lecture_3

lecture_3 - Lecture 3 Page 1 CS 136, Winter 2010 Security...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Lecture 3 Page 1 CS 136, Winter 2010 Security Mechanisms CS 136 Computer Security Peter Reiher January 12, 2010 Lecture 3 Page 2 CS 136, Winter 2010 Outline Security tools Access control Lecture 3 Page 3 CS 136, Winter 2010 Tools for Security Physical security Access control Encryption Authentication Encapsulation Intrusion detection Common sense Lecture 3 Page 4 CS 136, Winter 2010 Physical Security Lock up your computer Actually, sometimes a good answer But what about networking? Networks poke a hole in the locked door In any case, lack of physical security often makes other measures pointless Lecture 3 Page 5 CS 136, Winter 2010 Access Controls Only let authorized parties access the system A lot trickier than it sounds Particularly in a network environment Once data is outside your system, how can you continue to control it? Again, of concern in network environments Lecture 3 Page 6 CS 136, Winter 2010 Encryption Algorithms to hide the content of data or communications Only those knowing a secret can decrypt the protection One of the most important tools in computer security But not a panacea Covered in more detail later in class Lecture 3 Page 7 CS 136, Winter 2010 Authentication Methods of ensuring that someone is who they say they are Vital for access control But also vital for many other purposes Often (but not always) based on encryption Lecture 3 Page 8 CS 136, Winter 2010 Encapsulation Methods of allowing outsiders limited access to your resources Let them use or access some things But not everything Simple, in concept Extremely challenging, in practice Lecture 3 Page 9 CS 136, Winter 2010 Intrusion Detection All security methods sometimes fail When they do, notice that something is wrong And take steps to correct the problem Reactive, not preventative But unrealistic to believe any prevention is certain Must be automatic to be really useful Lecture 3...
View Full Document

This note was uploaded on 02/08/2010 for the course ENGR 111 taught by Professor King during the Spring '09 term at UCLA.

Page1 / 64

lecture_3 - Lecture 3 Page 1 CS 136, Winter 2010 Security...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online