LectureSlidesCS263 - INTRODUCTION TO COMPUTER SECURITY...

This preview shows page 1 - 15 out of 100 pages.

INTRODUCTION TO COMPUTER SECURITY Course Code: CS-263
Image of page 1
CS-263 Introduction to Computer Security Text Book Introduction to Computer Security: Pearson New International Edition by Michael Goodrich (Author), Roberto Tamassia (Author) ISBN-10-0321512944, ISBN-13- 9780321512949 Reference: Introduction to Computer Security Addison Wisely by Matt Bishop ISBN 0-321-24744-2
Image of page 2
Assessment Introduction to Computer Security 100 Assessment Type Theory Quiz 1 15 % Mid Term Exam 20 % Quiz 2 15 % Final Exam 30 % Project /Assignment/Presentation 10 % Class Participation 10 % Total 100
Image of page 3
Course Outline Please Refer CIS of CS -263 Separate Document
Image of page 4
Sender Receiver message m = “ My Secret Message” Public Channel Attacker E D c c Introduction to Computer and Information Security: E= Encryption D= Decryption Fundamental Concepts Goal: Protect the MessageGoal: Protect the Message Goal : Protect the Message
Image of page 5
Basic Components CIA Confidentiality: Preventing the information from unauthorized disclosure Integrity Preventing from unauthorized modification Availability Preventing denial of service
Image of page 6
Impact of CIA Loss of availability, Loss of integrity, Loss of confidentiality, Risks Loss of Income Loss of Life Loss of Property etc. An adversary is any entity trying to circumvent the security infrastructure
Image of page 7
Security Model of CIA Bell and LaPadula (BLP) Confidentiality Model Biba Integrity Model (opposite to BLP) Clark Wilson Integrity Model
Image of page 8
Cryptography Concepts Definition Cryptography : Mathematical manipulation of information that prevents the information being disclosed or altered Cryptanalysis Defeating the protected mechanisms of cryptography Cryptology Study of Cryptography and Cryptanalysis
Image of page 9
Goals of Cryptography Confidentiality Integrity Authenticity Non-repudiation Access Control Make compromise difficult
Image of page 10
Cryptography Process Input (also called Plaintext or Clear Text) Cryptosystem (device that performs encryption/decryption) Cryptographic Algorithms (Mathematical functions) Output (Cipher text or Cryptogram) Key (Crypto variable)
Image of page 11
Access Control The function of Access Control is to control which (active) subject have access to a which (passive) object with some specific access operation. subject Access Operation object
Image of page 12
Access Control Access control mechanisms support confidentiality. One access control mechanism for preserving confidentiality is cryptography, which scrambles data to make it incomprehensible. A cryptographic key controls access to the unscrambled data, but then the cryptographic key itself becomes another datum to be protected.
Image of page 13
Discretionary Access Control Access to data objects (files, directories, etc.) is permitted based on the identity of users.
Image of page 14

Want to read all 100 pages?

Image of page 15

Want to read all 100 pages?

You've reached the end of your free preview.

Want to read all 100 pages?

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern