Security

From Just Solve the File Format Problem
(Difference between revisions)
Jump to: navigation, search
(Malware/spyware)
(22 intermediate revisions by 3 users not shown)
Line 11: Line 11:
 
* [[E-Mail, newsgroups, and forums#Secure messaging|E-Mail, newsgroups, and forums: Secure messaging]]
 
* [[E-Mail, newsgroups, and forums#Secure messaging|E-Mail, newsgroups, and forums: Secure messaging]]
  
== Digital Certificates ==
+
== App provisioning and DRM ==
 +
Main article: [[Digital Rights Management]]
 +
 
 +
* [[Mobile Provision file]] (.mobileprovision; used for installing iOS apps)
 +
 
 +
== Authentication ==
 +
* [[SAML]] (Security Assertion Markup Language)
 +
 
 +
== Claim representation ==
 +
* [[JSON Web Tokens]] (JWT)
 +
 
 +
== Digital certificates, keys, etc. ==
 
* [[ASCII Armor]] (.arm; old for base64)
 
* [[ASCII Armor]] (.arm; old for base64)
 +
* [[Card Verifiable Certificate]] (CVC)
 
* [[Canonical Encoding Rules]] (.cer)
 
* [[Canonical Encoding Rules]] (.cer)
 
* [[Certificate Revocation List]] (.crl)
 
* [[Certificate Revocation List]] (.crl)
Line 25: Line 37:
 
** [[PEM encoded RSA private key]] (.key)
 
** [[PEM encoded RSA private key]] (.key)
 
* [[PFX (original format)]]
 
* [[PFX (original format)]]
 +
* [[PGP public key]]
 
* [[PKCS]]
 
* [[PKCS]]
 
** [[PKCS7]] (PKCS #7, Cryptographic Message Syntax Standard)
 
** [[PKCS7]] (PKCS #7, Cryptographic Message Syntax Standard)
Line 35: Line 48:
 
* [[SPKAC]]
 
* [[SPKAC]]
 
* [[X.509 certificate]]
 
* [[X.509 certificate]]
 +
 +
=== Digital certificate collections ===
 +
 +
* [[Security Catalog]]
  
 
== Electronic signatures ==
 
== Electronic signatures ==
 +
* [[Authenticode signature]]
 +
* [[Digital watermark]]
 
* [[HMAC]] (Hash-based message authentication code)
 
* [[HMAC]] (Hash-based message authentication code)
 +
* [[JSON Web Signatures]] (JWS)
  
== App provisioning and DRM ==
+
== Malware/spyware ==
* [[Mobile Provision file]] (.mobileprovision; used for installing iOS apps)
+
* [[Pegasus]]
 +
* [[Regin]]
 +
* [[Superfish]]
  
== Authentication ==
+
== Passwords ==
* [[SAML]] (Security Assertion Markup Language)
+
* [[eWallet]]
 +
* [[passwd]] (/etc/passwd)
  
== System security policies ==
+
See also [[Encryption#Password hashes]].
 +
 
 +
== Protocols ==
 +
* [[TLS]] (including SSL)
 +
 
 +
== Security policies ==
 +
* [[Adobe Cross Domain Policy File]]
 +
* [[Content Security Policy]]
 +
* [[Label Encodings]] (files determining information classification labels for multi-level security environments)
 +
* [[PAM configuration file]]
 +
* [[Security.txt]]
 
* [[Sudoers]] (module and file determining user privileges)
 
* [[Sudoers]] (module and file determining user privileges)
  
== Malware/spyware ==
+
== Software ==
* [[Regin]]
+
* [[OpenSSL]]
 +
 
 +
== Verification ==
 +
* [[Verifpal]] (.vp) (language for modeling aspects of security protocols to test for soundness)
  
== References ==
+
== Links and references ==
 
* [http://blogs.msdn.com/b/kaushal/archive/2010/11/05/ssl-certificates.aspx Various SSL/TLS Certificate File Types/Extensions (MSDN article)]
 
* [http://blogs.msdn.com/b/kaushal/archive/2010/11/05/ssl-certificates.aspx Various SSL/TLS Certificate File Types/Extensions (MSDN article)]
 
* [https://hashcat.net/oclhashcat-plus/ Hashcat: password cracking program]
 
* [https://hashcat.net/oclhashcat-plus/ Hashcat: password cracking program]
Line 59: Line 95:
 
* [http://www.dustbury.com/archives/17867 2014 Super Bowl security (picture)]
 
* [http://www.dustbury.com/archives/17867 2014 Super Bowl security (picture)]
 
* [http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html Senate cybersecurity report finds agencies often fail to take basic preventive measures]
 
* [http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html Senate cybersecurity report finds agencies often fail to take basic preventive measures]
* [http://www.theguardian.com/technology/blog/2014/feb/05/digital-rights-management What happens with Digital Rights Management in the real world?]
 
 
* [http://www.bbc.com/news/technology-26879185 Xbox password flaw exposed by five-year-old boy] (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
 
* [http://www.bbc.com/news/technology-26879185 Xbox password flaw exposed by five-year-old boy] (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
 
* [http://dankaminsky.com/2014/04/10/heartbleed/ Be Still My Breaking Heart]
 
* [http://dankaminsky.com/2014/04/10/heartbleed/ Be Still My Breaking Heart]
Line 65: Line 100:
 
* [http://www.tedunangst.com/flak/post/origins-of-libressl origins of libressl]
 
* [http://www.tedunangst.com/flak/post/origins-of-libressl origins of libressl]
 
* [http://dheera.net/projects/blur Why blurring sensitive information is a bad idea]
 
* [http://dheera.net/projects/blur Why blurring sensitive information is a bad idea]
 +
* [http://arstechnica.com/security/2015/04/28/how-to-crack-any-master-lock-combination-in-8-tries-or-less/ How to crack many Master Lock combinations in eight tries or less]

Revision as of 02:41, 30 July 2021

File Format
Name Security
Ontology

{{{caption}}}

Formats specific to the storage and transmission of security information.

See also:

Contents

App provisioning and DRM

Main article: Digital Rights Management

Authentication

  • SAML (Security Assertion Markup Language)

Claim representation

Digital certificates, keys, etc.

Digital certificate collections

Electronic signatures

Malware/spyware

Passwords

See also Encryption#Password hashes.

Protocols

  • TLS (including SSL)

Security policies

Software

Verification

  • Verifpal (.vp) (language for modeling aspects of security protocols to test for soundness)

Links and references

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox