Security

From Just Solve the File Format Problem
(Difference between revisions)
Jump to: navigation, search
(Digital Certificates)
(Malware/spyware)
(18 intermediate revisions by 2 users not shown)
Line 12: Line 12:
  
 
== App provisioning and DRM ==
 
== App provisioning and DRM ==
 +
Main article: [[Digital Rights Management]]
 +
 
* [[Mobile Provision file]] (.mobileprovision; used for installing iOS apps)
 
* [[Mobile Provision file]] (.mobileprovision; used for installing iOS apps)
  
Line 17: Line 19:
 
* [[SAML]] (Security Assertion Markup Language)
 
* [[SAML]] (Security Assertion Markup Language)
  
== Digital Certificates ==
+
== Claim representation ==
 +
* [[JSON Web Tokens]] (JWT)
 +
 
 +
== Digital certificates, keys, etc. ==
 
* [[ASCII Armor]] (.arm; old for base64)
 
* [[ASCII Armor]] (.arm; old for base64)
 
* [[Card Verifiable Certificate]] (CVC)
 
* [[Card Verifiable Certificate]] (CVC)
Line 32: Line 37:
 
** [[PEM encoded RSA private key]] (.key)
 
** [[PEM encoded RSA private key]] (.key)
 
* [[PFX (original format)]]
 
* [[PFX (original format)]]
 +
* [[PGP public key]]
 
* [[PKCS]]
 
* [[PKCS]]
 
** [[PKCS7]] (PKCS #7, Cryptographic Message Syntax Standard)
 
** [[PKCS7]] (PKCS #7, Cryptographic Message Syntax Standard)
Line 42: Line 48:
 
* [[SPKAC]]
 
* [[SPKAC]]
 
* [[X.509 certificate]]
 
* [[X.509 certificate]]
 +
 +
=== Digital certificate collections ===
 +
 +
* [[Security Catalog]]
  
 
== Electronic signatures ==
 
== Electronic signatures ==
 +
* [[Authenticode signature]]
 +
* [[Digital watermark]]
 
* [[HMAC]] (Hash-based message authentication code)
 
* [[HMAC]] (Hash-based message authentication code)
 +
* [[JSON Web Signatures]] (JWS)
  
 
== Malware/spyware ==
 
== Malware/spyware ==
 +
* [[Pegasus]]
 
* [[Regin]]
 
* [[Regin]]
 +
* [[Superfish]]
  
== Password managers ==
+
== Passwords ==
 
* [[eWallet]]
 
* [[eWallet]]
 +
* [[passwd]] (/etc/passwd)
  
== System security policies ==
+
See also [[Encryption#Password hashes]].
 +
 
 +
== Protocols ==
 +
* [[TLS]] (including SSL)
 +
 
 +
== Security policies ==
 +
* [[Adobe Cross Domain Policy File]]
 +
* [[Content Security Policy]]
 
* [[Label Encodings]] (files determining information classification labels for multi-level security environments)
 
* [[Label Encodings]] (files determining information classification labels for multi-level security environments)
 +
* [[PAM configuration file]]
 +
* [[Security.txt]]
 
* [[Sudoers]] (module and file determining user privileges)
 
* [[Sudoers]] (module and file determining user privileges)
 +
 +
== Software ==
 +
* [[OpenSSL]]
 +
 +
== Verification ==
 +
* [[Verifpal]] (.vp) (language for modeling aspects of security protocols to test for soundness)
  
 
== Links and references ==
 
== Links and references ==
Line 64: Line 95:
 
* [http://www.dustbury.com/archives/17867 2014 Super Bowl security (picture)]
 
* [http://www.dustbury.com/archives/17867 2014 Super Bowl security (picture)]
 
* [http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html Senate cybersecurity report finds agencies often fail to take basic preventive measures]
 
* [http://www.washingtonpost.com/business/technology/senate-cybersecurity-report-finds-agencies-often-fail-to-take-basic-preventive-measures/2014/02/03/493390c2-8ab6-11e3-833c-33098f9e5267_story.html Senate cybersecurity report finds agencies often fail to take basic preventive measures]
* [http://www.theguardian.com/technology/blog/2014/feb/05/digital-rights-management What happens with Digital Rights Management in the real world?]
 
 
* [http://www.bbc.com/news/technology-26879185 Xbox password flaw exposed by five-year-old boy] (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
 
* [http://www.bbc.com/news/technology-26879185 Xbox password flaw exposed by five-year-old boy] (And Microsoft thanked the kid instead of getting him arrested, imagine that.)
 
* [http://dankaminsky.com/2014/04/10/heartbleed/ Be Still My Breaking Heart]
 
* [http://dankaminsky.com/2014/04/10/heartbleed/ Be Still My Breaking Heart]
Line 70: Line 100:
 
* [http://www.tedunangst.com/flak/post/origins-of-libressl origins of libressl]
 
* [http://www.tedunangst.com/flak/post/origins-of-libressl origins of libressl]
 
* [http://dheera.net/projects/blur Why blurring sensitive information is a bad idea]
 
* [http://dheera.net/projects/blur Why blurring sensitive information is a bad idea]
 +
* [http://arstechnica.com/security/2015/04/28/how-to-crack-any-master-lock-combination-in-8-tries-or-less/ How to crack many Master Lock combinations in eight tries or less]

Revision as of 02:41, 30 July 2021

File Format
Name Security
Ontology

{{{caption}}}

Formats specific to the storage and transmission of security information.

See also:

Contents

App provisioning and DRM

Main article: Digital Rights Management

Authentication

  • SAML (Security Assertion Markup Language)

Claim representation

Digital certificates, keys, etc.

Digital certificate collections

Electronic signatures

Malware/spyware

Passwords

See also Encryption#Password hashes.

Protocols

  • TLS (including SSL)

Security policies

Software

Verification

  • Verifpal (.vp) (language for modeling aspects of security protocols to test for soundness)

Links and references

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox