CSCI6268L02 - Foundations of Network and Computer Security John Black Lecture#2 Aug 26th 2009 CSCI 6268/TLEN 5550 Fall 2009 Slides now Available

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Foundations of Network and Foundations of Network and Computer Security Computer Security J J ohn Black Lecture #2 Aug 26 th 2009 CSCI 6268/TLEN 5550, Fall 2009
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Slides now Available online http://engineeringonline.color Write it down; won’t post to web page
Background image of page 2
Laws DMCA Felten RIAA/SDMI case most famous 2001 SDMI challenge Many believe it’s the right idea, but a bad law All reverse-engineering is sketchy CALEA (1994) Communications Assistance for Law Enforcement Act 2004 ruling says VoIP must provide compliance Has withstood all court challenges Patriot Act
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Case Study Accountant for crime ring Used PGP Pretty Good Privacy Phil Zimmerman Feds seized computer Couldn’t read files! Subpoena for keylogger Worked like a charm!
Background image of page 4
Policy Government has attempted to control encryption before Skipjack Key Escrow Clipper Chip Ultimately failed due to massive protest from “privacy advocates” Electronic Frontier Foundation (John Gilmore)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Economist Survey Please read it Main points Security is a MUCH broader topic than just SSL and viruses Firewalls don’t always work Economics are a factor And more. .. From 2002 but still very relevant stuff
Background image of page 6
What IS Computer Security? Cryptography Mostly based in mathematics Network Services Offense: Overflows, SQL injection, format strings, etc Defense: Firewalls, IDSes, Sandboxing, Honeypots Software Engineering You have to find all flaws, they only have to find one Policy Laws affect profoundly our security and privacy, as we have already seen
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
What IS Computer Security? Soft Science Trust Models (Bell-LaPadula, Insider Threat, etc) Economics, Game Theory Social Engineering Education Students become our programmers Insufficient training in security issues Various Credit Card Scanners Should you trust your CC# on the Internet? ATM story
Background image of page 8
Cryptography Introduction to cryptography Why? We’re doing things bottom-up Crypto is a fundamental building block for securing networks, but by NO MEANS a panacea Often done well Breaking the crypto is often not the easiest way in Instead exploit some of those other holes! Long history Based on lots of math
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
In the Beginning… “Classical” cryptography Caesar cipher aka shift cipher A Z, B A, C B, etc… We are shifting by -1 or, equivalently, by 25 Here the “domain” is A…Z and shifts are done modulo 26 Ex: What happens to “IBM” with a shift of 25?
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/11/2010 for the course CSCI 6268 taught by Professor Black during the Winter '09 term at University of Colombo.

Page1 / 31

CSCI6268L02 - Foundations of Network and Computer Security John Black Lecture#2 Aug 26th 2009 CSCI 6268/TLEN 5550 Fall 2009 Slides now Available

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online