Papers & Presentations

We understand that accurate and relevant information is a critical component of performance in our rapidly changing market. As a consulting service, that information forms the core of our value proposition. CSS uses this information as intellectual capital to build transformational strategies, improve operational results, and speed technical implementations.

Many of these ideas are captured in published form that we share with the public. A variety of topics are addressed in a range of media, including slide presentations, case study reports, and technical white papers. These documents are available for download free of charge.

If you have additional questions or concerns, please contact us directly. e-mail us

Presentations

A "Real-Life" Man-in-the-Middle Attack on SSL View pdf
Slides from CSS' RSA 2005 talk: SSL is used millions of times a day to secure communications between web browsers and various hosts on the Internet. Nearly all of these currently involve the use of a digital certificate only on the host—where a website authenticates itself to a user's browser, but not vice-versa. This presentation examines a real-world situation where a spyware / web proxy combination has developed the ability to "man-in-the-middle" such SSL connections, and obtain access to all data sent within the SSL tunnel. In addition, the session discusses ways to defend against such attacks, and lessons learned from the process.

A Brief Introduction to Public Key Infrastructure View pdf
A presentation for those who may be new to Public Key Infrastructure; the slides outline some basic PKI information and some of the ways in which applications make use of digital certificates. A high-level description of the early stages of PKI planning is also discussed.

Strategic Identity Management Planning Session: "A Hands-On Approach to IAM Success" View pdf
A detailed presentation offering information on identity management.

(Securing) The Expanding Enterprise View pdf
An overview of methods by which you can secure your enterprise.

Case Studies

HCR Manor Care Speeds Updates 67 Percent, Mitigates Malware, Enables Strategic Solution View pdf
HCR Manor Care, one of the nation's leading healthcare providers, wanted to use its network to roll out solutions that enhance patient care. That required the company to reduce malicious software attacks and boost reliability and availability. It achieved this by working with Certified Security Solutions, a Microsoft® Gold Certified Partner, to deploy Microsoft Systems Management Server 2003 change and configuration management software.

Papers

Deploying Smart Cards in Your Enterprise View pdf
The merging of physical access technology with public key-enabled smart card technology has been an emerging trend in the security industry over the past few years. This whitepaper provides an overview of smart cards and associated technologies. It includes practical information on the application or usage of smart cards and their deployment.

Federated Identity in the Enterprise View pdf
The proliferation of user accounts can lead to a lowering of the enterprise security posture as users record their account information in order to remember the multiplicity of account names and passwords. In addition, as e-business streamlines processes, the processes increasingly require business partners to access Internet-facing applications. This white paper provides an overview of Federated Identity and looks at a new approach that allows the management of identity to be outsourced to identity providers. This can save costs in maintaining the identity system and allows enterprises with different technology bases to interoperate through a standard set of protocols.

Port-Based Authentication with Internet Authentication Service View pdf
CSS is introducing its port-based authentication offering in order to take advantage of underutilized, highly effective features of Microsoft Windows and Active Directory. These features enable an enterprise to block all unauthorized IP access, both from inside the firewall and out, on a connection-by-connection basis. This white paper discusses securing network infrastructure using the RADIUS protocol (IAS), Active Directory, Certificate Services, 802.1X (wireless and wired), Extensible Authentication Protocol (EAP) and VPN.

Rights Management Services View pdf
Microsoft Windows Rights Management Services (RMS) provides authors and owners the ability to control how they use and distribute their digital content when using rights-enabled applications, including Microsoft Office 2003 and 2003 Professional or the Internet Explorer Plug-in. Windows RMS provides certification, licensing, and publishing services that can be used with clients that are enabled for Windows Rights Management (RM).

Wireless Security: A Technology Primer View pdf
Many organizations view wireless networks as a way to increase productivity, quickly implement flexible network access, and provide third-party connectivity to vendors. This white paper provides an overview of technologies involved in deploying enterprise-scale wireless infrastructures. This information includes coverage of authentication frameworks, encryption techniques and design considerations.

Security Performance Management View pdf
Information security is implemented through processes, yet the well-developed disciplines of quality process management are rarely used to implement robust infosec processes. This paper discusses how quality process management disciplines were used at an insurance company to create a new process and improve the companys security posture.

Introduction to Security Kaizen™ View pdf
This is an introduction for the CSS Security Kaizen™ offering. It is intended to outline the process and explain the benefits for those seeking to improve information security in their organization. The material discusses the use of quality management discipline to address information security.

Security Kaizen™ FAQ View (html  |  pdf)
Answers to frequently asked questions about Security Kaizen™.

Cheat Sheets

Installing and Configuring Kerberos Clients on Red Hat 8.0 View pdf
A step-by-step guide to configuring Red Hat 8.0 systems to support Kerberos authentication.