Transcript Corporate Presentation

Open Source Answer to Critical Infrastructure
Security Challenges
Vadim Shchepinov, Chief Executive Officer
RED SOFT CORPORATION
Content
1.
What is Open Source
- New way for Software to be developed and utilized
- Open Source Paradigm Timeline
2.
Security Requirements and Challenges
3.
Open Source answer to the security challenges
4.
Database Management System is the key element of Information
System Security
- Open Source RDBMS – positioning within global IT
5.
Red Soft
- Strategy & Products & Services
- Offer to European partners and clients
1.1 What is Open Source – Free software
Open source is a model to develop, distribute and use software
Closed source – proprietary model
•
Consumer pays $ and gets software binaries
for use; not source code.
Traditional Licence allows to: consume,
participate, contribute (report, suggest)
•
Open Source
•
•
[patches]
[support]
SV
[patches]
[support]
Software
Binary
[use]
License
C1
$
Consumer gets software and source code
without paying $
Open source Licence allows to: consume,
participate, contribute (modify, distribute)
[read source]
[modify]
C2
[redistribute]
[feedback: bug reports]
[feedback: support requests]
[feedback: features requests]
Source: Accenture Open Source Business Models 2007
Software
Binary & source
SV
License
$
[use]
C1
[read source]
[modify]
C2
[redistribute]
[feedback: bug reports & fixes code]
[feedback: support requests and resolution]
[feedback: feature implementation code]
1.2 What is Open Source – Paradigm Timeline
Open source model matured into the viable and accepted way to
produce and use software efficiently, quickly and cheaply while being
not locked-in by a specific vendor
Today
Pioneer Age
GNU Project
GNU General Public License
GNU/Linux V1.0
Linux V2.0
«Free» and Community Age
Free Software
Foundation
Apache
Web Server V1.0
Open Source
Term defined
Adoption by (Enterprise) Developers
IBM commits
to Linux
IBM Linux
business > $2 bln
Open Source Based Business Models
Red Hat
founded
Red Hat
goes public
Red Hat
acquires JBoss
Commercial Open Source
Borland
opens
Interbase
Firebird Project
Red Hat
$1 bln
in revenue?
SUN
opens
Open Office
Adoption by the Enterprise
Apache
Web Server V2.2
>50% of Internet
Open Source enabled Business
1980
1990
Sources: Optaros Open Source Catalogue 2007 & Red Soft
2000
2010
2. Security requirements and challenges
Information Systems (IS) are defined as key components of Critical
Infrastructure by European Programme for Critical Infrastructure
Protection (EPCIP)
The security of information systems is very important and they are
placed on the 3d position in the priority list of EPCIP after energy and
nuclear industries
Information systems security challenges are:
• IS may contain undeclared software functionality that might breach
user security
• IS require security mechanisms and tools to be build in
• IS require a lot of effort and complex procedures to manage
updates for security certified software
• IS require visibility and transparency for developers and IT teams to
allow efficient development and support with high degree of security
requirements fulfillment
3. Open Source answer to Security challenges
By the very nature of being open Open Source model and respective
products allow to build and use more secure Information Systems
Closed source – proprietary model
• Very difficult to trace undeclared
software functionality that might
breach user security
• Difficult to build in the required
security mechanisms and tools
• Management of updates for security
proprietary software is very complex
and effort intensive
• Low level of visibility, transparency
and access to necessary info &
support required by developers and IT
teams
Open Source
• Almost impossible to introduce undeclared
software functionality
• Direct access to code and more effective
influence on the development road map to
take into account forthcoming new security
requirements
• Smooth and straightforward algorithm for
security recertification of updated software
• Transparent and open solution
4. Database Management System is the key element of
Information System security
• Database contains all the information in the information system
- one source and storage place for all info
• Undeclared software functionality «kills» effectiveness of all the
security mechanisms built into the other layers of information systems
• Database holds data and links between the data entities which allows
structured security protection on different levels
4.1 Positioning of Open Source RDBMS within global IT
• Approx. 44% of developers is using Open Source RDBMS for
development purposes
• Popularity and number of users grows some 25%/year. As of now it
is close to the the level of commercial, enterprise RDBMS
• The level of discovered, security related errors in Closed Code is at
least twice higher. Data about Undiscovered errors in Closed Code
are not available.
•
Source: Evans, IDC
5. Red Soft – Strategy and Products
Red Soft strategy is to be the Red Hat of global open source DBMS market
• Red Soft Corporation is the preferred vendor
of the secure database technology based on
the Open Source model
• Red Data Base from Red Soft is secure
Relational Database Management System
(RDBMS) based on Firebird 2.0 - one of the
best established, well-known and globally
widespread open source DBMS kernels in
the world
• Red Database is in process of certification of security functionality for
compliance with ISO/IEC 17799:2005
5. Red Soft – Offer to European Partners and Clients
Red Soft is offering its software products, services and software
assembly/production facilities to companies and partners in
Europe
• All the Open Source product range starting with Red Data Base
delivered and supported by European partners
• Off-shore programming work based on Red Soft tech stack at
production facilities the Russia
• Support and SW development services
provided to the clients directly and/or via partners
6. Questions and Contacts
RED SOFT CORPORATION
www.red-soft.biz
Vadim Shchepinov, Chief Executive Officer
[email protected]
Office Phone: +7 495 721 35 37