ORCON. Originator Controlled Access Control. André dos Santos Cardoso. Universidade do Porto Faculdade de Engenharia da Universidade do Porto
|
|
- Claude Dickerson
- 8 years ago
- Views:
Transcription
1 ORCON Originator Controlled Access Control André dos Santos Cardoso Universidade do Porto Faculdade de Engenharia da Universidade do Porto November 3, 2009 André dos Santos Cardoso (FEUP) ORCON November 3, / 19
2 Contents 1 Overview Of MAC and DAC 2 What is ORCON after all...? 3 Can ORCON be Implemented? With DAC? With MAC? Mixing MAC and DAC? 4 OK, let s design a palpable solution! Threats and Countermeasures Authorized User Authentication Attained Solution André dos Santos Cardoso (FEUP) ORCON November 3, / 19
3 Overview Of MAC and DAC Contents 1 Overview Of MAC and DAC 2 What is ORCON after all...? 3 Can ORCON be Implemented? With DAC? With MAC? Mixing MAC and DAC? 4 OK, let s design a palpable solution! Threats and Countermeasures Authorized User Authentication Attained Solution André dos Santos Cardoso (FEUP) ORCON November 3, / 19
4 Overview Of MAC and DAC How does MAC work? Controlled by an Administrator Defines levels of access Admin defines the types of access and who has access Owner can t change permissions/level of access of Objects André dos Santos Cardoso (FEUP) ORCON November 3, / 19
5 Overview Of MAC and DAC...and DAC!? Concept of Owner is important can set permissions for others at his own discretion copied objects become owned by the copier. Permissions are given based on Identity André dos Santos Cardoso (FEUP) ORCON November 3, / 19
6 What is ORCON after all...? Contents 1 Overview Of MAC and DAC 2 What is ORCON after all...? 3 Can ORCON be Implemented? With DAC? With MAC? Mixing MAC and DAC? 4 OK, let s design a palpable solution! Threats and Countermeasures Authorized User Authentication Attained Solution André dos Santos Cardoso (FEUP) ORCON November 3, / 19
7 What is ORCON after all...? ORCON - Originator Controlled Access Control Objective Control the dissemination of Objects through several entities, in a decentralized manner. Keep unauthorized recipients from reading the object Prevent re-dissemination from authorized subjects to unauthorized entities or subjects Creator must always give permission Authorized subjects must be able to write to the object, but Not to change Original Permissions André dos Santos Cardoso (FEUP) ORCON November 3, / 19
8 What is ORCON after all...? Controlling Dissemination André dos Santos Cardoso (FEUP) ORCON November 3, / 19
9 Can ORCON be Implemented? Contents 1 Overview Of MAC and DAC 2 What is ORCON after all...? 3 Can ORCON be Implemented? With DAC? With MAC? Mixing MAC and DAC? 4 OK, let s design a palpable solution! Threats and Countermeasures Authorized User Authentication Attained Solution André dos Santos Cardoso (FEUP) ORCON November 3, / 19
10 Can ORCON be Implemented? With DAC? Can DAC realize the requirements? Owner can change permissions! With DAC, the owner(=!creator) can change the permissions at will, without considering the creator (originator) original permissions. DAC fails! André dos Santos Cardoso (FEUP) ORCON November 3, / 19
11 Can ORCON be Implemented? With MAC? Can MAC realize the requirements? Theoretically possible but... a different category is needed for each combination between Object/Document, Owner, and Recipient Category Explosion Problem! it s a centralized solution impossible to implement in real world. MAC fails! André dos Santos Cardoso (FEUP) ORCON November 3, / 19
12 Can ORCON be Implemented? Mixing MAC and DAC? Hybrid Solution with MAC and DAC We can combine MAC and DAC 1 The owner of an object cannot change the access controls of the object 2 When an object is copied, the access control restrictions of that source are copied and bound to the target of the copy At the resemblance of PACL! 3 The creator (originator) can alter the access control restrictions on a per-subject and per-object basis. André dos Santos Cardoso (FEUP) ORCON November 3, / 19
13 OK, let s design a palpable solution! Contents 1 Overview Of MAC and DAC 2 What is ORCON after all...? 3 Can ORCON be Implemented? With DAC? With MAC? Mixing MAC and DAC? 4 OK, let s design a palpable solution! Threats and Countermeasures Authorized User Authentication Attained Solution André dos Santos Cardoso (FEUP) ORCON November 3, / 19
14 OK, let s design a palpable solution! Threats and Countermeasures Threats and Countermeasures Easy! Use Encryption! Unauthorized access to document storage or document transmission Figure: Symmetric Encryption Key exists only in the ORCON device, and only accessible through hardware. Content can only be decrypted and opened in the device. André dos Santos Cardoso (FEUP) ORCON November 3, / 19
15 OK, let s design a palpable solution! Threats and Countermeasures Threats and Countermeasures Incorporate a trusted software module into the device. Unauthorized access to document storage or document transmission Copying of the document Figure: Only trusted software module is able to decrypt/encrypt information André dos Santos Cardoso (FEUP) ORCON November 3, / 19
16 OK, let s design a palpable solution! Threats and Countermeasures Threats and Countermeasures Rules are also encrypted. Unauthorized access to document storage or document transmission Copying of the document Tempering of the document dissemination rules Figure: Policies can be encrypted along with the content. Trusted Software Module Enforces the application of the Policies. Software Module also ensures the policy upon copy (PACL!) André dos Santos Cardoso (FEUP) ORCON November 3, / 19
17 OK, let s design a palpable solution! Authorized User Authentication How do we authenticate users against the policy file? Let s make use of users public keys Figure: Software Module grants access based on policy file and public keys, with a protocol of Challenge-Response in which he encrypts a challenge with the user s public key. André dos Santos Cardoso (FEUP) ORCON November 3, / 19
18 OK, let s design a palpable solution! 1 Creator adds trusted user s public keys to the policy file André dos Santos Cardoso (FEUP) ORCON November 3, / 19
19 OK, let s design a palpable solution! 1 Creator adds trusted user s public keys to the policy file 2 Creator encrypts policy and document André dos Santos Cardoso (FEUP) ORCON November 3, / 19
20 OK, let s design a palpable solution! 1 Creator adds trusted user s public keys to the policy file 2 Creator encrypts policy and document 3 Creator disseminates the encrypted document to ORCON enabled devices André dos Santos Cardoso (FEUP) ORCON November 3, / 19
21 OK, let s design a palpable solution! 1 Creator adds trusted user s public keys to the policy file 2 Creator encrypts policy and document 3 Creator disseminates the encrypted document to ORCON enabled devices 4 Receiver device checks policy Receiver device can decrypt document. Trusted hardware and software module enforces policies. Policies can t ever be touched by user. André dos Santos Cardoso (FEUP) ORCON November 3, / 19
22 OK, let s design a palpable solution! 1 Creator adds trusted user s public keys to the policy file 2 Creator encrypts policy and document 3 Creator disseminates the encrypted document to ORCON enabled devices 4 Receiver device checks policy Receiver device can decrypt document. Trusted hardware and software module enforces policies. Policies can t ever be touched by user. 5 Receiver device authenticates users through the public key contained in the policy User can use his private key to respond to the system challenge, decrypting the challenge. User is authenticated if he owns a the correponding private key André dos Santos Cardoso (FEUP) ORCON November 3, / 19
23 OK, let s design a palpable solution! Attained Solution What did we just build? Policy Enforcement Policy is disseminated along users, and enforced even when re-dissemination occurs. Memory locations can remain encrypted thanks to software+hardware solution and no trust is given to the Operating System. Decentralized Solution No central administration, which guarantees that the design works even with a large and distributed number of users. André dos Santos Cardoso (FEUP) ORCON November 3, / 19
24 Thanks Thank You! Thank You Any Questions? André dos Santos Cardoso (FEUP) ORCON November 3, / 19
25 References Consulted Material Computer Security, Art and Science - Matt Bishop Hardware-Assisted Application-Level Access Control - Yu-Yuan Chen and Ruby B. Lee Originator & Role-Based Policies, notes of Computer and Network Security from the University of North Carolina - Kevin Jeffay 6-Originator-RBAC-Policies.pdf André dos Santos Cardoso (FEUP) ORCON November 3, / 19
BM482E Introduction to Computer Security
BM482E Introduction to Computer Security Lecture 7 Database and Operating System Security Mehmet Demirci 1 Summary of Lecture 6 User Authentication Passwords Password storage Password selection Token-based
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationAccess Control Intro, DAC and MAC. System Security
Access Control Intro, DAC and MAC System Security System Security It is concerned with regulating how entities use resources in a system It consists of two main phases: Authentication: uniquely identifying
More informationUnderstanding the Impact of Encryption on Certified Wireless USB Testing. Introduction. Association vs. Security
on Certified Wireless USB Testing Mike Micheletti Wireless USB Product Manager LeCroy Protocol Solutions Group Introduction Certified Wireless USB (WUSB) is a new shortrange, high-bandwidth wireless extension
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationHow To Secure Wireless Networks
Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements
More informationPrinciple, utilization and limitations for secure electronic mail systems. Lindomar Bandeira Rocha
Principle, utilization and limitations for secure electronic Lindomar Bandeira Rocha FACULDADE DE ENGENHARIA DA UNIVERSIDADE DO PORTO Segurança em Sistemas Informáticos 2009/2010 Inline Encoding ( clearsigning
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationMobile Security Wireless Mesh Network Security. Sascha Alexander Jopen
Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks
More informationHIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER
HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER With technology everywhere we look, the technical safeguards required by HIPAA are extremely important in ensuring that our information
More informationRBAC and HIPAA Security
Chief Executive, HIPAA Academy RBAC and HIPAA Security Uday O. Ali Pabrai, CHSS, SCNA Session Objective Challenges HIPAA Requirements Seven Steps to HIPAA Security Access Control RBAC Information Access
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationModule 7 Security CS655! 7-1!
Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed
More informationCMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis
CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems
More informationInternet Programming. Security
Internet Programming Security Introduction Security Issues in Internet Applications A distributed application can run inside a LAN Only a few users have access to the application Network infrastructures
More informationEvaluate the Usability of Security Audits in Electronic Commerce
Evaluate the Usability of Security Audits in Electronic Commerce K.A.D.C.P Kahandawaarachchi, M.C Adipola, D.Y.S Mahagederawatte and P Hewamallikage 3 rd Year Information Systems Undergraduates Sri Lanka
More informationECE 646, CRYPTOGRAPHY PROJECT SPECIFICATION GEORGE MASON UNIVERSITY FALL, 2013
ECE 646, CRYPTOGRAPHY PROJECT SPECIFICATION GEORGE MASON UNIVERSITY FALL, 2013 v Team members: Kunal Pillai Asrat Dea Ravi Chandra Reddy Kambalapally v Cryptographic Security for Cloud Storage Cloud storage
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationChapter 6: Fundamental Cloud Security
Chapter 6: Fundamental Cloud Security Nora Almezeini MIS Department, CBA, KSU From Cloud Computing by Thomas Erl, Zaigham Mahmood, and Ricardo Puttini(ISBN: 0133387526) Copyright 2013 Arcitura Education,
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationMore effective protection for your access control system with end-to-end security
More effective protection for your access control system with end-to-end security By Jeroen Harmsen The first article on end-to-end security appeared as long ago as 1981. The principle originated in ICT
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationSecurity Policy for Oracle Advanced Security Option Cryptographic Module
Security Policy for Oracle Advanced Security Option Cryptographic Module Version 1.0 September 1999 Prepared by Oracle Corporation A. Scope of Document This document describes the security policy for the
More informationOracle Database Security
breaking through barriers to progress By Raman Jathar an award winning '2004 Future 50 Company' 18650 W. Corporate Drive Suite 120 Brookfield, WI 53045 262.792.0200 Database Security Lately, database security
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC
More informationOriginator Control in Usage Control *
Originator Control in Usage Control * Jaehong Park Laboratory for Information Security Technology ISE Department, MS4A4 George Mason University, Fairfax, VA 22030 jaehpark@ise.gmu.edu, www.list.gmu.edu/park
More informationAdvanced Topics in Information Security MAP-I Curricular Unit 2009/2010
Advanced Topics in Information Security MAP-I Curricular Unit 2009/2010 Summary This document describes a Ph.D. level course, corresponding to a Curriculum Unit credited with 5 ECTS. It is offered jointly
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationHow to Build an Effective Mail Server Defense
How to Build an Effective Mail Server Defense A multi-stage approach to securing your email communication August, 21 2006 Author: Alin Dobre, Head of Customer Support, AXIGEN GECAD Technologies 10A Dimitrie
More informationVulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack
Vulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack You Joung Ham Graduate School of Computer Engineering, Hanshin University, 411, Yangsan-dong, Osan, Gyeonggi, Rep. of Korea
More informationVICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
More informationSP 800-130 A Framework for Designing Cryptographic Key Management Systems. 5/25/2012 Lunch and Learn Scott Shorter
SP 800-130 A Framework for Designing Cryptographic Key Management Systems 5/25/2012 Lunch and Learn Scott Shorter Topics Follows the Sections of SP 800-130 draft 2: Introduction Framework Basics Goals
More informationITM661 Database Systems. Database Security and Administration
ITM661 Database Systems Database Security and Administration Outline Introduction to Database Security Issues Types of Security Threats to databases Database Security and DBA Access Protection, User Accounts,
More informationSecure Hardware PV018 Masaryk University Faculty of Informatics
Secure Hardware PV018 Masaryk University Faculty of Informatics Jan Krhovják Vašek Matyáš Roadmap Introduction The need of secure HW Basic terminology Architecture Cryptographic coprocessors/accelerators
More informationSECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES
SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationSecurity and Authorization. Introduction to DB Security. Access Controls. Chapter 21
Security and Authorization Chapter 21 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed
More informationEnCase Endpoint Investigator Fundamentals 5/25/2016
EnCase Endpoint Investigator Fundamentals Guidance Software 1 About Us Tony Balzanto Tony Balzanto is an instructor in the Orlando, FL office of Guidance Software s Professional Development and Training
More informationSecurity Issues In Cloud Computing and Countermeasures
Security Issues In Cloud Computing and Countermeasures Shipra Dubey 1, Suman Bhajia 2 and Deepika Trivedi 3 1 Department of Computer Science, Banasthali University, Jaipur, Rajasthan / India 2 Department
More informationpreliminary experiment conducted on Amazon EC2 instance further demonstrates the fast performance of the design.
Privacy-Preserving Public Auditing For Secure Cloud Storage ABSTRACT: Using cloud storage, users can remotely store their data and enjoy the on-demand high-quality applications and services from a shared
More informationSecuring Data on Microsoft SQL Server 2012
Securing Data on Microsoft SQL Server 2012 Course 55096 The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary to
More informationHolistic Data Security. How to defend your sensitive data against all threats
How to defend your sensitive data against all threats Holistic Data Security How to defend your sensitive data against all threats When dealing with national security information, it is of paramount importance
More informationERserver. iseries. Secure Sockets Layer (SSL)
ERserver iseries Secure Sockets Layer (SSL) ERserver iseries Secure Sockets Layer (SSL) Copyright International Business Machines Corporation 2000, 2002. All rights reserved. US Government Users Restricted
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationSecurity Inspection Inc. Solutions to secure your network
Security Inspection Inc. TM Solutions to secure your network Secure Cloud Utilization Strategies! responsibilities Out of 127 cloud providers surveyed, a recently released study showed that only 25% of
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationChapter 12. Security Policy Life Cycle. Network Security 8/19/2010. Network Security
Chapter 12 Network Security Security Policy Life Cycle A method for the development of a comprehensive network security policy is known as the security policy development life cycle (SPDLC). Network Security
More informationCiphire Mail. Abstract
Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the
More informationIntroduction to Computer Security
Introduction to Computer Security Access Control and Authorization Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access recapitulated 1. Identification Which object O requests
More informationSoran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification
1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer
More informationAccess Control of Cloud Service Based on UCON
Access Control of Cloud Service Based on UCON Chen Danwei, Huang Xiuli, and Ren Xunyi Nanjing University of posts & Telecommunications, New Model Street No.66, 210003, Nanjing, China chendw@njupt.edu.cn,
More informationHIPAA. considerations with LogMeIn
HIPAA considerations with LogMeIn Introduction The Health Insurance Portability and Accountability Act (HIPAA), passed by Congress in 1996, requires all organizations that maintain or transmit electronic
More informationCloud security and OpenStack Primož Cigoj Laboratorij za odprte sisteme in mreže IJS-E5. www.kc-class.eu
Cloud security and OpenStack Primož Cigoj Laboratorij za odprte sisteme in mreže IJS-E5 www.kc-class.eu 1 1 Outline Cloud computing General overview Deployment and service models Security issues Threats
More informationSECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)
SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity
More informationHIPAA Security Considerations for Broadband Fixed Wireless Access Systems White Paper
HIPAA Security Considerations for Broadband Fixed Wireless Access Systems White Paper Rev 1.0 HIPAA Security Considerations for Broadband Fixed Wireless Access Systems This white paper will investigate
More informationMcAfee Endpoint Encryption for Files and Folders (EEFF) User Documentation
McAfee Endpoint Encryption for Files and Folders (EEFF) User Documentation 2013.06 McAfee Endpoint Encryption for Files and Folders (EEFF) uses powerful encryption technology to allow you to protect information
More informationFull Drive Encryption Security Problem Definition - Encryption Engine
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Full Drive Encryption Security Problem Definition - Encryption Engine Introduction for the FDE Collaborative Protection Profiles
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationDatabase Security. Chapter 21
Database Security Chapter 21 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. E.g., A student can t see other students grades. Integrity: Users should
More informationProblems of Security in Ad Hoc Sensor Network
Problems of Security in Ad Hoc Sensor Network Petr Hanáček * hanacek@fit.vutbr.cz Abstract: The paper deals with a problem of secure communication between autonomous agents that form an ad hoc sensor wireless
More informationFundamentals of a Windows Server Infrastructure MOC 10967
Fundamentals of a Windows Server Infrastructure MOC 10967 Course Outline Module 1: Installing and Configuring Windows Server 2012 This module explains how the Windows Server 2012 editions, installation
More informationInterim Threat / Risk Assessment. Student E- Communications Outsourcing Project
Interim Threat / Risk Assessment Student E- Communications Outsourcing Project Martin Loeffler Information Security, I+TS Creation Date: Version 1.0 June 24, 2010 Last Updated: Version 2.0 July 6, 2010
More informationInformation and Communications Technology Courses at a Glance
Information and Communications Technology Courses at a Glance Level 1 Courses ICT121 Introduction to Computer Systems Architecture This is an introductory course on the architecture of modern computer
More informationProject 25 Security Services Overview
Project 25 Security Services Overview Bill Janky Director, System Design Harris Corporation 1 Agenda Overview of P25 Security Services What s new; What s coming Other topics 2 If you re in Public Safety...
More informationPUF Physical Unclonable Functions
Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication
More informationUnderstanding VPN Technology Choices
Understanding VPN Technology Choices Presented by: Rob Pantazelos, Network Administrator Brown Rudnick, LLP The most current version of this presentation can be downloaded at: http://www.brownrudnick.com/nr/ilta2008_vpn.ppt
More informationOverview. Protocols. VPN and Firewalls
Computer Network Lab 2015 Fachgebiet Technische h Informatik, Joachim Zumbrägel Overview VPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls VPN-Definition VPNs (Virtual Private Networks)
More informationSecure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
More informationBest Practices for Network Security. Name. University/College. Unit Name. Unit Code. Lecturer
1 Best Practices for Network Security Name University/College Unit Name Unit Code Lecturer 27 March 2014 2 Outline Introduction...3 Developing Network Security Best Practices...5 I. The Pillars of network
More informationMS-55096: Securing Data on Microsoft SQL Server 2012
MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary
More informationSSL Overview for Resellers
Web Security Enterprise Security Identity Verification Services Signing Services SSL Overview for Resellers What We ll Cover Understanding SSL SSL Handshake 101 Market Opportunity for SSL Obtaining an
More informationTable of Contents. TPM Configuration Procedure... 2. 1. Configuring the System BIOS... 2
Table of Contents TPM Configuration Procedure... 2 1. Configuring the System BIOS... 2 2. Installing the Infineon TPM Driver and the GIGABYTE Ultra TPM Utility... 3 3. Initializing the TPM Chip... 4 3.1.
More informationA centralized approach to computer network security*
A centralized approach to computer network security* by FRANK R. HEINRICH and DAVID J. KAUFMAN Sysiem Developmeni Corporaiion Santa Monica, California ABSTRACT This paper presents an approach to network
More informationWelcome to Information Systems Security (503009)
Welcome to (503009) Nguyen Thi Ai Thao Faculty of Computer Science & Engineering HCMC University of Technology thaonguyen@cse.hcmut.edu.vn Course Outline Week Lectures 1 Information systems security: basic
More informationPCI DSS: An Evolving Standard
White Paper PCI DSS: An Evolving Standard PCI 3.0 and 3.1 Key Requirements Explained 2015 SecurityMetrics PCI DSS: An Evolving Standard 2 PCI DSS An Evolving Standard The Payment Card Industry Data Security
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationExcerpt of Cyber Security Policy/Standard S05-001. Information Security Standards
Excerpt of Cyber Security Policy/Standard S05-001 Information Security Standards Issue Date: April 4, 2005 Publication Date: April 4, 2005 Revision Date: March 30, 2007 William F. Pelgrin Director New
More informationAPWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/
DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing
More informationAnomaly Intrusion Detection System in Wireless Sensor Networks: Security Threats and Existing Approaches
Anomaly Intrusion Detection System in Wireless Sensor Networks: Security Threats and Existing Approaches Md. Safiqul Islam *1, Syed AshiqurRahman *2 Department of Computer Science and Engineering Daffodil
More informationIntroduction to Information Security
Introduction to Information Security Chapter 1 Information Security Basics Winter 2015/2016 Stefan Mangard, www.iaik.tugraz.at What is Information Security? 2 Security vs. Safety The German word Sicherheit
More informationPart III. Access Control Fundamentals
Part III Access Control Fundamentals Sadeghi, Cubaleska @RUB, 2008-2009 Course Operating System Security Access Control Fundamentals 105 / 148 10 3.1 Authentication and Access Control 11 Examples for DAC
More informationTable: Security Services (X.800)
SECURIT SERVICES X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Also the
More informationPGP Universal Server 2.5 SmartLine DeviceLock 6.2
PGP Integration Guide October 2007 PGP Universal Server 2.5 SmartLine DeviceLock 6.2 Version 1.0 2 Table of Contents INTRODUCTION...3 STRUCTURE...3 CAVEATS...4 POLICY OVERVIEW...4 SPAN OF CONTROL...4 COMPUTER
More informationMASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY
MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing
More informationSecuring Ship-to-Shore Data Flow
Securing Ship-to-Shore Data Flow Background on Common File Transfer Methods Today corporations, government entities, and other organizations rely on Electronic File Transfers as an important part of their
More informationThis is a preview - click here to buy the full publication
TECHNICAL REPORT IEC/TR 62443-3-1 Edition 1.0 2009-07 colour inside Industrial communication networks Network and system security Part 3 1: Security technologies for industrial automation and control systems
More informationSERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Next Generation Networks Security
International Telecommunication Union ITU-T Y.2740 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (01/2011) SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS
More informationProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary
VISIBILITY DATA GOVERNANCE SYSTEM OS PARTITION UNIFIED MANAGEMENT CENTRAL AUDIT POINT ACCESS MONITORING ENCRYPTION STORAGE VOLUME POLICY ENFORCEMENT ProtectV SECURITY SNAPSHOT (backup) DATA PROTECTION
More informationDigital Documents, Compliance and the Cloud
A Perspective on Navigating the Complexities Associated with Digital Document Transmission and Security for the Modern Enterprise. What are Digital (Electronic) Documents The Rise of the e-document Definition
More information12 FAM 650 ACQUISITION SECURITY REQUIREMENTS FOR OPERATING SYSTEMS AND SUBSYSTEM COMPONENTS
12 FAM 650 ACQUISITION SECURITY REQUIREMENTS FOR OPERATING SYSTEMS AND SUBSYSTEM COMPONENTS 12 FAM 651 GENERAL (CT:DS-180; 06-20-2012) (Office of Origin: DS/SI/CS) a. Acquisition authorities must follow
More informationTechnical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
More informationContent of smart wireless sensor network security and its network security policy
Abstract Content of smart wireless sensor network security and its network security policy Xiehua Yu Minnan Science and Technology Institute, Fujian Normal University, Fujian, 362332, China eceived 1 October
More informationVPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls
Overview VPN VPN requirements Encryption VPN-Types Protocols VPN and Firewalls Computer Net Lab/Praktikum Datenverarbeitung 2 1 VPN - Definition VPNs (Virtual Private Networks) allow secure data transmission
More informationWireless Sensor Networks Chapter 14: Security in WSNs
Wireless Sensor Networks Chapter 14: Security in WSNs António Grilo Courtesy: see reading list Goals of this chapter To give an understanding of the security vulnerabilities of Wireless Sensor Networks
More informationWeighted Total Mark. Weighted Exam Mark
CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU
More informationWIRELESS LOCAL AREA NETWORK (WLAN) IMPLEMENTATION
United States Department of Agriculture Marketing and Regulatory Programs Grain Inspection, Packers and Stockyards Administration Directive GIPSA 3140.5 11/30/06 WIRELESS LOCAL AREA NETWORK (WLAN) IMPLEMENTATION
More information