MicroToken Exchange Data Security Solutions

Slides:



Advertisements
Similar presentations
Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Advertisements

Cyber and Maritime Infrastructure
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.
Lecture 1: Overview modified from slides of Lawrie Brown.
Security Controls – What Works
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Presentation title SUB TITLE HERE Intelligent 21st Century Strategies for Broadband and Cyber Infrastructures Security By Dr. Emmanuel Hooper, PhD, PhD,
Information Systems Security Computer System Life Cycle Security.
Ruslan Masinjila Aida Militaru.  Nature of the Problem  Our Solution: The Roaming Security Robot  Functionalities  General System View  System Design.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
UAB IT Security Program Sallie Wright UAB AVP, Information Technology.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
CSCE 548 Secure Software Development Security Operations.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
The Art of Information Security: A Strategy Brief Uday Ali Pabrai, CISSP, CHSS.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
@Yuan Xue CS 285 Network Security Fall 2012 Yuan Xue.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.
Vulnerability Analysis Dr. X. Computer system Design Implementation Maintenance Operation.
HCNA-Security Huawei Certified Network Associate Security (HCNA-Security) validates the basics of network security knowledge and skills to support the.
Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
Network Security Confidentiality Using Symmetric Encryption Chapter 7.
HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,
Securing Information Systems
Principles Identified - UK DfT -
CS457 Introduction to Information Security Systems
IPSecurity.
BUSINESS DRIVEN TECHNOLOGY
Koji Nakao, Dai Arisue NICT, Japan
Cybersecurity - What’s Next? June 2017
What Is ISO ISO 27001, titled "Information Security Management - Specification With Guidance for Use", is the replacement for BS It is intended.
Network Security Basics: Malware and Attacks
Secure Software Confidentiality Integrity Data Security Authentication
Advanced Threat Protection
Introduction to the Federal Defense Acquisition Regulation
CNET334 - Network Security
Information and Network Security
Securing Information Systems
Download Latest CompTIA CAS-002 Exam Dumps PDF Questions - CAS-002 Best Study Material - Realexamdumps.com
5G Security Training
Critical Vehicle Conversions
By: Tekeste Berhan Habtu Chief Executive Officer Venue: African Union
Mumtaz Ali Rajput +92 – INFORMATION SECURITY – WEEK 2 Mumtaz Ali Rajput +92 – 301-
Cryptography and Network Security
How to Mitigate the Consequences What are the Countermeasures?
RIE : Starting point On May 25th, 2012, the Council of Ministers has decided to implement a “secured interdepartmental telecommunication network, unifying.
Rekeying Protocol Fix Date: Authors: Month Year
DSC Contract Management Committee Meeting
Security Mechanisms Network Security.
MicroToken Exchange Data Security Solutions
MicroToken Exchange Data Security Solutions
Presentation transcript:

MicroToken Exchange Data Security Solutions Use Case Solution: GVSC Securing Real Time Commands and Video

The Customer: The GVSC The United States Army CCDC Ground Vehicle Systems Center (GVSC), located in Warren, Michigan, is the United States Armed Forces' research and development facility for advanced technology in ground systems. It is part of the U.S. Army Combat Capabilities Development Command (CCDC), a major subordinate command of the U.S. Army Futures Command.

The Challenges and Requirements The MTE and GVSC Implementation The Use Case Process Flow The Challenges and Requirements The MTE Solution The MTE and GVSC Implementation

Leader Follower Vehicles Military Ground Vehicles The Challenges Common Software Aerial Vehicles Leader Follower Vehicles Autonomous Vehicles Military Ground Vehicles A variety of military vehicles use the same software and electronic architectures as commercial vehicles. They are potentially vulnerable to hacking. To help it defend its fleets, the GVSC and all military sectors scout for an intrusion defense system that can protect against cyber-attacks on military vehicles. Adversaries probe and exploit systems used by government, law enforcement, military, intelligence and critical infrastructure in the United States and abroad.

Secure Live Video Transmission The Requirements Secure Live Video Transmission Thwart Replay Attacks Secure Command and Control

The Solution: Eclypses MicroToken Exchange (MTE) MTE secures Data at Rest or, in this case, Data in Transit. MTE handles all the “Key Management” so that you do not have to. MTE prohibits unauthorized access. MTE thwarts “replay-attacks MicroToken Exchange MTE PCI DSS Certified MicroToken Exchange MTE

The MTE Implementation – Phase I Eclypses provided technical collaboration to determine the best scheme for deployment. The Eclypses team embedded MTE “methods” within the GVR-Bot application. This required inserting our MTE “code”, Into the “source code” of the robotic operating system. The same process was followed for the “controller”. Implementation

The MTE Implementation – Phase II Eclypses tested for vulnerabilities around the installation. The GVR-Bot was then tested by GVSC along with an independent third party. Enhancements and adjustments were made to fortify the overall architecture of the solution provided. The GVR-Bot was then re-tested by the same independent third party and the results were extraordinary. The Eclypses team met with the GVSC Penetration Test team to collaborate regarding additional enhancements that the GVSC team wanted to see. Eclypses implemented those changes and completed the POC. Implementation

Risk Management with variable parameters RESULT: The GVR Bot SECURED with MTE! Output Window Risk Management with variable parameters MicroToken Packets replaced “real commands” and were transmitted, received and interpreted by the intended endpoint Live video streams were secured a single frame at a time, secured by MTE. Security Protection Is Our Highest Priority

Technical live demonstration is scheduled for October 2019 The GVSC Implementation Technical live demonstration is scheduled for October 2019 Top Brass as well as many other interested parties will be in attendance Additional POC’s are expected after the extraordinary success that was demonstrated

Illustration of GVR Bot Remote commands Sending Device Receiving Device Command List Move Forward Move Backward Turn left 90 Degrees Turn Right 90 Degrees Stop Fire projectile Transmit Video Self-Destruct Command List Move Forward Move Backward Turn left 90 Degrees Turn Right 90 Degrees Stop Fire projectile Transmit Video Self-Destruct Paired Devices

Illustration of GVR Bot Remote commands with MTE Sending Device Receiving Device Command List Move Forward Move Backward Turn left 90 Degrees Turn Right 90 Degrees Stop Fire projectile Transmit Video Self-Destruct Command List Move Forward Move Backward Turn left 90 Degrees Turn Right 90 Degrees Stop Fire projectile Transmit Video Self-Destruct MicroToken within a MicroToken Packet transmitted to the Receiving endpoint (6I<'nsh`9^M~>}/_) (^2L?OOU}xK'kT}Y#tO?<H9yK>kbP~h!Bzrl)3KXyQ6KNoG]EY76I<'nsh`9^M~>}/_?O3$V<^Ypa5-L-LW|LT4+4Mx3TM

Transmitted Packet Received Illustration of GVR Bot Remote commands with MTE Sending Device Receiving Device Command List Move Forward Move Backward Turn left 90 Degrees Turn Right 90 Degrees Stop Fire projectile Transmit Video Self-Destruct Command List Move Forward Move Backward Turn left 90 Degrees Turn Right 90 Degrees Stop Fire projectile Transmit Video Self-Destruct (6I<'nsh`9^M~>}/_) Transmitted Packet Received Command Interpreted (^2L?OOU}xK'kT}Y#tO?<H9yK>kbP~h!Bzrl)3KXyQ6KNoG]EY76I<'nsh`9^M~>}/_?O3$V<^Ypa5-L-LW|LT4+4Mx3TM

Validation of Eclypses’ Third Party Penetration Tested Validation of Eclypses’ MicroToken Exchange “With the method of key generation, even if the attacker intercepts the initial key/pin, they would need to brute force their way to the discovery of the algorithm, with that being said, it would take nation state actors to even attempt to break the encryption process without having access to the source code . . . . In other words, very improbable.” – H2L Solutions (Military Penetration Testing Facility)

Contact Us Securing Data via MicroToken Exchange For more information contact: Info@Eclypses.com www.Eclypses.com (USA) +1-719 323 6680 Contact Us Ensuring that sensitive data remains unavailable to exploitation in the event of an internal or external network defense breach