Cyber SecuritySolutions from

Tekes Safety and Security Programme

Total IT Asset Data Erasure

Benefits Increased data security, improved regulatory compliance Reduced costs through more efficient IT asset

administrationUsers Banking and finance and defense industries Government organizations IT Asset Disposal professionals

Blancco has Certifications and Approvals from eg.: - Common Criteria (ISO 15408)- Communications-Electronics Security Group- BSI - Federal Office for Information Security- NATO- TÜV – SÜD- The Norwegian National Security Authority- The USA Department of Defense

www.blancco.com

User need A secure, ethical, fast and convenient solution

for the complete erasing of digital data Solution 100% data erasure for all IT assets Cannot be recovered with any existing

technology Most comprehensive certification in the industry PC, mobile, file, server, data center and virtual

solutions Reports generated for every erasure

Flexible and Secure Authentication

User need Authentication to Internet services cries for radical

improvement : it is cumbersome and unreliableSolution An authentication solution that integrates with the

current end-user devices and servicesBenefits Provides usability, security and privacy for all users

of Internet services Solves the shortcomings of competing alternatives

in usability, security, and deployment Partners onboard have a unique chance to take

advantage of the inexorable paradigm shift of authentication to Internet services

Users All end-users that use Internet services

www.cwc.oulu.fi / Jani Pellikka, jpellikk@ee.oulu.fi

Fuzz-o-Matic: Testing-as-a-Service forApplication Security and Robustness

Need Discovering dependencies on third-party libraries and applications Ensuring that used applications do exactly what they’re supposed to do Robustness test your applications and ensure their safetyApproach Fuzz-o-Matic is a scalable testing-as-a-service offering Scans the existing open source binaries, and then fuzz-tests all potential

interfaces Supports Windows, Linux, Android and iOS applicationsBenefits Reliable and repeatable test results, find the existing vulnerabilities in the

Open Source libraries Quality AssuranceCompetition Some competitors have similar services for known vulnerabilitiesUsers Software and hardware companies, web service providers

www.codenomicon.com

Secure Your Mass Memory Devices

User need Protect data on various mass memory devices as

well as in couldSolution Protect a confidential document by encrypting it

and removing small random parts of it to another location

Benefits Easy to use, high level of protection Guarantee data integrity and allowing document

trackingUsers Small and larger corporations, government

agencies, etc.

A simple but brilliant idea: Protect a confidential document by first encrypting it and then removing small random parts of it to another location.

http://www.envaultcorp.com/

Insertion and Detection of Data in Portrait Images

Approach Define and build a demonstrator

system, including personalization machine, software solution, and a product that can be manufactured and personalized in an industrial manner

Benefits Higher security of ID products Machine-readability of the security

featuresUsers Governments issuing identity products

www.gemalto.com

Need Increase the security of card holder´s image by various digital means, based

on visible and invisible markings (watermarking, guilloches, image hashing) The security need arises from increased international crime such as terrorism,

and human and drug trafficking. Technically the need for this type of solutions arises from two trends: growing ratio of ID and travel documents being equipped with micro-processor chips; and more widely spread reader infrastructure for document authentication at borders and by police

User need Today, a widely recognized need for improving the success of

security related investment proposals within the organizations; how to get more resources for information security (IS) investments from the company management

Solution A risk management tool for measuring the value of IS investments Theoretical models, based on empirically testing, for explaining

and predicting investment decisionsBenefits Understanding the weaknesses of the current IS investment

decisions, and persuasion methods for gaining resources for IS investments from the management

Competition The existing research on information security investments is not

empirically proved to work in practiceUsers Information security managers and other employees involved in

the IS decision making within the organizations

Information Security Investments

www.oulu.fi/english

User need To securely register users into e-services such as extranets and

e-shops Identity enrichment with attributes, entitlements and mandates

are needed for e-services to be productive and smoothSolution Business-oriented approach to identity and access

management The solution covers stakeholder services including identity

registration and delegated management, together with extensive authentication and identity federation, identity enrichment, role management and e-mandates

