This post is focused on the most important components that play a role in the key management lifecycle: Hardware Security Modules (HSMs) and Key Management Services (KMSs). I start by giving a very short introduction of what is cryptographic key management and what does the key management lifecycle entails. The rest of the post is mainly focused on my experience with HSMs and KMSs with regards to architectural, operational and maintainability aspects.
Key Management is about managing the lifecycle of cryptographic keys.
In this post I analyse the recent INE/Cloudflare case according to Schrems II ruling, where the Portuguese DPA ordered suspension of all transfers of Portuguese census data to the USA. I then abstract the architecture pattern inherent to INE/Cloudflare situation and reason about possible implications for non-EEA SaaS in the future. I finalise the post by giving some examples of possible technical measures that can be implemented to provide the adequate level of protection when using SaaS services (whether non-EEA or EEA).
Recently, the Portuguese Data Protection Authority (DPA) has ruled out that Statistics Portugal (INE in Portuguese) had to…
In this blog post I address Bring Your Own Key (BYOK) and the concept of (cryptographic) key control. I start by first giving a high-level overview of what BYOK feature entails and then why it is important for organisations to control the encryption keys that are used to protect the data. I then address the question of whether BYOK solves the key control problem when deploying applications in a Cloud Service Provider (CSP).
We thought we solved the problem, but it seems we just have created a new one.
This post addresses the concerns related with remote (digital) signature services in the context of the eIDAS regulation. I start by introducing the concept of digital signatures and their requirements within the context of eIDAS. Then the high-level overview of the concept of remote signature service is defined, as well as its main implementation flavours. In the end I explain why I consider that the remote signature services (as described here) should not be used to provide signatures that aim at replacing handwritten ones.
This blog post addresses the impact of Schrems II in organisations within the European Economic Area (EEA) that host their services in public cloud services (owned by companies that are not part of EEA). In particular, I address the impact of EEA organisations that host their services in Microsoft Azure or Amazon Web Services (AWS). This analysis is non-exhaustive and the impact of Schrems II has more wider ramifications than the ones specifically addressed in this post.
Please note that I’m not a person with legal background and this is just a summary of the all the conclusions I’ve drawn…
What does this yes mean then? That you are spending your efforts in the right way? That applications are getting safer?
Let’s see what kind of things have improved and what’s still missing.
Applications do rely more and more on secure connections, including internal network communications (which was not the case a couple of years ago). I believe the shift to secure communications has been motivated by different reasons, such as:
Making sense of the GDPR as a software engineer (and social human being)
Article 25 of the General Data Protection Regulation (GDPR) addresses data protection by design and by default as a general obligation for data processors and controllers. From a software engineer’s perspective, it is really challenging to distill the relevant information and concrete action points from this new regulation. We can get stuck easily.
Software engineers need concrete and actionable answers on what and how to do things. Unfortunately, legislation and legislators are hardly ever concrete either because they might not be inclusive enough, or because there’s a…
Maintainable security. This topic that has been floating in my mind for a long time.
Information security is the hot topic of the moment, either because the GDPR demands it as prerequisite for privacy enforcement or because people are becoming more and more aware of its importance. The trust people put in online transactions is what makes it one of the most important and challenging things of the modern internet. Without information security, online services would not be possible.
As for Maintainability, although most people are not even aware of what that means and do not consider it yet as…
BSides Lisbon was a one day event on information security (InfoSec) organised by AP2SI, a Portuguese organisation that is trying to develop InfoSec in Portugal. Although this wasn’t the first edition, this was the first time I participated in the BSides event. The event is very international (with speakers from different parts of the world and all the talks in english) but the audience was mostly Portuguese. Many students from software engineer and computer science were attending the event.
As a native Portuguese living abroad, I’m very glad that these awesome events are happening Portugal. Creating InfoSec awareness in Portugal…
Sometime ago I started doing security analysis; more specifically secure code reviews of enterprise software systems. I instantly realized that real world software systems more than often do not implement crypto correctly, and even more scary is that most developers don't really know how to do it right.
To be honest I wasn’t expecting that industry software was lagging behind on this matter. But, after some discussions with co-workers and reading a lot, I indeed realised that there’s a huge gap between cryptographic knowledge and software development.
After Googling for a while, I’ve found tones of blog/forums posts with bad…