The latest publications in this offer are:
This article briefly presents the main topologies and technologies used to set up VPN (Virtual Private Network)).After discussing the functions of a VPN, the article describes the two possibilities of exploitation (by the company or an operator) of the VPNs and then the classic topologies: Total mesh, Star, Hub and Spoke, Hybrid.The impact of an enterprise VPN is also considered before briefly describing the main protocols: IPsec, SSL, GRE, MPLS as well as private VPN services provided by commercial companies
This article deals with the issue of backdoors in encryption algorithms and systems and, more generally, that of control by most states, encryption means and, beyond that, information technology. The objective is to understand since when, why and how this control has been implemented and is evolving.Regarding the backdoors of a mathematical nature, the most difficult to conceive and, in the current state of knowledge, which it is, if not impossible, at least extremely difficult to detect, this article presents some more or less well-known cases and the stakes they represent. Finally, it will be explained and illustrated why this control not only makes no sense, but also how it constitutes a danger for modern and democratic societies.
In 2008 Satoshi Nakamoto defined a new model of currencies. The issuance and management of such a currency take place on a peer-to-peer network without central control. Bitcoin is the first cryptographic currency created on this model. It exists since January 2009.As the 7000 other crypto-currencies of the same type created in its wake, it works through what is called a blockchain. This shared file and collectively controlled file by a peer-to-peer network can be used for many other purposes. Many applications are developed and implemented gradually, especially in the world of banking and finance.
What do we mean by information systems security, for what purposes and with what organization?This article details the key principles of information systems security, and discusses how to organize such systems, in an increasingly regulated context and in the face of ever-greater exposure to data-related risks. Governance, organizational, human and technical resources are detailed in the article, along with a number of illustrations.
We present attack mechanisms linked to social engineering, such as phishing or smishing techniques. Their prevention in the context of Information Systems (IS) cybersecurity, where human vulnerabilities account for 74% of attacks, exploiting cognitive biases and human weaknesses, based on AI tools, is strategic.Current countermeasures (training, prevention) remain limited. Dynamic and gaming approaches, reinforcing critical thinking, combined with organizational policies and integrating the human element as a key asset in a proactive security strategy, aim to anticipate future threats and yet unknown scenarios.
Often denigrated because of its complexity of implementation, we believe that it was appropriate to break down misconceptions regarding the EBIOS RM 2024 method (EBIOS RM for Expression of Needs and Identification of Security Objectives Risk Management).In this article, we will demonstrate to readers that this method is a great tool box for risk assessment. We will see that it is well-suited to the requirements of ISO 27001:2022, ISO 27005:2022 and can actively participate in building effective cyber resilience of our information assets in accordance with European directive NIS2.
Viruses and other malicious codes fall into many sub-categories, with many viral techniques, and different risks.This article presents viruses in the now more realistic general context of computer infections (malware). First, all the varieties of these programs and their functioning are explained in detail, along with their adaptation to the defenses that a user can marshal. Second, techniques to protect against malware are described. These, while generally effective, and boosted by machine learning, cannot remove all the risks, but only reduce them. It is thus essential not to rely only on installing antivirus software, however efficient. The rules of computer hygiene, which have proved very effective, must also be followed.
Embedded systems are ubiquitous in our modern societies. They are complex because they combine advanced software features, highly heterogeneous integrated hardware resources such as systems-on-chip, and more and more often communication capabilities. Their design is tightly constrained to enable optimum integration in the host system (car, plane, household appliances, etc.). This article discusses the security of embedded systems, which are vulnerable to many software, hardware, and mixed threats. The main principles of software and physical attacks are presented to help the reader understand the main protection strategies.
The purpose of this article is to clarify the NIS2 directive, the differences with the ISO/IEC 27001 standard and especially the need to implement proactive and reactive cyber resilience activities of information systems. It consists of concrete information on the benefits of this directive and how it will reduce threats induced by many vulnerabilities. This article is based on the requirements of the NIS2 directive, those of the ISO/IEC 27001 standard. It should help readers understand their many implications in the cyber security activities of our French companies and institutions.
This article deals with the notion of safety and security as understood for software in scientific and technical systems.After presenting the aspects of dependability and cybersecurity, the article is devoted to the control of functional safety and reliability of software. It presents FMEA-based safety construction methods and model-based reliability quantification methods. It also deals with the consideration of the human factor when analysing risks.The article then looks at risk reduction methods based on fault tolerance mechanisms or formal methods. It concludes by reviewing of the normative aspects and the main industrial practices in terms of functional safety.
Access to a comprehensive database of articles
Rely on the ultimate technical and scientific knowledge database
Contents written and validated by leading experts to ensure reliability and expertise
Our experts committeeQuizzes, medias, tables, formulas, videos, practical paths, etc...
Enhanced reading experience
Reference articles available in English and French
Updates available in both languages
|
Single-user
1142 € excl. VAT
|
||
| Knowledge database | ||
| Number of licenses | Depending on company size | 1 |
| Languages | French and/or English | French and/or English |
| Access to enhanced reference articles | Unlimited | Unlimited |
| Access to archives | ||
| Publication updates and monitoring tools | ||
