8/30/2010CS 686 Definition of Security/Privacy EJ Jung CS 686 Special Topics in CS Privacy and Security.

Slides:



Advertisements
Similar presentations
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Advertisements

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
L0. Introduction Rocky K. C. Chang, January 2013.
1 Network Security Ola Flygt Växjö University
Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
FIT3105 Security and Identity Management Lecture 1.
Blekinge Institute of Technology, Sweden
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Applied Cryptography for Network Security
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum
Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.
Copyright © 2015 Pearson Education, Inc. Confidentiality and Privacy Controls Chapter
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
Cryptography and Network Security
Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY
9/01/2010CS 686 Stream Cipher EJ Jung CS 686 Special Topics in CS Privacy and Security.
Computer Security: Principles and Practice
Introduction to Computer and Network Security
Introduction to Computer Security1 Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st semester University of.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Network security Network security. Look at the surroundings before you leap.
Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.
Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.
Welcome to Introduction to Computer Security. Why Computer Security The past decade has seen an explosion in the concern for the security of information.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
Henric Johnson1 Network Security Henric Johnson Blekinge Institute of Technology, Sweden
What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
Wireless Network Security. How Does Wireless Differ? Wireless networks are inherently insecure because data is transmitted over a very insecure medium,
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
8/25/2010CS 686 Course Outline and Questionnaire EJ Jung CS 686 Special Topics in CS Privacy and Security.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
Chap1: Is there a Security Problem in Computing?.
Ch 13 Trustworthiness Myungchul Kim
Network Security Introduction
Jump to first page Internet Security in Perspective Yong Cao December 2000.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Network Security and Cryptography
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Network Security Celia Li Computer Science and Engineering York University.
1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
@Yuan Xue Case Study (Mid-term question) Bob sells BatLab Software License Alice buys BatLab Credit card information Number of.
Network security 1. Security taxonomy Physical security Resource exhaustion - DDoS system/network vulnerabilities Key-based security.
Security Protecting information data confidentiality
Information Security, Theory and Practice.
Security Outline Encryption Algorithms Authentication Protocols
Threats By Dr. Shadi Masadeh.
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
Network Security Ola Flygt Växjö University
Introduction to Cryptography
Security Attacks, Mechanisms, and Services
Presentation transcript:

8/30/2010CS 686 Definition of Security/Privacy EJ Jung CS 686 Special Topics in CS Privacy and Security

8/30/2010CS 686 Announcements  Course Questionnaire and Consent Form No submission, no grades  Service Lab community partners are coming  Reading assignment in schedule read “ahead”

8/30/2010CS 686 Course questionnaire results  20 students  Previous courses 13 networks, 10 OS, 3 crypto, 1 security  Familiar technology 13 hash, 10 proxy, 9 SSL/TLS, 9 PKC, 3 TOR, 2 PGP, 1 IPsec,

8/30/2010CS 686 Current challenging problems  Conflicting goals: privacy vs. utility, anonymity vs. authenticity safety vs. convenience, usability right to opt-out happy medium  Hackers  User education and admin education  Data sharing among many parties  Data leak from social networks

8/30/2010CS 686 Want to solve  Hacking prevention, Server protection, Data protection  Vulnerability (loophole) analysis and mitigation  Intrusion detection packet sniffing and monitoring  User education, usability  Malware, e.g. virus, key-loggers, prevention&detection  Identity theft, Phishing prevention/detection  Right to opt-out, Pay for privacy  Anonymity, Finding happy medium between anonymity and authenticity TOR  Security software development  Secure data sharing among multiple parties, Data tracing

8/30/2010CS 686 After this course  Become knowledgeable  Find vulnerabilities  Protect systems and websites without hurting performance and usability too much  Work as security specialist

8/30/2010CS 686 Henric Johnson 7 Attacks, Services and Mechanisms  Security Attack: Any action that compromises the security of information.  Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack.  Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

8/30/2010CS 686 Passive attack (1) - Eavesdrop  Code talkers Code talkers

8/30/2010CS 686 Passive attack (2) - Analysis uAlexaAlexa

8/30/2010CS 686 Active attack (1) - impersonation  Impostors on Facebook Impostors on Facebook

8/30/2010CS 686 Active (2) - replay

8/30/2010CS 686 Active (3) – intercept&modify

8/30/2010CS 686 Active (4) - DoS  Distributed DoS Distributed DoS

8/30/2010CS 686 Summary of attacks Henric Johnson 14

8/30/2010CS 686 Henric Johnson 15 Security Services  Confidentiality (privacy)  Authentication (who created or sent the data)  Integrity (has not been altered)  Non-repudiation (the order is final)  Access control (prevent misuse of resources)  Availability (permanence, non-erasure) Denial of Service Attacks Virus that deletes files

8/30/2010CS 686 network Attack on Authenticity  Authenticity is identification and assurance of origin of information Unauthorized assumption of another’s identity

8/30/2010CS 686 network Attack on Confidentiality  Confidentiality is concealment of information Eavesdropping, packet sniffing, illegal copying

8/30/2010CS 686 network Attack on Integrity  Integrity is prevention of unauthorized changes Intercept messages, tamper, release again

8/30/2010CS 686 network Attack on Availability  Availability is ability to use information or resources desired Overwhelm or crash servers, disrupt infrastructure

8/30/2010CS 686 Famous words  Encrypt and decrypt  Plaintext and ciphertext encrypt plaintext -> ciphertext decrypt ciphertext -> plaintext easy example: XOR  Digital signature as you sign on paper for non-repudiation and accountability  Session one conversation/communication unit

8/30/2010CS 686 Model for Network Security

8/30/2010CS 686 Access Control Model

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.