open source software key challenges
play

Open Source Software & Key Challenges Selvaraj K, SAP Labs India - PowerPoint PPT Presentation

Dec 20, 2023 •562 likes •730 views

Open Source Software & Key Challenges Selvaraj K, SAP Labs India CyberSecurity India 2016 Conference February 19 th , 2016 Agenda #1 Introduction #2 Recent cases #3 Challenges #4 Key Takeaways Disclaimer: Views expressed in this

  1. Open Source Software & Key Challenges Selvaraj K, SAP Labs India CyberSecurity India 2016 Conference February 19 th , 2016

  2. Agenda #1 Introduction #2 Recent cases #3 Challenges #4 Key Takeaways Disclaimer: Views expressed in this presentation has nothing to do with my current employer and it is my personal view as a security expert…

  3. #1 Intro

  4. Ramayan – A case study in Security Video and image source: youtube.com

  5. Ramayan – A case study in Security Panchvati  The target system  Protected by Ram and Laxman  Houses Sita, the perfect woman Sita  The Prize!  Vulnerable  Lacks basic Security Awareness!

  6. Ramayan – A case study in Security Laxman  Administrates the target system  Sets up a firewall to protect it  Forced to trust a help-call spoofed as Ram  Gives clear instructions to Sita Mareecha  Accomplice of criminal  Master of Deception  Spear-pfishes Ram, succeeds

  7. Ramayan – A case study in Security Rama  Victim  Loses key asset ‘ Sita ’  Life changes forever Ravana  Social Engineer par excellence  An advanced persistent threat  Compromised the perfect man, Rama

  8. Ramayan – A case study in Security That was a 9000 year old story, demonstrating:  A Firewall in the form of Laxman Rekha  A Spear Pfishing Attack in the form of a golden deer  Social Engineering that compromises a seemingly secure system  Advanced Persistent Threats are nothing new!

  9. #2 Recent Cases

  10. Recent Cases  Side-Channel Attack Type of attack: Stealing decryption key from Air-Gapped computer in another room by analyzing the pattern of memory utilization or the electromagnetic outputs of the PC that are emitted during the decryption process Impact: Extracts the secret cryptographic key from a system. Source: http://thehackernews.com/2016/02/hacking-air-gapped-computer.html  Java Deserialization attack  Open Source Software (OSS) not free of security vulnerabilities e.g. Heartbleed, Poodle, Shellshock…..

  11. Risks  Threat – Attackers, Hackers, Cyber Terrorists, etc.  Vulnerability – Weakness in software applications (On-premise, Cloud, Mobile, IoT)  Impact – Confidentiality, Integrity and Availability Risk Patc tching ng

  12. #3 Challenges

  13. Challenges  Open Source vulnerabilities reported in public, but to provider of OSS component  We learn about them when issue fixed and published, effectively like a zero- day for us  No guarantee that it is free of vulnerabilities  AND: You are responsible for open source components as if it was your own code  YOU need to keep it secure and fix known vulnerabilities

  14. #4 Key Takeaways

  15. Key Takeaways  A chain is as strong as its ‘weakest’ link and toughen the weakest links  Move from protecting the perimeter to protecting data  Refresh security strategies to address rapidly evolving business needs and threats  Take responsibility for OSS components, they more risky  Finally, Protect your Self, Family, Organization and Nation !!

  16. Thank you Contact information: Selvaraj K Email: selvaraj.k@sap.com Mobile: 94498 35907

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
1 Version 2: MIT, 1983 Bazaar Model Richard Stallman was Characteristics include

1 Version 2: MIT, 1983 Bazaar Model Richard Stallman was Characteristics include

Open Source Idea? SHARE and the Origins of Open The basic idea behind open source is very simple: When programmers can read, Source Software: 1953-1972 redistribute, and modify the source code for a piece of software, the software evolves.

530 views • 8 slides
Open Source Software/Hardware Decoupling Open Source Software (OpenStack, CORD)

Open Source Software/Hardware Decoupling Open Source Software (OpenStack, CORD)

Design principles for 5G Toward a new paradigm, All-IT Network architecture Unbundling Open Source Software/Hardware Decoupling Open Source Software (OpenStack, CORD) Unbundled Function Blocks Open Source Hardware (OCP,

180 views • 15 slides
What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open

What is open source? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

878 views • 16 slides
What is open source ? Computer software where the source code is distributed under an open

What is open source ? Computer software where the source code is distributed under an open

What is open source ? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes collaboration Community of developers

462 views • 14 slides
1 Distribution of work: new functionality Distribution of work: fixes 7 8 Who reports

1 Distribution of work: new functionality Distribution of work: fixes 7 8 Who reports

The case for open source software Open Source Software Why Open Source Software / Free The process, the outcome Software (OSS/FS)? Look at the Numbers! David A. Wheeler The heat, the light Revised as of September 30 2004

464 views • 9 slides
Challenges in Open-source RISC-V Implementations Differentiation & Customization Open Source

Challenges in Open-source RISC-V Implementations Differentiation & Customization Open Source

Challenges in Open-source RISC-V Implementations Differentiation & Customization Open Source Hardware Promises and Hopes Great way to collaborate Faster development thanks to readily available IP (e.g. peripherals, ) Very

411 views • 17 slides
The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source

The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source

The State of Open Source Databases Peter Zaitsev CEO, Percona October 1 st , 2019 Open Source Software Amazing times for Open Source Software! Commercial Success Fantastic Success of Open Source Based Businesses! RedHat Acquired by IBM

1.19k views • 52 slides
December 7, 2015 - January 25, 2016 What is open source? Computer software where the source

December 7, 2015 - January 25, 2016 What is open source? Computer software where the source

December 7, 2015 - January 25, 2016 What is open source? Computer software where the source code is distributed under an open source license that allows anyone to study, change, improve and distribute the software. Promotes

423 views • 15 slides
Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview

Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview

Creating Open Source Electronic Hardware with Open Source Software Tom Anderson Overview Open Source hardware (This is the smallest font) Business model Example circuit, concept -> production Make circuit boards with Open

806 views • 78 slides
Equity & inclusion as a way of developing diverse, resilient, and more relevant open source

Equity & inclusion as a way of developing diverse, resilient, and more relevant open source

Equity & inclusion as a way of developing diverse, resilient, and more relevant open source software Griselda Cuevas | Aizhamal Nurmamat kyzy Airflow Summit July 6-17, 2020 What we will discuss Common challenges for Open Source

689 views • 58 slides
Open Source software for libraries Presentation at ECCHRD meeting Budapest, 30-31 May 2011

Open Source software for libraries Presentation at ECCHRD meeting Budapest, 30-31 May 2011

Open Source software for libraries Presentation at ECCHRD meeting Budapest, 30-31 May 2011 Open-source software (OSS) is computer software of which the source code and certain rights are provided under a license that allows others to study,

186 views • 15 slides
1 A Comparison of Open Source Search A Comparison of Open Source Search Engines Engines

1 A Comparison of Open Source Search A Comparison of Open Source Search Engines Engines

Open Source Search Engines Why? Low cost: No licensing fees Source code available for customization Good for modest or even large data sizes Open-Source Search Engines and Challenges: Lucene/Solr Performance, Scalability

347 views • 13 slides
Ut Utilizing lizing Free e Op Open n So Source ce So Software are and nd Op Open n

Ut Utilizing lizing Free e Op Open n So Source ce So Software are and nd Op Open n

Ut Utilizing lizing Free e Op Open n So Source ce So Software are and nd Op Open n Data a in the Crop rop Su Suitability ability Anal alysis sis of Adlai dlai for or Cl Climat mate e Ch Change nge Adap daptation ation

670 views • 15 slides
Challenges in making Challenges in making Free and Open Source Accessibility work Free and Open

Challenges in making Challenges in making Free and Open Source Accessibility work Free and Open

Challenges in making Challenges in making Free and Open Source Accessibility work Free and Open Source Accessibility work Peter Korn Accessibility Architect Sun Microsystems, Inc. Agenda Some History Funding model in US, Europe,

428 views • 11 slides
U:Kit open source software and hardware smoke detector Slavey Karadzhov slav@attachix.com

