Not only the minister is concerned: software is too uncertain. Now think of the computer manufacturer Fujitsu developed to have something that creates Remedy
The allegations in the most recent annual report on IT security weigh heavily -. And where they are of German Interior Minister Thomas de Maizière (CDU) and the Federal Office for Information Security (BSI). They are directed against the big American software maker: “The number of critical vulnerabilities in standard IT products has increased compared to the already high values in previous years, in 2015 again massively,” it says in the report that in the last few has been presented days to national IT summit in Berlin. Because some software publishers but more slowly or – in older products – would offer no security updates to de Maizière was open to the examination of claims for damages
The background is that some companies, according to BSI. proceed to because of growing international competitive pressures to be at vulnerabilities that are not considered serious, let more and more time here, to remind the user to dangers and providing them with updates on the Elimination of vulnerabilities. This creates, in view of the use of standard products such as Internet browsers increasingly attack for cyber attacks, said BSI President Michael Hange. The threat situation in the software estimates that the Ministry of the Interior under standing BSI therefore as high. Particularly badly cut in the BSI-formation for critical vulnerabilities products Adobe Flash, Microsoft Internet Explorer, Apple Mac OS X and Microsoft Windows from.
And not only since the submission of the report raises the question: What can you do about it? The in this newspaper a few days ago expressed thought, given the holey and poorly programmed software need the new digitized world may be a totally new to be programmed from scratch secure operating system (FAZ of 20 November), is by some experts as may be desirable, but unrealistic considered. WORKABLE appears many of them a software-based, OS-independent encapsulation of vulnerable applications and data from the rest of the (uncertain) IT infrastructure.
This is also an approach that the safety performance of the computer manufacturer Fujitsu in Augsburg under the term “Digital sovereignty” followed – and which now opens into first marketable deals that will be available in the course of next year. Put simply, it formulated any case the company’s spokesman, it states that it is an end-to-end encryption, the rich from the terminal via the transmission paths to the data center. As a subsidiary of the Japanese Fujitsu Group, Fujitsu Technology Solutions operates in Germany corporate customers and develops and manufactures here among other notebooks, personal computers, network computers (servers), storage systems and motherboards, and operates a number of highly secure data centers. Once the computer business of Siemens has risen in the group.
“The protection of data, applications and all IT environments is essential in view of the ever increasing networking. This also applies to companies such as for organizations and public institutions, “says Rupert Lehner, Senior Vice President Sales Germany at Fujitsu, on the latest developments from his home. This also explains why recently the first five security solutions have been presented under the new brand name “Fujitsu Security Solution Surient”. These are designed to provide secure application environments based on existing infrastructures for security worth protecting data and processes.
The Fujitsu Surient underlying security concept covers as specified by the company’s data centers, data transmission and terminals as well from sensors like playing in the “Internet of Things” (the basis for the so-called industry 4.0) a central role. The concept was based on results of research and development project “Digital sovereignty” and is modular. Thus, it should be possible to adjust the level of protection to the individual requirements of each client. The modules could be used singly or in combination.
The new “Encrypted boat Solution” for example, is based on a patented technology from Fujitsu. The module should make it possible to launch the IT systems in the data center with encrypted system partitions without having to manually enter a password. The passwords are locally produced and handed over by the system and are themselves the administrators unknown. This is caused by the staff an effective protection against unauthorized access.
The module “Sealed Applications Solution” in turn ensures according to the specifications of Fujitsu for an effective protection of applications on devices like PCs, tablets, workstations and notebooks , It is a runtime environment that is launched in parallel with the operating system. In this enclosed environment, the applications and the data processing run separately from the hardware and the operating system. The idea behind it: applications and data should be possible to protect in this way effectively against attacks
Additional modules are designed to protect data center infrastructures against unauthorized access.. In all variants, the authentication via an infrared hand vein scan, if desired also be carried out with other biometric methods for authentication. This means that only authorized administrators were given access. Depending on the protection requirement, the access’ll also be combined with a multi-eye principle. So could together open the door of a security tract only a defined group of persons. A module is to ensure that currently known attack vectors run from the outside to servers and services into the void. By contrast, authorized users can log on to the data center via a secure Virtual Private Network (VPN). Exploiting a “Zero Day Exploit” and of “Man in the Middle” attacks will very difficult in this way, it is at Fujitsu. Perhaps the Minister of the Interior and the BSI should make time on his way to Augsburg.
No comments:
Post a Comment