Category: "Security Engineering"

About the Security Engineering category

  By Hagai Bar-El   , 49 words
Categories: Security Engineering

The Security Engineering category contains articles that discuss analysis of requirements and solutions that are of interest to the security engineer. As opposed to the IT Security category, the articles of this category address not the secure deployment of systems, but the secure design of systems – software and hardware.

Pages: 1 3 5

  2013-09-15

How risky to privacy is Apple's fingerprint reader?

  By Hagai Bar-El   , 964 words
Categories: IT Security, Security Engineering

Congratulations to Apple for featuring a fingerprint reader as part of its new iPhone. It was reported by The Wall Street Journal here, in the blog of Bruce Schneier here, by Time Tech here, and in dozens of other places. Very much expectedly, this revelation spurred anxiety among the conspiracy theorists out there. The two common concerns that were raised are:

  • Apple will have a database of all our fingerprints.
  • What if someone breaks into the device and gets at our fingerprint?

(There is another line of concern, related to the fifth amendment and how its protection may be foiled by authenticating using biometrics alone, but this is a legal concern which is off topic.)

While a bit of paranoid thinking is always helpful, security engineering requires more than crying out each time a mega-corporate launches a new technology that involves private data. Assets and threats need to be determined, and then we can decide whether or not the risk is worth the benefits.

Read more »

  2013-02-05

My new patent on a secure execution environment

  By Hagai Bar-El   , 119 words
Categories: Personal News, Security Engineering

I recently got a US patent application granted by the Patent and Trademark Office. The patent bears the title “Device, System, and Method of Securely Executing Applications".

Read more »

  2011-07-30

Handling the Security Aspect of Smart Grid Product Purchasing

  By Hagai Bar-El   , 1581 words
Categories: Security Engineering, Cyber Security

Smart Grid security is one of the new emerging fields of security. Everybody knows that the new generation of electricity grids requires a new level of security against cyber-wars, cyber-terrorism, and all the rest. Yet, for the purchaser of Smart Grid solutions, it is not always obvious where to start and that to require. The topic is wide, complex, and not very well documented. I do not intend to write a compendium here, but I will share my perspective on how an integrator, or purchaser, may prefer to approach the problem of evaluating Smart Grid solutions from the security perspective.

Read more »

  2011-06-20

The Difference Between Content Protection and Cyber Security

  By Hagai Bar-El   , 1156 words
Categories: Security Engineering

A few days ago I was presented with an interesting question: What is the difference between Content Protection and Cyber Security? These domains of Information Security are so different and unrelated, that the difference in their definition is more or less the entire definition of both. This question, however, was asked in the context of the factors that make each of these problems hard to solve. Both problems are hard ones, and seem to require more than the state of the art in security can provide; yet they are hard problems for completely different reasons.

Read more »

  2011-02-15

The Future of Content Protection on Open Platforms, Such as Android

  By Hagai Bar-El   , 824 words
Categories: Security Engineering

The emergence of the Android Operating System for mobile devices is said to have put the content protection industry in trouble. This is probably true. However, for sake of accuracy, it has not introduced wholly new problems as it worsened existing ones, in an overall situation that was never easy to start with. Let us see what open Operating Systems such as Android have changed, and how the content protection industry may go about to overcome these new-old difficulties.

Read more »

  2011-01-08

Car Automation. Me? Worried?

  By Hagai Bar-El   , 732 words
Categories: Security Engineering

Cars will soon be (almost) fully automated. News on experiments with cars that drive by themselves, in different scenarios and situations, make it seem obvious that soon enough the role of the driver is to be similar to that of a pilot in a passenger jet. Many people feel some itch of discomfort with this thought; the itch of “we are not there yet”. Let us see if and why we “are not there” yet, and what we can do about it.

Read more »

  2010-05-19

Automobile hack: we should have known better

  By Hagai Bar-El   , 776 words
Categories: Security Engineering, Counter-media

No one in the automotive security industry could miss the recently published news article titled “Beware of Hackers Controlling Your Automobile”, published here, and a similar essay titled “Car hackers can kill brakes, engine, and more”, which can be found here. In short, it describes how researchers succeeded in taking over a running car, messing up with its brakes, lights, data systems, and what not.

As alerting and serious as this is, it should not come by as a surprise.

Read more »

1 3 5


Form is loading...

  XML Feeds

Search

License

All contents are licensed under the Creative Commons Attribution license.