lec01 - TCN 5080 Secure Telecom Transactions Secure Florida...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: TCN 5080 Secure Telecom Transactions Secure Florida International University Course Info Text: William Stallings, Cryptography and Text: Network Security (4th Edition), Prentice Network Hall, 2005, ISBN-10: 0131873164, ISBN-13: 978-0131873162. 978-0131873162. Course Info Instructor: Dr. Deng Pan Email: [email protected] Office: ECS 261A Office hours: Wednesday 2pm - 5 pm 2pm Friday 3pm - 5pm Friday Course Info Course Web pages: http://users.cis.fiu.edu/~pand/tcn5080 Course objectives: To study the protocols and Course techniques for secure network transactions. Course Outline Course Cryptography Hash Functions Message Authentication Code Digital Signatures Authentication Protocols Email Security IP Security Web Security Advanced topics Grading Grading Homework: 25% Quizzes: 5% Midterm: 25% Final Exam: 25% Course Projects: 20% Course Projects Course One programming project. Each student will One implement some security protocols. implement One survey project. Two students as a team One read latest publications on a selected topic. Write a survey report and present it in the class. class. Cryptography and Network Security Network Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 1 – Introduction Chapter The art of war teaches us to rely not on the The likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. —The Art of War, Sun Tzu The Sun Background Background Information Security requirements have changed Information in recent times in traditionally provided by physical and traditionally administrative mechanisms administrative computer use requires automated tools to computer protect files and other stored information protect use of networks and communications links use requires measures to protect data during transmission transmission Computer Security Computer the protection afforded to an automated the information system in order to attain the applicable objectives of preserving the integrity, availability and confidentiality of information system resources (includes hardware, software, firmware, information/ hardware, data, and telecommunications) Key Security Concepts Key Examples of Security Requirements Requirements confidentiality – student grades integrity – patient information availability – authentication service Definitions Definitions Network Security - measures to protect data during their transmission during Internet Security - measures to protect data during their transmission over a collection of interconnected networks interconnected Aim of Course Aim our focus is on network and Internet our security security which consists of measures to deter, which prevent, detect, and correct security violations that involve the transmission & storage of information storage Security Trends Security OSI Security Architecture OSI ITU-T X.800 “Security Architecture for OSI” defines a systematic way of defining and defines providing security requirements providing for us it provides a useful, if abstract, for overview of concepts we will study overview Aspects of Security Aspects consider 3 aspects of information security: security attack security service security mechanism Security Attack Security any action that compromises the security of any information owned by an organization information iinformation security is about how to prevent nformation attacks, or failing that, to detect attacks on information-based systems information-based have a wide range of attacks can focus of generic types of attacks passive active Passive Attacks Passive Active Attacks Active Security Service Security enhance security of data processing systems enhance and information transfers of an organization and using one or more security mechanisms using often replicates functions normally associated often with physical documents with which, for example, have signatures, dates; need which, protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed be Security Services Security X.800: “a service provided by a protocol layer of service communicating open systems, which ensures adequate security of the systems or of data transfers” systems RFC 2828: “a processing or communication service processing provided by a system to give a specific kind of protection to system resources” kind Security Services (X.800) Security Authentication - assurance that the communicating entity is the one claimed communicating Access Control - prevention of the unauthorized use of a resource unauthorized Data Confidentiality –protection of data from protection unauthorized disclosure unauthorized Data Integrity - assurance that data received is as sent by an authorized entity as Non-Repudiation - protection against denial by one of the parties in a communication one Security Mechanism Security feature designed to detect, prevent, or feature recover from a security attack recover no single mechanism that will support all no services required services however one particular element underlies however many of the security mechanisms in use: many cryptographic techniques hence our focus on this topic Security Mechanisms (X.800) Security specific security mechanisms: encipherment, digital signatures, access encipherment, controls, data integrity, authentication exchange, traffic padding, routing control, notarization notarization trusted functionality, security labels, event trusted detection, security audit trails, security recovery recovery pervasive security mechanisms: Model for Network Security Model Model for Network Security Model using this model requires us to: using 1. 1. 2. 2. 3. 3. 4. 4. design a suitable algorithm for the security design transformation generate the secret information (keys) used generate by the algorithm develop methods to distribute and share the develop secret information specify a protocol enabling the principals to specify use the transformation and secret information for a security service Model for Network Access Security Security Model for Network Access Security Security using this model requires us to: using 1. 1. 2. 2. select appropriate gatekeeper functions to select identify users iimplement security controls to ensure only mplement authorised users access designated information or resources trusted computer systems may be useful trusted to help implement this model Summary Summary have considered definitions for: have computer, network, internet security X.800 standard security attacks, services, mechanisms models for network (access) security ...
View Full Document

This note was uploaded on 03/06/2011 for the course TCN 5080 taught by Professor Drpan during the Spring '10 term at FIU.

Ask a homework question - tutors are online