Chapter-09 - Chapter 9 Security 9.1 The security...

Info iconThis preview shows pages 1–16. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Security Chapter 9 9.1 The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from outside the system 9.6 Protection mechanisms 9.7 Trusted systems
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 The Security Environment Threats Security goals and threats
Background image of page 2
3 Intruders Common Categories 1. Casual prying by nontechnical users 2. Snooping by insiders 3. Determined attempt to make money 4. Commercial or military espionage
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Accidental Data Loss Common Causes 1. Acts of God - fires, floods, wars 2. Hardware or software errors - CPU malfunction, bad disk, program bugs 3. Human errors - data entry, wrong tape mounted
Background image of page 4
5 Basics of Cryptography Relationship between the plaintext and the ciphertext
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Monoalphabetic substitution each letter replaced by different letter Given the encryption key, easy to find decryption key Secret-key crypto called symmetric-key crypto Secret-Key Cryptography
Background image of page 6
7 Public-Key Cryptography All users pick a public key/private key pair publish the public key private key not published Public key is the encryption key private key is the decryption key
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 One-Way Functions Function such that given formula for f(x) easy to evaluate y = f(x) But given y computationally infeasible to find x
Background image of page 8
9 Digital Signatures Computing a signature block What the receiver gets (b)
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
10 User Authentication Basic Principles. Authentication must identify: 1. Something the user knows 2. Something the user has 3. Something the user is This is done before user can use the system
Background image of page 10
11 Authentication Using Passwords (a) A successful login (b) Login rejected after name entered (c) Login rejected after name and password typed
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
12 Authentication Using Passwords How a cracker broke into LBL a U.S. Dept. of Energy research lab
Background image of page 12
13 Authentication Using Passwords The use of salt to defeat precomputation of encrypted passwords Salt Password , , , ,
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
14 Authentication Using a Physical Object Magnetic cards magnetic stripe cards chip cards: stored value cards, smart cards
Background image of page 14
15 Authentication Using Biometrics A device for measuring finger length.
Background image of page 15

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 16
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/20/2011 for the course CIS 6930 taught by Professor Staff during the Fall '08 term at University of Florida.

Page1 / 56

Chapter-09 - Chapter 9 Security 9.1 The security...

This preview shows document pages 1 - 16. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online