September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Advertisements

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.
1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.
1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 An Overview of Computer Security computer security.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Assistant Professor, SIS Lecture 1 August 30, 2007.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
1 Introduction to Security Dr.Talal Alkharobi. 2 Why is security important? Computers and networks are the nerves of the basic services and critical infrastructures.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Information Systems Controls for System Reliability -Information Security-
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
An Introduction to Information Assurance COEN 150 Spring 2007.
Introduction to Network Defense
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
IS 2150 / TEL 2810 Introduction to Security
Cryptography and Network Security
CS526: Information Security Chris Clifton August 26, 2003 Course Overview Portions of the material courtesy Professor Matt Bishop.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.
Computer Security: Principles and Practice
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
CS461/ECE422 — Computer Security I — Spring 2012.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
IT Strategy for Business © Oxford University Press 2008 All rights reserved Chapter 12 IT Security Strategies.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
1 Pertemuan 03 Ancaman dan Serangan Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 1: Introduction Components of computer security Threats Policies.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Slide #1-1 Introductory Computer Security CS461/ECE422 Fall 2010 Susan Hinrichs.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Introduction.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
1 IS 2150 / TEL 2810 Information Security and Privacy James Joshi Associate Professor, SIS Introduction Aug 28, 2013.
Fall 2008CS 334 Computer Security1 CS 334: Computer Security Fall 2008.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Computer Security Introduction
CS457 Introduction to Information Security Systems
CS 395: Topics in Computer Security
Introduction to Information Assurance
Overview CSE 465 – Information Assurance Fall 2017 Adam Doupé
CMIT100 Chapter 15 - Information.
Chapter 1: Introduction
Chapter 1: Introduction
Chapter 1: Introduction
Cryptography and Network Security
An Overview of Computer Security
Advanced System Security
Overview CSE 365 – Information Assurance Fall 2018 Adam Doupé
Information Security: Terminology
Computer Security Introduction
Security.
Chapter 4: Security Policies
Cryptography and Network Security
Chapter 1: Introduction
Overview CSE 365 – Information Assurance Fall 2019 Adam Doupé
Presentation transcript:

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-2 Basic Components Confidentiality –Keeping data and resources hidden Integrity –Data integrity (integrity) –Origin integrity (authentication) Availability –Enabling access to data and resources

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-3 Classes of Threats Disclosure –Snooping Deception –Modification, spoofing, repudiation of origin, denial of receipt Disruption –Modification Usurpation –Modification, spoofing, delay, denial of service

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-4 Policies and Mechanisms Policy says what is, and is not, allowed –This defines “security” for the site/system/etc. Mechanisms enforce policies Composition of policies –If policies conflict, discrepancies may create security vulnerabilities

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-5 Goals of Security Prevention –Prevent attackers from violating security policy Detection –Detect attackers’ violation of security policy Recovery –Stop attack, assess and repair damage –Continue to function correctly even if attack succeeds

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-6 Trust and Assumptions Underlie all aspects of security Policies –Unambiguously partition system states –Correctly capture security requirements Mechanisms –Assumed to enforce policy –Support mechanisms work correctly

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-7 Types of Mechanisms secure precise broad set of reachable statesset of secure states

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-8 Assurance Specification –Requirements analysis –Statement of desired functionality Design –How system will meet specification Implementation –Programs/systems that carry out design

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-9 Operational Issues Cost-Benefit Analysis –Is it cheaper to prevent or recover? Risk Analysis –Should we protect something? –How much should we protect this thing? Laws and Customs –Are desired security measures illegal? –Will people do them?

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-10 Human Issues Organizational Problems –Power and responsibility –Financial benefits People problems –Outsiders and insiders –Social engineering

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-11 Tying Together Threats Policy Specification Design Implementation Operation

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-12 Key Points Policy defines security, and mechanisms enforce security –Confidentiality –Integrity –Availability Trust and knowing assumptions Importance of assurance The human factor

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.