CSE 127 Computer Security

Size: px
Start display at page:

Download "CSE 127 Computer Security"

Transcription

1 CSE 127 Computer Security Fall 2012 Lecture #12 Physical Security Stefan Savage

2 Physical security What is physical security about? Controlling access to a physical space or object Examples: Gates/Barriers Locks Safes Alarms Mantraps Scanners

3 Same kind of problems as computer security Usability Security through obscurity Side channels Misplaced assumptions Securing the wrong thing Weakest link Lets look at some of this via locks

4 Locks Worlds oldest (pre-biblical) and most pervasive form of access control Egyptian tumbler lock design ~1000 BCE Modern Cylinder lock

5 How physical locks work Shear line Driver pins Plug Bottom pins courtesy Matt Blaze 5

6 How physical locks work courtesy Matt Blaze 6

7 Shared secrets There is a shared secret between the lock and the key its shape In fact, it s a digital code

8 Bitting codes A key can be precisely described with a discrete code Cuts at regular intervals (4-6 cuts) Depth of cuts quantized in standard fashion (typically 6-9 bins) digits sufficient to describe most keys 8

9 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine

10 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine

11 Lock bypass via manipulation Picking & Raking Bumping 11

12 Picking 12

13 Picking Two parts Tension wrench used to apply slight lateral force on plug Pick used to lift individual bottom pins to the shear line Tension causes driver pins to bind above shear line 13

14 Picking 14

15 Raking Similar idea, but less finesse Rake pick moved in and out quickly imparts force to bottom pins; driver pins bind Quick & easy

16 Bumping Similar idea to raking, but does all pins in parallel; super easy to do Max-depth key (bump key) used to impart force to bottom pins who transfer energy to driver pins (think billiards) 16

17 Bumping 17

18 Some defenses Security pins Spool pins, mushroom pins, interlocking pins» Shapes that get stuck when plug under tension

19 Some defenses Security pins Spool pins, mushroom pins, interlocking pins» Shapes that get stuck when plug under tension Pin rotation (angled cuts on keys)

20 Some defenses Ancillary locking mechanisms; sidebars (2)

21 Side issue: master keying How do master keys work? Second set of pins (spacers); multiple shear lines

22 Hmmm. problem? Suppose 6 pins and 10 positions per pin In principal 10 6 combinations; can t guess master But what if you have one working key Scenario: your key: , master: Make key: ; does it work? No, cut groove down one position; at position N it works! If N is not equal to 5, then N is the master cut for that pin Repeat for each pin; six keys are sufficient if all six pins have master pins; Rights Amplification 22

23 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine

24 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine

25 Problem The bitting code is only secret if the key is kept secure What if I borrow your key?

26 Lock bypass via surreptitious duplication Field casting Decoding 26

27 The power of decoding = Key Blank Key replica Code key cutting machine 27

28 28

29 29

30

31 Optical decoding Decode keys semi-automatically from photos Traditional computer vision problem (photometry) Normalize for scale and rotation 31

32 Sneakey: UCSD Reference key measured at control points User supplies correspondences between target key and reference image Image normalized (homographic transform), cut locations identified and cut depths measured (n guesses) 32

33 Works really well Almost perfectly from up close photos (e.g., cell phone cameras, etc) But that s no fun what would James Bond do?

34 Distance experiments 34

35 Where s the Key?

36 One defense: restricted keyways Key shape registered to customer and not avaialble for sale to anyone else 36

37 One defense: restricted keyways But 3D Printers Key milling machines 37

38 A better approach Electronic & mechanical keys Challenge/response via RF But own issues; batteries, replay, how to program, etc

39 Very high security Electronic; no battery; self-erase; heavy RF shielding; different combination for each user; unerasable audit log

40 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, you can t access what is protected

41 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine

42

43 Taking the big picture What is the threat? Capabilities, resources, goals Faster than the bear or faster than the next guy? What are all the ways the adversary might get access (the attack surface )?

