) in sequences to seeing plain generate the https symmetric key 6) De XOR gene ecrypts the Res the two erate the sy e received o sequenc ymmetric packet, es to key 11 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 47

48 Certificates: How to Build Trust in the Internet Realization Aspects Issuer s Infrastructure API Level Digital Signatures 12 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Digital Signature Hash Function Padding m d mod N Nonlinear mapping Adding The to compress large messages Must be collision resistant specific patterns to the compressed message fundamental and most time consuming operation Nonlinearity cancels the multiplicative property of the exponentiation 13 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 48

49 Certificates: How to Build Trust in the Internet Digital Signatures, lessons learned Do not use hash functions like MD4 with known collisions Always use large modulo numbers N which are generated according to the standards d The parameters and functions get obsolete. Never issue the certificate for very long time Always choose the functions and parameters according to the most recent standards, e.g., BSI Technische Richtlinie, BSI TR-02102, Version https://www.bsi.bund.de/shareddocs/downloads/de/bsi/publikationen/te chnischerichtlinien/tr02102/bsi-tr _pdf.pdf? blob=publicationfile 14 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Vulnerabilities in using API Always verify if the certificate matches the identity of the provider (server)? Even consider the possibility of having '\0' in the identity of the provider of certificate t who wants to impersonate a famous identity SSL and several other software also provide the PKI verification as functions. Always read the documentation carefully to enable the verification of the signatures Several examples of to dos and not to dos can be found in Georgiev et al., The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software, In proceedings of ACM CCS '12, pp , Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 49

50 Certificates: How to Build Trust in the Internet Issuer's s Infrastructure Certificates are your identity and their security depends on the private key of the issuer If the private key is not stored, or used, in the right way, attackers can impersonate you Revocating certificates and the lost reputation can cause high costs! Always think about the reputation of the issuer and if possible ensure that they have enough security in the processes 16 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. Certificates: How to Build Trust in the Internet Conclusion For the selection and the realization of digital signatures always use the most recent standards and follow them carefully When verifying i signatures, always be careful about the identities, and also variables and flags if you use verification functions from others' libraries When buying the certificates think about the reputation and history of the provider! 17 Jamshid Shokrollahi, CR/AEA3 2/19/2013 Robert Bosch GmbH All rights reserved, also regarding any disposal, exploitation, reproduction, editing, distribution, as well as in the event of applications for industrial property rights. 50

51 7 Chipkartenbetriebssysteme Gefahrenpotentiale und Gegenmaßnahmen Helmut Scherzer SmartCard Operating Systems Potential Risks and Security Measures Helmut Scherzer Giesecke & Devrient 51

52 SmartCard Operating Systems P Standards < ISO 7816/1..9 < CEN TC224/EN726 < GSM 11.xx < ETSI < JAVA 2.x P Specifications < JAVA < EMV < Mondex < Multos < SECCOS(ZKA) <...and others Standards and Specifications PPlatform < ST Microelectornics < Infenion < Philips < Samsung < Sharp < Renesas < Atmel <... and others P Hidden Agenda < Security Features < Attacks < Countermeasures < Programming Tricks < Performance Optimization < Memory Optimization < Algorithms PIN Attack Attack PCut Off Power before updating the PIN error counter Correct PIN- Entry Wrong PIN-Entry PIN - Check Update of PIN error counter Attack: Detection and interruption 52

53 PIN Attack Countermeasures PUpdate PIN error counter prior to PIN verification Cnt = 2 PIN - Check Cnt = 3 Power Break Attack or Accident... PPower Drop in the SmartCard < Unintentionally (Accident) Withdraw SmartCard Functional misbehaviour in Terminal Bad Contacts Environmental Factors (Vibration in Car etc...) < Intentionally (Attack) Data manipulation 53

54 Power Break Intention of the attack EEPROM Write Cycle EEPROM ) Delete EEPROM cell EEPROM ) Write new value EEPROM Best possible moment of power cut Power Break EEPROM Random No. Pseudo Random Attack 35 BC 01 A7 48 D5 3B 1C DES Old Random No. New Random No. is written to EEPROM EEPROM EEPROM Random No New Random No. EEPROM Random No. AB 33 2F 8E 46 7A 29 FD New Random No. 54

55 Power Break Countermeasures PLimited Transaction Protection < Recognition and Indication of Power Breaks < Protection of sensitive data < Card Blocking PFull Transaction Protection < Backtrace / Write Ahead Buffer < Atomized Transaktionens < Data Committment PCountermeasures : Absolutely MANDATORY Power Break Command Message Full Transaction Protection Target Data Backtrace Buffer ????

56 Memory Defragmentation Defragmentation by multiple file deletion PCreation of files by < Additional Applications < JAVA - Applets < Version Control/Update < Application Deletion < Application Buy and Run < Temporary Files EF EF EF EF EF EF EF EEPROM EF EF EF EF EF EF Free Memory EEPROM EF EF EF EF EF EF EF EF 1.) Initialization 2.) Erase EF Free Memory EF EEPROM 3.) New layout EF EF EF EF Memory Full! EF EF EF EF EF EF Memory Defragmentation Defragmentation Process EEPROM EEPROM EF EF EF EF EF EF EF EF Defrag... EF EF EF EF EF EF EF EF EF EF EF EF P Difficulties < References must be recorded < Defragmentation (up to 10 Sec.) must be 100 % Power Break resistant P Solution < Atomic operations with wear-leveling mechanism Defragmentation possible very effectively New Application Perspectives for SmartCards Smart Card Development PAuto-Defrag < 100 % Power brk.prot. < High Performance! < on Auto-Demand only P100 % Fail resistant < Theoretically proovable 56

57 EEPROM Errors Few Bits dropping P Chip Mfg.Guaranty : 10 Years Data retension < Credible and proven value < Very seldom, accidential drops have been reported P Bit Drop Situation < Most embarassing situation as no obvious reason available < Murphy s Law: Always the most crucial bit drops" P Countermeasures < CheckSum on any EEPROM boundary < Update of Checksum must also be power break resistant EEPROM Timing Attack PTime pattern of current samples PIN/Key Verification // Compare PIN for (i = 0; i<length(pin); i++) { if (PIN[i]!= Correct_PIN[i]) return(1); } return(0); Reference Point ) t Difference Measurement 57

58 Timing Attack The Square-Multiply 'always' problem PNew programming styles rlc r2 jnc NoSwap xchg r0,r1 NoSwap: ret ; r2 = exponent SmartCard StoneAge 2013 Coding // evaluate exponent bit if (ExpBit == 1) Swap(Source,Target); else Keep(Source,Target); return(0); push r0 push r1 push r0 ; <- bp mov bp,sp ; rlc r2 ; r2 = exponent addc bp,#0 mov r0,[bp] inc bp mov r1,[bp] add sp,#3 ret ; remove '3 x push' Differential Fault Analysis The DES Bellcore Attack P Assumption: < Bits in RAM may be altered intentionally PAttack by comparison of output 0 Key: ) Xy202 01aM b201 2.) Xy202 01aM b201 DES Alice is pretty a839 x15k b7fm 58

59 Reaction of the market Decrease of Orders since June 1998!!! DPA-Attack! January March May July September November SmartCard Orders Single Power Analysis Direct Evaluation of Current Samples P Direct evaluation of Current Samples < Insider knowledge required < Program Code must be locally known P Countermeasures < No bit operation with sensitive data < Source Code CONFIDENTIAL < Support by Chip Hardware 59

60 Differential Power Analysis Attack Scenario P Statistical Attack < Many DES Calculations required! < No Source Code Knowledge required! Key Shift S-Box Output Perm. DES Round # n The Final Attack Correlate Signed Samples P If the hypothized key was correct, each calculation will contribute a deterministic part to the final signal P If the hypothized key was wrong, only 'noise' will be added and no singularity will be found Signal + Signal Noise + Noise P For each n of 64 possible subkeys a particular hypothesis on the signal signs exist. P For each n of 64 possible subkeys the addition (correlation) of the N samples will be performed + Signal = - + Noise = = N 3 /N 60

61 Differential Power Analysis Attack Scenario Key Shift S-Box Output Perm. DES Round # n High number of samples required! Key : 48 bits Subkey Subkey Subkey Subkey Subkey Subkey Subkey Subkey Data 0110 S-Box S-Box S-Box S-Box S-Box S-Box S-Box S-Box S-Box being attacked Attacked bit Finding the Key... Maximum Evaluation PIn one of 64 correlation signals we will find a significant maximum PThis maximum confirms our 'guess' for the subkey. PWe may confirm the guess by evaluation of the other three bits on the same S-Box Subkey 17/64 : wrong hypothesis Subkey 18/64 : wrong hypothesis Subkey 19/64 : wrong hypothesis Subkey 20 : CORRECT HYPOTHESIS! 61

62 Differential Power Analysis Countermeasures PSystem Level < Limited Usage of Error Counters < Logging of Error Counters in Host System PHardware Level < Bus Scrambling < Power Noise < Redundant Clock Cycles PSoftware Level < Relative Protection Make the Alignment 'impossible' Nonsens Statements < Absolute Protection Theoretical Proove of Effectiveness ITSEC Evaluation possible! IBM DPADES9 : Excellent Protection! PCritical Factor: PERFORMANCE Table compression Partitioning attack CPU ROM 256 Bytes page 256 Bytes page 256 Bytes page... ; 512 byte table db 01,45,62,F3, 8F,7B,2A,3F, db... db... PAddress and value of a (EEP)ROM table may leak DPA information PAddressing another (EEP)ROM page may leak SPA information PCountermeasures (srambled RAM table) requires too much memory (here 512 bytes) 62

63 Table compression Partitioning attack CPU 256 Bytes page ROM 256 Bytes page 256 Bytes page... PAddress and value of a (EEP)ROM table may leak DPA information PAddressing another (EEP)ROM page may leak SPA information PCountermeasures (srambled RAM table) requires too much memory (here 512 bytes) Table compression Large Table attack countermeasures ROM 128 Bytes page 128 Bytes page 128 Bytes page... data + index masking RAM 128 Bytes POverlay ROM table entries in RAM Pindex/value mask 'on the fly' PDecoding can only be done with help of the original ROM table, but this can be achieved in a well protected way. 63

64 ROM 256 Bytes page 256 Bytes page 256 Bytes page... Table compression Large Table attack countermeasures Encode Generate rand1..rand4 [each ] for (i = 1 to 128) { RAM[i] = ROM[i r rand1] r ROM[i r rand ] r ROM[i r rand ] r ROM[i r rand ] } RAM 128 Bytes Decode (e.g. value from ) j = i r rand1 ROM[i] = RAM[j] r ROM[j r rand ] r ROM[j r rand ] r ROM[j r rand ] Decode (e.g. value from ) j = (i-128) r rand2 ROM[i] = RAM[j] r ROM[j r rand1] r ROM[j r rand ] r ROM[j r rand ] End SmartCard Operating Systems Potential Risk and Security Measures 64

65 65

66 8 Cybersecurity-as-a-Service: strategische und technische Herausforderungen Philipp Müller, PeterRehäusser Cybersecurity-as-a-Service Dr. Philipp Müller Peter Rehäußer CSC Proprietary and Confidential 66

67 Hackerangriffe sind allgegenwärtig. Was nun? CSC Proprietary and Confidential March 25, Unsere Welt heute Zunehmende Digitalisierung von Geschäftsprozessen Die neue Art von Bedrohungen: Gezielter, strukturierter und mit uneingeschränkten Ressourcen für Angriffe Private und geschäftliche IT verschmelzen: Cloud, ByoD, Social Media, Wachsende Anzahl an Regularien und Compliance-Vorschriften CSC Proprietary and Confidential March 25,

68 Wie denken wir Sicherheit auf der Vorstandsebene? Wie denken wir Sicherheit gesamtgesellschaftlich? CSC Proprietary and Confidential March 25, Sicherheit ganzheitlich angehen: der Cybersecurity Stack Ebene 4: Nationale Sicherheitsstrategie Bedrohungsalarm Nation/Staat Ebene 3: Situationsbewusstsein Event- Korrelation Organisation Ebene 2: Sicherheitsschicht Perimeter & Gateway Ebene 1: Sichere Infrastruktur Klassisches Vorgehen: Vorbeugen-Aufdecken- Reagieren LAN-WAN- Applikationen und -Daten Einzelne Systeme CSC Proprietary and Confidential March 25,

69 Den Security-Live-Cycle komplett abdecken Awareness Trainings Methodology Coaching IT Security Concepts IT Risk Management Cyberconfidence Check Compliance with Security Policies Comprehensive Audits Penetration Test IdM Prequalification Checks Controlling Coordination Communication IT Security Principles Security Policy IT Security Organisation Implementation Standards Business Continuity Planning Identity Management IT Security for Outsourcing Managed Security Services Common Criteria Evaluations CSC Proprietary and Confidential March 25, Warum Cybersecurity-as-a-Service? Cost CSC Proprietary and Confidential March 25,

70 The CSC Cybersecurity Demonstration Center CSC Proprietary and Confidential March 25, Storyline der Live-Demo Der Feind beauftragt einen Hacker, die Daten eines Großprojektes zu löschen und dem Unternehmen damit Schaden zuzufügen und fortwährend zu überprüfen, ob die Organisation am Ende des Projektes in der Lage war, die Informationen wieder herzustellen. CSC Proprietary and Confidential March 25,

71 Wie gehen Hacker vor? Analysieren von Netzwerken 1 Potentielle Opfer? Beobachtung der potenziellen Opfer 2 Wo kann man am einfachsten eindringen? Angriff 3 Ausnutzen von Unachtsamkeit 4 Illegale Tätigkeit Löschen von Projektdaten Installation eines maßgeschneiderten Trojanischen Pferdes, das alle neu erstellten Dokumente sofort an den Hacker sendet Escape 5 Der Remote-Zugriff wird unterbrochen CSC Proprietary and Confidential March 25, The CSC Cybersecurity Demonstration Center Global Learning Threat Alerting Nation / States Situational Awareness Event Correlation Organization Real-time Detect and Respond Data-loss prevention End-point security Classical Prevent- Detect-Respond Perimeter & Gateway Ongoing Vulnerability Analysis Identity Management LAN-WAN-Applications and Data Single Systems CSC Proprietary and Confidential March 25,

p^db=`oj===pìééçêíáåñçêã~íáçå=

p^db=`oj===pìééçêíáåñçêã~íáçå= p^db=`oj===pìééçêíáåñçêã~íáçå= How to Disable User Account Control (UAC) in Windows Vista You are attempting to install or uninstall ACT! when Windows does not allow you access to needed files or folders.

Mehr

p^db=`oj===pìééçêíáåñçêã~íáçå=

p^db=`oj===pìééçêíáåñçêã~íáçå= p^db=`oj===pìééçêíáåñçêã~íáçå= Error: "Could not connect to the SQL Server Instance" or "Failed to open a connection to the database." When you attempt to launch ACT! by Sage or ACT by Sage Premium for

Mehr

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena http://www.im.uni-jena.de Contents I. Learning Objectives II. III. IV. Recap

Mehr

Introducing PAThWay. Structured and methodical performance engineering. Isaías A. Comprés Ureña Ventsislav Petkov Michael Firbach Michael Gerndt

Introducing PAThWay. Structured and methodical performance engineering. Isaías A. Comprés Ureña Ventsislav Petkov Michael Firbach Michael Gerndt Introducing PAThWay Structured and methodical performance engineering Isaías A. Comprés Ureña Ventsislav Petkov Michael Firbach Michael Gerndt Technical University of Munich Overview Tuning Challenges

Mehr

HIR Method & Tools for Fit Gap analysis

HIR Method & Tools for Fit Gap analysis HIR Method & Tools for Fit Gap analysis Based on a Powermax APML example 1 Base for all: The Processes HIR-Method for Template Checks, Fit Gap-Analysis, Change-, Quality- & Risk- Management etc. Main processes

Mehr

Titelbild1 ANSYS. Customer Portal LogIn

Titelbild1 ANSYS. Customer Portal LogIn Titelbild1 ANSYS Customer Portal LogIn 1 Neuanmeldung Neuanmeldung: Bitte Not yet a member anklicken Adressen-Check Adressdaten eintragen Customer No. ist hier bereits erforderlich HERE - Button Hier nochmal

Mehr

How to develop and improve the functioning of the audit committee The Auditor s View

How to develop and improve the functioning of the audit committee The Auditor s View How to develop and improve the functioning of the audit committee The Auditor s View May 22, 2013 Helmut Kerschbaumer KPMG Austria Audit Committees in Austria Introduced in 2008, applied since 2009 Audit

Mehr

Corporate Digital Learning, How to Get It Right. Learning Café

Corporate Digital Learning, How to Get It Right. Learning Café 0 Corporate Digital Learning, How to Get It Right Learning Café Online Educa Berlin, 3 December 2015 Key Questions 1 1. 1. What is the unique proposition of digital learning? 2. 2. What is the right digital

Mehr

Symbio system requirements. Version 5.1

Symbio system requirements. Version 5.1 Symbio system requirements Version 5.1 From: January 2016 2016 Ploetz + Zeller GmbH Symbio system requirements 2 Content 1 Symbio Web... 3 1.1 Overview... 3 1.1.1 Single server installation... 3 1.1.2

Mehr

Software development with continuous integration

Software development with continuous integration Software development with continuous integration (FESG/MPIfR) ettl@fs.wettzell.de (FESG) neidhardt@fs.wettzell.de 1 A critical view on scientific software Tendency to become complex and unstructured Highly

Mehr

LOG AND SECURITY INTELLIGENCE PLATFORM

LOG AND SECURITY INTELLIGENCE PLATFORM TIBCO LOGLOGIC LOG AND SECURITY INTELLIGENCE PLATFORM Security Information Management Logmanagement Data-Analytics Matthias Maier Solution Architect Central Europe, Eastern Europe, BeNeLux MMaier@Tibco.com

Mehr

NEWSLETTER. FileDirector Version 2.5 Novelties. Filing system designer. Filing system in WinClient

NEWSLETTER. FileDirector Version 2.5 Novelties. Filing system designer. Filing system in WinClient Filing system designer FileDirector Version 2.5 Novelties FileDirector offers an easy way to design the filing system in WinClient. The filing system provides an Explorer-like structure in WinClient. The

Mehr

Customer-specific software for autonomous driving and driver assistance (ADAS)

Customer-specific software for autonomous driving and driver assistance (ADAS) This press release is approved for publication. Press Release Chemnitz, February 6 th, 2014 Customer-specific software for autonomous driving and driver assistance (ADAS) With the new product line Baselabs

Mehr

Praktikum Entwicklung Mediensysteme (für Master)

Praktikum Entwicklung Mediensysteme (für Master) Praktikum Entwicklung Mediensysteme (für Master) Organisatorisches Today Schedule Organizational Stuff Introduction to Android Exercise 1 2 Schedule Phase 1 Individual Phase: Introduction to basics about

Mehr

Exercise (Part XI) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1

Exercise (Part XI) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1 Exercise (Part XI) Notes: The exercise is based on Microsoft Dynamics CRM Online. For all screenshots: Copyright Microsoft Corporation. The sign ## is you personal number to be used in all exercises. All

Mehr

Mitglied der Leibniz-Gemeinschaft

Mitglied der Leibniz-Gemeinschaft Methods of research into dictionary use: online questionnaires Annette Klosa (Institut für Deutsche Sprache, Mannheim) 5. Arbeitstreffen Netzwerk Internetlexikografie, Leiden, 25./26. März 2013 Content

Mehr

Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation

Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation Einsatz einer Dokumentenverwaltungslösung zur Optimierung der unternehmensübergreifenden Kommunikation Eine Betrachtung im Kontext der Ausgliederung von Chrysler Daniel Rheinbay Abstract Betriebliche Informationssysteme

Mehr

Infrastructure as a Service (IaaS) Solutions for Online Game Service Provision

Infrastructure as a Service (IaaS) Solutions for Online Game Service Provision Infrastructure as a Service (IaaS) Solutions for Online Game Service Provision Zielsetzung: System Verwendung von Cloud-Systemen für das Hosting von online Spielen (IaaS) Reservieren/Buchen von Resources

Mehr

Darstellung und Anwendung der Assessmentergebnisse

Darstellung und Anwendung der Assessmentergebnisse Process flow Remarks Role Documents, data, tool input, output Important: Involve as many PZU as possible PZO Start Use appropriate templates for the process documentation Define purpose and scope Define

Mehr

Support Technologies based on Bi-Modal Network Analysis. H. Ulrich Hoppe. Virtuelles Arbeiten und Lernen in projektartigen Netzwerken

Support Technologies based on Bi-Modal Network Analysis. H. Ulrich Hoppe. Virtuelles Arbeiten und Lernen in projektartigen Netzwerken Support Technologies based on Bi-Modal Network Analysis H. Agenda 1. Network analysis short introduction 2. Supporting the development of virtual organizations 3. Supporting the development of compentences

Mehr

JONATHAN JONA WISLER WHD.global

JONATHAN JONA WISLER WHD.global JONATHAN WISLER JONATHAN WISLER WHD.global CLOUD IS THE FUTURE By 2014, the personal cloud will replace the personal computer at the center of users' digital lives Gartner CLOUD TYPES SaaS IaaS PaaS

Mehr

How to access licensed products from providers who are already operating productively in. General Information... 2. Shibboleth login...

How to access licensed products from providers who are already operating productively in. General Information... 2. Shibboleth login... Shibboleth Tutorial How to access licensed products from providers who are already operating productively in the SWITCHaai federation. General Information... 2 Shibboleth login... 2 Separate registration

Mehr

NG-NAC, Auf der Weg zu kontinuierlichem

NG-NAC, Auf der Weg zu kontinuierlichem NG-NAC, Auf der Weg zu kontinuierlichem Monitoring, Sichtbarkeit und Problembehebung 2013 ForeScout Technologies, Page 1 Matthias Ems, Markus Auer, 2014 ForeScout Technologies, Page 1 Director IT Security

Mehr

Mensch-Maschine-Interaktion 2 Übung 1

Mensch-Maschine-Interaktion 2 Übung 1 Mensch-Maschine-Interaktion 2 Übung 1 Ludwig-Maximilians-Universität München Wintersemester 2012/2013 Alexander De Luca, Aurélien Tabard Ludwig-Maximilians-Universität München Mensch-Maschine-Interaktion

Mehr

ELBA2 ILIAS TOOLS AS SINGLE APPLICATIONS

ELBA2 ILIAS TOOLS AS SINGLE APPLICATIONS ELBA2 ILIAS TOOLS AS SINGLE APPLICATIONS An AAA/Switch cooperative project run by LET, ETH Zurich, and ilub, University of Bern Martin Studer, ilub, University of Bern Julia Kehl, LET, ETH Zurich 1 Contents

Mehr

ISO 15504 Reference Model

ISO 15504 Reference Model Process flow Remarks Role Documents, data, tools input, output Start Define purpose and scope Define process overview Define process details Define roles no Define metrics Pre-review Review yes Release

Mehr

ISO 15504 Reference Model

ISO 15504 Reference Model Prozess Dimension von SPICE/ISO 15504 Process flow Remarks Role Documents, data, tools input, output Start Define purpose and scope Define process overview Define process details Define roles no Define

Mehr

TMF projects on IT infrastructure for clinical research

TMF projects on IT infrastructure for clinical research Welcome! TMF projects on IT infrastructure for clinical research R. Speer Telematikplattform für Medizinische Forschungsnetze (TMF) e.v. Berlin Telematikplattform für Medizinische Forschungsnetze (TMF)

Mehr

Rough copy for the art project >hardware/software< of the imbenge-dreamhouse artist Nele Ströbel.

Rough copy for the art project >hardware/software< of the imbenge-dreamhouse artist Nele Ströbel. Rough copy for the art project >hardware/software< of the imbenge-dreamhouse artist. Title >hardware/software< This art project reflects different aspects of work and its meaning for human kind in our

Mehr

McAfee Database Security. DOAG Konferenz 2012. Franz Hüll Senior Security Consultant. November 20, 2012

McAfee Database Security. DOAG Konferenz 2012. Franz Hüll Senior Security Consultant. November 20, 2012 McAfee Database Security DOAG Konferenz 2012 Franz Hüll Senior Security Consultant November 20, 2012 Agenda Überblick Datenbank Activity Monitoring Erfahrungen aus diversen Projekten bei der Implementierung

Mehr

EEX Kundeninformation 2007-09-05

EEX Kundeninformation 2007-09-05 EEX Eurex Release 10.0: Dokumentation Windows Server 2003 auf Workstations; Windows Server 2003 Service Pack 2: Information bezüglich Support Sehr geehrte Handelsteilnehmer, Im Rahmen von Eurex Release

Mehr

There are 10 weeks this summer vacation the weeks beginning: June 23, June 30, July 7, July 14, July 21, Jul 28, Aug 4, Aug 11, Aug 18, Aug 25

There are 10 weeks this summer vacation the weeks beginning: June 23, June 30, July 7, July 14, July 21, Jul 28, Aug 4, Aug 11, Aug 18, Aug 25 Name: AP Deutsch Sommerpaket 2014 The AP German exam is designed to test your language proficiency your ability to use the German language to speak, listen, read and write. All the grammar concepts and

Mehr

Check Point Software Technologies LTD.

Check Point Software Technologies LTD. Check Point Software Technologies LTD. Oct. 2013 Marc Mayer A Global Security Leader Leader Founded 1993 Global leader in firewall/vpn* and mobile data encryption More than 100,000 protected businesses

Mehr

Addressing the Location in Spontaneous Networks

Addressing the Location in Spontaneous Networks Addressing the Location in Spontaneous Networks Enabling BOTH: Privacy and E-Commerce Design by Moritz Strasser 1 Disappearing computers Trends Mobility and Spontaneous Networks (MANET = Mobile Ad hoc

Mehr

Tuning des Weblogic /Oracle Fusion Middleware 11g. Jan-Peter Timmermann Principal Consultant PITSS

Tuning des Weblogic /Oracle Fusion Middleware 11g. Jan-Peter Timmermann Principal Consultant PITSS Tuning des Weblogic /Oracle Fusion Middleware 11g Jan-Peter Timmermann Principal Consultant PITSS 1 Agenda Bei jeder Installation wiederkehrende Fragen WievielForms Server braucheich Agenda WievielRAM

Mehr

IBM Security Lab Services für QRadar

IBM Security Lab Services für QRadar IBM Security Lab Services für QRadar Serviceangebote für ein QRadar SIEM Deployment in 10 bzw. 15 Tagen 28.01.2015 12015 IBM Corporation Agenda 1 Inhalt der angebotenen Leistungen Allgemeines Erbrachte

Mehr

Instruktionen Mozilla Thunderbird Seite 1

Instruktionen Mozilla Thunderbird Seite 1 Instruktionen Mozilla Thunderbird Seite 1 Instruktionen Mozilla Thunderbird Dieses Handbuch wird für Benutzer geschrieben, die bereits ein E-Mail-Konto zusammenbauen lassen im Mozilla Thunderbird und wird

Mehr

1. General information... 2 2. Login... 2 3. Home... 3 4. Current applications... 3

1. General information... 2 2. Login... 2 3. Home... 3 4. Current applications... 3 User Manual for Marketing Authorisation and Lifecycle Management of Medicines Inhalt: User Manual for Marketing Authorisation and Lifecycle Management of Medicines... 1 1. General information... 2 2. Login...

Mehr

Employment and Salary Verification in the Internet (PA-PA-US)

Employment and Salary Verification in the Internet (PA-PA-US) Employment and Salary Verification in the Internet (PA-PA-US) HELP.PYUS Release 4.6C Employment and Salary Verification in the Internet (PA-PA-US SAP AG Copyright Copyright 2001 SAP AG. Alle Rechte vorbehalten.

Mehr

eurex rundschreiben 094/10

eurex rundschreiben 094/10 eurex rundschreiben 094/10 Datum: Frankfurt, 21. Mai 2010 Empfänger: Alle Handelsteilnehmer der Eurex Deutschland und Eurex Zürich sowie Vendoren Autorisiert von: Jürg Spillmann Weitere Informationen zur

Mehr

ONLINE LICENCE GENERATOR

ONLINE LICENCE GENERATOR Index Introduction... 2 Change language of the User Interface... 3 Menubar... 4 Sold Software... 5 Explanations of the choices:... 5 Call of a licence:... 7 Last query step... 9 Call multiple licenses:...

Mehr

RailMaster New Version 7.00.p26.01 / 01.08.2014

RailMaster New Version 7.00.p26.01 / 01.08.2014 RailMaster New Version 7.00.p26.01 / 01.08.2014 English Version Bahnbuchungen so einfach und effizient wie noch nie! Copyright Copyright 2014 Travelport und/oder Tochtergesellschaften. Alle Rechte vorbehalten.

Mehr

Release Notes BRICKware 7.5.4. Copyright 23. March 2010 Funkwerk Enterprise Communications GmbH Version 1.0

Release Notes BRICKware 7.5.4. Copyright 23. March 2010 Funkwerk Enterprise Communications GmbH Version 1.0 Release Notes BRICKware 7.5.4 Copyright 23. March 2010 Funkwerk Enterprise Communications GmbH Version 1.0 Purpose This document describes new features, changes, and solved problems of BRICKware 7.5.4.

Mehr

Beschwerdemanagement / Complaint Management

Beschwerdemanagement / Complaint Management Beschwerdemanagement / Complaint Management Structure: 1. Basics 2. Requirements for the implementation 3. Strategic possibilities 4. Direct Complaint Management processes 5. Indirect Complaint Management

Mehr

Franke & Bornberg award AachenMünchener private annuity insurance schemes top grades

Franke & Bornberg award AachenMünchener private annuity insurance schemes top grades Franke & Bornberg award private annuity insurance schemes top grades Press Release, December 22, 2009 WUNSCHPOLICE STRATEGIE No. 1 gets best possible grade FFF ( Excellent ) WUNSCHPOLICE conventional annuity

Mehr

Algorithms for graph visualization

Algorithms for graph visualization Algorithms for graph visualization Project - Orthogonal Grid Layout with Small Area W INTER SEMESTER 2013/2014 Martin No llenburg KIT Universita t des Landes Baden-Wu rttemberg und nationales Forschungszentrum

Mehr

Total Security Intelligence. Die nächste Generation von Log Management and SIEM. Markus Auer Sales Director Q1 Labs.

Total Security Intelligence. Die nächste Generation von Log Management and SIEM. Markus Auer Sales Director Q1 Labs. Total Security Intelligence Die nächste Generation von Log Management and SIEM Markus Auer Sales Director Q1 Labs IBM Deutschland 1 2012 IBM Corporation Gezielte Angriffe auf Unternehmen und Regierungen

Mehr

Effizienz im Vor-Ort-Service

Effizienz im Vor-Ort-Service Installation: Anleitung SatWork Integrierte Auftragsabwicklung & -Disposition Februar 2012 Disposition & Auftragsabwicklung Effizienz im Vor-Ort-Service Disclaimer Vertraulichkeit Der Inhalt dieses Dokuments

Mehr

Cloud und Big Data als Sprungbrett in die vernetzte Zukunft am Beispiel Viessmann

Cloud und Big Data als Sprungbrett in die vernetzte Zukunft am Beispiel Viessmann Cloud und Big Data als Sprungbrett in die vernetzte Zukunft am Beispiel Viessmann Adam Stambulski Project Manager Viessmann R&D Center Wroclaw Dr. Moritz Gomm Business Development Manager Zühlke Engineering

Mehr

KURZANLEITUNG. Firmware-Upgrade: Wie geht das eigentlich?

