Jan
26
2010
The Payment Card Industry Data Security Standard (PCI DSS) has undoubtedly made a significant improvement to the security of cardholder account numbers and other sensitive information within the payment card infrastructure. The standard lays out a strong set of requirements that merchants, acquirers and processors must follow.
However, complying with PCI DSS should not be considered a silver bullet for protecting information and battling fraud. Consider that many of the companies victimized by data breaches in the past several years were, in fact, found to be PCI-compliant prior to the breach.
Continue reading
no comments | tags: Encryption, Security | posted in Security
Jan
17
2010
Shortly after Google announced the partially successful cyberattack on Gmail, the company said it will activate by default a secure network technology for its e-mail service.
Continue reading
no comments | tags: Email, Security | posted in Security
Jan
17
2010
Overview
At one time or another, a software developer is faced with a potential troublesome issue. When all the programming is done, and it’s time to distribute the actual program, the question arises: How do I protect my intellectual property from being misused, changed and sold by a potential user of my program? Of course there are Copyrights, but not all users might be aware or care about it. Continue reading
no comments | tags: Security | posted in Security
Jan
17
2010
Overview
OpenID is an open, decentralized standard for authenticating users which can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body. OpenID replaces the common login process that uses a login-name and a password, by allowing a user to log in once and gain access to the resources of multiple software systems. The term OpenID can also refer to an ID used in the standard.
Continue reading
no comments | tags: Security | posted in Security
Jan
17
2010
Overview
Currently, most websites log you in the same way: You enter a username and password, the web-server hashes the password (generally via MD5(), or SHA1()). This hash is then compared to the one stored in a database – if it matches, the user knows the original password, so it logs them in.
Continue reading
no comments | tags: Security | posted in Security
Jan
17
2010
Overview
GNU Privacy Guard (GnuPG or GPG) is a free software alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis’ Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems.
Continue reading
no comments | tags: Security | posted in Security