Government Business Security High Security Automotive

The IT Security Report
by
Issue 1 | 2009
Business Security
Automotive
Government
High Security
Digital signatures
fast and simple
Locking out
the virus zoo
WANTED:
Fast multitasking expert
for healthcare sector
Data stream
under control
mobile.de relies on secunet
multisign for electronic billing
Embedded security in automobiles for protection against
malware attacks
DSV relies on new OCSP
responder from secunet
SIAM observes procedure in
the electronic processing of
classified data
The web resembles the animal
kingdom: there are many different viruses, worms and Trojans,
and researchers discover new
species every day. Visitors
intending to enter this “malware
zoo” have to be protected appropriately.
The health card is here. Starting
with the North Rhine region, it is
now progressively shifting into
active service. This small electronic card and its added value,
the time of its introduction and
the protection of highly sensitive
patient data, which can be
accessed by means of the card,
have been the subject of extensive coverage and speculation in
all the media and much discussed by experts in the run-up
to its launch.
ERP system
invoice
PDF
e-mail server
customer
When launching new technologies, companies are mainly
interested in just one thing: that
the process runs smoothly. If, in
addition, there are legal requirements to be considered, migration can quickly become very
complex. Not so with mobile.de.
Have a look at what Mr Pascal
Frohn reports about the introduction of electronic billing with
secunet multisign.
The last two issues of secuview
included reports on current
developments concerning online
access in the vehicle. Customers, manufacturers and legislators are pushing for Internet
access, remote maintenance and
car-2-car communication.
Find more on this issue
on page 3
Find more on this issue
on page 5
Internet
process channel
secured
affirmation channel
PKI
Mr Smart knows many secrets.
He saved them securely on his
computer. No one can get to
them. So it would seem. But Mr
Smart is a little uneasy about
what may be escaping through
his network cable without his
noticing. And these secrets are of
course only for the eyes of
authorised persons.
Mr Smart is right to be anxious.
There are many ways to lift data
from his computer. For example,
a Trojan may be wreaking havoc
on Mr Smart’s hard drive and
secretly sending data without
drawing any attention to itself.
Find more on this issue
on page 6
www.secunet.com
Find more on this issue
on page 10
EDITORIAL
CONTENT
03 Digital signatures fast and simple
manages Germany’s
04 secunet
largest distance education provider
05 Locking out the virus zoo
Fast multitasking expert
06 WANTED:
for healthcare sector
Dear Reader,
Dr. Rainer Baumgart
Global financial crisis, recession, downsizing. These issues have
been the media focus for months now. But despite all the negative
prognoses and announcements, there is a gleam of hope. Companies that fly in the face of the economic slump and actively challenge it. Take secunet, for example. Last year’s double digit growth
in revenue speaks for itself.
And to whom do we owe this success? On the one hand, of course,
to our staff who work on solutions for our customers with great
motivation and reliability each and every day. However, it is you, our
customers and partners, whose contribution is even more critical.
Your confidence in us strengthens us in our day-to-day work and
has ensured our success for more than 10 years now. We would like
to take this opportunity to express our gratitude – by providing consistently reliable solutions and clear communication.
We make every effort to offer you the stability and reliability that is
so crucial, particularly in times such as these. However, this in no
way prevents us from responding to your wishes and requirements.
This issue of secuview outlines the challenges we have faced in the
past few months. In addition to reports on current projects, you will
find information on innovative developments which make us optimistic that we will safely weather the next few years despite the crisis and the weak economy. You can count on us.
07 What is …?
08 ELSTER must go through customs
09 Security for 540,000 citizens all at once
10 Data stream under control
SINA meets Beethoven –
invitation to the SINA User Day
11 IT Security Check 2009
Professional project management at secunet
Events, important dates
12 Successful co-operation at the CeBIT 2009
Best regards
Rainer Baumgart
2
Business Security
Digital signatures fast and simple
mobile.de relies on secunet multisign for electronic billing
Continuance of page 1
Mr Pascal Frohn, Business
Operations Manager at mobile.de:
“How did the migration to electronic billing go? In a nutshell,
fast and simple. I received an email from secunet with the signature program and a configuration
manual attached. Together with a
secunet consultant I set up the
configuration over the phone.
secunet multisign was installed in
next to no time and I was able to
send electronic invoices to my
customers the very same day.
