Embedded Device Security in the New Connected Era

A technical papers written by Marc Brown and publish at EETimes. It can be read/downloaded from here. It is another good technical papers although it was not really technical enough or the word used was not really technical jargon. It is very easy for non-technical person to read and understand the papers. The only limitation was references our proof on all facts/data used in the paper.

Read More

Threat Modeling for Secure Embedded Software

Klocwork had publish a paper on the above title. You can read/access it here.

I won't comments on the paper as it was a good idea/framework they proposed in the paper. The important things I would like to stress here is that the framework or idea is nothing new. It was first established by Microsoft in their SDL. It was already implemented in software development by major software vendor. They might want to re-phrase some of the contents by referring to the giant in doing threat modelling. It does not matter either you are developing normal software or embedded software as it is still treated as a software's project.

Read More

Conference for July 2011

SANS Delhi 2011 12 September 2011 New Delhi India

Intellect Cloud Computing Roadmap Conference 2011 21 September 2011 London United Kingdom

2011 European Digital Forensics and Incident Response Summit 21 September 2011 London United Kingdom

Mobile Application Development Strategies 26 September 2011 London United Kingdom

The 15th Annual GOTO Aarhus 2011 09 October 2011 Aarhus Denmark

SANS Baltimore 2011 09 October 2011 Baltimore Maryland

SANS Singapore SOS 2011 10 October 2011 Singapore Singapore

2011 International Conference on Information Communication and Management(ICICM 2011) 14 October 2011 Singapore Singapore

SANS Chicago 2011 23 October 2011 Chicago Illinois

Cyber Warfare India 01 November 2011 New Delhi India

SANS Seattle 2011 02 November 2011 Seattle Washington

2011 3rd International Conference on Advanced Management Science (ICAMS 2011) 04 November 2011 Kuala Lumpur Malaysia

2011 International Conference on Embedded System and Microprocessors (ICESM 2011) 04 November 2011 Kuala Lumpur Malaysia

2011 International Conference on Electronics, Networks and Computer (ICENC 2011) 04 November 2011 Kuala Lumpur Malaysia

SANS Korea 2011 07 November 2011 Seoul Korea (South)

SANS Sydney 2011 11 November 2011 Sydney Australia

SANS Tokyo Autumn 2011 14 November 2011 Tokyo Japan

SANS San Francisco 2011 14 November 2011 San Francisco California

2011 3rd International Conference on Computer Technology and Development(ICCTD 2011) 25 November 2011 Chengdu China

2011 International Conference on Software and Information Management(ICSIM) 25 November 2011 Chengdu China

2011 International Conference on Networks and Information(ICNI 2011) 25 November 2011 Chengdu China

2011 2nd International Conference on Networking and Information Technology (ICNIT 2011) 25 November 2011 Hong Kong China

2011 International Conference on Information and Intelligent Computing (ICIIC 2011) 25 November 2011 Hong Kong China

International Conference on Informatics for Development (ICID) 2011 26 November 2011 Yogyakarta Indonesia

EMERGING TRENDS IN ELECTRICAL AND ELECTRONICS ENGINEERING ( E T E E E – 2 0 1 1 ) 26 November 2011 Sultanpur India

Social Media Results for PR & Comms 29 November 2011 London United Kingdom

UP 2011 Cloud Computing Conference 05 December 2011 Mountain View California

SANS Perth 2011 12 December 2011 Perth Australia

International Conference on Wireless Technologies for Humanitarian Relief 19 December 2011 Amritapuri India

International Conference on Emerging Information Technology and Engineering Solutions (EITES 2012) 17 February 2012 Pune India

International Conference on Computer Graphics Theory and Applications (GRAPP) 24 February 2012 Rome Italy

International Conference on Information Visualization Theory and Applications (IVAPP) 24 February 2012 Rome Italy

International Conference on Computer Vision Theory and Applications (VISAPP) 24 February 2012 Rome Italy

7th International Joint Conference on Computer Vision, Imaging and Computer Graphics Theory and Applications (VISIGRAPP) 24 February 2012 Rome Italy

Law & Informatics 01 March 2012 Highland Heights Kentucky

2nd International Conference on Cloud Computing and Services Science (CLOSER 2012) 18 April 2012 Porto Portugal

14th International Conference on Enterprise Information Systems (ICEIS 2012) 28 June 2012 Wroclaw Poland

Read More

Uneven maturity obscures cloud platform choice

Platform-as-a-service will play key role in unlocking cloud benefits for many businesses, but varying maturity of technology and lack of interoperability make choosing right vendor tough, industry watchers say. (By Kevin Kwang , ZDNet Asia on July 21, 2011) [more].

That's is from business perspective. In my perspective, cloud provider are lacking of security either in securing their infrastructure (IaaS), platform (PaaS), system (SaaS), etc. Although there are works done on it, but it is yet to reduce the risk of user and provide from attacks. We thought cloud is something new, but to me, it is just an old things re-branded by business people to attract customer. It still carries the old things issues. If your cloud is running on Linux, the security holes of the OS is still there. If you are using Windows, the problems we faced with windows nowadays is still valid in cloud environment. Further more, it is more dangerous in cloud than in normal networked environment because users are sharing across boundaries on the same structures, platform, system, etc. One attacks on single node can cause lots of damages.

Read More