TheITSecurityReport by...communicating with the fridge foranothertenyears.Butwewill witnesstheuseofRFIDforvalu - able textiles sooner than that. Andthennotjustonthepackage for logistics,

With the Advanced BackendSecurity solution, everythingproceeds risk-free

What the brain is to humans iswhat control units are to cars.While cars in the 90s, equippedwith ESP, ABS and navigationsystems, got by on about 20 to35 control units, modern luxury-class vehicles contain about 100these days – and the number isrocketing. Unlike the humanbrain, the vehicle’s brain is ableto make physical connections tothe outside world.

Exact airspace situation avail-able in real-time

Do you remember the visits ofBarack Obama, Pope BenediktXVI or other famous people toGermany? Or you may have for-gotten. This may be becausethere were no safety-relevantincidents. Airspace surveillanceis a major protection measure.And this data on the current airsituation is now available to allthose involved at any time andany place thanks to the SINAVirtual Workstation.

secunet biomiddle becomescore of biometric enrolmentsystems in all Austrian embas-sies

secunet is shipping biometricenrolment systems for SchengenVisa applications to the AustrianFederal Ministry for Europeanand International Affairs. Inaddition to supplying the 130foreign offices with hardwareand software, this order includesthe entire implementation.

Future-proof solution integratesidentity management underUNIX and Windows

In Greek mythology Kerberos isthe hound of Hades that guardsthe gates to the underworld. It ishis job to allow in only those withpermission to enter. In the 80sthis idea induced two developersat the Massachusetts Instituteof Technology to name theirauthentication protocol after thiscreature.

The IT Security ReportbyIssue 2 | 2009

www.secunet.com

GovernmentBusiness Security High SecurityAutomotive

Open brain surgery

Find more on this issueon page 10

Approaching heavenwith the SINA VirtualWorkstation

Find more on this issueon page 12

Find more on this issueon page 17

Find more on this issueon page 3

Austria opts forsecunet

WestLB: Kerberossingle sign-on combinessecurity with user con-venience

Dear Reader,

Man first set foot on the moon40 years ago – it was a revolution.“One small step for man, onegiant leap for mankind” is one ofthe best known quotations in theworld. But what is the situationtoday, four decades after thishistorical event? Is there life onthe moon as was prophesiedback then? Do we holiday onthis celestial body? The hypetriggered by 1969 was quickto “burn up”. All that is left arescience fiction fantasies and

conspiracy theories that claim that the whole thing was filmed in aHollywood studio.

There are also hype issues in IT which never hit the big time. Take these,for example: We still smile at the statement made by DEC founder KenOlson in 1977 that there was no reason for any individual to have acomputer at home. And founder of IBM Thomas J. Watson allegedlysaw a world market for maybe five computers – luckily for his company,he could not have been more wrong. Most remember Bill Gates’ prog-nosis that the Internet is just a passing fad. More than a billion Internetconnections world-wide today prove that the opposite holds true.

Incorrect assumptions can have serious consequences in IT security: Noone honestly still believes that 512-bit key lengths are adequate in thearea of digital signatures. And since the quality of the standard for securehash functions SHA-1 has become dubious as a result of attacks, it isnecessary to find alternatives.

This means that for an IT security company like secunet it is critical notonly to be informed as to the latest developments and innovations, butalso to contribute to their design. RFID is one such issue where themarket is uncertain whether to use it across the board or whether itmakes economic sense for niche areas only. To find out, we spoke withDr. Frank Gillert, RFID expert. Please refer to page 4 to read about thefuture prospects he sees and how one can secure this technology.

Information technology and its security is evolving more and more intoa crucial competitive factor. As is the case in our Automotive businessarea, for example: The development of secure solutions that open upnew business models for our customers plays a prominent role. Readhow and why on page 10.

We wish you pleasant reading.

Best regardsRainer Baumgart

2

EDITORIAL CONTENT

03 WestLB: Kerberos single sign-on combinessecurity with user convenience

04 Objects that communicate to optimiseprocesses

07 Setting an excellent example

What is…

08 Offender gains entry through camera

09 Simple implementation of the GPKEregulation of the Federal Network Agency(Bundesnetzagentur)

10 Open brain surgery

11 EURO 5 standard calls for new IT securitystructures in the automotive industry

New event series “IT Security on Board”

12 Austria opts for secunet

13 De-Mail – as easy as e-mail, as secure aspostal mail

14 EasyPASS – pilot project for the automationof border controls

15 Is the “e” in e-passport exactly true?

16 Where have all the data gone…

17 Approaching heaven with the SINA VirtualWorkstation

18 Satellite-based communication with SINA

19 SINA User Day 2009

20 New event series “Early Shift”

Events, important dates

Dr. Rainer Baumgart

has a standardised protocol undwhich is supported by manyoperating systems (includingWindows as well as many UNIXderivatives) and applications.

The solution works via a ticketsystem which serves as an entrypass for all intents and purposes.You obtain it when you log on toyour PC. Then you take the ticketto a central directory service andhave a service ticket issued. Thisservice ticket lets you identifyyourself to the desired applica-tion – without having to re-enteryour password or PIN. Stronglyencrypted processes ensuresecurity. Of course, this processruns in the background, unno-ticed by the user.

A further advantage of the solu-tion: Authentication in the net-work is encrypted. This makes

Business Security

www.secunet.com 3

WestLB: Kerberos single sign-on combines securitywith user convenienceFuture-proof solution integrates identity management under UNIX andWindows

Continuance of page 1

secunet implemented the Kerbe-ros technology, which had beendeveloped in the USA, in theUNIX environment at WestLB.

The overall project comprisedvarious subsections. Importantaspects included centralising theuser management of the UNIXsystems and setting up thesingle sign-on infrastructure. Theobjective: centrally managed andstandardised implementation ofthe identity management policyon the systems. The use of afuture-proof technology was apriority for the persons in chargeat WestLB.

There is always an increased riskof inactive accounts as a result ofdistributed user management.The administration of user identi-ties is now centralised via theestablished active directory, inwhich the users’ Windowsaccounts are managed. Thismakes it possible to set up usersand assign rights as well as blockor delete them with greaterspeed and flexibility. In addition,the new solution permits a sepa-ration of user management andUNIX system administration.

Single sign-on with Kerberos

The main part of the projectinvolved setting up protectedand uncomplicated access toUNIX-based applications for wellbeyond 1,000 bank employeesfrom various departments includ-ing IT. A single sign-on system isjust the right solution in this case.By opting for Kerberos as afuture-proof system, WestLB isimplementing a solution which

the transmission of passwordsdefinitely a thing of the past.And the good news is that,unlike the original hound, thetechnical version of Kerberos isnot susceptible to bribery.

The establishment of a single sign-on infrastructure supports WestLB’s security policy.

It was several years ago thatlarge retail chains such as Wal-mart and Metro announced thatthey wanted to use RFID to revo-lutionise the logistics chain andpayment process. But what liesbehind this technology and thephrase “the Internet of things”?Which opportunities and risksdoes it hold for the optimisationof business processes? secuviewasked Dr. Frank Gillert, owner ofUbiConsult, and Thomas Koelzer,from the Management Board atsecunet.

secuview: What do “RFID” and“the Internet of things” mean?

Gillert: RFID is an acronym forRadio Frequency Identification.It’s a wireless technology fortransmitting data, like Bluetoothor WLAN. The difference lies onlyin the low range.

The Internet of things refersto intelligent communicationbetween two objects by meansof transmission technologiessuch as RFID – without an

explicit prompt by humans. Thebest known example is the auto-matic supermarket: Upon pass-ing a barrier, the RFID tags onthe grocery item packaging com-municate with the check-out; thecustomer does not have to placethe items on the belt or swipethem past a scanner. So theInternet of things refers tohighly automated communicationbetween objects, free of mediabreaks.

Koelzer: We are familiar withRFID from its use in electronicpassports: With precisely thistechnology, the biometric data inthe document is comparedagainst that of the traveller atborder controls. Secure work-flows of this kind will also beestablished for objects and com-modities in future.

secuview: How far along is thetechnology for using RFID withregard to objects?

Gillert: In part, the Internet ofthings is evolving all around us,

without our realising it. Cellphones synchronise with the PCautomatically and with no ex-plicit human prompt. The devicespossess a certain intelligenceand can anticipate specific pro-cesses. But the supermarketscenario mentioned is still quitefar off.

secuview: Which businessmodels are more realistic?

Gillert: There are actual sce-narios that have nothing to dowith a volume market such asretail. One example is the aviati-on industry. Roughly two billioneuros in damages are incurredannually because the wrongspare parts are shipped. If RFIDcould be used to avoid falsifica-tions and errors, it would be amajor step forward.

Koelzer: The same applies toareas such as lifecycle manage-ment, plant engineering and con-struction or logistics for valuablegoods. The savings potential ishuge.

Business Security

4

Objects that communicate to optimise processesTalk with the experts on the subject of RFID and the Internet of things

Thomas KoelzerMember of the ManagementBoard at secunet

Dr. Frank Gillert

Dr. Frank Gillert studied me-chanical engineering at the Tech-nical University of Dortmund.After serving as a member of thescientific staff at the Institute forDistribution and Trade Logistics(IDH), he was active in variousmanagement functions in theindustry.

He has been the proprietor ofUbiConsult, a Berlin-based cor-porate consulting firm, since2005. In December 2008, heaccepted a position at the Tech-nische Fachhochschule Wildau

in Logistics Management/Logistics Controlling.

Dr. Frank Gillert is the authorand co-author of publicationson the subject of RFID andsecurity, e.g. “RFID für dieOptimierung von Geschäfts-prozessen” [RFID for theoptimisation of businessprocesses] (Hanser 2007),and is a member of severalcommittees and expertpanels such as BITKOM,Omnicard, Cebit AutoIDForum and EuroID.

secuview: The idea of RFID iscertainly not new. Expertshave been discussing possibleapplications for more than tenyears. Why has so little beenachieved over such a longperiod? There seem to bebusiness models which areobviously interesting.

Gillert: The search is on for onemajor, global solution that is suit-able for every purpose, a Swissarmy knife of solutions, if you will.The RFID tag must have a largememory for the documenta-tion, be able to cover alarge range and havea security system forauthentication at itsdisposal. Plus specialphysical requirements.These requirements oftenhinder implementation:The global approach ischosen instead of checkingwhere there are solutionsthat already work.

Koelzer: Lifecycle managementof, for instance, valuable medicalsupplies requires no global stan-dardisation, as is the case in theaviation industry. This is wherethe industry should start anddevelop a solution on a smallscale. If it works on a small scale,it can later be extended to globalprocesses.

secuview: Let’s move on tothe subject of security: Whatkind of security is necessaryfor RFID?

Gillert: It depends entirely on thearea of application and the valueof the goods. We surely all agree:A yoghurt container has no needfor security. But it’s a completelydifferent story with regard toaviation: In this case, it’s a matter

of life and death and amounts inthe millions, making security aconsiderably more relevant issue.This means: We have to ensurethat only original parts are used.

Koelzer: The important thing isto focus on security right fromthe start. One can’t define thebusiness process, design anRFID solution and then wonderwhether one needs additional

security. Generally speaking, thesame principle applies to RFID-based processes betweenobjects as to business processesbetween people: If they have acertain intrinsic value, e.g.because a monetary transactionis involved, there is also a risk ofattack and it is necessary toensure security.

Find more on next page

Business Security

www.secunet.com 5

Business Security

6

Continuance of page 5

secuview: Are there alreadyany indications as to what asecurity solution for RFIDcould look like technically?

Gillert: There is an RFID chipwhich is used in asymmetricalprocesses, similar to a publickey infrastructure. This enablesobjects to mutually authenticatethemselves. Practicability is cru-cial for a solution: The authenti-cation must be carried out theeasiest way possible, without

additional devices. We thereforeneed simple, standardised infra-structures to make businessmodels feasible.

secuview: Good that youmention standards. How faralong are the correspondingcommittees?

Gillert: The German FederalOffice for Information Security(Bundesamt für Sicherheit in derInformationstechnik) has alreadycreated technical guidelines.These were previously aimed at

the use of RFID in electronicpassports, i.e. personal identifi-cation. But at the moment, workis being done on a guideline forRFID in logistics. It’s obviousthat it’s impossible to cover allapplications with one technicalguideline right off the bat. Thatkind of thing must result fromactual practice and the BSI is onthe right track. Directives andchecklists are a big help for non-security experts when it comesto developing secure RFID solu-tions.

secuview: Last but not least:What is your prognosis on theprospects of RFID? WhichRFID technologies will we haveto reckon with and what stillremains a vision?

Gillert: I personally think that wewon’t have a yoghurt containercommunicating with the fridgefor another ten years. But we willwitness the use of RFID for valu-able textiles sooner than that.And then not just on the packagefor logistics, but on the objectitself. In the next one or twoyears, I see more the nichesectors such as the examplesof plant engineering and con-struction and aviation alreadymentioned. The subject is alsoreceiving close attention in thepharmaceuticals industry in orderto make it possible to reliablymonitor the supply chain. It’simportant to have a holisticsecurity system, an infrastructurethat works and a simple way ofevaluating data. The threshold isstill very high at the moment withregard to using RFID in practicebecause there is a lack of under-standing and its feasibility hasnot yet been ascertained. But weare in the process of changingthis.

We won’t have a yoghurtcontainer communicating with the fridgefor another ten years.

««

setting an excellent example.Especially in view of the fact thatwe are the target of attemptedattacks more often than othercompanies. We therefore decidedto use a Web Application Firewallin order to provide appropriateprotection of the personal data ofour applicants.”

It is easy for professional at-tackers to circumvent the portalsoftware security functions in-cluded with the product. Neitherdoes a standard firewall providecomprehensive protection as itonly monitors the flow of traffic,not the content. The decision touse a special firewall, designedfor securing web applications,was a matter of course forsecunet. The integrationof the protection sys-tem was problem-free as a result ofthe flexible inter-faces. It took justone day to installthe Web Applica-tion Firewall, whichnow provides compre-hensive protection of theapplicants’ sensitive data.

Business Security

www.secunet.com 7

Setting an excellent examplesecunet secures its own Career Portal with Web Application Firewall (WAF)

The cobbler’s wife is the worstshod! – This proverb was truelong before the advent of theterms IT, computer and Internet.These days one has got to won-der: Is the consulting company inneed of corporate consulting?Does the provider of archivingsoftware appropriately archive itsown documents? And is the con-fidential data of an IT securitycompany actually secure?

secunet is aware of this respon-sibility and therefore relies on itsown proven know-how: Thecompany’s sites are networkedby means of the high-securitysolution SINA. And security isalso a top priority with regard tonew communication channels:The new secunet Carrear Portalis reliably protected against un-authorised access with a WebApplication Firewall.

“Particular attention must begiven to security whereverpeople upload their confidentialdata to a portal,” emphasisesCarsten Borkus, division head ofinternal IT at secunet. “And asan IT security company we are

Uwe DemskyPhone: +49-201-54 54-20 [email protected]

…a Web Application Firewall?A Web Application Firewall is a guard for your web portal. It deter-

mines who can enter the portal. Decisions are based on a book full

of regulations which the guard compiles as a result of observations

of authorised and unauthorised behaviours. Those who do not adhere

to these regulations are not permitted to enter. The guard is posi-

tioned in front of the portal so that the actual application does not

have to be adapted to suit his requirements. It is quite the contrary:

He is so easy-maintenance and flexible that he can guard any

number of portals without having to do a lot of additional learning.

What is...

contact

For moreinformation

Business Security

8

Offender gains entry through cameraPenetration tests reveal unknown weaknesses in company networks

“We currently monitor our exitsby means of IP cameras. Anemployee is able to view andevaluate these pictures via ournetwork. How could externalattackers use this to accessinternal data?”

This was roughly the case whena customer of long standingcommissioned secunet to checkthe connection between hiscameras and the internal LANfor weaknesses. The company,which does not wish tobe named, provided only anEthernet cable with access tothe camera LAN as information –a realistic starting point forattackers from within and without.

Right at the beginning of theanalysis, the “extensive separ-ation” of the camera LAN from

the internal network turned out tobe simple: A switch and the useof different IP address areas wereto provide the necessary pro-tection. This assumption quicklyproved to be incorrect: Thesecunet experts connected anotebook to the Ethernet cableof the camera LAN and immedi-ately obtained an IP address withdirect access to the internal com-pany network – and with this, toall confidential data.

But even the cameras them-selves were vulnerable to pen-etration by the specialist: Byusing fake IP packets, he coulddeactivate them without anytrouble. Surveillance was termi-nated without any further alarm,which would have made itpossible for criminals to enterthe building unnoticed.

