Trojan steals money from your bank site

Researchers at security firm Finjan have discovered details of a new type of banking Trojan horse that doesn't just steal your bank log in credentials but actually steals money from your account while you are logged in and displays a fake balance.

The bank Trojan, dubbed URLzone, has features designed to thwart fraud detection systems which are triggered by unusual transactions, Yuval Ben-Itzhak, chief technology officer at Finjan, said in an interview on Tuesday. For instance, the software is programmed to calculate on-the-fly how much money to steal from an account based on how much money is available.

The specific Trojan Finjan researchers analyzed targets customers of unnamed German banks. It was linked back to a command-and-control server in Ukraine that was used to send instructions to the trojan software sitting infected PCs. Finjan has notified German law enforcement authorities, Ben-Itzhak said.

"It's a next generation bank trojan," he said. "This is part of a new trend of more sophisticated Trojans designed to evade antifraud systems."

Finjan researchers were able to trace the communications from the code on an infected machine back to the command-and-control server, which was left unsecured, according to Ben-Itzhak. On that server, they saw the LuckySploit administration console and were able to see exactly what types of rules the Trojan was written to follow and statistics on victims.

About 90,000 computers visited the sites housing the malware and 6,400 of them were infected, a 7.5 percent success rate, he said. Of those whose computers had the Trojan installed, a few hundred had money stolen from their bank accounts, he added.

During the span of 22 days in mid-August, the criminals behind the Trojan stole the euro equivalent of nearly $438,000, according to the security company.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Online thieves step up bank raids

Cyber-criminals have developed sophisticated ways to remain undetected, a new report finds. The report, from security firm Finjan, describes how one gang, based in the Ukraine , stole 300,000 euros (£269,000) in 22 days. It used a sophisticated piece of malicious software which fooled banks' anti-fraud systems as well as forging bank statements to hide the thefts. It also recruited innocent job-seekers as so-called money mules. Such mules were needed to prevent a direct money trail being traced back to the gang.

The specific attack, monitored during the month of August, was aimed at the customers of several German online banks. The German police have been informed. The server used by the gang has been frozen although it is not known whether gang members have actually been caught.

Specific criteria

The gang used infected and fake websites to spread the trojan, a piece of malicious code which, once installed, can access all the data on the infected machine. From a command and control server hosted in the Ukraine , the code was installed on the computers of bank account holders. The trojan received specific instructions about how much money to steal from each account as well as the details of the money mule's account into which the money was transferred.

Finjan's chief technology officer Yuval Ben-Itzhak said he was surprised at the level of sophistication employed by the gang. The code included very specific criteria to make sure the bank accounts of victims were not completely emptied and to ensure the amount being stolen was not so high that it would be detected by banks' anti-fraud systems.

To further obfuscate their crimes, the code used by the gang was able to generate a forged screen showing the transfer of a small amount of money. The real amount stolen would only be obvious to the victim if they logged into their account from an uninfected computer. "They wanted to make sure the victim would not find out from their statements. In some cases they deleted transactions completely," said Mr Ben-Itzhak. Anti-fraud systems are designed to detect unusual money transfers, as well as strange behaviour on customers accounts.

Money-making schemes

Money mules are increasingly being recruited by cybercriminals as a way of preventing police finding a direct link to them. "We have spotted money mules being used in the last six months or so," said Mr Ben-Itzhak. The recession has made it easier to recruit people, he thinks.

"There are more people looking for jobs and if an attractive job offer drops into their inbox, they are going to take it," he said. The Ukrainian cyber-criminals hired its "mules" by falsely telling them they would be working for a legitimate business. These "mules" were unaware that they are being sent stolen money, but believed that they are being paid for working from home or other moneymaking schemes.

The money mules in this particular case are being treated as innocent victims and, although they will be questioned, will not face prosecution.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Microsoft CEO's compensation down 6 percent in '09

The value of the compensation package granted to Microsoft Corp. CEO Steve Ballmer fell about 6 percent in fiscal 2009, a year in which weak computer sales cut into the software maker's profits. Ballmer received a pay package valued at $1.28 million for the year that ended in June, according to an Associated Press calculation of figures disclosed in a regulatory filing Tuesday.

Ballmer's salary, which is set at the beginning of the year, increased by 4 percent to $665,833. The CEO's bonus was cut by 14 percent to $600,000 from $700,000 in 2008, according to the company's annual proxy statement filed with the Securities and Exchange Commission. According to the filing, the company's compensation committee evaluates Ballmer's performance in the fiscal year, looks at what other Microsoft executives will be paid and "exercises its judgment" in recommending his bonus. Ballmer could have received up to 200 percent of his base salary, or about $1.3 million.

The balance of Ballmer's pay came in the form of $7,350 in company matches to his retirement savings account and $3,444 in imputed income from life insurance, disability insurance and athletic club membership, or payments in place of an athletic club membership.

Ballmer did not receive stock or stock options in 2009. He currently holds 4.6 percent of Microsoft's shares. Bill Gates, Microsoft's founder and current board chairman, owns 8 percent of the company's stock.

Microsoft's fiscal year ended on a down note in June as the economic crisis continued to hammer technology sales. The Redmond, Wash.-based company's revenue fell 3 percent from 2008, the first such decline since Microsoft went public in 1986. Earnings sank to $14.6 billion from $17.7 billion in 2008.

Microsoft's biggest businesses, Windows and Office, are tied to the health of the PC industry. Since the economic meltdown, consumers and businesses have both cut back on buying computers. The last three months of 2008 marked the PC industry's worst holiday season in six years. For 2009, market research firms IDC and Gartner have both predicted a year-over-year decline in PC shipments, which would be the first such drop since 2001.

The company said that as a whole, executive officers' incentive compensation was 29 percent lower than in 2008. The company said it would not give Ballmer or other executive officers merit-based salary increases in fiscal 2010.

Microsoft reported Ballmer's higher salary, but not his bonus cut, in a draft filing with the SEC on Sept. 19. The company had also previously announced that shareholders will have a chance to vote on a "say-on-pay" measure proposed by the board at its annual meeting on Nov. 19. The proposal would give shareholders a chance to weigh in, in a nonbinding fashion, every three years on executive compensation.

The board is also proposing changes to company bylaws that would give groups of shareholders representing 25 percent or more of outstanding shares the right to call special shareholder meetings — a right Microsoft said in the SEC filing is "increasingly considered an important aspect of good corporate governance."

Shareholders also will have the opportunity to vote on two proposals from their peers. One, from the AFL-CIO Reserve Fund, asks Microsoft to adopt principles for health care that include support for universal, continuous, affordable coverage for individuals and families.

The second, from a shareholder in Ohio, suggests Microsoft list recipients of company charitable gifts over $5,000 on the company's Web site.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Wireless recharging comes to laptops

That Dell is releasing a new laptop for business customers is the opposite of surprising. But the fact that it contains notable features not seen in any other laptops certainly is. Most everything about the new Latitude Z is expected: It's yet another very thin notebook (a metric which PC manufacturers keep using to try to one-up each other), with a different kind of exterior finish (soft-touch, in this case), and comes in a black cherry. It measures 16 inches across, and is 14 millimeters thin at its most narrow point.

But you probably wouldn't guess that the Latitude Z charges wirelessly. And as far as we can tell, it's the first laptop to do so. Surprised that this is coming from Dell? You're not alone.

The wireless charging is handled elegantly enough. An inductive pad that's built into a laptop stand can accomplish a full recharge in "about the same amount of time" as a standard-issue cabled charger, according to Dell. While smartphone maker Palm has a similar (albeit smaller) wireless charging system for the Pre, and companies like Visteon and Wild Charge have debuted wireless charging accessories for phones, no PC maker has incorporated the idea until now.

Dell wireless charging

It's part of what Dell is terming its new "wireless eco-system." Besides being able to get juice without wires, the Latitude Z will also be able to dock without them. A smaller separate adapter can hook up the laptop with any accompanying monitor, whether it be one in a cubicle, or in a conference room.

Both cost extra, and are by no means cheap ($199 for each), but the intention is for companies to buy, not necessarily individual consumers. Other cool things Dell is introducing: touch-sensitive controls on the screen's bezel, and its first take on "instant on."