The difference between the
secunet solution and those of
other providers is that it is possible to integrate it easily into our
ERP system. This not only saves
time, but also reduces anxiety
and costs because customerspecific adaptations to an ERP
system are extremely complex.
With secunet multisign there was
no need to reprogram anything –
no risk at low cost. That clinched
it for me.
We opted for the service version
of secunet multisign. That means
that invoices are not signed inhouse, but instead go to a data
centre of the German Post for
signature. From a technical perspective, this amounted to simply
adding one more step to the
billing process: the PDF invoice
generated by the ERP system is
sent as an e-mail attachment
directly to the signature service
via a proxy. There the PDF invoice
is signed and sent back to our email server. It is sent to our customers from there. The only thing
that was added was the completely automatic exchange with
the secunet multisign solution.
The signatures are just one
aspect of many that need to be
considered in the case of electronic billing. To make the entire
process easier for customers,
secunet offers additional services
besides qualified signatures.
These include e-mail encryption
and distribution, invoice archiving and management of the system. A further customer portal
makes it possible for the final
recipient of the invoice to independently view all invoices
received. For secunet customers,
this means savings in terms of
time and money since there is no
need to look up invoices or
resend them.
We never imagined it would be
so easy to save on costs and still
comply with all legal requirements. The integration of the certified secunet multisign solution
was child’s play and had us convinced fast. Meanwhile, we have
outsourced our billing to a service provider – secunet multisign
coped with the transfer with no
problems at all and everything
continues to run reliably.”
For more
information
contact
Roland Krüger
Phone: +49 - 201- 54 54 - 20 52
[email protected]
secunet multisign can be
integrated fast and simply into
existing ERP-Systems.
ERP system
invoice
PDF
seperates attachment from e-mail
Proxy (signing program)
e-mail server
secunet
multisign
invoice
recomposes signed
attachment & e-mail
invoice
with signature
customer
www.secunet.com
3
Business Security
secunet manages Germany’s largest distance
education provider
The “Institut für Lernysteme” commissions secunet with Managed Security
Services
A-Levels, Technician or Business
Administration – these are just a
few of the courses offered by the
“Institut für Lernsysteme”, or ILS
for short. These are all distance
learning courses, i.e. inquisitive
minds throughout Germany and
beyond national borders can take
advantage of the offering – via the
World Wide Web. About 60,000
course participants communicate
with ILS over the Internet every
year. Every day more than 5,000
customers access the online
study centre to exchange information with tutors and peers, view
examination results or update their
personal data in the portal. Consequently, IT security is of considerable importance at ILS.
For more
information
contact
Guido Höfken
Phone: +49 - 201- 54 54 - 20 65
[email protected]
In view of the large circle of customers and constant availability
of the website, two criteria are
critical for the company: on the
one hand, protection of personal
customer data and, on the other
hand, high levels of reliability. In
order to meet these requirements
in the best way possible, secunet
developed a tailored solution
together with ILS which secures
the web server farm.
Responsibilities for the web server were split at the outset to
boost security: ILS continues to
be responsible for the content; a
large data centre operator in
Southern Germany takes care of
hosting; and secunet was
commissioned with security
operations. Our Managed Security
Service provides ILS with a “noworries package”.
In order to increase the availability and reliability of the websites
as well as the customer portals,
sensitive data such as personal
customer data is kept separate
from web content on servers. Socalled load balancers are used to
ensure that requests via the web
are distributed evenly to the individual web servers. In case of a
failure of web server A, the Internet user is forwarded to web
server B or C. Of course, the user
does not notice that this has
occurred. Meanwhile, server A is
repaired by secunet.
By monitoring the entire system
environment 24 hours a day, we
are able to detect and directly
counteract failures within just a
few minutes. secunet is also
responsible for the patch
management of the web server
farm to ensure that the IT environment remains protected at top
security levels. This is the only
way to guarantee that the server
farm is armed against dangerous
attacks and other risks from the
Internet.