Minor weaknesses with majorconsequences

This real-life example shows thatsupposedly small weaknessescan jeopardise the entire com-pany network, and even thecompany itself. Past experienceindicates that 11 in 100 internalsystems allow attackers director indirect access. “The fact isfrequently ignored that a suc-cessful system attack renderspreviously secure systems vul-nerable since it is possible toread administrative users andtheir passwords,” a cause forconcern given by Dirk Reimers,security specialist from secunet.

A comprehensive security analy-sis, which identifies all weak-nesses and then remedies them,offers protection against un-authorised company networkaccess. Access may take manydifferent forms: The camerasystem is an unusual example;secunet experts often receiveonly an employee’s businesscard or a login name. They usevarious tools and tricks to gainaccess to confidential companydata. This is the same way realattackers get into the network.Many managers are not evenaware of the risk.

By the way: The customer sev-ered the link between the cameraLAN and the internal networkdirectly after the test.

Weakness camera LAN

Dirk ReimersPhone: +49-201-54 54-20 [email protected]

contact

For moreinformation

Business Security

www.secunet.com 9

Mr Jörg Thomas, IT admin-istrator at the StadtwerkeBonn:

“The Federal Network Agency(Bundesnetzagentur) requiredthat all energy providers nation-wide introduce electronic billingwith digital signatures in 2008.In addition, we ar-ranged to transmitencrypted electronicinvoices with someof our business partners. Wetherefore needed a completesolution from a provider whowould be able to seamlesslycarry out the migration togetherwith us.

secunet was the only companyto offer us this complete solution:qualified signatures, encryption

and project management from asingle source with a contact part-ner who took care of everything.We now sign our invoices usingthe secunet multisign solutionand encrypt them directly there-after with a system from Zertifi-con, a partner of secunet’s. Thecompany’s IT experts took a lot

of work off ourhands: from theinstallation and theinterfaces for the

encryption solution all the way tocommissioning. The best thing ofall is that the solution wascompletely installed after twodays’ time and we were ableto electronically sign and sendour invoices immediately. Highlyavailable signing is alreadypossible; and verification withhigh availability will follow in

future. This guarantees that ourday-to-day business can alsoproceed electronically withoutdisturbance, i.e. all the invoiceswe send and receive in digitalform can be processed – even ifa proxy happens to be down.”

Simple implementation of the GPKE regulation ofthe Federal Network Agency (Bundesnetzagentur)Stadtwerke Bonn rely on complete solution from secunet

Over the course of the liberalisationof the energy market, the FederalNetwork Agency (Bundesnetzagen-tur) has placed new challengesbefore energy providers’ IT. In par-ticular, the specification of bindingbusiness processes (GPKE, GeLi)for the networking of business part-ners means new requirementsin terms of integrity and confiden-tiality with regard to market com-munication. The Federal NetworkAgency has extended the deadlinefor implementation to 1 October2010. In addition to encrypted

message transmission incl. trans-port signature, the provisions ofthe German “Umsatzsteuergesetz(UStG)” [turnover tax law] mustbe observed for the exchangeof network remuneration (Invoic).Qualified signatures enable theinvoice recipient to provide andsecure the legally applicable certifi-cation for the invoice data – the“authenticity of origin” and “integ-rity of content” – thus allowing theturnover tax to be deducted withelectronic invoices as well.

GPKE and GeLi: deadline 1 October 2010

Roland KrügerPhone: +49-201-54 54-20 [email protected]

contact

For moreinformation

Automotive

10

Open brain surgeryWith the Advanced Backend Security solution, everything proceeds risk-free

units as well as the entire com-munication network to which thesurgeons are connected.

With Advanced Backend Security(ABSec), secunet provides asolution for securing these com-munication channels. The so-called KeyCore is the heart ofABSec. It offers manufacturers

cryptographic services while atthe same time taking on themanagement of the key materialused for this purpose. ABSecmakes it possible for carmakersto use security methods such asauthentication and encryption –in other words, it is an “all-in-one” solution. This guaranteesthat only the brain specialistin person, and not some self-proclaimed cosmetic surgeon,performs the surgery.

ABSec also meets the require-ments for a cost-effective solu-tion. Vehicle manufacturers, so-called OEMs, no longer haveto invest in their own develop-ment work. They can consider-ably lower their costs with thelicence-based ABSec system.The system is modularly de-signed and can be adapted tosuit any structure with anynumber of communication part-ners. The ABSec product isproven, and is already beingused successfully by OEMs.Teething problems are a thing ofthe past.

With remote maintenance,the patient no longer has to beon site in the operating room.

Dr. Marc LindlbauerPhone: +49-201-54 54-25 [email protected]

contact

For moreinformation

Continuance of page 1

Repair shops and manufacturerseffectively perform open brainsurgery in order to enable vehiclefunctions, respond to error mes-sages or add new software tocontrol units. Master mechanicsare evolving into surgeons. Withremote maintenance, the patientno longer has to be on site inthe operating room. secunet’sAdvanced Backend Securitysolution ensures that this remoteaccess proceeds without compli-cation.

There are communication chan-nels into the vehicle for queryingor even modifying control unitdata within the scope of onlinediagnostics. The more playersthere are on the market whouse these channels, e. g. repairshops, the more vulnerable andsusceptible they are to ma-nipulation. Motor tuning is justone example. To ensure thatunauthorised attacks do notlead to brainwashing or evenbrain death of the vehicle, it isnecessary to secure the control

Automotive

www.secunet.com 11

EURO 5 standard calls for new IT securitystructures in the automotive industry

New event series “IT Security on Board”Representatives of German automakers met with secunet in Munich todiscuss securely networked vehicles

In addition to emission values forvehicles, the EURO 5 standardspecifies access rights for repairshops. This will allow independ-ent repair shops access to car-makers’ control unit information.In order to ensure that onlyauthorised repair shops areable to access this information,the European Commission isplanning to establish certificate-based authentication.

“The Tachosmart, the digital triprecorder, could serve as anexample of a technical infra-structure: This would securecommunication between repair

shops and carmakers with aEurope-wide public key infra-structure in which the certifi-cates are stored,” stated Dr.Marc Lindlbauer, head of OnlineSecurity Automotive at secunet.“Certificate-based processescould resemble ELSTER, theGerman electronic tax declara-tion system, in whose implemen-tation secunet was a majorcontributor. According to thismodel, an independent repairshop would have to register inorder to obtain a certificate. Theshop then sends this to themanufacturer in order to accessrelevant information on the

vehicle. This is just one possibleway of securing that we seeas security experts. What thesolution will ultimately look like isstill under discussion.”

Associations of manufacturersand repair shops are currentlydiscussing the implementationof the IT security requirementsarising from the EURO 5 stand-ards in Brussels. An independ-ent workgroup is meeting withinthis scope on the subject ofsecurity.

“Car2Car communication”, “thenetworked car”, “remote main-tenance” – powerful buzzwordswith which carmakers aregrappling at the moment. ITsecurity cannot be left outwhen it comes to these issues.But how much security isactually required? And whatexactly needs protection? Inorder to discuss these ques-tions, secunet has created anew event series called “ITSecurity on Board”. It providesan in-depth, vendor-independentdiscussion of current as wellas future IT security issues inthe automotive industry.

The workshop is aimed atdepartment heads in the auto-motive industry who are con-cerned with IT security in thevehicle. If you are such a person

and are interested in the work-shop, please send an e-mail [email protected]. Thenext workshop will be held inMunich on 20 November. If you are interested in our

workshop please send us an

e-mail: [email protected]

on

Moreinformation

Continuance of page 1

This is within the frameworkof the new European Unionregulation: According tothis, all Member Statesare required to technicallyalign their foreign offices

with a central database.This means: They have to

be able to register biometricfeatures and compare these withthe central EU database.

secunet won the bid for tendersfrom among international com-petitors. The core of the com-plete solution is secunet bio-

Government

12

middle. The standards-orientatedmiddleware enables flexible useof biometric system componentsand identity document readers.secunet provides all foreignoffices with applications toregister the application data andbiometric features, in addition tosupplying the hardware, e. g.fingerprint scanners. Implemen-tation of the pilot phase of thesolution started at selectedembassies at the beginning ofJune. The productive start of thesystems will kick off in 2010 forall Member States in the NorthAfrica region.

In addition to the electronicpassport, personal identity,status of residence and visadocuments will contain bio-metric features in future. Thischange has implications notonly for the documentsthemselves. Public sectorapplications, e. g. in the con-text of enrolment and pro-cessing biometric data, willalso be subject to newrequirements and recom-mendations. In order toensure interoperable andperformant systems in thisheterogeneous structure,consistent standards mustbe created. These rangefrom the quality of the

features captured – including, forinstance, enrolment hardwareand processing software – andthe software architecture all theway to interface definitions. Thiswould also guarantee the com-patibility and extensibilityof components, an importantaspect in the highly dynamicmarket of biometric technol-ogies.

With the support of secunet, theFederal Office for InformationSecurity (BSI) has developedthe new technical guideline“Biometrics for Public SectorApplications (BSI TR-03121)”.This contains specifications andrecommendations for various

application scenarios in viewof all important national,international and Europeanspecifications and directives.It is an aid to public auth-orities which are responsiblefor issuing ID documentsand subsequent border con-trols. On the other hand, theguideline also defines actualrequirements with regard tothe hardware and softwarein terms of interoperability,extensibility and recyclability.Manufacturers can obtainconfirmation of the compli-ance of individual compo-nents with the guidelinethrough BSI certification.

BSI publishes new technical guideline

“Biometrics for Public Sector Applications (BSI TR-03121)”

Austria opts for secunetsecunet biomiddle becomes core of biometric enrolment systems in allAustrian embassies

on

Moreinformation

The technical guideline is

available at:

http://www.bsi.bund.de/literat

/tr/tr03121/index.htm.

Government

www.secunet.com 13

De-Mail – as easy as e-mail, as secure as postalmailInterview with Dr. Heike Stach, De-Mail Project Manager, German FederalMinistry of the Interior

In a few weeks, a new legallybinding e-mail system calledDe-Mail is launching pilot op-erations. We spoke with projectmanager Dr. Heike Stach aboutthe current status.

For those who have not beenfollowing the discussion allthat intensively: First, of all,could you please briefly sum-marise the objective of De-Mailand how the service functions?

One major objective of De-Mail isto create a protected communi-cation space on the Internet. Itshould be possible to send andreceive messages and docu-ments just as quickly and easilyas e-mail and just as securely,confidentially, and bindingly aspostal mail.

Binding electronic addresses areused for the communication; allDe-Mail addresses are backed

by securely identified communi-cation partners. The address willbe made available along with therelated services by providersfrom the private sector.

What are the particular chal-lenges of this project?

The major challenges and mile-stones in the project are ensuringa high level of security and dataprotection, combined with easeof use and comprehensibility forcitizens, the introduction of aconsistent accreditation processfor providers and the legal frame-work, the Bürgerportalgesetz[citizen portal act].

The main question was this: Howcan we guarantee an appropriatelevel of security in the long termfor the various use cases andrequirements and simultaneouslymake the system easy to use?For this reason, De-Mail offersstandard security and enablesscaling in terms of the authen-ticity, confidentiality and bindingnature of a message – the usercan simply choose which securitylevel he needs for his individualsituation. During sign-on, for

instance, token-based systemsin addition to user name/pass-word procedures will allow forespecially binding communica-tion. On the other hand, standardsecure connections and encrypt-ed transmission channels ensurethat sending and receiving De-Mail is secure.

All companies wishing to becomeDe-Mail providers have to firstprove that they fulfil strict secu-rity and data protection require-ments within the scope of anaccreditation procedure vis-à-visthe BSI (the German FederalOffice for Information Security).This is to be verified by independ-ent test centres at regularintervals. The security and dataprotection measures will then beregularly adapted to suit currentdevelopments.

Find more on next page

Dr. Heike Stach

Since the beginning of theMinistry of the Interior’s“citizen portal” project – nowknown as De-Mail – secunetexperts have been permanentmembers of the project team.In close cooperation with theGerman Federal Office forInformation Security (BSI),

ers and users, secunetsecured a solution thatis requirements orientated.secunet also contributes itscomprehensive project know-how to the pilot project,which is scheduled forautumn of 2009.

secunet designed the basicconcept of De-Mail and theindividual services and devel-oped them into the technicalguideline. This will serve as abasis for the certification andaccreditation of service provid-ers. As a result of the intensiveexchange with potential provid-

secunet and De-Mail

for printing and envelopes forpostal mail will be eliminated; itwill be possible to set up improveddigital end-to-end internal pro-cesses and distribute incomingpost faster – in electronic form.Certainly: First of all, an IT infra-structure must be set up and theorganisation adapted. Since De-Mail can be integrated into theexisting e-mail infrastructure, thecost of this is relatively low andwill likely pay off fast for com-panies and the public sector.

Government

14

Continuance of page 13

What are the advantages forthe user? Or to put it anotherway: Why is it a good idea totake part in De-Mail?

From a citizen’s perspective, it ispossible, for example, to corre-spond online with the publicsector or enterprises in the privatesector for the very first time – thissaves time, travelling and moneyand is available around the clock.Simple and effective protectionof confidential messages anddocuments and a high level ofdata protection, avoidance ofspam and the opportunity tointegrate into existing e-mailsystems are further advantages.

Companies and the publicsector have new opportunitiesand savings potential at theirdisposal. Media break costs

The Federal German Police aretesting a new, biometrics-basedborder control technology: Forthe first time in Germany, theportrait in the electronic pass-port is automatically comparedwith a live shot of the passportholder. The aim is makeborder control process fasterand simpler. EasyPASS willprovide insight into the optimi-sation of the duration of controlsas well as their spoofing prone-ness, user-friendliness andeconomy in view of subsequent

extension to further airports.The German Federal Officefor Information Security(Bundesamt für Sicherheitin der Informationstechnik),L-1 Identity Solutions andsecunet are partners inthis project. The project isscheduled to start at Frank-furt/Main Airport in thesecond half of the year.

EasyPASS – pilot project for the automation of border controls

What perspectives do you seefor De-Mail?

The pilot phase will get underwayin Friedrichshafen this autumn.Potential providers as well asbanks and insurance companies,local enterprises, the City ofFriedrichshafen and its citizensare to test the new technology inreal applications. This will allowall those involved to make initialexperiences which lead to opti-misation of the services. Parallelto this, the legislative processwill proceed. With De-Mail,Germany is adopting a globalpioneering role in trustworthyInternet communication.

Government

www.secunet.com 15

Is the “e” in e-passport exactly true?Germany at the forefront of connecting to the global directory service

Every country issues certificateson a regular basis. These arerequired if the authenticity of IDdocuments is to be verified. Onespecial feature is that two certifi-cates are necessary for the verifi-cation: the signature certificateused for production of the pass-port and the correspondingnational root certificate. Today itis already possible to check theauthenticity of the data usingcertificates. To do so, eachnation has to obtain the certifi-cate data and blacklists from allthe other countries. This has pre-viously been through diplomaticmeans, a time-consuming under-taking, involving risk with regardto the topicality of the data.

ICAO PKD is the centralsolution

With the Public Key Directory(PKD), ICAO provides a platformfor the exchange of certificatesand blacklists. All participatingcountries submit their owncertificate data and blacklists tothis global, centralised directoryservice and can simultaneouslyaccess the data of other coun-tries. In order to make optimumuse of this master directory, the

ICAO PKD, a country does wellto set up its own national direc-tory service. And this is preciselywhat has happened:

The BSI is providing a nationaldirectory service (N-PKD) forGermany. This is the link betweenthe central registry of the ICAOand the national border controlauthorities. Technical work onthe connection of the ICAO PKDhas been completed, and it hasbeen possible to start loadingreal data to the PKD. The BSI isreceiving support in this projectfrom secunet experts who are incharge of the concept designand development of the requiredinterface software.

The German N-PKD is a furtherstep towards “increased securityfor passport verification” sincethe Federal German Police areprovided with continually up-dated certificates and blacklistsin the short term. This new pro-cess marks the laying of a majorcornerstone for subsequent bor-der control automation.

The central registry of theICAO makes the certificates ofall participating nations availableworld-wide.

It is already possible to preventsomeone from crossing theborder of the country of Utopiawith a “demo passport”. Bordercontrol authorities check theauthenticity of electronic pass-ports using electronic certificates,which each country issues indi-vidually. The German FederalMinistry of the Interior (BMI) hasdecided to participate in the cen-tral data registry of the Interna-tional Civil Aviation OrganisationICAO. This registry makes thecertificates of all participatingnations available world-wide.Consequently, the German FederalOffice for Information Security(BSI) has set up a nationaldirectory service by the nameof N-PKD as a communicationinterface and thus ensures thatGermany is back in the lead inthe use of modern technologies.

What does the nationaldirectory service do?

The personal data in passports iselectronically signed to protect itagainst manipulation and falsifi-cation. This is carried out by thebody producing the passports ineach country; in Germany this isthe “Bundesdruckerei”.

Marco BreitensteinPhone: +49-201-54 54-30 [email protected]

contact

For moreinformation

Government

16

Where have all the data gone…BSI publishes high availability compendium for companies and publicauthorities

What would the consequencesbe if an online platform such asAmazon or Ebay were unavailablefor one hour? If customer servicecould not carry out same-dayshare orders for their customersbecause a system was down? Ifthe stockbroker could not tradehis stock in realtime because ofdelays in the system? In a recent-ly conducted study, employeesrated their dependence on IT todo their jobs at close to 100%.These days, a system crashquickly becomes a matter ofbeing able to do business at all.There is a demand for high avail-ability, i.e. maximum reliability.

The German Federal Office forInformation Security (BSI) hasmade an in-depth analysis ofthe issue and has publisheda high availability compendium,a comprehensive and practice-orientated manual. This is aimedat both public authorities andcompanies. The result is a clear-ly structured handbook on how

to create highly available infor-mation networks at technical andorganisational levels. secunetsupported the BSI in these efforts.

What does availability have todo with IT security?

IT security comprises three basicprotection objectives: the con-fidentiality, integrity and availabi-lity of information. In the case ofinformation security issues, theconfidentiality and integrity ofthe data to be processed haveoften rated higher than theprotection objective of systemavailability. But what is the pointof having protected information ifit cannot be transmitted or madeavailable?

In the case of industrial produc-tion, for example, the protectionobjective of availability has longbeen a top priority: The equip-ment must run 24x7, everyproduction stop or productionfailure incurs costs.

But what happens if IT systemswhich invisibly control public lifeare suddenly unavailable? Chaoson the roads, airports brought toa standstill, motionless trains,stock exchanges at which thereis no longer any trading. Today, ITsystem failures have a consider-able impact on life in society andthe security of the population.

You can download the high

availability compendium here

free of charge:

http://www.bsi.de/fachthem/

hochverfuegbarkeit/

hvkompendium.htm

on

Moreinformation

High availability concernseveryone

The BSI summarised the experi-ence it gathered from many yearsand projects into a three-parthigh availability compendium. Itis aimed at all institutions, publicauthorities and companies thathave business processes basedon IT either in whole or in partand consequently have to ensuretheir availability.

With this manual, the BSIprovides an instrument whichfocuses on critical businessprocesses and determination oftheir quality requirements anduses these as a basis for require-ments-specific high availabilityarchitectures. It also offers cri-teria which make it possible toevaluate existing or plannedtechnical and organisationalstructures in view of high avail-ability. In addition to basics,best practices and actualmethods, e. g. for cluster archi-tectures or storage technologies,the compendium offers practicaltools and support in the formof checklists or catalogues ofmeasures.

The availability A(t) of a unit is the probabilityof the unit’s possessing all of the warrantedcharacteristics at any point in time t given thedescribed environmental conditions, or of itsfunctioning without error.

From the BSI’s high availabilitycompendium

««Heinz-Günter NähringPhone: +49-201-54 54-30 [email protected]

contact

For moreinformation

Rudolf SchöngarthPhone: +49-201-54 54-30 [email protected]

High Securityt

www.secunet.com 17

The SINA Virtual Workstation makes it possible to securelytransmit an exact representation of the current situation in theGerman airspace in real-time.

Approaching heaven with the SINA VirtualWorkstationExact airspace situation available in real-time

Continuance of page 1

The “Führungszentrale NationaleLuftverteidigung” (FüZNatLv), anamalgamation of the German AirForce and Federal Police as wellas the “Deutsche Flugsicherung”(German air-traffic control), moni-tors the airspace above Germanyaround the clock and respondsimmediately to any unscheduledincidents. This includes pre-paring important informationfor national decision-makers,allowing them to act quickly andeffectively. In the past, it wasonly possible to transmit crucialinformation on incidents via thephone. Until 2006, the time lagresulting from the necessary re-petition of information or spokenmonologues for describing thesituation were part of the dailyroutine. But situations can turncritical in an instant.

Today, the SINA Virtual Work-station makes it possible tosecurely transmit an exact repre-sentation of the current situationto all those involved in real-time.Decision-makers and liaison staffat large-scale events immediate-ly receive information presented

graphically. This permits severalpeople to immediately assess thesituation.

“The use of the SINA VirtualWorkstation enables furtherimportant optimisation of ourdecision-making processes,”explains Oberstleutnant i. G.Andreas Klein from the opera-tional headquarters of theGerman Air Force. “This pro-vides considerable relief to thedecision-maker as a lot of rele-vant information is now availablein graphical form.”

The SINA Virtual Workstation isa major component in theGerman Air Force architecture. Itwas thoroughly tested in manymanoeuvres and is now beingshifted to regular operations. Inthis way, we continue to supportair defence in securing large-scale events.

The decision-making process was optimisedin that it is possible to distribute crucial infor-mation.

No time lag in information provisioning (noneed to explain situation over the phone)since the current image of the situation istransmitted in graphic form.

Connections can be established via UMTS,GPRS, LAN and WLAN.

The data is encrypted locally and highlysecurely during transport. Hard drive encryp-tion enables secure storage of additionalinformation, e.g. map information.

The security concept of the SINA VirtualWorkstation enables parallel sessions ofdifferent classifications, e.g. setting up aconnection to the Internet and one to thenetwork of the Armed Forces.

