Wyniki wyszukiwania - Biblioteka Nauki

Nowa wersja platformy, zawierająca wyłącznie zasoby pełnotekstowe, jest już dostępna.
Przejdź na https://bibliotekanauki.pl

Ograniczanie wyników

2 International Journal of Electronics and Telecommunications

Znaleziono wyników: 2

Liczba wyników na stronie

Wyniki wyszukiwania

Sortuj według:

Ogranicz wyniki do:

RSA Keys Quality in a Real-world Organizational Certificate Dataset: a Practical Outlook

100%

Kamiński K. , Mazurczyk W.

International Journal of Electronics and Telecommunications

2023

tom Vol. 69, No. 4

803--810

This research investigates the intricacies of X.509 certificates within a comprehensive corporate infrastructure. Spanning over two decades, the examined enterprise has heavily depended on its internal certificate authority and Public Key Infrastructure (PKI) to uphold its data and systems security. With the broad application of these certificates, from personal identification on smart cards to device and workstation authentication via Trusted Platform Modules (TPM), our study seeks to address a pertinent question on how prevalent are weak RSA keys within such a vast internal certificate repository. Previous research focused primarily on key sets publicly accessible from TLS and SSH servers or PGP key repositories. On the contrary, our investigation provides insights into the private domain of an enterprise, introducing new dimensions to this problem. Among our considerations are the trustworthiness of hardware and software solutions in generating keys and the consequential implications of identified vulnerabilities on organizational risk management. The obtained results can contribute to enhancing security strategies in enterprises.

Security Assurance in DevOps Methodologies and Related Environments

80%

Siewruk G. , Mazurczyk W. , Karpiński A.

International Journal of Electronics and Telecommunications

2019

tom Vol. 65, No. 2

211--216

The biggest software development companies conduct daily more than hundreds deployments which influence currently operating IT (Information Technology) systems. This is possible due to the availability of automatic mechanisms which are providing their functional testing and later applications deployment. Unfortunately, nowadays, there are no tools or even a set of good practices related to the problem on how to include IT security issues into the whole production and deployment processes. This paper describes how to deal with this problem in the large mobile telecommunication operator environment.