1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Advertisements

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.
1 cs691 chow C. Edward Chow Overview of Computer Security CS691 – Chapter 1 of Matt Bishop.
1 Access Control Matrix CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 9, 2004.
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
1 An Overview of Computer Security computer security.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Assistant Professor, SIS Lecture 1 August 30, 2007.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
An Introduction to Information Assurance COEN 150 Spring 2007.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
IS 2150 / TEL 2810 Introduction to Security
Cryptography and Network Security
CS526: Information Security Chris Clifton August 26, 2003 Course Overview Portions of the material courtesy Professor Matt Bishop.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.
Computer Security: Principles and Practice
CS461/ECE422 — Computer Security I — Spring 2012.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #4-1 Chapter 1: Introduction Components of computer security Threats Policies.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Slide #1-1 Introductory Computer Security CS461/ECE422 Fall 2010 Susan Hinrichs.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Introduction.
Csci5233 computer security & integrity 1 An Overview of Computer Security.
12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
1 IS 2150 / TEL 2810 Information Security and Privacy James Joshi Associate Professor, SIS Introduction Aug 28, 2013.
Fall 2008CS 334 Computer Security1 CS 334: Computer Security Fall 2008.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Copyright © 2013 – Curt Hill Computer Security An Overview.
July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University
Computer Security Introduction
CS457 Introduction to Information Security Systems
CS 395: Topics in Computer Security
Introduction to Information Assurance
Overview CSE 465 – Information Assurance Fall 2017 Adam Doupé
Chapter 1: Introduction
Chapter 1: Introduction
Chapter 1: Introduction
Chapter 27 Security Engineering
An Overview of Computer Security
Advanced System Security
Overview CSE 365 – Information Assurance Fall 2018 Adam Doupé
Information Security: Terminology
Computer Security Introduction
Security.
Chapter 4: Security Policies
Cryptography and Network Security
Chapter 1: Introduction
Overview CSE 365 – Information Assurance Fall 2019 Adam Doupé
Presentation transcript:

1 Overview CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 8, 2004

2 Acknowledgements Many of these slides came from Matt Bishop, author of Computer Security: Art and Science

3 Web 1: Getting Started (1/3) Due Friday, March 12 Subscribe to rhit.csse.security Publishing Reply to the article entitled "My Home Town" Include a website describing your home town.

4 Web 1: Getting Started (2/3) Reviewing Read some of the postings by your fellow students and follow the links to the websites. Review at least 3 of those websites Assign a score for each of the key attributes Give your justification for those scores Reply to the original posting about that site with your review

5 Web 1: Getting Started (3/3) Review Scores (0-5 for each, where 0 is worst and 5 is best) Accuracy Completeness Up-to-date Ease of Use Links

6 Overview of Course Website

7 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues

8 Basic Components Confidentiality Keeping data and resources hidden Integrity Data integrity (integrity) Origin integrity (authentication) Availability Enabling access to data and resources

9 Classes of Threats Disclosure - unauthorized access Snooping Deception - acceptance of false data Modification, spoofing, repudiation of origin, denial of receipt Disruption - interruption of correct operation Modification Usurpation - unauthorized control Modification, spoofing, delay, denial of service

10 Policies and Mechanisms Policy says what is, and is not, allowed This defines “security” for the site/system/etc. Mechanisms enforce policies Composition of policies If policies conflict, discrepancies may create security vulnerabilities

11 Goals of Security Prevention Prevent attackers from violating security policy Detection Detect attackers’ violation of security policy Recovery Stop attack, assess and repair damage Continue to function correctly even if attack succeeds

12 Trust and Assumptions Underlie all aspects of security Policies Unambiguously partition system states Correctly capture security requirements Mechanisms Assumed to enforce policy Support mechanisms work correctly

13 Types of Mechanisms secure precise broad set of reachable statesset of secure states

14 Assurance Specification Requirements analysis Statement of desired functionality Design How system will meet specification Implementation Programs/systems that carry out design

15 Operational Issues Cost-Benefit Analysis Is it cheaper to prevent or recover? Risk Analysis Should we protect something? How much should we protect this thing? Laws and Customs Are desired security measures illegal? Will people do them?

16 Human Issues Organizational Problems Power and responsibility Financial benefits People problems Outsiders and insiders Social engineering

17 Tying Together Threats Policy Specification Design Implementation Operation

18 Key Points Policy defines security, and mechanisms enforce security Confidentiality Integrity Availability Trust and knowing assumptions Importance of assurance The human factor

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.