Chapter 1  Introduction 1 Chapter 1: Introduction.

Slides:

Advertisements

Similar presentations

Computer Security CIS326 Dr Rachel Shipsey.

Advertisements

Chapter 1  Introduction 1 Introduction Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad guy 

Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.

Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”

L0. Introduction Rocky K. C. Chang, January 2013.

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Lecture 1: Information Security Overview SYCS 653 – Fall 2009 Wayne Patterson.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

Bruce Schneier Lanette Dowell November 25, Introduction  “It is insufficient to protect ourselves with laws; we need to protect ourselves with.

CS 483 – SD SECTION (8) AUTHORIZATION. INTRODUCTION The authorization (or access control) process is used to decide if person, program or device X is.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

Conclusion 1 Conclusion Conclusion 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis  Access.

Part 4  Software 1 Conclusion Part 4  Software 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Conclusion 1 Conclusion Conclusion 2 Course Summary  Crypto o Basics, symmetric key, public key, hash functions and other topics, cryptanalysis  Access.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

May 2002Patroklos Argyroudis1 A crash course in cryptography and network security Patroklos Argyroudis CITY Liberal Studies.

8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Network Security by Behzad Akbari Spring 2012 In the Name of the Most High.

Cryptography, Authentication and Digital Signatures

Protocols Part 3  Protocols 1.

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.

Welcome to Introduction to Computer Security. Why Computer Security The past decade has seen an explosion in the concern for the security of information.

Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,

Csci5233 computer security & integrity 1 Cryptography: an overview.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

Topic 5: Basic Security.

CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.

Intro to Computer Security For COP3502, Intro to Computer Science Lecture 1 1.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Part 1  Cryptography 1 Integrity Part 1  Cryptography 2 Data Integrity  Integrity  detect unauthorized writing (i.e., modification of data)  Example:

Chapter eight: Authentication Protocols 2013 Term 2.

8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,

Computer and Information Security Chapter 1 Introduction 1.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

Security Protecting information data confidentiality

Cryptography: an overview

Cryptography: an overview

Security+ All-In-One Edition Chapter 1 – General Security Concepts

Cryptography: an overview

Faculty of Science IT Department By Raz Dara MA.

Chapter 1: Introduction

Introduction Security Intro 1.

Computer Security By: Muhammed Anwar.

Chapter 8 roadmap 8.1 What is network security?

Presentation transcript:

Chapter 1  Introduction 1 Chapter 1: Introduction

Chapter 1  Introduction 2 The Cast of Characters  Alice and Bob are the good guys  Trudy is the bad “guy”  Trudy is our generic “intruder”

Chapter 1  Introduction 3 Alice’s Online Bank  Alice opens Alice’s Online Bank (AOB)  What are Alice’s security concerns?  If Bob is a customer of AOB, what are his security concerns?  How are Alice’s and Bob’s concerns similar? How are they different?  How does Trudy view the situation?

Chapter 1  Introduction 4 CIA  CIA == Confidentiality, Integrity, and Availability  AOB must prevent Trudy from learning Bob’s account balance  Confidentiality: prevent unauthorized reading of information o Cryptography used for confidentiality

Chapter 1  Introduction 5 CIA  Trudy must not be able to change Bob’s account balance  Bob must not be able to improperly change his own account balance  Integrity: detect unauthorized writing of information o Cryptography used for integrity

Chapter 1  Introduction 6 CIA  AOB’s information must be available whenever it’s needed  Alice must be able to make transaction o If not, she’ll take her business elsewhere  Availability: Data is available in a timely manner when needed  Availability is a “new” security concern o Denial of service (DoS) attacks

Chapter 1  Introduction 7 Beyond CIA: Authentication  How does Bob’s computer know that “Bob” is really Bob and not Trudy?  Bob’s password must be verified o This requires some clever cryptography  What are security concerns of pwds?  Are there alternatives to passwords?

Chapter 1  Introduction 8 Beyond CIA: Authentication Protocols  When Bob logs into AOB, how does AOB know that “Bob” is really Bob?  As before, Bob’s password is verified  Unlike the previous case, network security issues arise  How do we secure network transactions? o Protocols are critically important o Crypto plays critical role in protocols

Chapter 1  Introduction 9 Beyond CIA: Access Control  Once Bob is authenticated by AOB, then AOB must restrict actions of Bob o Bob can’t view Charlie’s account info o Bob can’t install new software, etc.  Enforcing these restrictions: authorization  Access control includes both authentication and authorization

Beyond CIA: non-repudiation  Suppose that Bob withdrew $10,000, but later he denied the withdrawal of that money.  AOB must have the way of proving that he withdraw the money.  Preventing from false denial of previous action: non-repudiation Chapter 1  Introduction 10

IEC environment Chapter 1  Introduction 11 Intra-Substation Communications Substation LAN Substations Router (from: SISCO)

Chapter 1  Introduction 12 Substation LAN Substations Router Inter-substation Control Center-to-Substation (from: SISCO)

Chapter 1  Introduction 13 Substation LAN Substations Router Customer to Substation (from: SISCO)

Security concerns for  Intra-substation  Inter-substation  Center-to-substaton  Customer-to-substation Chapter 1  Introduction 14

Chapter 1  Introduction 15 Beyond CIA: Software  Cryptography, protocols, and access control are implemented in software o Software is foundation on which security rests  What are security issues of software? o Real world software is complex and buggy o Software flaws lead to security flaws o How does Trudy attack software? o How to reduce flaws in software development? o And what about malware?

Beyond CIA: physical security  Network(communication) security is not all that matters.  How we can protect all facilities from physical(or human) intrusion or intervention is as important as the communication security. Chapter 1  Introduction 16

Chapter 1  Introduction 17 Our topics  The topics consist of four major parts o Cryptography o Access control o Protocols o Software  Note: Our focus is on technical issues

Chapter 1  Introduction 18 Cryptography  “Secret codes”  The book covers o Classic cryptography o Symmetric ciphers o Public key cryptography o Hash functions++ o Advanced cryptanalysis

Chapter 1  Introduction 19 Access Control  Authentication o Passwords o Biometrics o Other methods of authentication  Authorization o Access Control Lists/Capabilities o Multilevel security (MLS), security modeling, covert channel, inference control o Firewalls, intrusion detection (IDS)

Chapter 1  Introduction 20 Protocols  “Simple” authentication protocols o Focus on basics of security protocols o Lots of applied cryptography in protocols  Real-world security protocols o SSH, SSL, IPSec, Kerberos o Wireless: WEP, GSM

Chapter 1  Introduction 21 Software  Security-critical flaws in software o Buffer overflow o Race conditions, etc.  Malware o Examples of viruses and worms o Prevention and detection o Future of malware?

Chapter 1  Introduction 22 Software  Software reverse engineering (SRE) o How hackers “dissect” software  Digital rights management (DRM) o Shows difficulty of security in software o Also raises OS security issues  Software and testing o Open source, closed source, other topics

Chapter 1  Introduction 23 Software  Operating systems o Basic OS security issues o “Trusted OS” requirements o NGSCB: Microsoft’s trusted OS for the PC  Software is a BIG security topic o Lots of material to cover o Lots of security problems to consider o But not nearly enough time available…

Chapter 1  Introduction 24 Think Like Trudy  In the past, no respectable sources talked about “hacking” in detail o After all, such info might help Trudy  Recently, this has changed o Lots of books on network hacking, evil software, how to hack software, etc. o Classes teach virus writing, SRE, etc.

Chapter 1  Introduction 25 Think Like Trudy  Good guys must think like bad guys!  A police detective… o …must study and understand criminals  In information security o We want to understand Trudy’s methods o Might think about Trudy’s motives o We’ll often pretend to be Trudy

Chapter 1  Introduction 26 Think Like Trudy  Is all of this security information a good idea?  Bruce Schneier (referring to Security Engineering, by Ross Anderson): o “It’s about time somebody wrote a book to teach the good guys what the bad guys already know.”

Chapter 1  Introduction 27 Think Like Trudy  We must try to think like Trudy  We must study Trudy’s methods  We can admire Trudy’s cleverness  Often, we can’t help but laugh at Alice’s and/or Bob’s stupidity  But, we cannot act like Trudy o Except in this class…

Chapter 1  Introduction 28 In This Course…  Think like the bad guy  Always look for weaknesses o Find the weak link before Trudy does  It’s OK to break the rules o What rules?  Think like Trudy  But don’t do anything illegal!