You are here: silicon.com > Resources > White Papers > Security > Authentication - Encryption > PKI

PKI White Papers

Why Cryptosystems Fail

Overview Designers of cryptographic systems are at a disadvantage to most other engineers, in that information on how their systems fail is hard to get: their major users have traditionally been government agencies, which are very secretive about their mistakes.In this article, we present the results of a survey of the failure modes of retail banking systems, which constitute the next largest application of cryptology. It turns out that the threat model commonly used by cryptosystem designers was wrong: most frauds were not caused by cryptanalysis or other technical attacks, but by implementation errors and management failures. This suggests that a paradigm shift is overdue in computer security; we look at some of the alternatives, and see some signs that this shift may be getting under way.

Further White Paper Details
Publisher	University of Cambridge Computer Laboratory	File Format	HTML & PDF
Date Published	June 1999	Downloads	2
Format	White Papers
Topics	PKI

Did you find this white paper useful? 1 out of 2 users found this white paper useful

'Big Brother Blair' using terror threat as an 'excuse to snoop'

She said: "These initiatives have led to a noticeable shift in the balance between respect for an individual's private life and the needs of society to protect itself against such criminal actions. Although this shift has occurred in the name of...

Channel:
Law & Policy

Employees 'more of a disaster threat than terrorists'

Employee blunders and hardware and software failures are more of a worry for IT directors than the much-hyped threat of terrorism when it comes to disaster recovery planning, according to a new survey.

Channel:
IT Director

Unwired: Fewer desks than people?

A new flavour of hotdesking, renamed 'hotelling' has taken hold and it points the way to a whole new work paradigm called - let's wheel out a prime piece of jargon - 'task-based work settings'. The notion of having fewer desks than people has...

The Brampton Factor: Chinese whispers

But anecdotal evidence suggests that the number of items shipped with faults that either prevent them working at all, or result in early failures, has increased sharply. Faulty toys are one thing but in recent weeks the Chinese have been cast as a...

Data breaches: Don't blame 'stupid' employees

There has been a spate of high-profile security breaches dating back to mid-2007, which has led the government watchdogs to demand action be taken against organisations and individuals who fail to safeguard data and information.

Legal Eye: Could you end up footing your e-crime bill?

Customers are liable for losses on their accounts if they fail to act with reasonable care. Defining reasonable care and allowing for genuine technical failures or inadvertent security breaches - particularly if the customer is banking on a work or...

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

PKI White Papers

Why Cryptosystems Fail

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific