San Antonio

Local News
San Antonio OWASP Chapter: August 2006 Meeting

Topic: Selecting a Single Sign-On Solution

Presenter: Vijay Kumar

Date: August 23rd, 2006, 11:30am - 1:00pm

Location:

San Antonio Technology Center (Web Room)

3463 Magic Drive

San Antonio, TX 78229

http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+TX+78229

Abstract:

Scattered software applications with differing security policies are a bane of today’s IT departments, consuming a large chunk of support and maintenance budget. Single Sign-On is one of the technical controls available to CIOs and CSOs for providing security in depth to a corporation while reducing maintenance costs. In this talk I will walk-through a typical SSO implementation from making a case for SSO to deploying and maintaining the SSO process. Multiple SSO architectures will be presented and merits and demerits of each of the architectures will be discussed. Commercial offerings and open source SSO tools in this space are also presented.

Presenter Bio:

Vijay Kumar is a software architect with 15+ years of design and development experience in the retail, banking, insurance, and software tools domain. He is currently working as a technical lead with MSD Inc in Austin, TX. Prior to the current assignment, Vijay worked as an Enterprise architect with Lockheed Martin IT and an Applications Architect with Partnerware Inc.

Sodas and snacks will be provided. Feel free to bring a brown-bag lunch.

Please RSVP: E-mail owasprsvp@denimgroup.com or call (210) 572-4400.

San Antonio OWASP Chapter: June 2006 Meeting

Topic: Commercial Cryptographic Transitions and Web Application Key Management

Presenter: Jeff Stapleton, CTO, Innove

Date: June 21st, 2006, 11:30am - 1:00pm

Location:

San Antonio Technology Center (Web Room)

3463 Magic Drive

San Antonio, TX 78229

http://maps.google.com/maps?f=q&hl=en&q=3463+Magic+Drive,+San+Antonio,+TX+78229

Abstract:

Cryptography Transitions are defined as "Managing the passage from one cryptographic architecture to another in a methodical approach that is consistent with prudent business practices and security guidelines." This talk will first discuss the technology issues that precipitate a transition; guiding principles to conduct a transition; the transition process itself; and briefly review several case studies. Next, the talk will introduce the ANSI accredited standards committee X9 that develops cryptography and security standards for the financial services industry. Finally, the talk will focus on applying cryptography in a Web application environment, the corresponding key management issues, review the Visa CISP requirements; and industry current practices (not so good), industry best practices (better), what industry should be doing.

Presenter Bio:

Mr. Jeff Stapleton is the Chief Technology Officer and Chief Cryptographic Architect for Innové. He has over 20 years experience in the security, financial and healthcare industries at Citicorp, MasterCard International, RSA Security, KPMG LLP. His areas of expertise include payment systems, cryptography, PKI, biometrics, authentication and trusted time stamps. Jeff holds a Bachelor of Science and Master of Science degrees in computer science from the Universities of Missouri, he was an instructor at Washington University (St. Louis) and is an adjunct professor at the University of Texas at San Antonio. He is a frequent speaker at various security conferences, including the RSA annual conference, Certicom Elliptical Curve Conference, Biometric Summit and CardTech/SecurTech.

Jeff has participated in the Accredited Standards Committee X9 for over 15 years on various US and ISO working groups. He has participated in the development of over a dozen X9 and ISO security standards and is chair of the X9F4 Cryptographic Protocols and Application Security working group. X9F4 developed several American National Standards including X9.84-2003 Biometric Information Management and Security and X9.95 Trusted Time Stamps; it is the US coordination group to the ISO TC68/2 WG10 working group developing ISO 19092 Financial - Biometrics and the WG14 working group developing ISO 22895 Secure Message Syntax.

Innové, headquartered in San Antonio, Texas, provides quality, high impact Information Technology (IT) security solutions for both Commercial and Government entities. Our desire is to help our clients sustain, modernize, and integrate more robust, cost effective IT security systems leveraging a base of information security talent and security systems know-how built on over a century of experience in security systems.

Sodas and snacks will be provided. Feel free to bring a brown-bag lunch.

Please RSVP: E-mail owasprsvp@denimgroup.com or call (210) 572-4400.

Previous News

The slide deck from OWASP San Antonio June meeting available online here:.

The slide deck from OWASP San Antonio May meeting available online here:.