15.2 C
London
Monday, August 21, 2017
Home Tags Deutsche Bank

Tag: Deutsche Bank

A year ago a Deutsche Bank survey of CIOs found that “CIOs are now broadly comfortable with [Hadoop] and see it as a significant part of the future data architecture.” They're so comfortable, in fact, that many CIOs haven’t thought to question Hadoop’s built-in security, leading Gartner analyst Merv Adrian to query, “Can it be that people believe Hadoop is secure? Because it certainly is not.”That was then, this is now, and the primary Hadoop vendors are getting serious about security.

That’s the good news.

The bad, however, is that they’re approaching Hadoop security in significantly different ways, which promises to turn big data’s open source poster child into a potential pitfall for vendor lock-in.To read this article in full or to leave a comment, please click here
Diamonds. Bitcoin. Pork. If you think you’ve spotted the odd one out, think again: All three are things you can track using blockchain technologies today. Blockchains are distributed, tamper-proof, public ledgers of transactions, brought to public attention by the cryptocurrency bitcoin, which is based on what is still the most widespread blockchain. But blockchains are being used for a whole lot more than making pseudonymous payments outside the traditional banking system. Because blockchains are distributed, an industry or a marketplace can use them without the risk of a single point of failure. And because they can’t be modified, there is no question of whether the record keeper can be trusted. Those factors have prompted a number of enterprises to build blockchains into essential business functions, or at least to test them there. Here are five ways your business could use blockchain technology today. Making payments Bitcoin introduced the first blockchain as a tool for making payments without going through the banks. But what if you work for a bank? Strangely, many of the features that made bitcoin distasteful to the banks are making the underlying blockchain technology attractive as a way to settle transactions among themselves in dollars or sterling. It’s public, so banks can see whether their counterparties can afford to settle their debts, and distributed, so they can settle faster than some central banks will allow. Ripple is one of the first such blockchain-based settlement mechanisms: Its banking partners include UBS, Santander, and Standard Chartered. But UBS and Santander are also working on another blockchain project called Utility Settlement Coin, which will allow them to settle payments in multiple currencies, with Deutsche Bank, BNY Mellon, and others. If these systems catch on, it’s surely only a matter of time before such blockchain payments trickle down to compete with traditional inter-bank transfer mechanisms such as SWIFT. Identity of Things On the internet, famously, no one knows if you’re a dog, and on the internet of things, identity can be similarly difficult to pin down. That’s not great if you’re trying to securely identify the devices that connect to your network, and it’s what prompted the U.S. Department of Homeland Security to fund a project by Factom to create a timestamped log of such devices in a blockchain, recording their identification number, manufacturer, available device updates, known security issues, and granted permissions. That could all go in a regular device-management database, but the DHS hopes that the immutability of the blockchain will make it harder for hackers to spoof known devices by preventing them from altering the records. Certifying certificates It’s not just devices that can be spoofed, but also qualifications. If you were looking to hire someone with blockchain expertise, and the applicant told you they had a professional certification, what would you do to check the certificate’s validity? Software developer Learning Machine hopes candidates will present their certificates in its mobile app, and that you will check their validity using Blockcerts. This is a way of storing details of a certificate in the blockchain, so that anyone can verify its content and the identity of the person to whom it was issued without the need to contact a central issuing authority. The certificates can be about educational qualifications, professional training, membership of a group, anything, so if your organization issues certificates, you could issue them on the blockchain, too. Learning Machine and co-developer MIT Media Lab have published details of Blockcerts as an open standard and posted the code to Github. Diamonds are forever Diamonds, they say, are forever, so that means whatever system you use to track them is going to have to stand the test of time too. Everledger is counting on blockchain technology to prove the provenance and ownership of diamonds recorded in its ledger. In fact, it’s using two blockchains: A private one to record information that diamond sellers need to share with buyers, but may not want widely known, and the public bitcoin blockchain to provide an indisputable timestamp for the private records. The company built its first diamond database on the Eris blockchain application platform developed by Monax but recently moved to a system running in IBM’s Bluemix cloud. Diamonds are eminently traceable as the uncut ones have unique physical characteristics and the cut ones are, these days, typically laser-etched with a tiny serial number. Recording each movement of such valuable items allows insurers to identify fraud and international bodies to ensure that trade in diamonds is not funding conflicts. Everledger CEO Leanne Kemp believes the system could transform trade in other valuable commodities, too. The company has identified luxury goods and works of art as possibilities. And finally, the pork But what about the pork? It may not be worth as much by weight as a diamond, but in China at least, it more than makes up for that in volume. And because pork is not forever, being able to demonstrate that a particular piece of it is fresh and fit for consumption can be vital. Pork is one of many products for which fine-grained tracking and tracing of inventory can be helpful, and happens to be the one Walmart is testing blockchain technology with. It’s using IBM’s blockchain to record where each piece of pork it sells in China comes from, where and how it is processed, its storage temperature and expected expiration date. If a product recall becomes necessary, it will be able to narrow down the batches affected and identify exactly where they are or, if they have already been sold, who bought them. The project may extend to other products: The company has just opened the Walmart Food Safety Collaboration Center (WFSCC) in China to work with IBM and industry partners to make food supplies safer and healthier using blockchain technology.
EnlargeThe Dark Knight, Warner Bros. reader comments 6 Share this story Finance messaging giant SWIFT plans new measures to help banks combat fraud after a gang broke into Bangladesh's central bank in February and stole £57 million pounds—and were only caught because one of them made a typo in a £15 million transfer. The banking communications network, which allows financial institutions across the world to send each other secure messages about their transactions, is introducing "Daily Validation Reports," which it bills as a mechanism to help customers detect unusual patterns in their message flows, giving them more of a chance "to identify possible fraud attempts and improving the likelihood they can cancel any fraudulent transfers." The heist could have cost almost £700 million but for the typo—which spelled the name of a Sri Lankan NGO called the "Shalika Foundation" as the "Shalika Fandation"—raised red flags at Deutsche Bank, who warned the Bangladeshis, allowing them to cancel most of the rest of the transactions. Worse still, the Shalika Foundation appears not even to exist, Reuters reported. In May, the investigation into the hack was opened out to a further 12 banks through whom the robbers' activity seems to have been routed, a development which prompted SWIFT to beef up its security.
In June, it launched a customer security programme designed "to reinforce and evolve the security of global banking" and to help individual customers improve their own security baselines.

