LectureSet6 - Computer, Network, and Java Security...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Computer, Network, and Java Security
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Introduction l Need for Computer/Internet security ¡ Consumers buying products, trading stocks, and banking online ¡ Credit-card, social security, and confidential business information exchanged ¡ Security attacks l Data theft and hacker attacks l Wireless transmissions easier to intercept l Security fundamentals ¡ Privacy : no third party ¡ Integrity : information unaltered ¡ Authentication : proving identities ¡ Non-repudiation : legal proof of message received ¡ Availability: Network stays in operation continuously
Background image of page 2
Computer Security: General Rules l Limits of computer security ¡ Absolute computer security is not feasible ¡ Given unlimited resources any form of security can be broken ¡ Objective: cost for breaking a system must far outweigh rewards l End-to-end security ¡ In multitier systems, each tier must have its own security ¡ Security is as strong as the weakest link l Complex vs. Simple systems ¡ Complex systems: high cost of design and implementation ¡ Simple systems: Easier understood, better analyzed l Always required ¡ Security must be an integral part of a system design
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Types of Threats l Secrecy Attacks ¡ Attempts to steal confidential information l Integrity Attacks ¡ Attempts to alter information with malicious intent l Availability Attacks ¡ Attempts to disrupt a system’s normal operation
Background image of page 4
Example of Attacks l Brute force ¡ Involves searching every key until the right one unlocks the system l Trojan Horse ¡ Involves planting an enemy program as an insider in such a way that it is not apparently noticeable l Person-in-the middle attack ¡ Attacker intercepts the communication between two parties without their knowledge
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Protections l Network related: ¡ Firewalls ¡ Virtual Private Networks l Cryptography ¡ Design of algorithms for encrypting and decrypting information l Plaintext : unencrypted data l Ciphertext : encrypted data l Key : used by sender and receiver to encrypt and decrypt message ¡ Provides confidentiality (only the intended recipient can make sense of the message)
Background image of page 6
Protections (cont’d) l Authentication ¡ Confirms user’s identity (e.g. passwords, smart cards, biometrics, etc.) l Authorization ¡ After authentication, access to the user is governed by an access control policy l Auditing and logs ¡ Keeping a record of resource access that were granted or denied can serve in preventing or analyzing a break-in
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security Layered Architecture PHY Link Layer Network Transport Application Securing cabling, avoiding Interference, Spread Spectrum WEP, PPP LCP IPSEC, firewalls, VPN SSL/TLS Encryption, Authentication, Authorization Java Encryption, Authentication, Authorization, JVM security
Background image of page 8
Cryptanalysis l Even if keys are secret, it is possible to compromise the security of a system l Cryptanalysis : trying to decrypt ciphertext without knowledge of the decryption key ¡ Cryptanalytic attacks l Attacks can be reduced if proper key management structures are in place and keys use expiration dates
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 07/14/2011 for the course COP 4610L taught by Professor Staff during the Spring '09 term at University of Central Florida.

Page1 / 87

LectureSet6 - Computer, Network, and Java Security...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online