List of my Articles
Pages: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ]
| [232] | Müller, Oliver: Sicher mobil - Cryptography Engineering, Teil 5: AES-Implementierung für mobile Endgeräte. heise/Developer, 03.08.2012 http://heise.de/-1659321 | |
| Topic: | This fifth article of a series covers the implementation of the Advanced Encrpytion Standard (AES) on smartphones and tablets running Android. It shows what challenges wait for a cryptography engineer to implement AES in a non-hardware-related programming language such as Java and how these challenges can be faced. | |
| [231] | Müller, Oliver: Anatomy of a Stack Smashing Attack and How GCC Prevents It. Dr. Dobb's, June 19th 2012. http://www.drdobbs.com/security/240001832# | |
| Topic: | The article illustrates how to prevent stack overflow attacks by using the "stack smashing protector" (SSP) of GNU's gcc. After an introdution into stack overflow attacks and their threat to a computer-system's security, the article describes how SSP functions. Subsequent it illustrates SSP in practise by assembly language code generated by gcc and debugging sessios in gdb. The article uses Debian GNU/Linux 6.0.1 on x86_64 with gcc 4.4.5 as sample system. | |
| [230] | Müller, Oliver: Preventing Stack Overflow Attacks. Dr. Dobb's Journal, July 2012; pages 7 until 16 | |
| Topic: | The article illustrates how to prevent stack overflow attacks by using the "stack smashing protector" (SSP) of GNU's gcc. After an introdution into stack overflow attacks and their threat to a computer-system's security, the article describes how SSP functions. Subsequent it illustrates SSP in practise by assembly language code generated by gcc and debugging sessios in gdb. The article uses Debian GNU/Linux 6.0.1 on x86_64 with gcc 4.4.5 as sample system. | |
| [229] | Müller, Oliver: Herkulesaufgabe - Hardware für Mainframe-Linux mit Hercules/390 emulieren. iX 4/2012; Seite 146 bis 151 | |
| Topic: | This article introduces Linux on the IBM mainframe and explains shortly its installation onto a LPAR and under z/VM. A learning by doing course is provided by using mainframe emulator Hercules/390 on Linux. Besides the installation of z/Linux the article also provides information about managing hardware on the mainframe linux and works out the differences between a "normal" Linux and the Mainframe Linux. | |
| [228] | Müller, Oliver: Verschlüsselter Winzling - Cryptography Engineering, Teil 4: AES auf AVR ATmega. Heise Developer, 28.02.2012. http://heise.de/-1442338 | |
| Topic: | The article continues the implementation of the Advanced Encryption Standard (AES) on 8 bit microcontrollers which was startet at the third article of this series. It covers the implementation of AES in C on the Atmel ATmega and provides a little sample which implements a traffic light control system. The AVR which controls the traffic lights is controlled by encrypted commands received by serial interface from a PC. The article also introduces the simulation of the whole microcontroller system environment including peripherals by using AVR Studio 4, HAPSIM and com0com. Furthermore it gives hints for a real hardware implementation and provides a simple example. | |
| [227] | Müller, Oliver: Klein, aber fein - Cryptography Engineering, Teil 3: AES auf 8-Bit-Mikrocontrollern. Heise Developer, 20.02.2012. http://heise.de/-1436872 | |
| Topic: | This article introduces the implementation of the Advanced Encryption Standard (AES) on 8 bit microcontrollers. It uses as sample the AVR ATmega family of Atmel. The article covers the challenge of efficient calculation of multiplicative inverses in GF(256) to make it possbile to calculate s-box entries at runtime efficiently but resource defensive. Furthermore it covers the challenge of key expansion and its impact on resource and clock cycle demand. | |
| [226] | Müller, Oliver: Überlaufschutz - Overflows mit Stack Smashing Protection erkennen. iX 2/2012; Seite 110 bis 113. | |
| Topic: | The article introduces in detecting stack overflows by security features of modern compilers such as Stack Smashing Protection (SSP) of GNU gcc, ProPolicy of IBM XLC and Buffer Security Check (option /GS) of Microsoft Visual Studio. gcc 4.x's SSP on Linux x86_64 is used to show how the principle of stack smashing detection works. It is shown by practical debugging sessions with gdb how gcc protects against attacks which utilizing stack overflows. | |
| [225] | Müller, Oliver: Leistungsstark mit 32 Bit - Cryptography Engineering, Teil 2: AES auf PCs und Servern. Heise Developer, 09.11.2011. http://heise.de/-1375774 | |
| Topic: | This article covers the implementation of the Advanced Encryption Standard (AES) in C++ on PCs and server systems with at least 32 bit processor. It shows how to create a portable implementation which considers the individual features of a CPU such as 32 bit arithmatic logic unit or little and big endian. The sample code includes CppUnit tests with the "AES Known Answer Test (KAT)". It runs on a broad palette of systems starting at several Unix derivates, e.g. AIX, Solaris, HP/UX and *BSD, and Linux over Windows and in the high-end area on OpenVMS and z/OS. | |
| [224] | Müller, Oliver: Dolly Digital - OpenVMS AXP auf Linux emulieren. iX 11/2011; Seite 152 bis 155. | |
| Topic: | The articles is about the Alpha emulator CHARON-AXP for Linux which allows to virtualize OpenVMS AXP systems under Linux. Besides a review of the emulator the article covers the migration of physical DEC Alpha system under OpenVMS into an virtualized environment under Linux via DECnet and VMScluster. | |
| [223] | Müller, Oliver: Code-Rebell - Turnaround-Zeiten minimieren mit JRebel. iX 11/2011; Seite 80 bis 82. | |
| Topic: | The article shows how JRebel can help to reduce the turnaround times in development environments such as Eclipse and Netbeans as well as in build environments like Maven. JRebel allows to replace and reload of classes in a Java EE application server at runtime without any redeployment. | |
| [222] | Müller, Oliver: Mathematik-Dompteur - Cryptography Engineering, Teil 1: Zur Theorie des Advanced Encryption Standard. Heise Developer, 29.09.2011. http://heise.de/-1350362 | |
| Topic: | This article introduces into mathematical background of the Advanced Encryption Standard (AES) and its implementation as computer algorithm. This article is part of a series about cryptography engineering. | |
| [221] | Müller, Oliver: Adieu Dino - Mainframe-Rehosting mit Micro Focus' Enterprise Server. iX 3/2011; Seite 92 bis 97. | |
| Topic: | Rehosting of mainframe application under z/OS and z/VSE on Unix, Linux or Windows by using Micro Focus Enterprise Server promises a high potential of savings in the fields of license fees, maintenance costs and operating effort. This article offers a view on reachable savings and the technical barriers which have to be overcome. (Includes also application reports from practise.) | |
| [220] | Müller, Oliver: Mehrspuring - OpenSSL: Implementierung innerhalb eines Client- und Server-Programms, Teil 4. Heise Developer, 27.12.2010. http://heise.de/-1157918 | |
| Topic: | The article covers the implementation of the SSL server from part one until three as multi-threaded program. It shows the change from fork() to POSIX Threads. The sample is runnable under several Unix derivates, Linux, Windows (Cygwin), z/OS and OpenVMS. | |
| [219] | Müller, Oliver: Fehlerträchtig - OpenSSL: Implementierung innerhalb eines Client- und Server-Programms, Teil 3. Heise Developer, 23.12.2010. http://heise.de/-1157455 | |
| Topic: | The article covers the typical problems (memory leaks and non-closed file handles) at implementing of concurrent programms using fork(). It shows how to discover and solve such problems. | |
| [218] | Müller, Oliver: Secure Data Exchange with Mainframes Under z/OS. Dr. Dobb's, October 26th 2010. http://www.drdobbs.com/parallel/228000074 | |
| Topic: | FTPS and SFTP are alternatives for the unsecure FTP for data exchange at classical batch job processing. Besides a short introduction to data management in data sets this article shows certificate management in RACF as well as configuring of FTPS under z/OS. The advantages and disadvantages of FTPS and SFTP in context of batch job processing are mentioned. Furthermore Java EE resource adapters and scripting in Unix shell, Perl and Python is mentioned. | |
| [217] | Müller, Oliver: Neue Heimat - OpenVMS-Systeme auf neuer Hardware. iX 9/2010; Seite 99 bis 102. | |
| Topic: | OpenVMS is without any doubt a high stable and secure system but many OpenVMS installations are still running on old VAX and Alpha systems. This article shows what strategies for consolidation, migration and "keeping alive" exist. The migration to Itanium hardware and the hardware maintenance of VAX and Alpha with "reengineered" third party hardware are mentioned. Focus of the article is cross platform virtualization with VAX and Alpha emulators. | |
| [216] | Müller, Oliver: Aufgeschlossen - OpenSSL: Implementierung innerhalb eines Client- und Server-Programms, Teil 2. Heise Developer, 16.08.2010. http://heise.de/-1058771 | |
| Topic: | OpenSSL programming in C++. This second article introduces the implementation of a OpenSSL client and addresses IPv6 compatibility as well as portability of the example program. | |
| [215] | Müller, Oliver: Schlüsselfertig - OpenSSL: Implementierung innerhalb eines Client- und Server-Programms, Teil 1. Heise Developer, 04.08.2010. http://heise.de/-1050619 | |
| Topic: | OpenSSL programming in C++. This first article introduces the object-oriented implementation of an OpenSSL server which is able to run under Windows (Cygwin) and Unix/Linux systems as well as on the mainframe (z/OS UNIX System Services). | |
| [214] | Müller, Oliver: Reanimiert - Mainframes auf dem PC emulieren. iX 7/2010; Seite 127 bis 130. | |
| Topic: | Who is willing to enter the Mainframe's world as a beginner has often one fundamental problem: The lack of the availability of a mainframe computer system. With MVS/380 and Hercules/380 it is now possible to get a Mainframe emulated on an x86 PC for free. The smart couple, MVS/380 and Hercules/380, it the entry ticket to the so different world of mainframes, which is so strange to Unix and Windows users. | |
| [213] | Müller, Oliver: Datenschieberei - Sicherer Datenaustausch mit z/OS (II). iX 10/2009; Seite 150 bis 154. | |
| Topic: | This second article of the z/OS series shows how to transfer data to and from the mainframe via TLS/SSL secured TN3270 (IND$FILE) and FTPS as well as SFTP under z/OS and its integration into MVS facilities. | |
Pages: [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ]