Category: Secure Systems
Exploring Docker Security – Part 3: Docker Content Trust
This third and last part of this series intends to give an overview of Docker Content Trust, which in fact combines different frameworks and tools, namely Notary and Docker Registry v2, into a rich and powerful feature set making Docker images more secure.
WhatsApp encrypts !?
The majority of the 1 billion monthly whatsapp users may be a little confused about the tiny yellow info-box in their familiar chat. End-to-end encryption? Is this one of these silly annoying whatsapp-viruses or maybe something good? The first big question is “why”. Why do we need a (so complicated) whatsapp end-to-end encryption? The most…
Secure Systems 2016 – An Overview, Walter Kriha
This is an attempt to provide an overview of the topics in “Secure Systems”, a seminar held during the summer term 2016 at the Stuttgart Media University HdM. Presentations have been given and blog entries into our new MI blog were made. With the chosen topics we have been quite lucky, as some of them…
Botnets – Structural analysis, functional principle and general overview
This paper provides an overview on the most important types of botnets in terms of network topology, functional principle as well as a short definition on the subject matter. By exploring the motivation of botnet operators, the reader will gain more insight into business models and course of actions of key players in the field.…
Exploring Docker Security – Part 2: Container flaws
Now that we’ve understood the basics, this second part will cover the most relevant container threats, their possible impact as well as existent countermeasures. Beyond that, a short overview of the most important sources for container threats will be provided. I’m pretty sure you’re not counting on most of them. Want to know more?
MirageOS
Introduction MirageOS is a new and rising trend when it comes to talking about cloud computing. More and more services are being relocated into modern cloud infrastructures, due to a lot of advantages like i.e. reduced costs, maximum flexibility and high performance. Todays services normally depend on big virtual machines (like i.e. Ubuntu Xenial with…
Exploring Docker Security – Part 1: The whale’s anatomy
When it comes to Docker, most of us immediately start thinking of current trends like Microservices, DevOps, fast deployment, or scalability. Without a doubt, Docker seems to hit the road towards establishing itself as the de-facto standard for lightweight application containers, shipping not only with lots of features and tools, but also great usability. However, another important topic is neglected very…
Stupid by nature? – How psychology influences our security decisions
An overview on how psychology influences our decision making process, cognitive biases and why good security trade-offs are so important.
Machine Learning in secure systems
Sadly today’s security systems often be hacked and sensitive informations get stolen. To protect a company against cyber-attacks security experts define a “rule set” to detect and prevent any attack. This “analyst-driven solutions” are build up from human experts with their domain knowledge. This knowledge is based on experiences and build for attacks of the…
Bring your own Device – advisible, but often still harmful
(written by Mona Brunner, Maren Gräff and Verena Hofmann) Introduction Bring your own device (BYOD) is a concept which enables employees to use their personal devices for work. The most poplular devices are smartphones and tablets, however, notebooks can also be included as well. Using their own device employees can access their work Emails, calendar…
You must be logged in to post a comment.