manualshive.com logo in svg

IDC Desktop, Manual

The Dell Desktop user manual is an essential resource for anyone seeking detailed instructions and information about their Dell Desktop. This comprehensive manual is available for free download at manualshive.com, providing users with a reliable reference guide to optimize their desktop experience.

Share
Download
background image

2 #3577 ©2003 

IDC 

In this environment, client security can be one of the weakest links in the chain. 
Despite the availability of operating systems with improved security features, desktop 
and notebook PCs still often have only a Windows password protecting them, and, in 
older Windows versions, these flimsy mechanisms are easy to crack. Once inside the 
organization by way of an unprotected node, a malicious hacker has the run of the 
place to the extent that the legitimate user of the system did. From this position, the 
intruder can execute transactions as if he were the victim. And worse, in this era of 
the Internet, the perpetrator does not even have to be physically onsite, but can reach 
the system remotely. And if the hacker is sufficiently sophisticated, he may be able to 
get at the most sensitive areas of the network, pillaging information, destroying 
functionality, or even potentially turning computer after computer into a rogue slave 
that does his bidding. Even if other security measures — such as physical access 
control, firewalls, network security, software security, database encryption, and 
server-level intrusion detection — have been instituted, the client node may indeed 
represent a weak point in the corporation's armor. 

Although the mathematics of security are theoretically solid, a secure implementation 
depends on both the embodiment of the algorithms and the procedures for handling 
sensitive data and the keys used for encryption and decryption. Although modern 
encryption is virtually uncrackable, encryption implemented in software is an open 
door to hackers. In software encryption, various ways exist to sniff the most important 
element — the user's private key. To address this weakness, IBM has embedded the 
entire process in hardware. An industry group composed of all the major 
manufacturers and suppliers and many smaller ones has agreed to drive the standard 
into the marketplace. The Trusted Computing Platform Alliance (TCPA to its friends) 
is now in the second revision of the standard, and this revision is expected to be 
incorporated into Microsoft's Palladium security infrastructure, due to hit the market in 
2004 or 2005. Although IBM acted unilaterally to design and implement its hardware 
solution, key players in the industry have acknowledged the design point. The TCPA 
was inaugurated with IBM, Hewlett-Packard, Compaq, Intel, and Microsoft as 
founding members. Since, its inception in October 1999, more than 190 firms have 
signed up, including Dell. TCPA wants its security technology to be universal in the 
computing industry, and IBM has committed to making it available via license to 
anyone who wants one. 

IBM itself has moved on from the original embodiment of the TCPA standard, a 
security chip or cryptographic microprocessor that was soldered onto the system 
board of the client and connected to the main processor by a local bus, and now 
offers an implementation as a modular daughter card. There is no way a Trojan horse 
can sniff the chip on the card because all private key operations take place within a 
protected hardware environment. Since its key-management structure is hierarchical, 
a single private key can be used to secure a large number of certificates (issued, for 
example, by diverse entities such as a senior citizens group, a corporate employer, 
Microsoft Outlook, American Express, and MasterCard). 

The hardware is designed to work with a suite of other security elements, such as 
firewalls, antivirus software, security policy software, and Internet Protocol Security 
(IPSec), to provide a complete security solution. In addition to being extremely 
secure, the hardware is simple to use and inexpensive.  

In an ebusiness world, trust, protection of privacy, and a secure operating 
environment are essential. The benefits of hardware-based security are obvious: 
Private keys are truly safe from malicious hackers, multiple secure keys can be 
generated to facilitate ecommerce with a wide variety of entities, and, combined with 
a full security suite, hardware encryption enables another layer of security, making 
ebusiness more viable. The simple conclusion is this: If your client-level security isn't 
implemented in hardware, your systems are more vulnerable.

 

In this environment, 
client security can be 
one of the weakest 
links in the chain. 

Although modern 
encryption is  
virtually uncrackable, 
encryption 
implemented in 
software is an open 
door to hackers. 

The simple conclusion
is this: If your client-
level security isn't 
implemented in 
hardware, your 
systems are more 
vulnerable. 

Summary of Contents for Desktop

Page 1: ... sophisticated organizations are vulnerable In one incident widely reported in the press that had an impact of major but unknown proportions the degree of penetration was difficult to assess a hacker from St Petersburg the intellectual seat of the old Soviet Union broke into Microsoft s network and absconded with a large number of important files including purportedly an unknown quantity of Window...

Page 2: ...ugh IBM acted unilaterally to design and implement its hardware solution key players in the industry have acknowledged the design point The TCPA was inaugurated with IBM Hewlett Packard Compaq Intel and Microsoft as founding members Since its inception in October 1999 more than 190 firms have signed up including Dell TCPA wants its security technology to be universal in the computing industry and ...

Page 3: ...issues How the PC client can be the weak point in the security perimeter The rise in the value of data stored in insecure computing systems The scope of security measures Security history and current technology Client security implementations The advantages of IBM s hardware security implementation The evolution of industry standards for client security U S A G E L A G S B E H I N D T E C H N O L ...

Page 4: ... to the corporation financial personnel and proprietary technical data whether it lies in the mainframe on the network or in clients at the low level of client protection most of the focus has shifted to ensuring that the cordon sanitaire is unbroken at the access point and that user files are secured Good mainframe security implementations particularly at the procedural level have been in place f...

Page 5: ...ter more now than it has in the past Until recently few organizations had a need for systematic data security Banks and other financial institutions had to ensure end to end security for storing and moving money around over wires Certain government agencies could only operate in an impregnable data fortress But the volume of valuable data being stored and transmitted by most firms was relatively l...

Page 6: ...ted But until that moment they had been engaged in an operation that had hacked into banks and ecommerce sites and extorted the operators for money with the promise of not revealing the hacks to the public Sometimes the value of reputation damage is difficult to assess but it may represent the entire value of the business Another Russian hacker was monitored for years as he downloaded millions of ...

Page 7: ...ublic key encryption and its associated infrastructure address the issue of trust at the global level Of the many elements that make up a total security solution however PKI is the most dependent on completeness that is any two parties participating in secure transactions must both agree to rely on a third party a trusted authority sometimes called a certificate authority It is because of the comp...

Page 8: ... break this code without the key a decipherer has to try 2 56 or 72 057 594 037 927 936 combinations 72 quadrillion for those intimidated by the sight of large numerals and because of the dynamism of the DES algorithm it is extremely difficult to reduce the size of the search space search space reduction being one of the more important techniques at the disposal of decipherers other than by luck U...

Page 9: ...atter of jargon a one time key is called ephemeral The more robust method used to encode the AES keys is called asymmetric or public key cryptography The asymmetry refers to the fact that mathematically related but different keys are used for encoding and decoding When the private key is used to encrypt a message only the associated public key can be used to decrypt it When the public key is used ...

Page 10: ... encode the symmetric key i e the AES key used for bulk data encryption The result of encoding the symmetric key with an asymmetric public key is called a digital envelope and the process is referred to as PKI key exchange IDENTIFYING THE SENDER AND GUARANTEEING DATA INTEGRITY We now have an infrastructure robust enough to guarantee the identity of the sender The sender is fairly confident of the ...

Page 11: ...we utilize this powerful math C L I E N T S E C U R I T Y I M P L E M E N T A T I O N S Because of the unresolved procedural issues involved with implementing a fully secure infrastructure some of the grander visions of secure computing have been scaled back at least in the short term Companies need not wait until all parties agree on all aspects in order to shore up their security perimeters Even...

Page 12: ...o commandeer a PC will let the intruder scan the contents of main memory and find the user s private key Back Orifice is good at masking itself encrypts its own outgoing traffic and was released in source code about two years ago at a hackers conference The nCipher program can find a 1 024 bit private key the best in commercial use And if a malicious hacker can get your private key he can get your...

Page 13: ...he authorized user and that his or her local data is protected from intruders A HIERARCHY OF KEYS One of the greatest strengths of hardware security architecture is the hierarchical nature of its key management system The first key pair generated is used to protect another key pair called the platform identity key pair This key pair is created under the system owner s control and can be used by th...

Page 14: ...st a virus that can wipe the hard disk clean Firewalls and antivirus software are required for that type of defense The chip just keeps data private and confidential and provides for PKI operations IBM and other vendors offer suites of interrelated security products to create a fully secure environment For example IPSec protects communications links by securing the Ethernet controller Another key ...

Page 15: ...code named Palladium now being created by Microsoft Palladium which will incorporate TCPA s work will handle a wide variety of content and client security functions including many such as digital rights management for copyrighted material outside the scope of the TCPA specification Version 1 2 will be implemented in conjunction with future processor and chipset families from Intel and others and w...

Page 16: ... user chooses Wireless Application Protocol WAP encryption the Wireless Transport Layer Security WTLS protocol which is a derivative of Secure Sockets Layer SSL is invoked This protocol begins with a secure certificate exchange between wireless nodes Within a single node the chip can be used at will for individual local file and folder encryption Files and folders can also be encrypted or decrypte...

Reviews:

No comments

Related manuals for Desktop

Ohio Scientific 500 Instructions Manual preview
500
Brand: Ohio Scientific Pages: 43
Panasonic CF-51 Series Supplementary Instructions Manual preview
CF-51 Series
Brand: Panasonic Pages: 12
Panasonic CF-30 Series Supplementary Instructions Manual preview
CF-30 Series
Brand: Panasonic Pages: 16
Panasonic CF-17 Operating Instructions Manual preview
CF-17
Brand: Panasonic Pages: 28
Panasonic CF-07 Series Reference Manual preview
CF-07 Series
Brand: Panasonic Pages: 43
Acer Aspire L310 Guía Del Usuario preview
Aspire L310
Brand: Acer Pages: 43
Jason.L Quadro Square Assembly Instructions Manual preview
Quadro Square
Brand: Jason.L Pages: 6
Risecom Corporation RS-3990 User Manual preview
RS-3990
Brand: Risecom Corporation Pages: 32
Android TV Cloud Stick Quick Start Manual preview
TV Cloud Stick
Brand: Android Pages: 7
IWILL ZPCgx User Manual preview
ZPCgx
Brand: IWILL Pages: 72
Acer Aspire M3910 Service Manual preview
Aspire M3910
Brand: Acer Pages: 74
Acer Aspire M3900 Service Manual preview
Aspire M3900
Brand: Acer Pages: 83
Acer Aspire M5810 User Manual preview
Aspire M5810
Brand: Acer Pages: 77
Acer Aspire M5810 Service Manual preview
Aspire M5810
Brand: Acer Pages: 97
Acer Aspire M3710 Service Manual preview
Aspire M3710
Brand: Acer Pages: 73
Acer Aspire T630 User Manual preview
Aspire T630
Brand: Acer Pages: 28
Acer Aspire M5802 Service Manual preview
Aspire M5802
Brand: Acer Pages: 105
Acer Aspire M3920 Service Manual preview
Aspire M3920
Brand: Acer Pages: 98

Brands by name

Popular brands

Load more brands