“With secunet’s Managed Security Service there’s no longer any
need for us to worry about our IT
security. If we still have questions
or want changes, we can reach
the secunet team night or day
using the 24/7 hotline. But, fortunately, this has not been necessary,” says Thorsten Boek, IT
manager at ILS GmbH.
For the ILS Portal secunet’s Managed Security Services guarantee the security of students’ personal
data and a high level of reliability.
4
Automotive
Locking out the virus zoo
Embedded security in automobiles for protection against malware attacks
Continuance of page 1
Dangers such as availability
attacks or contact with malware
should of course remain outside
so that vehicle functions are not
interfered with. However, the protection concepts known from the
PC world are not easy to implement in the automotive sector.
The big question is this: how do
you protect visitors to the animal
kingdom from species which are
as yet unknown? That is, how
can you keep a vehicle free of
malware which has not even
been developed yet?
With this situation in mind,
secunet has created a dual-level
method for securing open communication interfaces in the vehicle. The Secure Communication
Unit was presented in the previous issue of secuview. It protects
the vehicle against denial-ofservice attacks at IP packet level.
However, it offers no protection
against malware. In such cases,
only security at application level
can help – and the Protection
Unit is responsible for this.
But how does it manage to
detect viruses in the long term
which do not yet exist? The multimedia and Internet applications
running in the vehicle are known
and are specified by a carmaker
so that security at application
level is based on the detection of
faulty behaviour during runtime.
The Protection Unit therefore
aims to detect the resulting faulty
behaviour, and not to identify
every single virus. To do so, the
Protection Unit makes use of two
approaches taken from the area
of operating systems: security
extensions which make it possible to define access to system
resources for each application,
on the one hand. And on the
other hand, protection can also
be effected by executing applications in a virtual environment or
sandbox. To put it simply: an artificial barrier is created between
the unsecure applications and
the vehicle, similar to a moat
around an enclosure at the zoo.
If a new animal – i. e. a virus –
gets past the moat, it can be discovered by zoo staff – even if
staff are not familiar with that
particular animal. The Protection
Unit (PU) works as an autonomous unit independent of the
actual application processor and
takes on the role of keeper. It
thus watches out for viruses
which get by the artificial barrier.
To do so, it is not necessary for it
to know which virus has jumped
the barrier, only that something
has escaped from the secured
enclosure. This makes it possible
to contain new viruses, even if
the PU does not know them. In
this way, the PU monitors the
security extensions as well as the
virtual environment. If it discovers any irregularities, dedicated
emergency run properties are
activated. These range from terminating the faulty process all the
way to restarting the system in
protected mode with base functionality only.
In conjunction with the Secure
Communication Unit, the Protection Unit thus offers comprehensive protection for vehicles with
open Internet access – even if
the virus zoo keeps growing bigger with every passing day.
www.secunet.com
By means of the virtual
environment the Protection Unit
builds up an atificial barrier
between insecure applications
and the vehicle.
For more
information
contact
Dr. Marc Lindlbauer
Phone: +49 - 201- 54 54 - 25 01
[email protected]
5
Government
WANTED: Fast multitasking expert
for healthcare sector
DSV relies on new OCSP responder from secunet
contact
One issue which has been
resolved with less noise in the
wake of the “world’s biggest IT
project” is the actual security and
control of the gigantic volume of
data behind the scenes with
regard to the high-profile card.
There are two major prerequisites
which must be met to
ensure the secure and
successful use of the
health card: the first is
a technical infrastructure with a very secure
design. The second is
making sure that only
those
users
with
proven authorisation
are
permitted
to
access the secure
telematics infrastructure. In other words: when the
approx. 2.5 million registered
healthcare professionals and
experts connect to the telematics
infrastructure via the connector, it
must be verified that every single
one of them is currently author-
Steffen Heyde
Phone: +49 - 201- 54 54 - 20 25
[email protected]
«
ised to do so. Digital certificates
are used in security-critical areas
to secure these electronic connections. This kind of certificate
is basically the equivalent of an
electronic identity which has
been confirmed by a trusted entity. A public key infrastructure
(PKI) serves as the technological
basis.