The sliding touch controls--not visible to the naked eye--are located on the right side of the bezel and appear when contact is made. Any controls can be customized and placed there, such as screen brightness, volume, or easy access to specific applications. When controlling an application like Excel or a Web browser, the right side of the bezel can be used as a sort of touchpad for scrolling through a spreadsheet or Web page.

The instant-on capability works exactly the way it sounds. Instead of waiting for Windows to boot up, the computer uses a second smaller motherboard and a separate ARM processor. Through a separate, non-Windows interface, it allows e-mail, contacts, calendars, and a Firefox-based Web browser to be accessed right away. E-mail, contacts, and calendars are always running in the background and are constantly being synced.

The ARM processor doesn't have access to the main motherboard or the ports, which should alleviate security concerns, according to Todd Forsythe, vice president of Dell's commercial client product group. The secondary processor--used mostly in smartphones--also draws much less power than a more robust desktop or notebook processor and so while it's running in the background it doesn't drain the battery as fast: using just the instant-on mode will provide up to two days of battery life; when using Windows and the accompanying Intel Core 2 Duo processor, it will get four hours.

Companies like DeviceVM and Phoenix have built businesses out of instant-on capabilities--basically a quick-booting interface built right into the computer's BIOS that isn't dependent on Windows. Dell said it decided not to go with either of those because they wanted to use the separate low-power processor for the background syncing.

What Dell, and DeviceVM, and Phoenix , and plenty of others are doing is part of a trend that's gaining steam: doing a sort of end-run around Windows. HP came out with its own interface on Touchsmart PCs last year that allows for quick sorting between photos, e-mail, and Web browsing on a few models. Lenovo recently introduced a new touch-screen interface for its tablet, and Asus has its own for its popular Eee PC Netbooks and touch-screen desktop called TouchGate.

Most people aren't used to seeing Dell trying new things like this, some of it actually ahead of competitors. Last year, we wrote about how Dell was starting to be a little more risky about the types of products it was trying out. Not new to the market, just new to Dell, which has traditionally had a habit of waiting, analyzing the market's response to new products, and jumping in later with a more efficient, and less expensive way of making that product.

But that way of doing things is over for Dell now. The company has struggled to find the right mix of products and now has less opportunity to be picky. But it's a good sign that the company is trying out smaller, more innovative, and more practical ideas like wireless charging, docking, instant on, and touch interfaces. Though it's only in the Latitude Z right now, we hear these features are stirring a lot of interest in other product groups at Dell. It's easy to see how, for a cheaper price (the Z starts at $1,999), these new features could find much broader acceptance with retail customers.



  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Satellites Could Help Keep Hungry Populations Fed

In the early 1980s, scientists at NASA's Goddard Space Flight Center , Greenbelt , Md. , developed the Normalized Difference Vegetation Index (NDVI), an innovative combination of two satellite measurements that allowed them to analyze changes in the "greenness" of Earth as viewed from space. Much like measurements from weather satellites allow meteorologists to track and monitor hurricanes, NDVI lets scientists track droughts, crop infestations, and even full-blown crop failures that lead to widespread famine.

Few non-scientists have ever heard of NDVI, yet this vital sign of the planet has important implications for everyone, said Molly Brown, a Goddard scientist who has N-D-V-I emblazoned on her car's license plate. NDVI has been used to study everything from the spread of disease to the archaeological remains of ancient Rome .

Perhaps most important, Brown said, is that this remote sensing tool will play a key part in helping us to keep food on the table as future populations swell, the climate changes, and pressures on the agricultural system mount.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Kids need 'free computers'

Apparently the PPTA are going to make submissions to the government regarding accessibility of computers to poor kids. Thousands of - one estimate puts it at 100,000 - kids need 'free computers'. I wonder how many homes with no computer/internet access have Sky TV? A good number. So this is the next 'public good' argument. These children are our future and they need to be properly educated which won't happen if they can't get to the internet to research their homework.

Well actually they can get to the internet. At their local library, internet cafe, at their friends houses and when they are at school. In fact, these are possibly better places for them to be doing their research if their own home is chaotic and overcrowded.

It is the parents who have to do the prioritising. It is the parents who have to put a value on learning over leisure. It is not the job of perfect strangers. And it pains me to say so. Because education is key to raising aspirations and expectations. But what lesson is learnt when people can constantly look to others instead of themselves for solutions?



