Monthly Archives: December 2012

Home Networking Protection

When I saw this blog post, it immediately said it is a must have security device. Nowadays, home network is a given, router is in every metropolitan home.  Protecting home network is not a easy task. With so many home devices that are connected 24×7 to the Internet, patching them and also doing security configuration is professional work. This device from McAfee protects home network by “filtering all DNS and web requests”. 

I think the most important part is filtering DNS requests as this shall stop many malware activties. 


AWS Cloud Security

Going to Vegas for the Amazon Re:Invent event is one of the best ways to learn about Cloud Computing and Cloud security. And the second best of course is to just browsing the slide decks or videos of the event, from your office or home. So here you go, fresh from the Internet, the course 206 of the security track – “Security of the AWS Cloud”.

And don’t forget to follow up with the slide decks of “AWS Cloud Security” and “Security and Compliance

Enjoy !!

What is cloud computing?

As CSA chapter chair, I has been asked many times about what is cloud computing?

3M AVS is one excellent example of cloud, with the following characteristics

  • usage-based, the user only pay on each image analysed
  • deliver via Internet (remotely), the image is processed remotely
  • access to expertise, ordinary users and SME could access to 3M research results

Take a look at 3M Visual Attention Service and this application runs on cloud infrastructure !

Browser Side Cryptography

I talked about browser based security last week. As we have more and more cloud or web delivered applications, the browser is playing an important role. Most (if not all) user interaction in browser are programmed via javascript. With Cloud Computing, client side script will be playing a ever more important role.

The data security and data privacy concerns on using cloud services or hosted application (like web email) is holding people. The incident in Paula Broadwell showed law enforcement agents had far move power and means to access individual data than we think of. If you like to understand the legal framework on this, there is a very good paper wrote by three Netherlands legal researcher.

Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act


One way, user could protect their data ever if it in the cloud is using client side encryption. Why client side? It is because the data must be protected before it is going to the Internet. This means that data are encrypted at the client and the servers only store encrypted data. When the user want to use it, the servers send the encrypted data and the client decrypt it. As most user are access the internet using a browser, it it an obvious choice for doing the data encrypt/decrypt job. However, cryptography functions are not well developed in the javascript domain. There are some open source editions like Google-CryptoJS.

W3C has a working group on Web Cryptography and they is developing a library standard for JS cryptography.  Below are some user cases, for how the new Web Cryptography API is designed for