KURZANLEITUNG. Firmware-Upgrade: Wie geht das eigentlich? KURZANLEITUNG Firmware-Upgrade: Wie geht das eigentlich? Die Firmware ist eine Software, die auf der IP-Kamera installiert ist und alle Funktionen des Gerätes steuert. Nach dem Firmware-Update stehen Ihnen

Mehr

WP2. Communication and Dissemination. Wirtschafts- und Wissenschaftsförderung im Freistaat Thüringen

WP2. Communication and Dissemination. Wirtschafts- und Wissenschaftsförderung im Freistaat Thüringen WP2 Communication and Dissemination Europa Programm Center Im Freistaat Thüringen In Trägerschaft des TIAW e. V. 1 GOALS for WP2: Knowledge information about CHAMPIONS and its content Direct communication

Mehr

Sustainability Balanced Scorecard as a Framework for Eco-Efficiency Analysis

Sustainability Balanced Scorecard as a Framework for Eco-Efficiency Analysis Sustainability Balanced Scorecard as a Framework for Eco-Efficiency Analysis Andreas Möller amoeller@uni-lueneburg.de umweltinformatik.uni-lueneburg.de Stefan Schaltegger schaltegger@uni-lueneburgde www.uni-lueneburg.de/csm

Mehr

Elektronische Identifikation und Vertrauensdienste für Europa

Elektronische Identifikation und Vertrauensdienste für Europa Brüssel/Berlin Elektronische Identifikation und Vertrauensdienste für Europa Wir wären dann soweit --- oder? Thomas Walloschke Director EMEIA Security Technology Office eidas REGULATION No 910/2014 0 eidas

Mehr

Isabel Arnold CICS Technical Sales Germany Isabel.arnold@de.ibm.com. z/os Explorer. 2014 IBM Corporation

Isabel Arnold CICS Technical Sales Germany Isabel.arnold@de.ibm.com. z/os Explorer. 2014 IBM Corporation Isabel Arnold CICS Technical Sales Germany Isabel.arnold@de.ibm.com z/os Explorer Agenda Introduction and Background Why do you want z/os Explorer? What does z/os Explorer do? z/os Resource Management

Mehr

Cloud Computing in der öffentlichen Verwaltung

Cloud Computing in der öffentlichen Verwaltung Cloud Computing in der öffentlichen Verwaltung Willy Müller - Open Cloud Day 19.6.2012 2 Plug and Cloud? 3 The plug tower BPaaS Software SaaS Platform PaaS Storage/ Computing IaaS Internet Power grid 4

Mehr

Exercise (Part II) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1

Exercise (Part II) Anastasia Mochalova, Lehrstuhl für ABWL und Wirtschaftsinformatik, Kath. Universität Eichstätt-Ingolstadt 1 Exercise (Part II) Notes: The exercise is based on Microsoft Dynamics CRM Online. For all screenshots: Copyright Microsoft Corporation. The sign ## is you personal number to be used in all exercises. All

Mehr

Sicherheit dank Durchblick. Thomas Fleischmann Sales Engineer, Central Europe

Sicherheit dank Durchblick. Thomas Fleischmann Sales Engineer, Central Europe Sicherheit dank Durchblick Thomas Fleischmann Sales Engineer, Central Europe Threat Landscape Immer wieder neue Schlagzeilen Cybercrime ist profitabel Wachsende Branche 2013: 9 Zero Day Vulnerabilities

Mehr

Pilot Project Biogas-powered Micro-gas-turbine

Pilot Project Biogas-powered Micro-gas-turbine 1/18 Pilot Project Biogas-powered Micro-gas-turbine Supported by the Hessischen Ministerium für Wirtschaft, Verkehr und Landesentwicklung Speaker Details 2/18 Jan Müller Works at Institute of Solar Energy

Mehr

Fujitsu Software-Tage 2013 Stefan Schenscher / Symantec

Fujitsu Software-Tage 2013 Stefan Schenscher / Symantec Fujitsu Software-Tage 2013 Stefan Schenscher / Symantec Hamburg 17. / 18. Juni 2013 2 Informationen Informationen 4 Informationen Verfügbarkeit Backup Disaster Recovery 5 Schutz vor Angriffen Abwehr Informationen

Mehr

Netzwerke und Sicherheit auf mobilen Geräten

Netzwerke und Sicherheit auf mobilen Geräten Netzwerke und Sicherheit auf mobilen Geräten Univ.-Prof. Priv.-Doz. DI Dr. René Mayrhofer Antrittsvorlesung Johannes Kepler Universität Linz Repräsentationsräume 1. Stock (Uni-Center) 19.1.2015, 16:00

Mehr

MOBILE ON POWER MACHEN SIE IHRE ANWENDUNGEN MOBIL?!

MOBILE ON POWER MACHEN SIE IHRE ANWENDUNGEN MOBIL?! MOBILE ON POWER MACHEN SIE IHRE ANWENDUNGEN MOBIL?! Oliver Steinhauer Sascha Köhler.mobile PROFI Mobile Business Agenda MACHEN SIE IHRE ANWENDUNGEN MOBIL?! HERAUSFORDERUNG Prozesse und Anwendungen A B

Mehr

Challenges for the future between extern and intern evaluation

Challenges for the future between extern and intern evaluation Evaluation of schools in switzerland Challenges for the future between extern and intern evaluation Michael Frais Schulentwicklung in the Kanton Zürich between internal evaluation and external evaluation

Mehr

Arrow University München 03.03.2015. Thin Client Lösungen performant (auch im 3D-Umfelfd), zukunftssicher und zentral verwaltet!

Arrow University München 03.03.2015. Thin Client Lösungen performant (auch im 3D-Umfelfd), zukunftssicher und zentral verwaltet! Arrow University München 03.03.2015 Thin Client Lösungen performant (auch im 3D-Umfelfd), zukunftssicher und zentral verwaltet! Produkte & Services IGEL Produkt-Überblick Thin Client Management Thin Client

Mehr

MOBILE ENTERPRISE APPLICATION PLATFORM (MEAP)

MOBILE ENTERPRISE APPLICATION PLATFORM (MEAP) MOBILE ENTERPRISE APPLICATION PLATFORM (MEAP) Oliver Steinhauer.mobile PROFI Mobile Business Agenda MOBILE ENTERPRISE APPLICATION PLATFORM AGENDA 01 Mobile Enterprise Application Platform 02 PROFI News

Mehr

HUMANGENETIK IN DER WELT VON HEUTE: 12 SALZBURGER VORLESUNGEN (GERMAN EDITION) BY FRIEDRICH VOGEL

HUMANGENETIK IN DER WELT VON HEUTE: 12 SALZBURGER VORLESUNGEN (GERMAN EDITION) BY FRIEDRICH VOGEL FRIEDRICH VOGEL READ ONLINE AND DOWNLOAD EBOOK : HUMANGENETIK IN DER WELT VON HEUTE: 12 SALZBURGER VORLESUNGEN (GERMAN EDITION) BY Click button to download this ebook READ ONLINE AND DOWNLOAD HUMANGENETIK

Mehr

Outline. 5. A Chance for Entrepreneurs? Porter s focus strategy and the long tail concept. 6. Discussion. Prof. Dr. Anne König, Germany, 27. 08.