U:Kit open source software and hardware smoke detector Slavey Karadzhov slav@attachix.com

U:Kit open source software and hardware smoke detector Slavey Karadzhov slav@attachix.com Agenda Dream Team Creating U:Kit a smart device that is open source software and open source hardware. and created with/for

173 views • 16 slides
BLAZAR Project overview and update MASAHITO MUROI IRC: MASAHITO NTT PIERRE RITEAU IRC:

BLAZAR Project overview and update MASAHITO MUROI IRC: MASAHITO NTT PIERRE RITEAU IRC:

05.08.2017 BLAZAR Project overview and update MASAHITO MUROI IRC: MASAHITO NTT PIERRE RITEAU IRC: PRITEAU UNIVERSITY OF CHICAGO HIROAKI KOBAYASHI IRC: HIRO-KOBOAYASHI NTT What does Blazar do? Reservation service The project

662 views • 15 slides
Evolution of Cooperation on Anonymous Markets source: https://doi.org/10.7892/boris.69490 |

Evolution of Cooperation on Anonymous Markets source: https://doi.org/10.7892/boris.69490 |

Evolution of Cooperation on Anonymous Markets source: https://doi.org/10.7892/boris.69490 | downloaded: 30.8.2020 Reputation, Reciprocity and the Emergence of Institutions Andreas Diekmann, Ben Jann, Stefan Wehrli and Wojtek Przepiorka ETH Zurich

646 views • 19 slides
River Poddle Flood Alleviation Scheme tral Area Committee 8 th October Presentation to DCC South

River Poddle Flood Alleviation Scheme tral Area Committee 8 th October Presentation to DCC South

River Poddle Flood Alleviation Scheme tral Area Committee 8 th October Presentation to DCC South Centr by Gerard OConnell, l, Senior Engineer (A) and David Grant Poddle P Project Resident Engineer 1 oute m in length es in Tallaght

142 views • 11 slides
Patterns Really? Patterns? Lets start somewhere Why do I care? Software design pattern is a

Patterns Really? Patterns? Lets start somewhere Why do I care? Software design pattern is a

Patterns Really? Patterns? Lets start somewhere Why do I care? Software design pattern is a general reusable solution to a commonly occurring problem within a given context in software design. It is not a finished design that can be transformed

403 views • 22 slides
FULL YEAR RESULTS PRESENTATION YEAR ENDED 31 DECEMBER 2014 SUMMERSET GROUP HOLDINGS LIMITED 29

FULL YEAR RESULTS PRESENTATION YEAR ENDED 31 DECEMBER 2014 SUMMERSET GROUP HOLDINGS LIMITED 29

FULL YEAR RESULTS PRESENTATION YEAR ENDED 31 DECEMBER 2014 SUMMERSET GROUP HOLDINGS LIMITED 29 February 2012 24 February 2015 0 AGENDA 2 FY14 Result Highlights 6 Business Overview 20 Financial Results 25 Final Dividend 29 Appendix

534 views • 32 slides
State Route 11 and 487 Reconstruction Town of Bloomsburg Public Meeting and Presentation June

State Route 11 and 487 Reconstruction Town of Bloomsburg Public Meeting and Presentation June

State Route 11 and 487 Reconstruction Town of Bloomsburg Public Meeting and Presentation June 5, 2019 Project Limits East Street (Main Street to 7 th Street) Poplar Avenue/Ferry Road (7 th Street to Susquehanna River Bridge) Full Depth

927 views • 27 slides
growing tree species in India R C Dhiman Introduction Forestry sector is in concurrent list

growing tree species in India R C Dhiman Introduction Forestry sector is in concurrent list

The role of private sector in promoting the culturing of poplar and other fast growing tree species in India R C Dhiman Introduction Forestry sector is in concurrent list Total timber requirement is 123 Million m 3 Forests provide 3

425 views • 20 slides
GIRARD . Thrive Thrive

GIRARD . Thrive Thrive

GIRARD . Thrive Thrive Connect Connect Lehigh Broad Poplar Lehigh 1 Upzone to commercial and multi-family residential 2 Right size the

463 views • 21 slides

More recommend