44 Deterrence No physical security is perfect For indiscriminate adversary (e.g., burglar) goal is to make cost higher than its worth Go elsewhere Deterrence can be indirect Lojack story Determined adversary may not be deterable How to increase risk, response, cost, time E.g. time locks, relockers

45 Physical security metrics What are you protecting against? Covert entry Time oriented» Group 1: resist expert manipulation for 20 hrs» Group 2m: resist expert manipulation for 2hrs Capability oriented» Group 1r: sub-category of group 1 that resists radiological probing Destructive entry Container drill resistance (e.g., 15, 30, 60 mins)

46 Defying assumptions

47 Also: Denial of service 47

48 Worse denial of service

49 For those interested Check out Matt Blaze s work» Safecracking for the Computer Scientist» Cryptology and Physical Security: Rights Amplification in Master- Keyed Mechanical Locks» Notes on Picking Pin Tumbler Locks, MIT Guide to Lockpicking Locksport International (http://locksport.com/) Matt Tobias s books (Locks, Safes and Security the bible) However NEVER pick a lock you do not own ALWAYS know the local law about using such tools 49

50 Comparison Both physical and computer security require similar mindset What could an adversary do, what is the easiest way for them to do it, what is the easiest way to stop them, etc Both vulnerable to technological surprise Lock bumping and computational code solving Some differences Physical objects subject to physical laws, but imprecise notion of hardness to break (e.g., Class I safes); less complex dependencies Digital objects exist in largely self-contained world; hardness can sometime be precise; complex dependencies 50

51 Next time Malware I And midterm return 51

Physical Security: From Locks to Dox

Physical Security: From Locks to Dox Physical Security: From Locks to Dox Introduction to Red Team Physical Security Penetration Testing Jess Hires Jax Locksport www.hacksonville.com Disclaimer This information is to be used for professional

More information

LOCKS AND HIGH INSECURITY: PROTECTING CRITICAL INFRASTRUCTURE

LOCKS AND HIGH INSECURITY: PROTECTING CRITICAL INFRASTRUCTURE LOCKS AND HIGH INSECURITY: PROTECTING CRITICAL INFRASTRUCTURE SECURITY VULNERABILITIES FOR MECHANICAL AND ELECTRONIC LOCKING SYSTEMS THAT ARE USED FOR PROTECTING CRITICAL ASSETS CRITICAL FACILITIES TRANSPORTATION

More information

Section 2.2 Locks and Keys. Legal Notice

Section 2.2 Locks and Keys. Legal Notice Section 2.2 Locks and Keys Digital security often begins with physical security 1 Legal Notice Laws regarding lock picking vary significantly state-bystate In most states purchase and possession of dedicated

More information

Techno Security's Guide to Securing SCADA

Techno Security's Guide to Securing SCADA Techno Security's Guide to Securing SCADA Foreword xxiii Chapter 1 Physical Security: SCADA and the Critical Infrastructure's Biggest Vulnerability 1 Introduction 2 Key Control 3 Check All Locks for Proper

More information

Public-Key Cryptography

Public-Key Cryptography Public-Key Cryptography Separate keys are used for encryption and decryption. Sender Communication channel Recipient encrypt decrypt plaintext ciphertext plaintext plaintext public key private key Attacker

More information

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Matt Blaze AT&T Labs Research mab@crypto.com, mab@research.att.com 15 September 2002 PREPRINT: This paper can be

More information

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Matt Blaze AT&T Labs Research mab@crypto.com, mab@research.att.com PREPRINT 15 Sept 2002 (Revised 2 March 2003).