S-TRUST since 2001. gematik
found a very experienced technology partner in this company
and commissioned it with the
implementation and operation of
the central services and components of the PKI. The so-called
OCSP responder is a major component of this PKI. OCSP is the
international standard for determining the current
validity of a digital cerDr. Rüdiger Mock-Hecker
tificate. This is carried
Head of the Card Systems Business
out as an online
Division of the DSV
request, i.e. in realtime,
which makes it posWe have been working very successsible to query the status
fully with secunet for a long time. This
promptly and simply.
co-operation has also proven to be
The
DSV
already
suitable in the gematik sector.
makes successful use
of the OCSP responder
from secunet in its own
trust centre, in compliThe provision and administration ance with the German Signature
of digital certificates is one of the Act (SigG). This comes as no surcore competencies of the DSV prise: after all, this OCSP respon(Deutscher Sparkassenverlag) der has a special internal archigroup, which has been operating tecture and various security funca trust centre for electronic tions without which it would not
signatures under the brand be suitable for use under the
«
Continuance of page 1
For more
information
How does the Online Certificate Status Protocol (OCSP) work?
During the registration process the
so-called
“trusted
instance”
accepts the data of a requester. A
digital certificate is then issued for
this person and is digitally signed
by this instance. It contains the
public key of the certificate holder and additional data, e. g. the
holder’s name and address. Any
third person carrying out an electronic transaction with this certificate holder can verify the holder’s
6
certificate – and thus the holder’s
network identity – by querying the
trusted instance for the status of
the certificate.
There are a number of technical
options available to verify the validity of a certificate. One common
method is to check a so-called
revocation list which contains all
invalid certificates. This list is very
long and must be downloaded and
verified at the certification instance.
In addition, this list contains only
certificates which have been
revoked by the instance; it does not
prove that a certificate has even
been issued by this instance.
The OCSP responder of a trusted
instance makes it possible to perform such checks with considerably more reliability as well as
speed. Upon request, the OCSP
responder provides online information on the status of a dedicated
digital certificate. In compliance
with RFC 2560, this standard
response consists of the status, a
time stamp and an electronic signature via the OCSP responder. In this
way, it is possible to verify the validity of the certificate, the topicality
and integrity of the response and
the integrity of the responder.
Government
most stringent security requirements – e. g. those of the German
Signature Act. In addition, the
approval from the German Federal Office for Information Security
(Bundesamt für Sicherheit in der
Informationstechnik) and the
Federal Network Agency (Bundesnetzagentur) confirm the
extremely high level of security.
Although it was the best solution
in terms of security features, the
performance of the components
had to undergo considerable
improvement before they could
be used in the telematics infrastructure. The requirements:
high-speed parallel responses to
many requests with the shortest
possible response times for the
provision of information on initial
and changed certificate statuses.
Again, DSV relied on the experts
from secunet who had extensive
know-how in the field of telematics and the gematik specifications in general. The result is a
new version of the OCSP responder software which combines
existing high levels of security
with high-performance implementation – an entirely unique
solution on the market. DSV is
now in a position to view subsequent loads in the gematik network with equanimity.
secunet’s OCSP-Responder
provides short response times in
the telematics network.
What is ...
… secunet’s security flash drive really?
The security flash drive, secunet’s new helmsman, takes the rudder from
the previous ELSTER flash drive. The ELSTER flash drive is not (yet)
leaving the vessel entirely, but will sail calmer waters in future and is
not longer commercially available. Starting now, those who want
economical, flexible and secure control of their electronic tax
declarations are right on course with the security flash drive.
www.secunet.com
7
Government
ELSTER must go through customs
Certificates for the tax authorities will soon be used for customs too
More than 1.5 billion tonnes of
freight are exported worldwide
every year – and have to pass
through customs. For a few years
now, it has been possible to submit export declarations free of
charge via the Internet, which
has been of particular advantage
to small and mid-sized companies. As part of the security initiative of the European Commission, an electronic export declaration must be submitted to the
customs authorities for all
exports of goods as
of 1 July 2009.
For more
information
contact
Kurt Maier
Phone: +49 - 201- 54 54 - 30 39
[email protected]
The new online export declaration can be used as a cost-neutral solution for this purpose. The
involved party must prove its
identity via the customs portal.