The SINA Virtual Workstation at the German Air Force

Source: FS Deutsche Flugsicherung GmbH

High Security

18

Satellite-based communication with SINAOptimisation of the TCP protocol increases transmission rate

Data transmission via satellite is aninevitability in many applicationscenarios. SAT communication isalready standard for globallyactive public authorities such asthe Ministry of Foreign Affairs orthe Armed Forces. SINA alsoprovides protection for your datain the case of satellite transmis-sion. Two-component solutions,consisting of the SINA Box andSAT optimisers, are already beingused with success. secunet iscurrently testing approaches fora single-component solution withintegrated SAT proxy.

Satellite communication is distin-guished by high signal propaga-tion delays and high transmissionerror rates. The data has to covergreat distances, during whichtime packets could be corruptedor lost. If the data is transmittedvia TCP, one of the main Internetprotocols, only small amounts ofdata are initially sent on their

way. Since it takes a very longtime for a reply to arrive, TCPraises the transmission rate veryslowly. Or it reduces the trans-mission rate if transmissionerrors occur, although a con-siderably greater bandwidth isactually available. As TCP wasdeveloped for line-based trans-mission with low error rates andsignal propagation delays, thecommunication behaviour is tobe expected in this context.

The bandwidth can be muchbetter exploited through theuse of SAT optimisers: e.g. bymeans of optimisation or replace-ment of the TCP protocol aswell as by means of datacompression. The SINA Boxthen encrypts the information.Packet size and latency increaseonly slightly as a result ofthe encryption. The encryptioncauses a moderate reduction indata throughput.

The solution with two com-ponents, a SINA Box and aseparate SAT proxy, is currentlybeing used with success. TheSAT proxy is on the unencryptedend of the SINA Box and ac-cesses the unencrypted datatraffic in order to effectivelyincrease the tranmission rate.secunet is presently testingapproaches for a single-compo-nent solution to simplify thecurrent solution. In this version,the SAT proxy is already integrat-ed in the SINA Box. This mini-mises configuration effort as wellas hardware costs.

SINA also provides protectionfor your data in the case ofsatellite transmission.

Mark HönischPhone: +49-201-54 54-35 [email protected]

contact

For moreinformation

High Security

www.secunet.com 19

Presentation topics:

SINA update: approvals,software and hardware(secunet)

Implementation of amultinational SINAinfrastructure accordingto the KISS principle(Enrichment TechnologyCompany Ltd)

Setup of a CLASSIFIED –CONFIDENTIAL networkfor the Federal Republic/States (BDBOS)

SINA Virtual Workstation(secunet)

SINA Management≥ Version 3.7 (secunet)

SINA One Way Gateway 2(secunet)

Ethernet Layer 2encryption(ATMedia GmbH)

SINA 2nd Generation(BSI, secunet)

SINA Workflow functiondemonstration(BSI, secunet)

Comparison of classifiedapproval categories (BSI)

Would you like to get your

invitation for the next SINA

User Day?

Please send an e-mail with your

contact details to

[email protected]

Subject: SINA User Day

on

Moreinformation

SINA User Day 200915 and 16 June in the Beethovenhalle Bonn

“A practically perfect event,”wrote one visitor about ourSINA User Day in June of thisyear. It has been our pleasure toread reports of this kind veryoften. We are delighted that theSINA User Day has met withsuch great popularity. We wel-comed more than 150 guests in

the Beethovenhalle in Bonn.Next year, we look forward tooffering this platform again tofacilitate the exchange betweenSINA users and the expertsfrom secunet. Find out whereand when SINA User Day 2010will be held in the next issue ofsecuview.

The SINA Box IP 54 was subjected to a continuous endurancetest. The result: It is protected against dust and splash water.

+++ Events +++ Important dates +++ Events +++

20

PINBOARD

New event series “Early Shift”“Kohlebrötchen” [coal rolls] and IT security at Zeche Zollverein

Data loss prevention, networkaccess control und endpointsecurity were the themes ofthe secunet’s first Early Shifton 18 June at the Zollverein, aWorld Heritage Site. Togetherwith Symantec, secunet pre-sented solution approachesabout how to protect companydata against loss and attacksat a breakfast get-together.

The participants’ feedback wasvery positive: “A diverting andgood overview of currentissues. The half day reallywas worth it.”

The next Early Shift willtreat the subject of e-mailarchiving and will be heldat the Zeche Zollverein on27 October 2009. In addition

to solution approachesand examples takenfrom actual practice,participants will receiveinformation on the legalramifications. Please feelfree to register now bysending an e-mail [email protected].

SINA International Partner Workshop – Berlin – 14 September 2009

IAA Automobile 2009 – Frankfurt/Main – 15-18 September 2009 (only for media and trade visitors)

10th CxO Dialog Information Risk Management – Berlin – 16-17September 2009

it-sa – the new IT Security Expo – Nuremberg – 13-15 October 2009

BMW in-house exhibition – Munich – 14-15 October 2009

25th VDI/VW Conference „Automotive Security“ – Ingolstadt – 19-20 October 2009

Biometrics 2009 – London – 20-22 October 2009

Early Shift “E-mail archiving“ – Essen – 27October 2009

PITS 2009: With security to e-government 2.0 – Berlin – 27October 2009

Information Technology Forum – Bonn-Bad Godesberg – 17-18 November 2009

IT Security on Board – Munich – 20 November 2009

Editor:secunet Security Networks AGKronprinzenstraße 3045128 Essen - GermanyTelephone: +49 201 54 54 - 0

Responsible for the content:[email protected] Editor:[email protected]

Design:Chromedia West GmbHwww.chromedia.de

IMPRINT

Copyright:© secunet Security Networks AG. All rights reserved. All contents and structures are copyright protected. All and any use notexpressly permitted by copyright law requires prior written permission.