Juan José Torres García, Mónica Salas Blanco and Raúl Siles Peláez belong to DinoSec, a company specialized in advanced cybersecurity services. They are also developers of the GuardedBox platform, available free of charge for managing, storing and sharing secrets. They are participating in Module 3 of C1b3rWall Academy with a talk on ” Secrets Management”.

The main objective of the lecture is to clearly identify the type of confidential information (secrets) that is handled and, on the basis of its attributes, define a detailed life cycle which will ensure its control. In addition to defining a storage, sharing and management model, ideally with E2E encryption, to ensure that the secret is not compromised. Perform a detailed monitoring of the secret lifecycle and establish an example of a secret storage and sharing solution: GuardedBox.

Secrets

Taxonomy: not all secrets have the same nature, purpose, criticality, exfiltration impact, etc.

Life cycle: the secret is born, protected, used, shared and goes extinct. How to ensure that it remains unaltered?

Managing your own or an organization’s secrets

All secrets, especially those intended to be shared, must be identified and assigned properties such as level of criticality, exposure, renewal, access, etc, in order to determine what type of control to impose.

Strict policies must be defined within the organization to ensure that a secret is never shared outside the established channels, and, if it is, that it can be detected. Data must remain encrypted as long as it is not being directly accessed by the users involved in its processing.

The full article is available on News 365.

To learn more about the management of secrets, you can register in C1b3rWall Academy for free, where you will also have the opportunity to win a free enrollment in the Master in Cybersecurity of the University of Salamanca.

Posted by Juan M. Corchado

Juan Manuel Corchado (15 de Mayo de 1971, Salamanca, España) Catedrático en la Universidad de Salamanca. Ha sido Vicerrector de Investigación desde el 2013 hasta el 2017 y Director del Parque Científico de la Universidad de Salamanca. Elegido dos veces como Decano de la Facultad de Ciencias, es Doctor en Ciencias de la Computación por la Universidad de Salamanca y, además, es Doctor en Inteligencia Artificial por la University of the West of Scotland. Dirige el Grupo de Investigación Reconocido BISITE (Bioinformática, Sistemas Inteligentes y Tecnología Educativa), creado en el año 2000. Director del IOT Digital Innovation Hub y presidente del AIR Institute, J. M. Corchado también es Profesor Visitante en el Instituto Tecnológico de Osaka desde enero de 2015, Profesor visitante en la Universiti Malaysia Kelantan y Miembro del Advisory Group on Online Terrorist Propaganda of the European Counter Terrorism Centre (EUROPOL). J. M. Corchado ha sido presidente de la asociación IEEE Systems, Man and Cybernetics, y coordinador académico del Instituto Universitario de Investigación en Arte y Tecnología de la Animación de la Universidad de Salamanca e investigador en las Universidades de Paisley (UK), Vigo (Spain) y en el Plymouth Marine Laboratory (UK). En la actualidad compagina toda su actividad con la dirección de los programas de Máster en Seguridad, Animación Digital, Telefonía Movil, Dirección de Sistemas de Información, Internet de las Cosas, Social Media, Diseño e Impresión 3D, Blockchain, Z System, Industria 4.0, Gestión de Proyectos Ágiles y Smart Cities & Intelligent Buildings​, en la Universidad de Salamanca y su trabajo como editor jefe de las revistas ADCAIJ (Advances in Distributed Computing and Artificial Intelligence Journal), OJCST (Oriental Journal of Computer Science and Technology) o Electronics MDPI (Computer Science & Engineering section). J. M. Corchado desarrolla principalmente trabajos en proyectos relacionados con Inteligencia Artificial, Machine Learning, Blockchain, IoT, Fog Computing, Edge Computing, Smart Cities, Smart Grids y Análisis de sentimiento.