the-infoshop.com - The vertical markets research portal
View CartView Cart
Global Information, Inc.
US: +1-860-674-8796
EU: +32-2-535-7543
SG: +65-6223-2436
  Home | Category | Publishers | Custom Research | E-mail Alert | About Us | Contact Us | Site Map |
 
RSS Feed
Telecom & IT
Next Generation Wireless Com
Wireless LAN
Mobile Subscribers
Contents
Mobile Handset
WiMAX/LTE
Optical Network
Optical Component
Set-Top Box
Broadband
FMC
NGN/IMS
Network & Access Devices
RFID
NFC
Digital TV
Satellite Telecom
LBS
Mobile TV
IPTV
E-commerce
Internet Security
Online Ad
Home Network
Enterprise Network
ME/Africa Telecom
North America Telecom
Latin America Telecom
Western European Telecom
Asia Telecom
Central & Eastern European Telecom
Middleware
Web-Service
Server
Embedded Software
Data Center
Green IT
Integrated Software
Operator Company Profile
VoIP
Billing systems
Contact Centers
Prepaid
CRM
BPO

* View All Categories
View Conferences
Japanese Korean Chinese
Home > Category > Telecom & IT >

Market Research Report

Avoiding an Embedded Security Disaster: What vendors, OEMs and developers need to know about embedded security

Published by Embedded Market Forecasters Contact us : +1-860-674-8796
Published 2007/07 Content info 43 pages
Product code EMF53494
Price From  US $ 3750 Order/Price list
US $ 3750 PDF by E-mail (Single User License)
How to Order?
Delivery Time
PDF by E-Mail
Approx. 1-2 business days
Hard Copy/CD-ROM
Approx. 3-4 business days
If you need expedited delivery, please call us.
Description TOC

Table of Contents

  • AVOIDING AN EMBEDDED SECURITY DISASTER: What vendors, OEMs and developers need to know about embedded security
  • Introduction
  • Executive Summary
  • Encryption (or lack of)
  • Lack of Certified Encryption
  • The Federal Information Processing Standards (FIPS): Why embedded vendors, OEMs and developers need to incorporate FIPS 140-2
  • Improper Application of Encryption
    • Using Strong Encryption, Weakly
    • Key Size Disparities
    • Using "Pretend" Encryption
  • Unproven Protocol Implementations
    • SNMP
    • TCP/IP
    • OpSenSSL-derivatives
    • Inevitable Conclusion
  • Protecting the Wrong Things
  • Lack of Management & Monitoring Abilities
  • Painful & Expensive Patch Management with Minimal Accountability
  • Embedded Limitations At Odds with Security Requirements & Existing
  • Security Standards
    • SSL
    • SSH
    • IP-Sec
    • Common Requirements - SSL, SSH, and IP-Sec
    • When SSL, SSH, and IP-Sec Are Overkill
  • Lack of Vendor- or Industry-Originated Best Practices
  • Insecure by Default
  • Ambiguous Responsibilities
  • Summary
  • Appendix A - A Brief Introduction to FIPS 140
    • What Is FIPS 140?
    • Why is FIPS 140 Important?
    • I' ve never heard of FIPS 140, So How Important Can It Be?
    • How is FIPS 140 different from the Common Criteria certification?
    • How is FIPS 140 different from SSL or IP-sec?
    • If I have FIPS 140 certification, does that mean my system is secure?
    • How can I get FIPS 140 certification?
  • Appendix B - Integration of FIPS 140-certified Modules into Embedded Solutions
    • Embedded Systems Support
    • Insufficient Flexibility
    • Unacceptable Pricing, Licensing Terms
    • Out Of Date Certifications
    • Available Toolkits
    • Integrating FIPS 140 into New and Existing Embedded Systems
      • An SSL Implementation
      • An IP-Sec Implementation
      • A Proprietary Product with Existing Encryption Capabilities
      • A Proprietary Product without Existing Encryption Capabilities
  • RTOS CONSIDERATIONS
  • Appendix C - A Survey of Embedded Security Products
    • IP-Sec Implementations
      • TeamF1 V-IPSecure
      • Elmic Systems Voyager IPsec/IKE
      • InterPeak IKE
      • InterPeak IP-sec
    • SSL Implementations
      • TeamF1 SSLimSecureSecure
      • Interpeak Embedded SSL
      • Accelerated Technology Nucleus SSL
    • SSH Implementations
      • TeamF1 SSHield
      • Interpeak Embedded SSH
    • Proprietary Encrypted Communication Tools
      • TeamF1 SSMartSecure
    • Embedded Management Technologies
      • Interpeak Embedded SNMP
    • FIPS 140 Certified Encryption Toolkits
      • Certicom SecurityBuilder GSE
      • Cryptos Mobile Systems TACHYON-Crypt
      • Atmel AT97SC3201
  • Appendix D: Glossary
Related Report
E-mail Security Appliances - Market Quadrant 2009 Asia/Pacific (Excluding Japan) Enterprise Security Planning Priorities and Purchasing Factors Encryption Systems and Digital Certificates Endpoint Security for Business Desktops, Laptops & Mobile Devices 2009-2014 Hosted E-mail Security - Market Quadrant 2009
Back to Top
Please inform me when related publications are released
InfoWatch

| FAQ | About The Infoshop | Policies | Site Map |
US: 1-860-674-8796 EU: 32-2-535-7543 SG: 65-6223-2436
The vertical markets research portal
© 2009, the-infoshop.com by Global Information, Inc. All rights reserved.