Bangladeshi security services has claimed that SWIFT technicians left the national bank vulnerable to attacks of this kind. The new measure is billed to customers as "an independent means of verifying their messaging activity." SWIFT said: Reports will be provided through a separate channel to customers’ payments and compliance teams.

This “out of band” access will ensure that independent departments at customer firms will be able to access independently sourced information through an independent channel, even if their own systems or operational staff have been compromised and their locally stored records have been obfuscated. According to Stephen Gilderdale, who heads up the new security programme, "a key step in the modus operandi in recent wire fraud cases at customer firms involves the attackers concealing their fraudulent messaging activity on customers’ local systems." He said: Smaller institutions, in particular, are currently dependent on the accuracy of the data on their own systems, but in the event of a security breach, their locally stored payment and reconciliation data may be altered or unavailable.

Daily Validation Reports will provide a reliable and independent source of information, providing such institutions with an activity lens to help them quickly detect fraud—whether perpetrated by external attackers or by malicious insiders. SWIFT, headquartered in Belgium and owned by thousands of financial stakeholders, processes the majority of international interbank messages, connecting "over 11,000 banking and securities organisations, market infrastructures, and corporate customers in more than 200 countries and territories." The new service will include both activity reports and risk reports.

The former enable banks to see "their aggregate daily activity across currencies, countries, and counterparties—giving them a snapshot view of each day’s messaging activity against which to detect unusual patterns." While risk reports, we're told, "provide customers with a focused review of large or unusual payment flows and new combinations of payment parties—allowing unusual senders, destinations and patterns to be more quickly and easily identified." The new measures will be introduced in December 2016. This post originated on Ars Technica UK