Open Security http://www.opensecurity.at These are the search results for the query, showing results 11 to 14. OpenSecurity 1.0 released http://www.opensecurity.at/news/opensecurity-1-0-released-1 OpenSecurity Version 1.0, released as Beta Software, fulfils a majority of the requirements defined within the scope of the project. Still open requirements have been addressed and are available as concepts, which can be implemented through specific extensions to the OpenSecurity framework. Thus an optimal adaptation to individual customers’ needs and infrastructure is possible. Link to Download

OpenSecurity Logo

The Secure USB and Secure Web Browsing features have been integrated with an existing Windows-interface and with Windows user workflows. Data import and -export occur via the Windows Explorer. The Secure Browser opens as a window on the desktop and persists user bookmarks. In both mechanisms the user does not need to deal directly with the SecureVirtualMachine. If necessary the OpenSecurity user is being guided through any required steps by tray-notifications and dialogues.

OpenSecurity was tested under normal office conditions by the stakeholder IKT Linz. Additional requirements on the existing infrastructure could be modularly and flexibly implemented.

Secure USB

The current version of OpenSecurity allows data import from both unencrypted and encrypted USB-sticks. Imported data is automatically (and potentially centrally, if so configured) virus- and malware scanned. If a potential virus or malware is detected by the system, access to the data is denied. Potential viruses/rootkits that automatically activate upon access, can – if they are able to run on a Linux-system at all – only harm the used disposable SecureVirtualMachine, and not the user workstation.

It is also possible to export data to a USB-stick. In this case the user is requested to initialise the stick with an encrypted container. This way OpenSecurity prevents data loss by prohibiting export to devices other than encrypted USB-sticks.

In addition, it is possible for all data transactions to be recorded on a central logging- or monitoring server. In this way, potential data losses can be tracked.

OS Secure File

Secure Web Browsing

By clicking the desktop- or tray-icon, the user can start the Secure Browser. In OpenSecurity Version 1.0 the open browser Chromium is being used. The browser is executed within a SecurityVirtualMachine, which is graphically integrated with the Windows-interface. It opens as a standard browser window in the usual desktop environment.

Also in this case a virus or malware attack originating from the browser can only affect the SecurityVirtualMachine and cannot contaminate the user workstation. Data from the browsing session can only be transferred via similar mechanisms and security measures as in the USB data import/export feature.

OS Secure Browsing

]]> No publisher Michela Vignoli English 2014-11-28T08:55:00Z News Item Malware and Threat Protection in OpenSecurity http://www.opensecurity.at/news/malware-and-threat-protection-in-opensecurity OpenSecurity defines a process that allows users to communicate with non-institutional networks by means of cryptography and virtualised isolation, as well as malware and threat classification.

IKARUS Security Software GmbH is a member of the OpenSecurity team and is primarily responsible for classification of data. For this IKARUS employs its own proprietary key technology for malware and threat detection. In addition to classification technologies OpenSecurity also employs IKARUS server applications developed for the scalable and highly performant server area.

OpenSecurity is a system with very modular design, which convinces by isolation and encapsulation. In addition to these design aspects it is a project goal to use primarily Open Source products to reduce integration costs. While IKARUS cannot license their products with an open license, they do support the integration of IKARUS software products with Open Source environments.

IKARUS sustains OpenSecurity with their technologies and know-how gained in more than 25 years’ experience in the sector. Due to the defined communication process OpenSecurity is complementary to conventional IKARUS products and adds the existing portfolio. IKARUS sees following benefits for institutions employing OpenSecurity:

1.    Less effort due to centrally administrated scanning of devices;

2.    Safe interaction with the internet without fear of being infected;

3.    Minimal use of resources by client devices;

4.    Low integration costs due to the Open Source approach.

]]> No publisher Michela Vignoli English 2014-05-06T09:30:00Z News Item Further development of OpenSecurity http://www.opensecurity.at/news/further-development-of-opensecurity The project partners AIT Austrian Institute of Technology GmbH and X-Net Services GmbH will pursue OpenSecurity in terms of cooperation and bring it to the market as a product. The consortium plans to bring OpenSecurity as a product to the market. In addition the consortium plans to develop the prototype further on a European level by involving international experts, research institutes, and companies. In an EU-project the consortium hopes to extend the current network and to bring the subject matter closer to Big Data. The aim is to strengthen Europe’s competence in security related areas and to create a Europe-wide unified standard. In this manner, public authorities and institutions managing sensitive private data should be able to secure maximum protection.

The project partners AIT Austrian Institute of Technology GmbH and X-Net Services GmbH will pursue OpenSecurity in terms of cooperation and bring it to the market as a product. To this end the prototype will be adapted to the needs of the stakeholders (i.e. public institutions and commercial large scale enterprises).

Thanks to the complementary strengths of the project partners AIT Austrian Institute of Technology GmbH and X-Net Services GmbH, further development of OpenSecurity in terms of a cooperation model is an ideal basis for the success of the Open Source based solution.

  • X-Net Services GmbH has high level expertise in the implementation of large projects and especially in First and Second Level Support, which plays a major role in such projects. X-Net Services GmbH is in direct contact with customers ensuring a smooth cooperation and system maintenance. If required, X-Net Services GmbH can also adapt and newly implement OpenSecurity solutions within their sphere of competence.
  • AIT Austrian Institute of Technology GmbH acts as integrator with good contacts to industry and a solid reputation. Due to its large number of highly qualified developers, AIT Austrian Institute of Technology GmbH can acquire and promote large projects, and adapt OpenSecurity to the customers’ needs.
]]> No publisher Michela Vignoli English 2014-11-28T09:30:00Z News Item Data, Information and System Security http://www.opensecurity.at/news/data-information-and-system-security Information and Communication Technologies are being increasingly used in almost all social and economic areas. This has led to extensive changes during the last decades, e.g. in terms of optimising production processes or establishing new distribution models. The thereby created diverse and more flexible configuration possibilities are paralleled by a loss of control and security. That is why numerous security solutions have been developed to support this sector. The aim of IT-security is to protect organisations and humans from harm through failure, manipulations or abuse, which notably occurs in case of information- and data loss.

In a nutshell, IT-security is about safe interaction with information and data. Risks and threats for IT systems always rise at the level of information or at transition points and interfaces where information is transformed from one form into another. An example is user authentication by password entry. A professional IT-security management must ensure protection of IT systems and information during their whole lifecycle, from data creation to editing, transfer, and storage, and finally to deletion.

The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik - BSI) in Germany lists five different threat categories in their baseline security manual. In general all ofthese threats can be attributed to a missing or inadequate IT-security concept. This comprises in particular IT-infrastructure security (e.g. server, network, computer, and mobile devices), building security, data security, computer virus protection, communication security (e.g. telephone, fax, e-mail, and internet), and contingency plans.

To minimise the risks, IT-security requires a comprehensive analysis of the organisation’s IT-structures and IT-systems. In addition to the exact definition of the devices and resources to be included (e.g. IT-systems, IT-infrastructure, processes) risk analysis is a key feature in order to establish the IT-security concept as substantial part of a risk management process. Such an IT-security concept must describe responses to potential risks and has to meet other requirements, in particular performance targets and quality or architecture requirements.

]]> No publisher Michela Vignoli English 2014-11-28T09:10:00Z News Item