Outline. 5. A Chance for Entrepreneurs? Porter s focus strategy and the long tail concept. 6. Discussion. Prof. Dr. Anne König, Germany, 27. 08. Mass Customized Printed Products A Chance for Designers and Entrepreneurs? Burgdorf, 27. 08. Beuth Hochschule für Technik Berlin Prof. Dr. Anne König Outline 1. Definitions 2. E-Commerce: The Revolution

Mehr

Klausur Verteilte Systeme

Klausur Verteilte Systeme Klausur Verteilte Systeme SS 2005 by Prof. Walter Kriha Klausur Verteilte Systeme: SS 2005 by Prof. Walter Kriha Note Bitte ausfüllen (Fill in please): Vorname: Nachname: Matrikelnummer: Studiengang: Table

Mehr

ReadMe zur Installation der BRICKware for Windows, Version 6.1.2. ReadMe on Installing BRICKware for Windows, Version 6.1.2

ReadMe zur Installation der BRICKware for Windows, Version 6.1.2. ReadMe on Installing BRICKware for Windows, Version 6.1.2 ReadMe zur Installation der BRICKware for Windows, Version 6.1.2 Seiten 2-4 ReadMe on Installing BRICKware for Windows, Version 6.1.2 Pages 5/6 BRICKware for Windows ReadMe 1 1 BRICKware for Windows, Version

Mehr

OEDIV SSL-VPN Portal Access for externals

OEDIV SSL-VPN Portal Access for externals OEDIV SSL-VPN Portal Access for externals Abteilung Serverbetreuung Andre Landwehr Date 31.07.2013 Version 1.2 Seite 1 von 9 Versionshistorie Version Datum Autor Bemerkung 1.0 06.08.2011 A. Landwehr Initial

Mehr

IDS Lizenzierung für IDS und HDR. Primärserver IDS Lizenz HDR Lizenz

IDS Lizenzierung für IDS und HDR. Primärserver IDS Lizenz HDR Lizenz IDS Lizenzierung für IDS und HDR Primärserver IDS Lizenz HDR Lizenz Workgroup V7.3x oder V9.x Required Not Available Primärserver Express V10.0 Workgroup V10.0 Enterprise V7.3x, V9.x or V10.0 IDS Lizenz

Mehr

DIGICOMP OPEN TUESDAY AKTUELLE STANDARDS UND TRENDS IN DER AGILEN SOFTWARE ENTWICKLUNG. Michael Palotas 7. April 2015 1 GRIDFUSION

DIGICOMP OPEN TUESDAY AKTUELLE STANDARDS UND TRENDS IN DER AGILEN SOFTWARE ENTWICKLUNG. Michael Palotas 7. April 2015 1 GRIDFUSION DIGICOMP OPEN TUESDAY AKTUELLE STANDARDS UND TRENDS IN DER AGILEN SOFTWARE ENTWICKLUNG Michael Palotas 7. April 2015 1 GRIDFUSION IHR REFERENT Gridfusion Software Solutions Kontakt: Michael Palotas Gerbiweg

Mehr

IT-SICHERHEIT ALS QUERSCHNITTSAUFGABE IN DER ÖFFENTLICHEN VERWALTUNG

IT-SICHERHEIT ALS QUERSCHNITTSAUFGABE IN DER ÖFFENTLICHEN VERWALTUNG IT-SICHERHEIT ALS QUERSCHNITTSAUFGABE IN DER ÖFFENTLICHEN VERWALTUNG Kai Pohle Sales Manager Public, Defense & HealthCare Germany 2015 Check Point Software Technologies Ltd. 1 Digitalisierung als Herausforderung

Mehr

job and career at CeBIT 2015

job and career at CeBIT 2015 1. Überschrift 1.1 Überschrift 1.1.1 Überschrift job and career at CeBIT 2015 Marketing Toolkit DE / EN 1 Inhalte Smart Careers in DIGITAL BUSINESS 1 Logo Seite 3 2 Signatur Seite 4 3 Ankündigungstext

Mehr

Exkursion zu Capgemini Application Services Custom Solution Development. Ankündigung für Februar 2013 Niederlassung Stuttgart

Exkursion zu Capgemini Application Services Custom Solution Development. Ankündigung für Februar 2013 Niederlassung Stuttgart Exkursion zu Capgemini Application Services Custom Solution Development Ankündigung für Februar 2013 Niederlassung Stuttgart Ein Nachmittag bei Capgemini in Stuttgart Fachvorträge und Diskussionen rund

Mehr

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena

Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena Lehrstuhl für Allgemeine BWL Strategisches und Internationales Management Prof. Dr. Mike Geppert Carl-Zeiß-Str. 3 07743 Jena http://www.im.uni-jena.de Contents I. Learning Objectives II. III. IV. Recap

Mehr

Webbasierte Exploration von großen 3D-Stadtmodellen mit dem 3DCityDB Webclient

Webbasierte Exploration von großen 3D-Stadtmodellen mit dem 3DCityDB Webclient Webbasierte Exploration von großen 3D-Stadtmodellen mit dem 3DCityDB Webclient Zhihang Yao, Kanishk Chaturvedi, Thomas H. Kolbe Lehrstuhl für Geoinformatik www.gis.bgu.tum.de 11/14/2015 Webbasierte Exploration

Mehr

Robotino View Kommunikation mit OPC. Communication with OPC DE/EN 04/08

Robotino View Kommunikation mit OPC. Communication with OPC DE/EN 04/08 Robotino View Kommunikation mit OPC Robotino View Communication with OPC 1 DE/EN 04/08 Stand/Status: 04/2008 Autor/Author: Markus Bellenberg Festo Didactic GmbH & Co. KG, 73770 Denkendorf, Germany, 2008

Mehr

Vorstellung RWTH Gründerzentrum

Vorstellung RWTH Gründerzentrum Vorstellung RWTH Gründerzentrum Once an idea has been formed, the center for entrepreneurship supports in all areas of the start-up process Overview of team and services Development of a business plan

Mehr

Parameter-Updatesoftware PF-12 Plus

Parameter-Updatesoftware PF-12 Plus Parameter-Updatesoftware PF-12 Plus Mai / May 2015 Inhalt 1. Durchführung des Parameter-Updates... 2 2. Kontakt... 6 Content 1. Performance of the parameter-update... 4 2. Contact... 6 1. Durchführung

Mehr

NVR Mobile Viewer for iphone/ipad/ipod Touch

NVR Mobile Viewer for iphone/ipad/ipod Touch NVR Mobile Viewer for iphone/ipad/ipod Touch Quick Installation Guide DN-16111 DN-16112 DN16113 2 DN-16111, DN-16112, DN-16113 for Mobile ios Quick Guide Table of Contents Download and Install the App...

