ACE – Auditing Control Environment

Slides:



Advertisements
Similar presentations
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Advertisements

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.
Audit Control Environment Mike Smorul UMIACS. Issues surrounding asserting integrity Threats to Integrity of Digital Archives –Hardware/media degradation.
GRAD 521, Research Data Management Winter 2014 – Lecture 7 Amanda L. Whitmire, Asst. Professor.
Software Certification and Attestation Rajat Moona Director General, C-DAC.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
The Ultimate Backup Solution.
Chronopolis: Preserving Our Digital Heritage David Minor UC San Diego San Diego Supercomputer Center.
ADAPT An Approach to Digital Archiving and Preservation Technology Principal Investigator: Joseph JaJa Lead Programmers: Mike Smorul and Mike McGann Graduate.
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,
ACE: A Software Tool to Ensure the Integrity of Digital Archives Principal Investigator: Joseph JaJa Graduate Student: Sangchul Song Lead Programmer: Michael.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Tools and Services for the Long Term Preservation and Access of Digital Archives Joseph JaJa, Mike Smorul, and Sangchul Song Institute for Advanced Computer.
May 23, 2007 Archiving ACE: A Novel Software Platform to Ensure the Integrity of Digital Archives Sangchul Song and Joseph JaJa Institute for Advanced.
Robust Technologies for Automated Ingestion and Long-Term Preservation of Digital Information Principal Investigator: Joseph JaJa Lead Programmers: Mike.
Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.
SSH Secure Login Connections over the Internet
Operating Systems Protection & Security.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Sagar Joshi Senior Security Consultant | ACE Team, Microsoft Information Security
Cloud Integrity Monitoring Mike Smorul ADAPT Group University of Maryland, College Par.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Continuous Backup for Business CrashPlan PRO offers a paradigm of backup that includes a single solution for on-site and off-site backups that is more.
A Multimedia Presentation by Louis Balzani. o Source of extreme power o High elasticity o Large data centers generate 5-7x savings.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Advanced file encryption Copyright © 2002 Deerfield.com, All Rights Reserved.
Data Security. Unauthorized Access Natural disaster Accidentals Destruction ( Hard ware failure )
PCI-DSS: Guidelines & Procedures When Working With Sensitive Data.
Database Laboratory Regular Seminar TaeHoon Kim Article.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
IDS And Tripwire Rayhan Mir COSC 356. What is IDS IDS - Intrusion detection system Primary function – To monitor network or host resources to detect intrusions.
Philip J. Beyer, Information Security Officer John P. Skaarup, Sr. Security Engineer Texas Education Agency Information Security.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
A Solution for Maintaining File Integrity within an Online Data Archive Dan Scholes PDS Geosciences Node Washington University 1.
File-System Management
8 – Protecting Data and Security
KEEPS – a system for UELMA preservation and security
Security Issues in Information Technology
Chapter 40 Internet Security.
Securing Network Servers
Web Applications Security Cryptography 1
Outline The basic authentication problem
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
KEEPS – a system for UELMA preservation and security
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
Cryptographic Hash Functions
Cryptographic Hash Function
Joseph JaJa, Mike Smorul, and Sangchul Song
Chapter 5: The Art of Ensuring Integrity
Instructor Materials Chapter 5: The Art of Ensuring Integrity
Cryptographic Hash Functions
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Backup and restoration of data, redundancy
Protocol ap1.0: Alice says “I am Alice”
Instructor Materials Chapter 5: The Art of Ensuring Integrity
Security.
Outline Using cryptography in networks IPSec SSL and TLS.
BACHELOR’S THESIS DEFENSE
BACHELOR’S THESIS DEFENSE
Erica Burch Jesse Forrest
Operating System Concepts
Hashing Hash are the auxiliary values that are used in cryptography.
Instructor Materials Chapter 5: Ensuring Integrity
Chapter 8 roadmap 8.1 What is network security?
Presentation transcript:

ACE – Auditing Control Environment University of Maryland Institute for Advanced Computer Studies

Digital Objects: Properties Mutable Sensitive to accidental changes One bit change can destroy an entire file No storage medium is safe forever Unpredictable Never moved, always copied

Risks in Archiving Malicious changes Corruption Hardware faults Software faults Authenticity Failure recognition window

Detecting Changes How do we ensure a file has not changed over time? Compare against another copy? Expensive operation No guarantee which is correct Solution: Secure Cryptographic Hashing

Hashing 101 Entire file run through an algorithm to generate a fixed size, but large number. Dogs and Shakespeare Large number is the hash value Later, rerun the algorithm and compare hash values Secure hashing is a one-way operation Passwords Unsecure hash example: divide by 10

Simple Solution Store hash values with the files? Problems: Easy to change one? Can change both… Unauthorized additions, deletions

ACE IMS: Integrity Management Server 3rd-party service Present hash values, issued tokens Timestamps Validation through IMS Round aggregation Witness values published

ACE AM: Audit Manager Registers data holdings Holds issued tokens Audits files on a periodic basis Three layers of checking File hash against token Token against IMS record IMS Witness challenge

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.