Security Risanuri Hidayat 21 February 2019 security.

Slides:



Advertisements
Similar presentations
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Advertisements

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
Laboratory for Reliable Computing Department of Electrical Engineering National Tsing Hua University Hsinchu, Taiwan Security Processor: A Review Chih-Pin.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
ECE509 Cyber Security : Concept, Theory, and Practice Cryptography Spring 2014.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
Chapter 21 Distributed System Security Copyright © 2008.
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.
Network Security David Lazăr.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Network Security Introduction
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Security Protecting information data confidentiality
Cryptography and Network Security
Key management issues in PGP
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Chapter 5 Network Security Protocols in Practice Part I
IPSecurity.
Web Applications Security Cryptography 1
Cryptography: an overview
Cryptography: an overview
Security is one of the most widely used and regarded network services
Symmetric Cryptography
Cryptography and Network Security
Computer Communication & Networks
Chapter 18 IP Security  IP Security (IPSec)
Information Security.
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
Secure Sockets Layer (SSL)
Cryptographic Hash Function
Lecture 5. Security Threats
CSCE 715: Network Systems Security
A Wireless LAN Security Protocol
BY GAWARE S.R. DEPT.OF COMP.SCI
Computer Security Security Concepts September 20, 2018
Cryptography Basics and Symmetric Cryptography
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
Chapter 11 – Message Authentication and Hash Functions
draft-ipdvb-sec-01.txt ULE Security Requirements
Security in Network Communications
Cryptography and Network Security
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
CLIENT/SERVER COMPUTING ENVIRONMENT
The Secure Sockets Layer (SSL) Protocol
Cryptography: an overview
Electronic Mail Security
CDK: Chapter 7 TvS: Chapter 9
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
DISSERTATION ON CRYPTOGRAPHY.
Unit 8 Network Security.
Advanced Computer Networks
Electronic Payment Security Technologies
Module 4 System and Application Security
Cryptography and Network Security
Cryptography and Network Security
Introduction to Encryption Technology
Lecture 36.
Lecture 36.
Presentation transcript:

Security Risanuri Hidayat 21 February 2019 security

Security Requirements Confidentiality Protection from disclosure to unauthorised persons Integrity Maintaining data consistency Authentication Assurance of identity of person or originator of data Non-repudiation Originator of communications can’t deny it later Availability Legitimate users have access when they need it Access control Unauthorised users are kept out 21 February 2019 security

Security Requirements These are often combined User authentication used for access control purposes Non-repudiation combined with authentication 21 February 2019 security

Security Threats Information disclosure/information leakage Integrity violation Masquerading Denial of service Illegitimate use Generic threat: Backdoors, trojan horses, insider attacks Most Internet security problems are access control or authentication ones Denial of service is also popular, but mostly an annoyance 21 February 2019 security

Attack Types Passive attack can only observe communications or data pasive active Passive attack can only observe communications or data Active attack can actively modify communications or data Often difficult to perform, but very powerful Mail forgery/modification TCP/IP spoofing/session hijacking 21 February 2019 security

Security Services From the OSI definition: Access control: Protects against unauthorised use Authentication: Provides assurance of someone's identity Confidentiality: Protects against disclosure to unauthorised identities Integrity: Protects from unauthorised data alteration Non-repudiation: Protects against originator of communications later denying it 21 February 2019 security

Security Mechanisms Three basic building blocks are used: Encryption is used to provide confidentiality, can provide authentication and integrity protection Digital signatures are used to provide authentication, integrity protection, and non-repudiation Checksums/hash algorithms are used to provide integrity protection, can provide authentication One or more security mechanisms are combined to provide a security service 21 February 2019 security

Services, Mechanisms, Algorithms A typical security protocol provides one or more services Services are built from mechanisms Mechanisms are implemented using algorithms 21 February 2019 security

Conventional Encryption Hallo Sayang Secure channel Insecure channel Uses a shared key Problem of communicating a large message in secret reduced to communicating a small key in secret 21 February 2019 security

Public-key Encryption Hallo Sayang Public key Private key Uses matched public/private key pairs Anyone can encrypt with the public key, only one person can decrypt with the private key 21 February 2019 security

Key Agreement Allows two parties to agree on a shared key Hallo Sayang Key Agreement Insecure channel Allows two parties to agree on a shared key Provides part of the required secure channel for exchanging a conventional encryption key 21 February 2019 security

Hash Functions Creates a unique “fingerprint” for a message Hallo Sayang Hash Creates a unique “fingerprint” for a message Anyone can alter the data and calculate a new hash value Hash has to be protected in some way 21 February 2019 security

MAC’s Message Authentication Code, adds a password/key to a hash Hallo Sayang Hash + Password/key Message Authentication Code, adds a password/key to a hash Only the password holder(s) can generate the MAC 21 February 2019 security

Digital Signatures Combines a hash with a digital signature algorithm Hallo Sayang Hash private 21 February 2019 security

Digital Signatures Signature checking: = ? Hallo Sayang Hash public 21 February 2019 security

Message Encryption Combines conventional and public-key encryption Hallo Sayang public session Encrypted session key 21 February 2019 security

Message Encryption Public-key encryption provides a secure channel to exchange conventional encryption keys Hallo Sayang private session Encrypted session key 21 February 2019 security

Security Protocol Layers Physical Data-link TCP/IP Higher level protocol Email Applications Internet Hardware link encryption IPSEC SSL,TLS, SSH Kerberos S/MIME, PGP E-commerce protocols The further down you go, the more transparent it is The further up you go, the easier it is to deploy 21 February 2019 security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.