This authentication is carried out
by means of advanced electronic
signatures. Now you might say:
“I seem to remember hearing
something about that.” ELSTER,
the German electronic tax declaration program, works using the
same system. The public authorities had that very idea and came
to an agreement that companies
can use the same certificates for
online export declarations as
they do for electronic tax declarations. These are provided free of
charge by the German tax authorities via the ElsterOnline portal (www.elsteronline.de). In addition, the entire authentication for
processing the new online export
declarations uses the same system as for tax declarations.
Three security levels are available
for the certificates required for
processing customs declarations: “ELSTERBasis” saves the
certificate on a PC. The disadvantage is that the data may be
lost in the event of user errors or
virus attacks, or may even be
stolen as a result of phishing
attacks. “ELSTERPlus” includes
the use of a signature card and
relies on certificates provided by
German trust centres which are
not free instead of the complimentary certificates of the tax
authorities. The security of these
processes is quite high, as
are the additional costs. The
“ELSTERSpezial” process with
security flash drive has proven to
be the best solution for high
security at low cost. The flash
drive is immune to phishing
attacks, is computer-independent and is therefore suitable for
mobile use.
The implementation of the security initiative also aims to fight
VAT evasion, among other things.
The security processes implemented by secunet in the customs sector is a big step in this
direction.
From 1 July 2009, all export goods have to be declared online. The ELSTER cerificates provide a
secure identification on the internet.
8
Government
Security for 540,000 citizens all at once
Firewall upgrade for Macao
Are you familiar with Macao?
Never mind, a short lesson in
geography won’t hurt: Macao is a
Special Administrative Region
belonging to China and situated
not far from Hong Kong. The
sovereignty of the former Portuguese colony was transferred
back to the People’s Republic in
1999. The region’s main sources
of income are tourism and gambling.
But the two experts from secunet
who flew to Macao at the end of
October 2008 had little time for
poker or roulette. In their luggage: the firewall architecture
upgrade concept for the extensive network. But why would a
small city-state such as Macao
need a highly secure and highly
available network? In response, a
review of past events:
In 2002, Macao commissioned
Giesecke & Devrient along with
Siemens with the development
and introduction of citizen’s
cards for all the people of Macao,
the Macao ID.
By means of a public key infrastructure, every citizen received a
digital ID which contains not only
biometric features for automatic
border controls, but also an individual electronic signature. This
makes it possible for each of the
540,000 Macanese citizens to
prove their identity and enter into
legally binding contracts on the
Internet. For this purpose, secunet designed the secure network
infrastructure and protection
from external threats as well as
the components of the public key
infrastructure.
Now back to the present: carrying out public authority business
and other official transactions
requires special protection, of
course, since the personal data
of the residents is transmitted via
the network. The old firewall
cluster no longer constituted the
latest technology, and it was no
longer possible to ensure acrossthe-board protection of the network against new dangers from
the web. Consequently, the Identification Department (DSI) of
Macao contacted Giesecke &
Devrient, whose performance
had positively impressed them in
2002. G&D in turn commissioned
its subsidiary secunet, which has
extensive know-how in the field
of network security.
In collaboration with the Identification Department, secunet
developed a concept and used a
reference system in Germany to
test and preconfigure the components which were to be implemented. One advantage of the
replicated system: in case of failures or problems, the error situation can be replicated in Germany and quickly fixed. In addition,
this enabled fast and error-free
installation of the highly secure
and highly available cluster comprising three new, high-performance firewall appliances. The
platform is easy to manage and
cost effective, consisting of a
stateful inspection firewall which
can be extended to include an
IPSec VPN, gateway antivirus
and antispyware systems, intrusion prevention and a web application firewall. Special software
is used for monitoring network
activities and makes it possible
for administrators to recognise
trends in network load and respond to hardware and software
problems with greater speed.
Particular attention was paid to
operation: snapshots, online
backups and disaster recovery
can be carried out within a very
short timeframe. Monitoring critical services and allocating new
resources (RAM, CPUs) help
make the administrator’s day-today work easier.
