LOGIN | REGISTER NOW | SUBSCRIBE
 
Print

RSA remains focused on traditional security approaches


By Alex Handy


 Alex Handy
Email
March 1, 2013 —  (Page 1 of 2)
Now more than a decade old, the RSA Conference in San Francisco this week remained predominantly focused on traditional security practices rather than hot new inventions for protection. The event was highlighted by keynotes from Internet co-inventor Vint Cerf, Wikipedia founder Jimmy Wales, and even former Secretary of State Condoleezza Rice.

SafeNet, for example, was on hand to talk about data protection through encryption. While one of the themes of this year's conference was “Big Data Revolutionizes Security,” much of the discussion around Big Data was simply focused on encrypting it and locking it away with proper access controls.

Dave Hansen, president and CEO of SafeNet, said that there is a tremendous need for encryption in cloud-based data-driven applications. Unfortunately, he also said many companies only decide to encrypt their cloud data after a breach has occurred.

But Hansen also said that the focus of security products, like those SafeNet sells, have changed as time has gone on. While DRM and anti-piracy measures were popular in the past, license management is more popular today. To that end, SafeNet created Sentinel Cloud Services to allow developers to authenticate and license software remotely through an API and authentication service. Sentinel Cloud Services allows developers to add functionality similar to that used in Microsoft Windows Genuine Advantage, where software authenticates with a remote licensing server over the Internet to validate its license.

Elsewhere at RSA, Alan Karp and Marc Stiegler, both of HP Labs, discussed the principle of least authority, or POLA. POLA is a guiding principle for developing secure software by isolating objects.

Karp said that isolating objects prevents the abuse of object access privileges. “Some you will find already are using some of these standards,” he said. “Many places already say you're not allowed to have global static mutables. This is just a continuation of things you're already doing.”

Stiegler compared POLA to object-oriented programming, but said that POLA takes object orientation to its logical extremes.

“This is like object-oriented modularization put on steroids, or taken all the way,” he said. “It's the real thing. Once we do that, we find we get security properties almost for free.”


Related Search Term(s): Big Data, RSA, security

Pages 1 2 


Share this link: http://sdt.bz/39469
 
Most Read  Latest News  Resources
SAP unveils SAP HANA platform innovations for Big Data and spatial processing
Features include smart data access and expanded cloud deployment options
Alteryx raises $12 million to put Big Data analytics in the hands of all business analysts
Quest founder's firm, Toba Capital, selects Alteryx as its first analytics investment
Google I/O kicks off
Developers get new APIs and tools, and the Go language hits version 1.1
Jelastic launches new version of its Java and PHP hosting platform
Jelastic today announced the launch of a new version of its ultra-scalable cloud hosting platform
Digg!  Digg
Reddit  Reddit
Slashdot  Slashdot
Share on facebook  Facebook
Share on Twitter  Twitter


close
NEXT ARTICLE
Cigital Develops Ready-to-Use Tools for Securing the Smart Grid
Cigital Inc. announced the release of the Guide to Developing a Cyber Security and Risk Mitigation Plan Read More...
 
 
 




News on Monday  more>>
Android Developer News  more>>
SharePoint Tech Report  more>>
Big Data TechReport  more>>

   
 
 

 


Download Current Issue
MAY 2013 PDF ISSUE

Need Back Issues?
DOWNLOAD HERE

Want to subscribe?