Expert analysis
Threat Profiling Microsoft SQL Server
This paper is written from the perspective of an attacker and shows typical “cursi incursi” for Microsoft SQL Server. An attacker’s location in the …
SSL – A discussion of the secure socket layer
The Secure Socket Layer is the protocol that gives e-commerce the confidence it needs to allow on-line banking and shopping. SSL provides and encrypted bi-directional data …
Monitored Intrusion Detection Systems
Most enterprise networks are protected from the Internet by firewalls. While firewall protections are essential, they rarely identify types of attacks, or attacks on allowed …
Secure Personal Identification Systems: Policy, Process and Technology Choices for a Privacy-Sensitive Solution
This paper describes policy, process and technology issues that need to be considered in implementing a privacy-sensitive secure personal ID system. The different ID …
Shatter attacks – more techniques, more detail, more juicy goodness.
Introduction Well, It’s now two weeks since the release of Shatter, and my inbox has finally started calming down. I’ve tried to reply to most of the messages …
Public Key Infrastructure (PKI): A Primer
As the Internet becomes an increasingly important means of conducting transactions and the volume of e-business grows exponentially, a secure infrastructure is needed to …
Protecting the Distributed Enterprise
Shows how a distributed security strategy can cost-effectively extend the reach of enterprise-class security and remote access throughout the enterprise. Download the paper in …
Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
We recently noted that PGP and other e-mail encryption protocols are, in theory, highly vulnerable to chosen-ciphertext attacks in which the recipient of the e-mail acts as an …
Exploiting design flaws in the Win32 API for privilege escalation – Shatter Attacks – How to break Windows
Introduction This paper presents a new generation of attacks against Microsoft Windows, and possibly other message-based windowing systems. The flaws presented in this paper …
Infranet: Circumventing Web Censorship and Surveillance
An increasing number of countries and companies routinely block or monitor access to parts of the Internet. To counteract these measures, we propose Infranet, a system that …
A General and Flexible Access-Control System for the Web
We describe the design, implementation, and performance of a new system for access control on the web. To achieve greater exibility in forming access-control policies – …
Proprietary Certificates
Certificates play an essential role in public-key cryptography, and are likely to become a cornerstone of commerce-related applications. Traditional certificates, however, are …