This comprehensive protection
now ensures that the citizens of
Macao can continue to carry out
their business and public sector
transactions securely 24 hours a
day via the Internet. Even if one
or two components are down,
the system functions for the
users as usual and the defective
parts can be replaced without
interrupting operation.
www.secunet.com
Macao
For more
information
contact
Kurt Maier
Phone: +49 - 201- 54 54 - 30 39
[email protected]
9
High Security
Data stream under control
SIAM observes procedure in the electronic processing of classified data
Internet
process channel
SIAM
secured
affirmation channel
web server
IDM
PKI
Continuance of page 1
For more
information
contact
Jörg Kebbedies
Phone: +49 - 201- 54 54 - 35 27
[email protected]
It could also happen that Mr
Brazen assumes Mr Smart’s
identity and sends e-mail messages in his name. Mr Smart will
then be able to read his secrets
in the newspaper.
And this will not do. Consequently, we came up with an idea. First
of all, the data in Mr Smart’s
repository must only be able to
leave by a single exit. Secondly,
Mr Smart wants to know what
leaves by that exit and where it is
bound. Thirdly, he wants veto
rights so that data can only get
out with his express permission.
Fourthly, he would like it to be
possible for the recipient to be
certain that the sender is actually
Mr Smart and not Mr Brazen.
And fifthly, Mr Smart would like
to be able to track where he sent
what secret when, should there
be any doubt.
We have solved Mr Smart’s problem with the SIAM module. SIAM
is a kind of security guard and
monitors the flow of data. The
system starts by verifying Mr
Smart’s identity. When he signs
on, it checks the login and sets
up a secure back-channel to Mr
Smart. If Mr Brazen tries to assume Mr Smart’s identity again, it
will no longer help him one bit
because the back-channel set up
by SIAM does not end at Mr
Brazen’s computer but on Mr
Smart’s. He himself immediately
sees that something is not right
since SIAM asks him right away
whether the command to forward
data is really to be executed. And
if Mr Smart fails to confirm, Mr
Brazen’s attempt will not be successful.
Therefore, Mr Smart gains control of the processes executed in
his name. Checks are performed
where they are required
according to security
policies. Under these
conditions, even e-mail
can be used as a secure
transmission medium. Mr
Smart’s supervisor can be
sure that the electronic messages he has received from Mr
Smart were actually sent by Mr
Smart. In this way, he has better
control over the entire processing
of classified data.
In addition to process control,
SIAM has a logging service. This
keeps track of all the processes
executed by Mr Smart. In this
manner, it is possible to look
back and see exactly who did
what when.
SINA meets Beethoven –
invitation to the SINA User Day
This year’s SINA User Day will be
held in Bonn at the “Beethovenhalle” on 15 and 16 June.
We cordially invite you, as a user
10
of our SINA solutions, to attend.
The programme is identical both
days so that you can make your
own schedule. Is there anything
that you, the user, are particularly interested in? Please let us
know. We are already accepting
registrations and suggestions.
PINBOARD
More
information
IT Security Check 2009
on
number of attacks on IT systems continues to grow
43 percent of all companies and
public authorities observed an
increase in the number of
attacks on their IT systems in
2008. These are the results of
secunet’s IT Security Check
2009 study. The annual webbased survey is based on the
responses of 275 IT decisionmakers, IT executives and IT
managers from Germany. For
the most part, the attackers set
their sights on the public sector:
65 percent of those surveyed
indicated that they had fallen
victim to attacks with greater fre-
quency in 2008 than in 2007. The
healthcare sector and providers of financial services figured
at the very top of the attackers’
list in 2008. Respectively, 57
and 50 percent of those surveyed in these sectors reported
that attacks were on the rise.
If you would like more information,
the report is available upon
request: [email protected]
Professional project management at secunet
As a purely project-driven
enterprise, we make professional project management
a top priority. As a result,
40 project managers
underwent further inhouse training during
the summer of last
year. Another 12 very
experienced staff
+++
Events
+++
Important dates
members took part in a sixmonth qualification phase at
our training centre in Munich,
where they prepared for the
certified project management
examination. The course is
based on the internationally
recognised standards of the
International Project Management Association (IPMA), rep-
+++
Events
resented in Germany by the
“Gesellschaft für Projektmanagement” (GPM). The training was
provided by Resultance, a consulting company specialised in
this field. All participants successfully passed the examination. Congratulations! This is
how we consistently raise the
quality of our projects.
+++
IDC IT Security Roadshow – Kiev, Bucharest, Sofia – 24 + 26 February 2009, 17 March 2009
CeBIT – Hannover – 3-8 March 2009
Border Security – Warsaw – 4-5 March 2009
Security Document World – London – 26-27 March 2009
RSA Conference – San Francisco – 20-24 April 2009
23. AFCEA Exhibition – Bonn – 6-7 May 2009
11. German IT Security Congress – Bonn – 12-14 May 2009
SINA User Day – Bonn – 15-16 June 2009
Biometrics – London – 20-22 October 2009
Public IT Security – Berlin – 27 October 2009
www.secunet.com
11
3-8 March
Hall 11, Stand D 61
Successful co-operation
at the CeBIT 2009
secunet and partners present the results of their co-operation in Hannover
The CeBIT will be opening its
gates on 3 March 2009 to all
who are interested in IT under
the motto “Discover a world of
ITC opportunity”. Hundreds of
exhibitors will again be showing their latest solutions and
products at the number one
digital business marketplace.
This year, the IT security
community will be gathering
in Hall 11.
secunet is backed by reinforcements at the stand:
together with our partners
InterComponentWare,
Intraproc and the German tax
authorities in Bavaria, we will
be presenting our latest developments. Come by Hall 11,
Stand D 61 and experience the
potential of this specialist network firsthand.
Our partners:
InterComponentWare AG &
secunet – secure and efficient ehealth solutions
Intraproc GmbH & secunet –
efficient applications for electronic ID documents in compliance with ICAO standards
Today, sustainably raising the
quality of medical care means
introducing innovations with
structure and farsightedness –
and that with limited resources.
InterComponentWare AG (ICW)
is shaping the future with
networking information technologies.
Intraproc GmbH (Ratingen, Germany) has been a global player
for more than 20 years in the
areas of planning, implementation and distribution of cards and
personalisation systems. In collaboration with Speed Identity AB
(Stockholm), Intraproc develops
terminals for live enrolment of
biometric data, e.g. for e-IDs and
e-passports. During the enrolment process, the picture data is
subjected to automatic verification in compliance with ICAO criteria. The direct capture of the
digital data accelerates application processing.
ICW's connector for the healthcare system, the “ICW Healthcare Connector based on SINA”,
relies on secunet’s security technology. Together with the application connector from ICW, the
secunet network connector,
which is based on the SINA highsecurity solution, ensures a
secure connection and thus protects the exchange of data
between all stakeholders.
secunet biomiddle is used for
integration at public authorities.
This middleware meets regulatory requirements and is suitable
for flexible combination with different terminals. Please visit us
and test this citizen-friendly selfservice terminal at our stand.
German tax authorities in Bavaria & secunet – security and
efficiency for citizens
The Bavarian State Office for Tax
Administration (BayLfSt) is the
contact partner of the Bavarian
State Ministry of Finance in the
area of tax administration. Its
responsibilities include providing
technical services for all tax
offices. Under the leadership of
the BayLfSt, the entire concept
of the ELSTER electronic tax
declaration system was developed and implemented.
secunet provides support to
ELSTER in matters concerning IT
security.
The security components for the
ElsterOnline portal as well as the
electronic certificates used for
this purpose are the result of this
successful co-operation. The
ELSTER certificates are also in
use by Customs within the scope
of a current project.
IMPRINT
Editor:
secunet Security Networks AG
Kronprinzenstraße 30
45128 Essen - Germany
Telephone: +49 201 54 54 - 0
Responsible for the content:
Marketing/Communications
[email protected]
Chief Editor:
[email protected]
Design:
Chromedia West GmbH
www.chromedia.de
Copyright:
© secunet Security Networks AG. All rights reserved. All contents and structures are copyright protected. All and any use not
expressly permitted by copyright law requires prior written permission.
12