Bill Gates’ RSA 2006 Keynote presentation Questions and answers.

Slides:



Advertisements
Similar presentations
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)
Advertisements

Next Steps toward More Trustworthy Interfaces Burt Kaliski, RSA Laboratories 1 st Workshop on Trustworthy Interfaces for Passwords and Personal Information.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Information Security Policies and Standards
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
1 Integrating ISA Server and Exchange Server. 2 How works.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Public Key Infrastructure Ammar Hasayen ….
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Wireless and Security CSCI 5857: Encoding and Encryption.
Web Server Administration Chapter 10 Securing the Web Environment.
BUSINESS B1 Information Security.
Staying Safe Online Keep your Information Secure.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦
70-411: Administering Windows Server 2012
Windows Security. Security Windows 2000/XP Professional security oriented Authentication Authorization Internet Connection Firewall.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Postfix Mail Server Postfix is used frequently and handle thousands of messages. compatible with sendmail at command level. high performance program easier-
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.
Ingredients of Information Security. - Who has access the asset? - Is the asset correct? - Is the asset accessible? …uncorrupted? …authentic?
Small Business Security Keith Slagle April 24, 2007.
Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
06/02/06 Workshop on knowledge sharing using the new WWW tools May 30 – June 2, 2006 GROUP Presentation Group 5 Group Members Ambrose Ruyooka Emmanuel.
Security fundamentals Topic 2 Establishing and maintaining baseline security.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
CPT 123 Internet Skills Class Notes Internet Security Session B.
Cybersecurity Test Review Introduction to Digital Technology.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.
Information Systems Design and Development Security Precautions Computing Science.
Engineering Secure Software. A Ubiquitous Concern  You can make a security mistake at every step of the development lifecycle  Requirements that allow.
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 draft-urien-eap-smartcard-06.txt “EAP-Support in Smartcard”
CompTIA Security+ Question Answer SY Detaille of CompTIA SY0-401 Pass4sure.. VENDOR COMPTIA EXAM NAME COMPTIA SECURITY+ EXAM CODE SY0-401 TOTAL.
Unit 3 Section 6.4: Internet Security
Chapter 40 Internet Security.
Secure Software Confidentiality Integrity Data Security Authentication
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.
Security Insights: How Microsoft Secures IT
Chapter 17 Risks, Security and Disaster Recovery
Module 8: Securing Network Traffic by Using IPSec and Certificates
Information Security Session October 24, 2005
Message Digest Cryptographic checksum One-way function Relevance
Brute force attacks, DDOS, Botnet, Exploit, SQL injection
Architecture Competency Group
Module 8: Securing Network Traffic by Using IPSec and Certificates
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
In the attack index…what number is your Company?
Presentation transcript:

Bill Gates’ RSA 2006 Keynote presentation Questions and answers

What does Gates mean by trusted ecosystem? A rich infrastructure encompassing trust relationships between organisations, code, and users. It mimics the real- world relationships, and includes reputation building, chains of trust, and trust revocation, [frame 5]

What does Gates propose in order to guard against code injection attacks? The programmer should aim to reduce the portion of code that has to be trusted to a minimum; and then it should be run with minimal privileges. [frame 6]

Why were systems more secure historically than they are now? Because they were isolated, in several ways. –Typically, they had no internet connection, so no incoming packets that can attack code –Users had less capabilities which are vulnerable to being exploited [frame 8]

What alternatives does Gates mention for authentication by password? Multi-factor authentication including smart-cards Challenge-response systems, avoiding passing a single secret which can be passed on to another service [frame 8]

What does Gates propose in order to combat spam? product vendors are asked to implement the sender-id feature in MX records, which helps receivers – MS Outlook implements the idea of computational proof; a stranger sending mail to someone for the first time has to do some non-trivial computation which is uneconomic for spammers to perform. [frame 10]

What obstacles to adoption of smart cards for authentication are mentioned? Integration throughout the infrastructure Revocation of certificates [frame 11]

What is the Certificate Lifecycle Manager (CLM) and what’s it for? It manages the process of issuing digital certificates and provisioning smart cards. On production of a one-time password issued when a user loses her smartcard, CLM can obtain the user’s certificates from an LDAP server and put them on a new smart card. [frame 12]

What is Network Access Protection (NAP) It checks policy compliance in respect of software updates. If the policy is not satisfied, it allows limited network access for the purpose of downloading updates (called quarantine). It can also automatically remediate the computer to bring it into compliance. [frame 12]

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.