|
|
Personal Highlights
- Ted is an accomplished musician, and played for a number of years in a rock band in Baltimore, MD.
- He is a passionate sports fan, and actively follows baseball, football and various forms of auto racing.
Notable Speaking Engagements
- RSA 2005—San Francisco
- RSA Power Days—Chicago & New York
- FDIC Threat Briefing—Washington, DC
Papers & Presentations
- A "Real Life" Man-in-the-Middle Attack
- A Brief Introduction to PKI
- Deploying Smart Cards in Your Enterprise
Contact
-
Ted Shorter
Phone: 216.785.2990
Fax: 216.674.2708
e-mail
Ted Shorter
Chief Technology Officer
Ted Shorter is the Chief Technology Officer at CSS. Responsible for CSS’ Intellectual Property development efforts, he helps align CSS’ security focus with the changing security landscape. Prior to taking on the CTO role, Ted lead the Identity and Access practice for CSS and served as a Principal Consultant, overseeing delivery for all engagements that require authentication and authorization services. Ted has provided oversight to dozens of private-sector enterprise Public Key Infrastructure (PKI) deployments, in multiple vertical markets including: Finance, Manufacturing, Aerospace, e-Commerce, and Healthcare. He has also consulted as a subject matter expert in large enterprise smart card deployments.
Ted has worked in the security arena for over 20 years, in the fields of cryptography, application security, authentication and authorization services, and software vulnerability analysis. His past experience includes 10 years at the National Security Agency, a Masters Degree in Computer Science from The Johns Hopkins University, and an active CISSP certification.
As a Computer Scientist and Team Lead at NSA, Ted briefed high-level government officials, including Presidential advisors and members of the Joint Chiefs of Staff. Ted also served as lead software developer on a contract with the Department of Defense to integrate Biometric authentication with the DoD Common Access Card program.
Latest Blog Posts from Ted Shorter
-
iOS 5, S/MIME, and Digital Certificate Management September 15th, 2011
iOS 5, Apple’s new operating system for iPad, iPhone, and iPod Touch, will be released “soon” – Apple officially says “this Fall”, and many prognosticators are pointing to sometime in October. While the new release has hundreds of new features, the feature that’s of particular interest to digital identity practitioners such as CSS is one that’s received very little press to date.
-
Using CSS’ Certificate Reporting Tool to help manage certificates for iPads and iPhones April 15th, 2011
Part 2 of Apple’s iOS Devices and Certificate Lifecycle Planning blog.
CSS created the Certificate Reporting Tool (CRT) a few years ago, to help organizations get a better handle on certificate expiration. Below are examples of two different architectures that leverage CRT to help with certificate issuance and renewal for iOS-based certificates.
-
Apple’s iOS Devices and Certificate Lifecycle Planning April 14th, 2011
iOS devices such as iPads and iPhones are quickly becoming a part of the enterprise IT landscape, in a trend sometimes referred to as “the consumerization of IT.” From a security practitioner’s standpoint, there are a number of factors here that are cause for concern, including the prospect of unmanaged or “under-managed” devices accessing corporate data, the variety of devices and form factors involved, and the rapid pace of adoption, to name a few.
Enterprise Public Key Infrastructure (PKI) and digital certificates can help. iPhones and iPads are natively capable of using digital certificates for authentication to corporate networks and data in a variety of ways:
Corporate wireless networks (802.1X and EAP-TLS)
VPN gateways via the built-in Cisco client
Microsoft ActiveSync
Mutually-authenticated SSL web sites via the Safari browser
