Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

Published byMaximilian Gallagher Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley."— Presentation transcript:

1 1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley

2 2 Database Security Data is a valuable resource that may have strategic importance and therefore needs to be kept secure and confidential. There must be mechanisms that protect the database against intentional or accidental threats. Furthermore security considerations do not only apply to the data held in a database. Breaches of security may affect other parts of the system, which may in turn affect the database. Threat –Any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization. © Pearson Education Limited 1995, 2005

3 3 Summary of Threats to Computer Systems © Pearson Education Limited 1995, 2005

4 4 Typical Multi-user Computer Environment © Pearson Education Limited 1995, 2005

5 5 Countermeasures – Computer-Based Controls Concerned with physical controls to administrative procedures and includes: –Authorization –Access controls –Backup and recovery –Integrity and Encryption Authorization –Involves determining whether a user is, who he or she claims to be. Access control –Based on the granting and revoking of privileges.

6 6 What is Cryptology? Cryptography: is the study of codes or ciphers to encrypt and decrypt data. Encryption involves taking a piece of ordinary text or information and changing it so that it’s original contents are not obvious. Decryption is the code that allows the original contents to be recovered.

7 7 Simple Ciphers Example of Cipher: Substitution Cipher: replace each letter in a message with another letter, aka Caesar ciphers. Breadandbutterbreadandbutter weholdthesetruthstobesel..m The key value must be long enough that it cannot be easily deduced by cryptanalysts.

8 8 Symmetric Cryptography For a sender to send a coded message to a receiver, the following steps must occur: –A and B agree on a cryptosystem –A and B agree on a key –A encrypts the plaintext message using the cryptosystem and key and sends the resulting ciphertext to B –B decrypts the ciphertext using the cryptosystem and key An attacker who intercepts the ciphertext will have to cryptanalyse it to recover the plaintext.

9 9 Symmetric Cryptography In a good cryptosystem all the security in the system is inherent in the knowledge of the key, and nothing more. Thus in symmetric cryptosystems secure key management is vitally important. In other words the key must remain secret for the message to remain secure. An attacker who gains knowledge of the key can do a number of things: –break the cipher text –swap messages from the sender to the receiver for his/her own –pretend to be the real sender

10 10 Symmetric Cryptography A major problem in Cryptography is how to get a key safely from the originator of a message to its receiver so he/she can decode it while assuming you are transmitting over an insecure channel. Assuming a separate key is used by each pair of users in a network, then the number of keys that must be managed increases rapidly as the number of users increases.

11 11 What is asymmetric or Public key Cryptography? PK cryptography seeks to avoid the problems associated with key distribution by avoiding it altogether. PK Cryptography uses two separate keys: –the public key, for encoding messages for a recipient –the private key, used by the recipient to decode the message.

12 12 Asymmetric cryptography The private and public keys are obviously related, but deducing the private key from the public key is effectively impossible. PK systems are based upon trap-door, one-way functions. These are easy to solve in one direction, but extremely difficult in the other without possession of the secret, trap- door information (private key).

13 13 RSA PK Cryptography RSA (Rivat Shamir and Adleman…) cryptography is a example of a PK cryptosystem. The RSA system allows for the idea of digital signatures. All PK cryptosystems have the property that: D Kd [E ke (P)] = P The RSA system also has the property: E ke [D Kd (P)] = P Assume a scenario where a sender, A, and a receiver, B, are communicating using RSA PK cryptography.

14 14 Digital Signatures via PK Cryptography The RSA system allows for the idea of digital signatures. All PK cryptosystems have the property that: D Kd [E ke (P)] = P The RSA system also has the property: E ke [D Kd (P)] = P Assume a scenario where a sender, A, and a receiver, B, are communicating using RSA PK cryptography.

15 15 Digital Signatures via PK Cryptography For A to ‘sign’ a message he/she first decrypts it with his/her private key, and then encrypts it with the B’s public key: E Kbe [D Kad (P)] = C At the other end B reconstructs the plaintext by first decrypting with his/her private key, stripping off the encryption, and then encrypts with A’s public key to strip off the signature: E Kae [D Kbd (C)] = P

16 16 Key Exchange via RSA PK cryptography RSA PK cryptography can also be used for key distribution. The process is as follows: –A and B want to communicate, they are being eavesdropped upon by C. –A sends B his/her public key. –B generates a random number, encrypts it with A’s public key, and sends it to A. –A decrypts it with his/her private key and recovers the random number. –The number could be a symmetric key, which is then used to encrypt and decrypt data.

17 Data transmission Security Integrity ensures that the data in the message has not been deliberately or accidentally modified. The essential philosophy behind data integrity is that the manipulation of data or messages can not be completely prevented but what is essential is that an integrity failure can be detected.

18 Data transmission Security Authentication is a guarantee that the message has come from the person who claims to have sent it. It can be achieved using a “digital signature” and comparing it to the expected “digital signature” Non-repudiation is the certainty of knowing that the sender of the message can not later deny having sent it. This is achieved by using digital signatures just as a signature on a cheque forms the non- repudiation process in paper based payment schemes

19 Data transmission Security Confidentiality will prevent unauthorised access to transactions, which often contain data such as bank details and credit card numbers. Providing confidentiality involves the use of symmetric and / or asymmetric cryptographic algorithms. In practice bulk encipherment is done using a symmetric algorithm such as data encryption standard (DES). However, the transmission of symmetric keys is implemented using asymmetric algorithms

20

21

22 Questions Distinguish between the two types of cryptography and explain why both are required to ensure the four main criteria of secure data transmission. 22

Download ppt "1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.

Security Dale-Marie Wilson, Ph.D.. Why Database Security? Data Valuable resource Must be strictly controlled and managed Corporate resource Have strategic.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 19 Security Transparencies © Pearson Education Limited 1995, 2005.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.

Cryptographic Security Cryptographic Mechanisms 1Mesbah Islam– Operating Systems.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Similar presentations

Ads by Google