Page 36

EETE JUN 2015

ENCRYPTION & DATA SECURITY 2. Back to basics Email security can be complicated, but it doesnt need to be. Good email encryption solutions should make the process simple for both senders and recipients, while still keeping non-public personal information secure. Policy based email solutions remove the responsibility for security from individual employees by detecting specified keywords, attachments or number patterns like credit cards or National Insurance numbers. 3. Plan ahead Most email security solutions have very basic requirements that companies need to have in place before implementation. Sometimes an element or two might be missing, such as an updated version of an operating system or applications or having TLS implemented on an email server. Having up-to-date systems guarantees a simple and smooth implementation of email encryption. 4. Dont forget about mobile Nearly everyone today carries a smartphone, whether their own personal device, a corporate issued device, or a personal device that employees are using for work purposes. However, mobile devices can easily be lost or compromised by hackers or malicious software. Malware that attacks mobile devices is becoming more sophisticated than ever before. BYOD policies need to account for these risks and should include safeguarding and tips for device management. 5. Stay ahead of the curve With security breaches constantly hitting the headlines, companies need to stay ahead of the curve when it comes to new security threats and management techniques. Its not just IT that needs to be aware of the changing security landscape every employee has a duty of care to ensure that all communications with clients and suppliers are secure. Reading up on the ever evolving industry is an important first step to ensure end-to-end data security and compliance. Whether or not your business is legally required to keep data in transit safe, sending email in the clear is simply no longer acceptable. Your customers expect their data to be handled securely and your employees need an encryption solution that works across all of their devices and is easy to use. How about password-protected paper mail? By Julien Happich In this age of encrypted messaging and secure email services, researchers from the Technical Research Centre of Finland (VTT) have demonstrated password-protected paper envelopes that could inform the sender in real-time if the mail has been received by its intended recipient or if it has been opened by a third party. This password-protected envelope is one of three demonstrators developed during the four-year ROPAS (ROll-to-roll PAper Sensors) European project involving 11 partners from research and industry. Other demonstrators included a security tag to be used for sending physical goods through traditional mail and enabling recipients to check that the box was not opened during transport and that the good is in its genuine package, and a smart label able to measure and record environmental parameters such as humidity and temperature during transport to display them on a display at the push of a button. All tags bear in common printed conductive inks for tamperdetection circuitry (opening the package or envelope tears down the contacts and triggers the open status), a small printed battery from partner Enfucell, some printed switches and a form of display (printed OLEDs for the envelope and the smart tags, a flexible display for the smart label.) For the purpose of the demonstration, the envelope embedded a printed antenna and advanced logic optimised for a 300m communication range with dedicated base stations placed at different logistic points. “Although for the demonstration, we used a proprietary antenna design, we could well integrate NFC circuitry so the recipient could confirm reception using a regular NFC-enabled phone”, told us Liisa Hakola, Senior Scientist from VTT. “Typical use cases for such password-protected envelopes would include the mailing of credit cards or ID documents such as passports or driving licenses. First the recipient would be informed, possibly by email that he or she is about to receive the passwordprotected document, the unique password would be communicated at that time. Then, upon receiving the envelope, the recipient can power-up the envelope (one press of a button) and enter his/her password using the five-digit sensor switches”, explained Hakola. Each press of a button is confirmed visually with a LED blink, and this password entry triggers the envelope to send out an acknowledgement to the sender, either via the postman’s portable base station or using an NFC-enabled smartphone to communicate with the sender’s cloud infrastructure. If on the contrary the envelope was tampered with or opened prior to having entered the correct password, it would send out an alert for the sender to take action (for example disabling the credit cards or the electronic passport). The smart envelope also requires an antenna to cover large distances and advanced logic to enable wireless communication. Slightly less complex, the security tags should turn on a green LED light when the recipient presses a button, but if the package has been tampered with (the label tracks cut open), then a white LED highlights a tamper icon instead. VTT labs claim these new paper tags would be more environmentally friendly than their plastic-substrate based equivalent, highlighting that the components used in the security element have a minor influence on the optical and mechanical properties of recycled fibres. “The use of conductive printing inks is so minimal that their impact is almost negligible,” Hakola pointed out. Now the consortium is looking for someone to adopt the technology in the logistics or the retail sectors. The ROPAS project was coordinated by TNO from the Netherlands, and the other research partners in addition to VTT were ITENE from Spain and CEA from France. The companies involved included S2Grupo and Longinser from Spain, Starcke and Enfucell from Finland, MpicoSys from Poland, Océ from the Netherlands, and ELEP from Belgium. 28 Electronic Engineering Times Europe June 2015 www.electronics-eetimes.com


EETE JUN 2015
To see the actual publication please follow the link above