More information

MIT Guide to Lock Picking. Ted the Tool

MIT Guide to Lock Picking. Ted the Tool MIT Guide to Lock Picking Ted the Tool September 1, 1991 Distribution Copyright 1987, 1991 Theodore T. Tool. All rights reserved. Permission to reproduce this document on a non-prot basis is granted provided

More information

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks

Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Matt Blaze AT&T Labs Research mab@crypto.com, mab@research.att.com PREPRINT 15 Sept 2002 (revised 6 Feb 2003). To

More information

Maker: Call a 3D Locksmith How 3D Printing can Defeat Physical Security

Maker: Call a 3D Locksmith How 3D Printing can Defeat Physical Security Paper ID #13406 Maker: Call a 3D Locksmith How 3D Printing can Defeat Physical Security Byron Doyle, Brigham Young University Byron is a recent graduate of Brigham Young University with a Bachelor s of

More information

Padlocks. 146 Padlocks FEATURES

Padlocks. 146 Padlocks FEATURES 146 Padlocks Padlocks FEATURES Medeco 3 BiLevel Medeco X4 CLIQ Medeco XT Nexgen Protector II Protector II body accepts 6 pin knob style cylinders Protector II is available as key retaining only System

More information

Notes on Network Security - Introduction

Notes on Network Security - Introduction Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network

More information

Degree Key System. Technical Manual

Degree Key System. Technical Manual Degree Key System Technical Manual Copyright 03-04, Sargent Manufacturing Company, an ASSA ABLOY Group company. All rights reserved. Reproduction in whole or in part without the express written permission

More information

CSE331: Introduction to Networks and Security. Lecture 1 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 1 Fall 2006 CSE331: Introduction to Networks and Security Lecture 1 Fall 2006 Basic Course Information Steve Zdancewic lecturer Web: http://www.cis.upenn.edu/~stevez E-mail: stevez@cis.upenn.edu Office hours: Tues.

More information

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is

More information

Ten Things Everyone Should Know About Lockpicking & Physical Security Deviant Ollam

Ten Things Everyone Should Know About Lockpicking & Physical Security Deviant Ollam Ten Things Everyone Should Know About Lockpicking & Physical Security Deviant Ollam Physical security is an oft-overlooked component of data and system security in the technology world. While frequently

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC

More information

Key Systems Answer Book

Key Systems Answer Book Key Systems Answer Book Contents 4 Mechanical Lock Guide 6 Schlage Keyway Guide 8 Cores 9 Key Systems Overview 11 Everest Keyway Family Overview 13 Primus XP Key Control Levels 16 Everest 29 T Keyways

More information

Strengths and Weaknesses of Access Control Systems. Eric Schmiedl and Mike Spindel

Strengths and Weaknesses of Access Control Systems. Eric Schmiedl and Mike Spindel Strengths and Weaknesses of Access Control Systems Eric Schmiedl and Mike Spindel Choosing a System Error rate Environment Cost Physical Vulnerability Additional Constraints Error Rate False Reject Rate

More information

Cyber Security and Science

Cyber Security and Science Cyber Security and Science Peter Weinberger pjw@googlecom Feb 9, 2011 These opinions are only mine, no one else s and even then, only today They may change at any time Protecting intellectual property

More information

Milling Tools These are the tools currently available for use with the milling machine

Milling Tools These are the tools currently available for use with the milling machine Jason Ward Page 1 of 5 Milling Tools These are the tools currently available for use with the milling machine T1 Milling Tool The missile-shaped T1 milling tools are the highest precision of T-Tech's milling

More information

A secure email login system using virtual password

A secure email login system using virtual password A secure email login system using virtual password Bhavin Tanti 1,Nishant Doshi 2 1 9seriesSoftwares, Ahmedabad,Gujarat,India 1 {bhavintanti@gmail.com} 2 SVNIT, Surat,Gujarat,India 2 {doshinikki2004@gmail.com}

More information

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base Important From Last Time A system is safety critical when its failure may result in injuries or deaths Verification and validation can dominate overall development effort Today Embedded system security

More information

Pretty Good Privacy (PGP)

Pretty Good Privacy (PGP) Pretty Good Privacy (PGP) Contents...1 Abstract...2 Introduction...3 The importance of the cryptography...4 The idea about how (PGP) works...5 Legal issues surrounding (PGP)...6 The implementation and