  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Wasatch Computer Technology LLC

Cost Estimator

The new Wasatch Cost Estimator is a powerful business tool that allows users to calculate all costs pertaining to a job before beginning the printing process. This feature makes it easy to perform an accurate calculation of ink usage, media costs, and extra processing charges. When calculations are complete, users can export their results as Comma Delimited Text or directly to a print-friendly HTML web page.

Improved PSS Halftoning

SoftRIP version 6.5 includes improvements to Wasatch's Precision Stochastic Screens halftone method (PSS). This update combines the advantages of Error Diffusion with the full speed and other quality advantages of PSS. It even preserves color profiles, since all profiles made with earlier versions of PSS will continue to work accurately with this update.

ICC Input Profiles

This release provides a greatly expanded suite of ICC input profiles, many with ISO numbers, making it more convenient than ever to match a wide variety of industry-standard color responses. These input profiles enable users to achieve consistent, high quality color with profiles in RGB, CMYK, Web Coated SWOP, and Japan Color, to name a few.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Google Develops 'Noop' Language

Google has developed a language for the Java Virtual Machine, known as "Noop". The language is being positioned as an experiment for developers and coders.

"Noop is a new language that runs on the Java Virtual Machine, and in source form looks similar to Java," according to the Noop Web page. The goal is to build dependency injection and testability into the language from the beginning, rather than rely on third-party libraries as all other languages do."

Noop, pronounced "no op", is "new language experiment that attempts to blend the best lessons of languages old and new, while syntactically encouraging industry best-practices and discouraging the worst offenses," according to Google. Noop will be run either through a translator, compiler, or compiled directly to Java byte code.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

New Computer Technology!

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Dust Storm Passing Over Spirit

The amount of electricity generated by the solar panels on Spirit has been declining for the past several Martian days, or sols, as a regional dust storm moved southward and blocked some of the sunshine at Spirit's location. The team operating the rover has responsively trimmed Spirit's daily activities and is keeping an eye on weather reports from observations by NASA's Mars Reconnaissance Orbiter.

Spirit's solar panels generated 392 watt-hours during the mission's Sol 2006 (Aug. 24, 2009), down from 744 watt-hours five sols earlier, but still generous compared with the 240 watt-hours per sol that was typical before a series of panel-cleaning events about four months ago.

"We expect that power will improve again as this storm passes, but we will continue to watch this vigilantly," said JPL's John Callas, project manager for Spirit and its twin, Opportunity. "Spirit remains power positive with healthy energy margins and charged batteries. The weather prediction from the Mars Color Imager team is that the storm is abating, but skies will remain dusty over Spirit for the next few sols."

Recent images from the Mars Color Imager camera on Mars Reconnaissance Orbiter showed this regional storm becoming less extensive Monday even as it shifted southward so that its southern edge covered the Gusev Crater area where Spirit is working. Malin Space Science Systems in San Diego, which operates that camera, provides frequent weather updates to the rover team.

Meanwhile, in JPL's In-Situ Instrument Laboratory, the rover team is continuing testing of strategies for getting Spirit out of a patch of soft soil where it is embedded on Mars. On Sol 2005 (Aug. 23, 2009) Spirit used its panoramic camera to examine the nature of how soil at the site has stuck to the rover's middle wheels. The team has also used Spirit's rock abrasion tool as a penetrometer to measure physical properties of the soil around Spirit by pressing into the soil with three different levels of force. The team is aiming to start sending drive commands to Spirit in September.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Computer Modeling Supplements Dusty Testing

Tests on Earth simulating Spirit's predicament on Mars have reinforced understanding that getting Spirit to rove again will be very difficult. To supplement the tests at NASA's Jet Propulsion Laboratory in Pasadena, Calif., the rover team is refining a detailed computer model of rover mobility, calibrated with results from testing and measurements from Mars. "The computer modeling will allow us to connect the results from tests performed in Earth gravity with what to expect from the rover in Mars gravity," said JPL's John Callas, project manager for Spirit and its twin, Opportunity. Spirit became embedded in soft soil at a site called "Troy" in early May, more than five years into a mission on Mars that was originally scheduled to last for three months. The rover team suspended further driving attempts with Spirit while evaluating possibilities from tests performed at JPL simulating the Troy situation.

An additional round of testing was added to the September schedule to gain more detailed assessment of how to move Spirit while avoiding putting the rover's center of gravity directly over a rock that is touching or nearly touching the rover's underbelly. Other added tests are using a lighter-weight test rover than the one used for most of the testing this summer. A complete "dress rehearsal" test of the extrication strategy judged to hold the best chance of success is planned in the test setup at JPL before the team commands Spirit to begin driving. That test and subsequent review of its results are expected to take several weeks. Moves by Spirit will not begin before October, according to current plans.

We are proceeding very cautiously and exploring all reasonable options," Callas said. "There is a very real possibility that Spirit may not be able to get out, and we want to give Spirit the very best chance. A dust storm that had reduced the electrical output from Spirit's solar panels by nearly half during late August still has some lingering effects on the skies above Spirit.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

NASA Innovation Partnerships Program

Much of what we gain from our space exploration is in the scientific and technological progress that comes in the process of doing it. Many of those technologies are the direct result of NASA supported funding for both internal R&D projects performed at NASA centers and external research from the small business community. As a result of these expanding needs for new capabilities to explore space, NASA missions often result in technologies which have applications beyond aerospace. These technologies while targeted for integration into the mainstream NASA flight programs, can also be commercialized creating new marketplace products and provide opportunities for improving the quality of life for the American public right here on earth.


For NASA, Technology infusion is the process of strategically binding technical needs and potential solutions. These innovative solutions, be they hardware or software; enhancing or enabling; near-term or far-term; low Technology Readiness Level (TRL) or High TRL, NASA internally or externally developed; must all be managed through some aspect of transition from their originating source to the targeted challenges within NASA's programs and projects.


The IPP, Technology Infusion Element includes the Small Business Innovative Research (SBIR), the Small Business Technology Transfer (STTR) and theIPP Seed Fund. Together these programs provide pathways from these originating sources to IPPs' technology portfolio, and provide enabling infrastructures that enhance the infusion of these technologies in NASA missions and programs. These programs allow the agency to implement successful technology infusion and receive benefits in the following ways:

  • Leverage limited program funds for technology development

  • Leverage partners' funds/investments to achieve NASA's research and development (R&D) goals

  • Avoid additional program cost by providing a portfolio of technology solutions

  • Accelerate technology maturation through concurrent Research and Development

  • Make informed decisions when selecting technologies for programs/projects/missions (i.e., better trade space information)

  • Increase the return on its R&D investment with additional marketplace applications of technologies (benefits for both NASA and the public.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Business Science Technology

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

TRON LEGACY and DIGITAL 3D TECHNOLOGY

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Microsoft NEW Technology

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Annular Solar Eclipse of January 15

The first solar eclipse of 2010 occurs at the Moon's ascending node in western Sagittarius. An annular eclipse will be visible from a 300-km-wide track that traverses central Africa, the Indian Ocean and eastern Asia (Espenak and Anderson, 2008). A partial eclipse is seen within the much broader path of the Moon's penumbral shadow, which includes eastern Europe, most of Africa, Asia, and Indonesia.

The annular path begins in westernmost Central African Republic at 05:14 UT. Because the Moon passes through apogee two days later (Jan 17 at 01:41 UT), its large distance from Earth produces an unusually wide path of annularity. Traveling eastward, the shadow quickly sweeps through Uganda, Kenya, and southern Somalia while the central line duration of annularity grows from 7 to 9 minutes.

For the next two hours, the antumbra crosses the Indian Ocean, its course slowly curving from east-southeast to northeast. The instant of greatest eclipse occurs at 07:06:33 UT when the eclipse magnitude will reach 0.9190. At this instant, the duration of annularity is 11 minutes 8 seconds, the path width is 333 kilometers and the Sun is 66° above the flat horizon formed by the open ocean. Such a long annular duration will not be exceeded for over 1000 years (3043 Dec 23).

The central track continues northeast where it finally encounters land in the Maldive Islands (07:26 UT). The capital city Male experiences an annular phase lasting 10 minutes 45 seconds This is the longest duration of any city having an international airport in the eclipse track.

When the antumbra reaches Asia the central line passes directly between the southern tip of India and northern Sri Lanka (07:51 UT). Both regions lie within the path where maximum annularity lasts 10 minutes 15 seconds Quickly sweeping over the Bay of Bengal the shadow reaches Burma where the central line duration is 8 minutes 48 seconds and the Sun's altitude is 34°.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Latest Mobile Phone Technology

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Preventive Care Continues; Science on Hold

Preventive CareDuring analysis of four safe-mode events this year, engineers for NASA's Mars Reconnaissance Orbiter project have identified a vulnerability to the effects of subsequent events. They are currently developing added protection to eliminate this vulnerability while they continue analysis of the string of incidents this year in which the spacecraft has spontaneously rebooted its computer or switched to a backup computer.

The team is keeping the Mars Reconnaissance Orbiter in a precautionary "safe" mode, with healthy power, temperatures and communications, while continuing analysis and precautions subsequent to the latest rebooting, on Aug. 26. Science observations will likely not resume for several weeks while this preventive care is the mission's priority.

The analysis identified one possible but unlikely scenario jeopardizing the spacecraft. This scenario would require two computer resets, each worse than any so far, occurring within several minutes of each other in a certain pattern.

The Mars Reconnaissance Orbiter, at Mars since 2006, has met the mission's science goals and returned more data than all other Mars missions combined. It completed its primary science phase of operations in November 2008 but remains an important contributor to science and to future landed missions. Continuing science observations are planned when the spacecraft is brought out of its current precautionary mode.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Geo-Engineering Alternatives

Geoengineering might be a terrible idea, but it could also be the only option if efforts to slow carbon dioxide emissions maintain to fail, according to a new report by The Royal Society in London .

Broadly defined, geoengineering is any effort to counteract climate change on a huge scale. It includes two main approaches--pulling carbon dioxide out of the atmosphere (such as by increasing the growth of algae that take up carbon dioxide) or somehow decreasing the rate at which the sun heats the earth (such as by shading the planet or increasing the reflectivity of clouds).

In both cases, scientist doesn't know what might go wrong with the proposed schemes--their scale is unparalleled. According to John Shepherd, who chaired the new Royal Society's study, "used irresponsibly or without regard for possible side effects, geoengineering could have catastrophic consequences similar to those of climate change itself."

Yet if climate change starts to get out of control, we may be left with no alternatives. "Geoengineering and its consequences are the price we may have to pay for failure to act on climate change," Shepherd adds.

he study analyzed the planned geoengineering alternatives to decide which are most likely to work without disastrous consequences. Notably, one loom advocated publicly by Energy Secretary Steven Chu--painting roofs white to reflect sunlight--didn't come out well.


  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS

Cryptographic Technology

Our work in cryptography is making an impact within and outside the Federal government. Strong cryptography improves the security of systems and the information they process. IT users also enjoy the enhanced availability in the marketplace of secure applications through cryptography, Public Key Infrastructure (PKI), and e-authentication. Work in this area addresses such topics as secret and public key cryptographic techniques, advanced authentication systems, cryptographic protocols and interfaces, public key certificate management, biometrics, smart tokens, cryptographic key escrowing, and security architectures. This year, the work called for in the Homeland Security Presidential Directive 12 (HSPD-12) has continued. A few examples of the impact this work has had include changes to Federal employee identification methods, how users authenticate their identity when needing government services online, and the technical aspects of passports issued to U.S. citizens.

CSD collaborates with a number of national and international agencies and standards bodies to develop secure, interoperable security standards. Federal agency collaborators include the Department of Energy, the Department of State, the National Security Agency (NSA), and the Communications Security Establishment of Canada, while national and international standards bodies include the American Standards Committee (ASC) X9 (financial industry standards), the International Organization for Standardization (ISO), the Institute of Electrical and Electronic Engineers (IEEE) and the Internet Engineering Task Force (IETF). Industry collaborators include BC5 Technologies, Certicom, Entrust Technologies, Hewlett Packard, InfoGard, Microsoft, NTRU, Pitney Bowes, RSA Security, Spyrus, and Wells Fargo.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS