CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2 nd edition, 2008 Chapter 9.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

CLASSICAL ENCRYPTION TECHNIQUES
Cryptography Ch-1 prepared by: Diwan.
Cryptography encryption authentication digital signatures
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
ECE454/CS594 Computer and Network Security
Classical Encryption Techniques Week 6-wend. One-Time Pad if a truly random key as long as the message is used, the cipher will be secure called a One-Time.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Security – Keys, Digital Signatures and Certificates I
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Public Key Cryptography INFSCI 1075: Network Security – Spring 2013 Amir Masoumzadeh.
30.1 Chapter 30 Cryptography Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Cryptology Terminology and Early History. Cryptology Terms Cryptology –The science of concealing the meaning of messages and the discovery of the meaning.
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Principles of Information Security, 2nd edition1 Cryptography.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Chapter 2 – Classical Encryption Techniques
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.
Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.
Introduction Cryptography: process of making and using codes to secure transmission of information Encryption: converting original message into a form.
1 Lesson Internet Organization network Fire wall.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography.
Information Systems Security
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Cryptography, Authentication and Digital Signatures
Lec. 5 : History of Cryptologic Research II
Public-Key Cryptography CS110 Fall Conventional Encryption.
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
Midterm Review Cryptography & Network Security
1 Chapter 2-1 Conventional Encryption Message Confidentiality.
Dr. Susan Al Naqshbandi The word “Cryptography” is derived from Greek words κρυπτός kryptós meaning “hidden” and γράφω gráfo meaning.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Cryptography Lynn Ackler Southern Oregon University.
Elementary Cryptography  Concepts of encryption  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public key) Encryption (RSA)(RSA)
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Computer Security Cryptography. Cryptography Now and Before  In the past – mainly used for confidentiality  Today –Still used for confidentiality –Data.
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
CRYPTOGRAPHY. TOPICS OF SEMINAR Introduction & Related Terms Categories and Aspects of cryptography Model of Network Security Encryption Techniques Public.
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
Security fundamentals Topic 4 Encryption. Agenda Using encryption Cryptography Symmetric encryption Hash functions Public key encryption Applying cryptography.
K. Salah1 Cryptography Module I. K. Salah2 Cryptographic Protocols  Messages should be transmitted to destination  Only the recipient should see it.
Intro to Cryptography Lesson Introduction
Electronic Commerce School of Library and Information Science PGP and cryptography I. What is encryption? Cryptographic systems II. What is PGP? How does.
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Computer Security (CS4800)
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.
ISA 400 Management of Information Security
Chapter 2 Basic Encryption and Decryption
USAGE OF CRYPTOGRAPHY IN NETWORK SECURITY
Chapter 8 Network Security.
Cryptography.
IS3230 Access Security Unit 9 PKI and Encryption
Chapter 3:Cryptography (16M)
PART VII Security.
Protection Mechanisms in Security Management
Symmetric Encryption or conventional / private-key / single-key
Presentation transcript:

CONTROLS & PROTECTION MECHANISMS Today’s Reference: Whitman & Mattord, Management of Information Security, 2 nd edition, 2008 Chapter 9

Overview Access controls Firewalls Intrusion Detection Systems (IDSs) Wireless Network Security Cryptography

Access Controls Authentication – controlling a person’s access to a system – Barrier (i.e. login sequence) versus ongoing (intrusion detection) – Something you know – Something you have – Something you are (and something you produce, e.g. voice) – Includes biometrics which authenticate a user against known personal features (fingerprints, iris patterns, voice, etc) – Something you do (user behaviour profiling) Authorisation – controlling a person’s access to features (software, data) within the system – Scoping each user’s permitted activities – Maybe individual or group-based – Can be specific to resources

Firewalls Generations – 1: packet filtering – 2: application-level – 3: stateful inspection – 4: dynamic packet filtering Architectures – Packet filtering routers – Screened-host firewalls – Dual-homed host firewalls – Screened-subnet firewalls

Intrusion Detection Systems Host-based – Alerts administrator when files or folders change – Monitor host only Network-based – Monitor network traffic – Alerts administrator when patterns of network traffic change Signature-based – Work like anti-virus software – Alerts administrator when ‘signature’ of attack is matched Statistical-anomaly-based – Establishes baseline of what is ‘normal’ traffic – Alerts administrator when pattern is abnormal Rule-based ‘never do this’ – includes honeypots

Wireless Network Security Wired Equivalent Privacy (WEP) – basic level of security – several fundamental cryptological flaws – average home or small only Wi-Fi Protected Access (WPA) – WPA is industry standard – increased capabilities for authentication, encryption, and throughput

Cryptography Symmetric encryption methods – Substitution, Transposition, XOR, Vernam Cipher, One-time pad, and many others – the same key—a secret key—is used to encrypt and decrypt the message – Mono-alphabetic & poly-alphabetic ciphers Asymmetric encryption – public key encryption (PKE) – uses two different keys. Either key can be used to encrypt or decrypt the message, but one must always be kept secret Digital signatures – PKE used in reverse to give non-repudiation Steganography – Hiding messages in graphics files

Encryption Cipher Decryption Cipher Encryption & Decryption Cipher Text Plain Text from Sender Plain Text to Recipient Secure Key Management

Symmetric Encryption Methods Substitution – One letter exchanged for another – Creates confusion – Mono-alphabetic or Poly-alphabetic Transposition – Re-arrangement of letters – Creates diffusion XOR – If 2 values are the same, you get “0” – If not, you get “1” – Process is reversible E.g __________________

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Caesar plaintext is ROSTRUM ciphertext is URVWUXP A B C D E F G H I J K L M N O P Q R S T U V W X Y Z M N B V C X Z L K J H G F D S A P O I U Y T R E W Q Random Keyword A B C D E F G H I J K L M N O P Q R S T U V W X Y Z S E C U R I T Y A B D F G H J K L M N O P Q V W X Z Monoalphabetic cipher

Polyalphabetic Cipher A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Alphabet No. 1 (offset by 3) Alphabet No. 2 (offset by 15) A B C D E F G H I J K L M N O P Q R S T U V W X Y Z P Q R S T U V W X Y Z A B C D E F G H I J K L M N O plaintext is GO FOR GOLD ciphertext is JD IDU VRAG

Transposition Ciphers For example, every 4th letter Modern transposition ciphers use a network or path diversity principle, so the diffusion is not just within-file but over the network via different paths becomes THE RAIN IN SPAIN FALLS MAINLY ON THE PLAIN TANIL AYHAH ISNLI OEIEN PFSNN PNRIA AMLTL

Vernam Cipher The perfect substitution cipher The original one-time pad Plaintext V E R N A M Numerics Random _________________ Sum Mod Ciphertext T A H R S P

Breaking Encryption (almost) All encryption is crackable… – Just need time and computing power Brute force may not work because - – Number of alphabet combinations is 26 x 25 x 24 x 23 x etc which equals 4 x – – If each alphabet takes 1 millionth of a sec (micro second) then all combinations would take 4 x secs – 4 x years !!!! EXCEPT… – The one-time pad is provably secure (if properly used) – but it is not easy to use properly

Public Key Encryption Known as Asymmetric encryption 2 keys, one public, one private, linked mathematically, one to encrypt & one to decrypt Uses large prime numbers “mathematically infeasible” to derive private key from public key Advantages – no need to tell anyone your private key – no need for key distribution – no need for a key for each pair of people Not used to encrypt messages, as it is generally slower than secret-key encryption Used to encrypt other keys (as in PGP) and to authenticate sender

Digital Signatures Reverses the role of private & public keys Effectively unique to the document – uses a cryptographically-robust hash function Unforgeable (without the sender’s private key) not re-usable (due to message- specific hash) document unalterable undeniable

What you Need to Know A basic level of detail about all of the security technologies in the previous slides.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.