Juan José Torres García, Mónica Salas Blanco and Raúl Siles Peláez belong to DinoSec, a company specialized in advanced cybersecurity services. They are also developers of the GuardedBox platform, available free of charge for managing, storing and sharing secrets. They are participating in Module 3 of C1b3rWall Academy with a talk on ” Secrets Management”.

The main objective of the lecture is to clearly identify the type of confidential information (secrets) that is handled and, on the basis of its attributes, define a detailed life cycle which will ensure its control. In addition to defining a storage, sharing and management model, ideally with E2E encryption, to ensure that the secret is not compromised. Perform a detailed monitoring of the secret lifecycle and establish an example of a secret storage and sharing solution: GuardedBox.

Secrets

Taxonomy: not all secrets have the same nature, purpose, criticality, exfiltration impact, etc.

Life cycle: the secret is born, protected, used, shared and goes extinct. How to ensure that it remains unaltered?

Managing your own or an organization’s secrets

All secrets, especially those intended to be shared, must be identified and assigned properties such as level of criticality, exposure, renewal, access, etc, in order to determine what type of control to impose.

Strict policies must be defined within the organization to ensure that a secret is never shared outside the established channels, and, if it is, that it can be detected. Data must remain encrypted as long as it is not being directly accessed by the users involved in its processing.

The full article is available on News 365.

To learn more about the management of secrets, you can register in C1b3rWall Academy for free, where you will also have the opportunity to win a free enrollment in the Master in Cybersecurity of the University of Salamanca.

Posted by Juan M. Corchado

Juan Manuel Corchado (15 May 1971, Salamanca, Spain) is Professor at the University of Salamanca. He has been Vice-Rector for Research from 2013 to 2017 and Director of the Science Park of the University of Salamanca. Elected as Dean of the Faculty of Science twice, he holds a PhD in Computer Science from the University of Salamanca and a PhD in Artificial Intelligence from the University of the West of Scotland. He leads the renowned BISITE (Bioinformatics, Intelligent Systems and Educational Technology) Research Group, created in 2000. Director of the IoT Digital Innovation Hub and President of the AIR Institute, J. M. Corchado is also Visiting Professor at the Osaka Institute of Technology since January 2015, Visiting Professor at the Universiti Malaysia Kelantan and Member of the Advisory Group on Online Terrorist Propaganda of the European Counter Terrorism Centre (EUROPOL). J. M. Corchado has been president of the IEEE Systems, Man and Cybernetics Society, and academic coordinator of the University Institute for Research in Art and Animation Technology at the University of Salamanca, as well as researcher at the Universities of Paisley (UK), Vigo (Spain) and the Plymouth Marine Laboratory (UK). He currently combines all his activity with the direction of Master programmes in Security, Digital Animation, Mobile Telephony, Information Systems Management, Internet of Things, Social Media, 3D Design and Printing, Blockchain, Z System, Industry 4.0, Agile Project Management, and Smart Cities & Intelligent Buildings, at the University of Salamanca and his work as editor-in-chief of the journals ADCAIJ (Advances in Distributed Computing and Artificial Intelligence Journal), OJCST (Oriental Journal of Computer Science and Technology) or Electronics MDPI (Computer Science & Engineering section). J. M. Corchado mainly works on projects related to Artificial Intelligence, Machine Learning, Blockchain, IoT, Fog Computing, Edge Computing, Smart Cities, Smart Grids and Sentiment Analysis. He has recently been included in the board of trustees of the AstraZeneca Foundation, along with other health professionals and researchers recognised for bringing scientific knowledge closer to society.

All Posts Website