Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption.

Published byArnold Gordon Modified over 9 years ago

Similar presentations

Presentation on theme: "SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption."— Presentation transcript:

1 SSD: Cryptography

2 Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption algorithms and the types of attack possibilities Identify and justify the selection of appropriate encryption methods to secure stored sensitive data Explain good practices in relation to key management Minimise the risk to an asset or product through the use of off-the-shelf encryption software Explain the requirements for appropriate standards and practices

3 Global Company 70 Security Consultants 120,000 Employees

4 Regulatory Compliance Business Information Systems Information Technology Legal Information Security Fraud Marketing and Branding Telecommunication Engineering Accounts Finance Wholesale Digital (Internet) Retail in store Telephone Sales Company Hierarchy EdgeWise Telecoms

5 200 million customers Current Customers

6 Mobile Applications Mobile applications to support… £50,000,000 Drive the Brand into New Markets Sales of Products Customer Account Enquiry

7 Your Role Identifying Security Tasks Risk Identification Providing General Advice and Guidance Standards Adherence

8 Information Security Standards

9 Why am I doing this quiz? Quiz 1: The following quiz will test your knowledge of encryption and the related standards. Quiz 1 Introduction

10 Quiz 1 Quiz Click the Quiz button to edit this quiz

11 CEO Interview

12 Quiz 2: The following quiz will test your continued knowledge on encryption and standards. Why am I doing this quiz? Quiz 2 Introduction

13 Quiz 2 Quiz Click the Quiz button to edit this quiz

14 Sensitive Data CCV Passwords and codes (secrets) Bank account name Bank account sort code Bank account number Card number (PAN) Text messages sent by the customer 5 30 206 1216 160

15 Task Your task is to write a 2,500 word paper, providing advice, guidance and alternative solutions for the developer to follow whilst creating their mobile applications. The identification of which information should be encrypted and why The identification of which information must not be stored An evaluation of the suitability of the chosen encryption algorithm for the task and where applicable, suggest an alternative An explanation of the attacks that could be leveraged against various cryptographic algorithms

16 Task Continued Your task is to write a paper, providing advice and guidance for the developer to follow while creating their mobile applications. (2500 words) Identify the tasks required for the secure implementation of cryptography, including: Key storage Key management (rotation, retirement). Suggest alternatives to the developer writing the encryption routine (can this be done by an off the shelf product – for example Oracle or MS SQLServer – if so how?).

17 Summary After the scenario has been completed, you are expected to be able to: Explained the relative strengths of encryption algorithms and the types of attack possibilities Identified and justified the selection of appropriate encryption methods to secure stored sensitive data Explained good practices in relation to key management Minimised the risk to an asset or product through the use of off-the-shelf encryption software Explained the requirements for appropriate standards and practices

Download ppt "SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption."

Similar presentations

BUSINESS PLAN Project Brief: Facilitating general public to have Cash-in-hand by converting mobile phone credit to cash. And transfering the credit to.

BUSINESS PLAN Project Brief: Facilitating general public to have Cash-in-hand by converting mobile phone credit to cash. And transfering the credit to.
An Introduction to professional services. The professional services The professional services support businesses of all sizes across the economy, providing.

An Introduction to professional services. The professional services The professional services support businesses of all sizes across the economy, providing.
Chapter 1 Business Driven Technology

Chapter 1 Business Driven Technology
Lesson 1: Introduction to IT Business and Careers

Lesson 1: Introduction to IT Business and Careers
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Security and Personnel

Security and Personnel
Electronic payment Methods: Defined: It is alternative payment mechanism for electronic transactions instead of traditional payment methods like cheque,cash,

Electronic payment Methods: Defined: It is alternative payment mechanism for electronic transactions instead of traditional payment methods like cheque,cash,
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Security Controls – What Works

Security Controls – What Works
Chapter 1 INTRODUCTION TO ACCOUNTING INFORMATION SYSTEMS

Chapter 1 INTRODUCTION TO ACCOUNTING INFORMATION SYSTEMS
WHAT… Myrket is a B2B online advertising agency focused on e-marketing services; Main Services: e-marketing strategies; website development; search engine.

WHAT… Myrket is a B2B online advertising agency focused on e-marketing services; Main Services: e-marketing strategies; website development; search engine.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
ICAICT202A - Work and communicate effectively in an IT environment

ICAICT202A - Work and communicate effectively in an IT environment
Geneva, Switzerland, 4 December 2014 Evolving Payments into The Digital World Richard Smith, Vice President, MasterCard Customer Fraud Management

Geneva, Switzerland, 4 December 2014 Evolving Payments into The Digital World Richard Smith, Vice President, MasterCard Customer Fraud Management
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
SOFTWARE SOLUTIONS INC. Financial Technology Outsourcing.

SOFTWARE SOLUTIONS INC. Financial Technology Outsourcing.
By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.

By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.
Systems Analysis and Design in a Changing World, 6th Edition

Systems Analysis and Design in a Changing World, 6th Edition
The Right Choice for Call Recording WWW.OAISYS.COM OAISYS and PCI DSS Compliance Managing Payment Card Industry Compliance with OAISYS Call Recording Solutions.

The Right Choice for Call Recording OAISYS and PCI DSS Compliance Managing Payment Card Industry Compliance with OAISYS Call Recording Solutions.
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.

Similar presentations

Ads by Google