Industry Room
Due to the practical aspect of our field, we want to maintain a strong link with the industry. Our service concerns training, consulting, and audit. We work worldwide, in either English or French.
We are also involved in research projects in collaboration with international companies and benefit from private or public funds. These activities are described in the research page.
Capitalizing on our university-level teaching experience, we offer training to industries in the fields of information security and RFID security. Lessons are given onsite or at the UCL, either in English or French. Three modules are currently available.
The security of a system significantly depends on the awareness of its users. Expensive technical security measures are definitely useless if people are not aware of the basic security rules they should comply with. According to the 2008' survey of the Computer Crime Institute, 50% companies devote less than 5% of their IT budget for security, and 60% companies spend less than 2% of their security budget for awareness training. The awareness training is definitely neglected by the IT managers while it could avoid 90% of the security incidents. This is why it is important to provide serious awareness training to all users of information systems. Awareness training can significantly reduce the risk of information stolen, loss of data, virus infection, etc.
Deciding to deploy or develop a contactless solution (RFID or Smartcard) can no longer be done without a comprehensive knowledge of the induced security and privacy risks. Which are they? What can we do with RFID? Which technology for which application? How can we manage the customers' privacy? Can we design a secure access control with UHF tags? These are a few questions to be addressed before deciding to deal with RFID. Project managers, marketing engineers, R&D managers, and any person in charge of making decision about RFID-related projects will improve his skills in terms of RFID-security through this module.
Deciding to develop a contactless solution (RFID or Smartcard) requires some thorough knowledge of the inherent security and privacy issues. The objective of this module is to learn how to develop in practice a secure RFID application through the following topics: basics in cryptography, implementation of cryptographic building blocks, authentication protocols, pseudo-random number generators, relay attacks and proximity checks, information leakage, malicious traceability, privacy, ISO-14443, ISO-15693, ISO-18600, ISO-9798, ISO-7816, and analysis of some practical cases: electronic passports, public transportation passes, car ignition keys, Mifare Classic cards, etc.
The GSI is regularly requested to test RFID systems, either during the development step or on already installed solutions. It developped a savoir-faire in this domain and can provide your company consulting in the design of RFID solutions. For example, you are an integrator of RFID solutions and you want to check the security of your ticketing or acess control solution? We can help you in achieving this task. Due to the presence of GSI members in the most important conferences, we also offer to companies a technology watch service. This is a convenient way for companies to stay up to date.