Cyber SecuritySolutions from
Tekes Safety and Security Programme
Total IT Asset Data Erasure
Benefits Increased data security, improved regulatory compliance Reduced costs through more efficient IT asset
administrationUsers Banking and finance and defense industries Government organizations IT Asset Disposal professionals
Blancco has Certifications and Approvals from eg.: - Common Criteria (ISO 15408)- Communications-Electronics Security Group- BSI - Federal Office for Information Security- NATO- TÜV – SÜD- The Norwegian National Security Authority- The USA Department of Defense
www.blancco.com
User need A secure, ethical, fast and convenient solution
for the complete erasing of digital data Solution 100% data erasure for all IT assets Cannot be recovered with any existing
technology Most comprehensive certification in the industry PC, mobile, file, server, data center and virtual
solutions Reports generated for every erasure
Flexible and Secure Authentication
User need Authentication to Internet services cries for radical
improvement : it is cumbersome and unreliableSolution An authentication solution that integrates with the
current end-user devices and servicesBenefits Provides usability, security and privacy for all users
of Internet services Solves the shortcomings of competing alternatives
in usability, security, and deployment Partners onboard have a unique chance to take
advantage of the inexorable paradigm shift of authentication to Internet services
Users All end-users that use Internet services
www.cwc.oulu.fi / Jani Pellikka, [email protected]
Fuzz-o-Matic: Testing-as-a-Service forApplication Security and Robustness
Need Discovering dependencies on third-party libraries and applications Ensuring that used applications do exactly what they’re supposed to do Robustness test your applications and ensure their safetyApproach Fuzz-o-Matic is a scalable testing-as-a-service offering Scans the existing open source binaries, and then fuzz-tests all potential
interfaces Supports Windows, Linux, Android and iOS applicationsBenefits Reliable and repeatable test results, find the existing vulnerabilities in the
Open Source libraries Quality AssuranceCompetition Some competitors have similar services for known vulnerabilitiesUsers Software and hardware companies, web service providers
www.codenomicon.com
Secure Your Mass Memory Devices
User need Protect data on various mass memory devices as
well as in couldSolution Protect a confidential document by encrypting it
and removing small random parts of it to another location
Benefits Easy to use, high level of protection Guarantee data integrity and allowing document
trackingUsers Small and larger corporations, government
agencies, etc.
A simple but brilliant idea: Protect a confidential document by first encrypting it and then removing small random parts of it to another location.
http://www.envaultcorp.com/
Insertion and Detection of Data in Portrait Images
Approach Define and build a demonstrator
system, including personalization machine, software solution, and a product that can be manufactured and personalized in an industrial manner
Benefits Higher security of ID products Machine-readability of the security
featuresUsers Governments issuing identity products
www.gemalto.com
Need Increase the security of card holder´s image by various digital means, based
on visible and invisible markings (watermarking, guilloches, image hashing) The security need arises from increased international crime such as terrorism,
and human and drug trafficking. Technically the need for this type of solutions arises from two trends: growing ratio of ID and travel documents being equipped with micro-processor chips; and more widely spread reader infrastructure for document authentication at borders and by police
User need Today, a widely recognized need for improving the success of
security related investment proposals within the organizations; how to get more resources for information security (IS) investments from the company management
Solution A risk management tool for measuring the value of IS investments Theoretical models, based on empirically testing, for explaining
and predicting investment decisionsBenefits Understanding the weaknesses of the current IS investment
decisions, and persuasion methods for gaining resources for IS investments from the management
Competition The existing research on information security investments is not
empirically proved to work in practiceUsers Information security managers and other employees involved in
the IS decision making within the organizations
Information Security Investments
www.oulu.fi/english
User need To securely register users into e-services such as extranets and
e-shops Identity enrichment with attributes, entitlements and mandates
are needed for e-services to be productive and smoothSolution Business-oriented approach to identity and access
management The solution covers stakeholder services including identity
registration and delegated management, together with extensive authentication and identity federation, identity enrichment, role management and e-mandates
Benefits Security along with efficiency and smoothness for customer e-
services Savings of 40€ per registration plus 20€ per transaction and
sessionUsers Nordic and European companies
Business-Oriented Identity and Access Management
www.ubisecure.com
Role-centric IdentityNeed Organisations have a crucial need for identity
control: Managing large complexities in a continuous changes
Approach A set of innovative and modular security
components and processes to enhance role management within the infrastructure identity level and provide innovative role functionalities
Benefits Improved capacity to implement and deploy identity
and security mechanisms and solutions Stronger competitive position of European industry in the selected sectors
Users Healthcare and public safety organisations using
networks for their business or administration
www.roleid.org
User need Predictable cloud storage for data, accessible at any place with any
device Minimized risks, compliance with laws and regulations Comparability of cloud providersSolution Multi-cloud storage broker Cloud vendor benchmarking, user defined Service Level Agreement Value-adding security services as impartial third party The methods apply practices used in clean production in the high-tech
industriesBenefits Lesser data lock-in and cost of switching cloud providers Saving through supported decisions and risk managementUsers Any large user of cloud services
Storage Broker for Multi-Cloud Environments
www.helsinki.fi
Future Information Security Trends
User need Anticipate information security related risks and
opportunities to appear within 5 – 10 years in FinlandSolution A report and a proposal for an on-going trend discovery
processBenefits The results will be public and available for all interested
partiesUsers All kinds of Finnish organizations
http://magnet.erve.vtt.fi/kasi
User need Network managers require ability to prevent and
detect information security incidents (malware, DoS attacks, etc.)
Current solutions provide limited functions, able to usually detect but not effectively prevent.
Complexity quickly and changing nature of network environment are problems
Solution More efficient methods are required for
successful monitoring of networks and applications
Different statistical approaches were researchedBenefits Improved network security monitoringUsers Any network administrator with security
requirements
Modern Network and Application Information Security Perception
www.vtt.fi
Information Security in Industrial Control Systems
User need Plants to gain proper control of security situationSolution Security requirement base for plant ICS Concept and procedure for site ICS security mapping Site specific results of overall ICS security mapping Initial plan for ICS security improvement programsBenefits Support the continuation of the core production &
prevent information security incidents in automation intensive production
Users Industrial production sites, plants, headquarters
Identifying the current major ICS (Industrial Control System) security & continuity gaps and bottlenecks of industrial sites.
www.vtt.fi
Safety-Critical Software in Machinery
Need Faults in a machine program can cause
severe hazards especially when program size increases
Solution Ideas for software development model and
criteria for selecting methods according to the case criticality and developer needs
Benefits Well-defined and yet flexible development
process means typically lower design costs Safety under control means less accidents,
better product confidence andpeace of mind for designers
Users Machine builders, software developers
Methods for defect or “bug” control can be divided into four different categories
Fault removal
Fault tolerance
Fault forecastingFault
prevention
"Bug" control
www.vtt.fi
Information Security Testing
User Need Adequate information security level under continuously
evolving threatscapeSolution Novel security testing and network monitoring solutions→ these include fuzz- and model based testing tools, as
well as test case selection and anomaly detection methods
Benefits Integrity, confidentiality and availability of information,
services and data is maintained at acceptable levelUsers Software and embedded system vendors and operators
in different fields Any party striving to improve information security level
of their products or infrastructure
www.itea2-diamonds.org
Know Which Websites To TrustUser need Make informed decisions whether to visit a website or not,
especially when visiting unknown sites Decisions are made based on website reputation and user
reviews made by millions of users worldwideSolution A crowdsourced service which enables every user to rate and
review a website based on their own experiences These ratings and reviews help other users to make informed decisions whether to trust a site or not
WOT has developed an innovative algorithm that makes the system reliable and difficult to manipulate
Benefits Free and easy to use service which provides traffic-light style
icons (indicating website reputation) next to search results, social networking sites, online emails and other popular sites
Competition WOT is a unique concept with no direct competitors
worldwide. WOT currently co-operates with major internet players such as Facebook and Mail.ru
Users All interested Internet users, currently over 80 million
downloads and over 42 million rated websites
The WOT add-on shows you which websites you can trust based on millions of users' experiences.
The WOT safe surfing browser tool is easy-to-use, fast and completely free.
www.mywot.com