Mehr

Worx Landroid - Software Update

Worx Landroid - Software Update Worx Landroid - Software Update WORX Landroid Software Update für Anwender 30.04.2015 Website: www.worxlandroid.com Direct Direkter Link Link for auf the Update: Update: https://www.worxlandroid.com/en/software-update

Mehr

Product Lifecycle Manager

Product Lifecycle Manager Product Lifecycle Manager ATLAS9000 GmbH Landauer Str. - 1 D-68766 Hockenheim +49(0)6205 / 202730 Product Lifecycle Management ATLAS PLM is powerful, economical and based on standard technologies. Directory

Mehr

Prozesse als strategischer Treiber einer SOA - Ein Bericht aus der Praxis

Prozesse als strategischer Treiber einer SOA - Ein Bericht aus der Praxis E-Gov Fokus Geschäftsprozesse und SOA 31. August 2007 Prozesse als strategischer Treiber einer SOA - Ein Bericht aus der Praxis Der Vortrag zeigt anhand von Fallbeispielen auf, wie sich SOA durch die Kombination

Mehr

Supplier Questionnaire

Supplier Questionnaire Supplier Questionnaire Dear madam, dear sir, We would like to add your company to our list of suppliers. Our company serves the defence industry and fills orders for replacement parts, including orders

Mehr

Prediction Market, 28th July 2012 Information and Instructions. Prognosemärkte Lehrstuhl für Betriebswirtschaftslehre insbes.

Prediction Market, 28th July 2012 Information and Instructions. Prognosemärkte Lehrstuhl für Betriebswirtschaftslehre insbes. Prediction Market, 28th July 2012 Information and Instructions S. 1 Welcome, and thanks for your participation Sensational prices are waiting for you 1000 Euro in amazon vouchers: The winner has the chance

Mehr

Ingenics Project Portal

Ingenics Project Portal Version: 00; Status: E Seite: 1/6 This document is drawn to show the functions of the project portal developed by Ingenics AG. To use the portal enter the following URL in your Browser: https://projectportal.ingenics.de

Mehr

job and career at HANNOVER MESSE 2015

job and career at HANNOVER MESSE 2015 1. Überschrift 1.1 Überschrift 1.1.1 Überschrift job and career at HANNOVER MESSE 2015 Marketing Toolkit DE / EN 1 Inhalte Smart Careers engineering and technology 1 Logo Seite 3 2 Signatur Seite 4 3 Ankündigungstext

Mehr

Sichere Identitäten in Smart Grids

Sichere Identitäten in Smart Grids Informationstag "IT-Sicherheit im Smart Grid" Berlin, 23.05.2012 Sichere Identitäten in Smart Grids Dr. Thomas Störtkuhl, Agenda 1 2 Beispiele für Kommunikationen Digitale Zertifikate: Basis für Authentifizierung

Mehr

3A03 Security Löcher schnell und effizient schließen mit HP OpenView Radia

3A03 Security Löcher schnell und effizient schließen mit HP OpenView Radia 3A03 Security Löcher schnell und effizient schließen mit HP OpenView Radia Alexander Meisel HP OpenView 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change

Mehr

AnyWeb AG 2008 www.anyweb.ch

AnyWeb AG 2008 www.anyweb.ch Agenda - BTO IT heute Was nützt IT dem Business? Die Lösung: HP Software BTO Q&A IT heute Kommunikation zum Business funktioniert schlecht IT denkt und arbeitet in Silos und ist auch so organisiert Kaum

Mehr

Delegieren von IT- Sicherheitsaufgaben

Delegieren von IT- Sicherheitsaufgaben Delegieren von IT- Sicherheitsaufgaben Regeln und Grenzen Pierre Brun Zürich Inhalt Relevante IT-Sicherheitsaktivitäten Verantwortlichkeit von IT Regulatorisches Umfeld 2 PricewaterhouseCoopers Verantwortung

Mehr

XONTRO Newsletter. Financial Institutes. No. 70

XONTRO Newsletter. Financial Institutes. No. 70 XONTRO Newsletter Financial Institutes No. 70 Page 1 This XONTRO Newsletter for Financial Institutes contains information covering the following topics: BCIN BV processing control handling ( Bearbeitung

Mehr

Enhanced Transaction Solution (ETS) Interface: Erweiterungen Eurex Release 11.0 Veröffentlichung von Dokumentation

Enhanced Transaction Solution (ETS) Interface: Erweiterungen Eurex Release 11.0 Veröffentlichung von Dokumentation EEX Enhanced Transaction Solution (ETS) Interface: Erweiterungen Eurex Release 11.0 Veröffentlichung von Dokumentation Sehr geehrte Handelsteilnehmer, Eurex stellt die folgenden Erweiterungen für ETS zur

Mehr

Markus BöhmB Account Technology Architect Microsoft Schweiz GmbH

Markus BöhmB Account Technology Architect Microsoft Schweiz GmbH Markus BöhmB Account Technology Architect Microsoft Schweiz GmbH What is a GEVER??? Office Strategy OXBA How we used SharePoint Geschäft Verwaltung Case Management Manage Dossiers Create and Manage Activities

Mehr

MATLAB driver for Spectrum boards

MATLAB driver for Spectrum boards MATLAB driver for Spectrum boards User Manual deutsch/english SPECTRUM SYSTEMENTWICKLUNG MICROELECTRONIC GMBH AHRENSFELDER WEG 13-17 22927 GROSSHANSDORF GERMANY TEL.: +49 (0)4102-6956-0 FAX: +49 (0)4102-6956-66

Mehr

Der Adapter Z250I / Z270I lässt sich auf folgenden Betriebssystemen installieren:

Der Adapter Z250I / Z270I lässt sich auf folgenden Betriebssystemen installieren: Installationshinweise Z250I / Z270I Adapter IR USB Installation hints Z250I / Z270I Adapter IR USB 06/07 (Laden Sie den Treiber vom WEB, entpacken Sie ihn in ein leeres Verzeichnis und geben Sie dieses

Mehr

Mash-Up Personal Learning Environments. Dr. Hendrik Drachsler

Mash-Up Personal Learning Environments. Dr. Hendrik Drachsler Decision Support for Learners in Mash-Up Personal Learning Environments Dr. Hendrik Drachsler Personal Nowadays Environments Blog Reader More Information Providers Social Bookmarking Various Communities

Mehr