Benefits Security along with efficiency and smoothness for customer e-

services Savings of 40€ per registration plus 20€ per transaction and

sessionUsers Nordic and European companies

Business-Oriented Identity and Access Management

www.ubisecure.com

Role-centric IdentityNeed Organisations have a crucial need for identity

control: Managing large complexities in a continuous changes

Approach A set of innovative and modular security

components and processes to enhance role management within the infrastructure identity level and provide innovative role functionalities

Benefits Improved capacity to implement and deploy identity

and security mechanisms and solutions Stronger competitive position of European industry in the selected sectors

Users Healthcare and public safety organisations using

networks for their business or administration

www.roleid.org

User need Predictable cloud storage for data, accessible at any place with any

device Minimized risks, compliance with laws and regulations Comparability of cloud providersSolution Multi-cloud storage broker Cloud vendor benchmarking, user defined Service Level Agreement Value-adding security services as impartial third party The methods apply practices used in clean production in the high-tech

industriesBenefits Lesser data lock-in and cost of switching cloud providers Saving through supported decisions and risk managementUsers Any large user of cloud services

Storage Broker for Multi-Cloud Environments

www.helsinki.fi

Future Information Security Trends

User need Anticipate information security related risks and

opportunities to appear within 5 – 10 years in FinlandSolution A report and a proposal for an on-going trend discovery

processBenefits The results will be public and available for all interested

partiesUsers All kinds of Finnish organizations

http://magnet.erve.vtt.fi/kasi

User need Network managers require ability to prevent and

detect information security incidents (malware, DoS attacks, etc.)

Current solutions provide limited functions, able to usually detect but not effectively prevent.

Complexity quickly and changing nature of network environment are problems

Solution More efficient methods are required for

successful monitoring of networks and applications

Different statistical approaches were researchedBenefits Improved network security monitoringUsers Any network administrator with security

requirements

Modern Network and Application Information Security Perception

www.vtt.fi

Information Security in Industrial Control Systems

User need Plants to gain proper control of security situationSolution Security requirement base for plant ICS Concept and procedure for site ICS security mapping Site specific results of overall ICS security mapping Initial plan for ICS security improvement programsBenefits Support the continuation of the core production &

prevent information security incidents in automation intensive production

Users Industrial production sites, plants, headquarters

Identifying the current major ICS (Industrial Control System) security & continuity gaps and bottlenecks of industrial sites.

www.vtt.fi

Safety-Critical Software in Machinery

Need Faults in a machine program can cause

severe hazards especially when program size increases

Solution Ideas for software development model and

criteria for selecting methods according to the case criticality and developer needs

Benefits Well-defined and yet flexible development

process means typically lower design costs Safety under control means less accidents,

better product confidence andpeace of mind for designers

Users Machine builders, software developers

Methods for defect or “bug” control can be divided into four different categories

Fault removal

Fault tolerance

Fault forecastingFault

prevention

"Bug" control

www.vtt.fi

Information Security Testing

User Need Adequate information security level under continuously

evolving threatscapeSolution Novel security testing and network monitoring solutions→ these include fuzz- and model based testing tools, as

well as test case selection and anomaly detection methods

Benefits Integrity, confidentiality and availability of information,

services and data is maintained at acceptable levelUsers Software and embedded system vendors and operators

in different fields Any party striving to improve information security level

of their products or infrastructure

www.itea2-diamonds.org

Know Which Websites To TrustUser need Make informed decisions whether to visit a website or not,

especially when visiting unknown sites Decisions are made based on website reputation and user

reviews made by millions of users worldwideSolution A crowdsourced service which enables every user to rate and

review a website based on their own experiences These ratings and reviews help other users to make informed decisions whether to trust a site or not

WOT has developed an innovative algorithm that makes the system reliable and difficult to manipulate

Benefits Free and easy to use service which provides traffic-light style

icons (indicating website reputation) next to search results, social networking sites, online emails and other popular sites

Competition WOT is a unique concept with no direct competitors

worldwide. WOT currently co-operates with major internet players such as Facebook and Mail.ru

Users All interested Internet users, currently over 80 million

downloads and over 42 million rated websites

The WOT add-on shows you which websites you can trust based on millions of users' experiences.

The WOT safe surfing browser tool is easy-to-use, fast and completely free.

www.mywot.com