More information

Security Through Transparency: An Open Source Approach to Physical Security

Security Through Transparency: An Open Source Approach to Physical Security Security Through Transparency: An Open Source Approach to Physical Security John Loughlin Stanton Concepts Lebanon, NJ jpl@stantonconcepts.us Security through obscurity has never been a sensible approach

More information

The Basics of Robot Mazes Teacher Notes

The Basics of Robot Mazes Teacher Notes The Basics of Robot Mazes Teacher Notes Why do robots solve Mazes? A maze is a simple environment with simple rules. Solving it is a task that beginners can do successfully while learning the essentials

More information

Paper Airplanes & Scientific Methods

Paper Airplanes & Scientific Methods Paper Airplanes 1 Name Paper Airplanes & Scientific Methods Scientific Inquiry refers to the many different ways in which scientists investigate the world. Scientific investigations are done to answer

More information

Course mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication

Course mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication CS 458 / 658 Computer Security and Privacy Module 1 Introduction to Computer Security and Privacy Fall 2008 Course mechanics Instructor: Ian Goldberg Contact info: http://www.cs.uwaterloo.ca/ iang/ Office

More information

VERY IMPORTANT NOTE! - RAID

VERY IMPORTANT NOTE! - RAID Disk drives are an integral part of any computing system. Disk drives are usually where the operating system and all of an enterprise or individual s data are stored. They are also one of the weakest links

More information

Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage

Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage UCSD MIT UCSD UCSD Today s talk in one slide Third-party

More information

Information Security in Business: Issues and Solutions

Information Security in Business: Issues and Solutions Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information

More information

Patented technology ASSA P600. Reliable master key system. ASSA ABLOY, the global leader in door opening solutions

Patented technology ASSA P600. Reliable master key system. ASSA ABLOY, the global leader in door opening solutions Patented technology ASSA P600 Reliable master key system ASSA ABLOY, the global leader in door opening solutions 2 The ASSA P600 cylinder finish has been designed to match the finish of other architectual

More information

Cyber intelligence in an online world

Cyber intelligence in an online world Cyber intelligence in an online world James Hanlon CISM, CISSP, CMI Cyber Strategy & GTM, EMEA Cyber intelligence in an online world SYMANTEC VISION SYMPOSIUM 2014 2 Software and data powers the world

More information

Management Information System Prof. Biswajit Mahanty Department of Industrial Engineering & Management Indian Institute of Technology, Kharagpur

Management Information System Prof. Biswajit Mahanty Department of Industrial Engineering & Management Indian Institute of Technology, Kharagpur Management Information System Prof. Biswajit Mahanty Department of Industrial Engineering & Management Indian Institute of Technology, Kharagpur Lecture - 02 Introduction Part II Welcome to all of you

More information

Lead Screw Backlash and Mach3, version 2

Lead Screw Backlash and Mach3, version 2 Lead Screw Backlash and Mach3, version 2 By R. G. Sparber Copyleft protects this document. 1 This article looks closely at backlash and then explains how to measure it. The resulting numbers are used in

More information

GATES, GUARDS, AND GADGETS: AN INTRODUCTION TO THE PHYSICAL SECURITY OF IT

GATES, GUARDS, AND GADGETS: AN INTRODUCTION TO THE PHYSICAL SECURITY OF IT GATES, GUARDS, AND GADGETS: AN INTRODUCTION TO THE PHYSICAL SECURITY OF IT Kai Axford, MBA, CPP, CISSP, ACE Manager, IT Security Services Accretive Solutions kaxford@accretivesolutions.com THIS SESSION

More information

The Hive Bodies. In the Beekeeper s Work Shop. Building a Bee Hive: The Hive Bodies. by Stephen E. Tilmann

The Hive Bodies. In the Beekeeper s Work Shop. Building a Bee Hive: The Hive Bodies. by Stephen E. Tilmann The Hive Bodies In the Beekeeper s Work Shop The hive body is the heart of a managed bee hive colony (Figure 1). It is where the queen lays her eggs, the house bees raise the brood and the workers store

More information

Project 25 Security Services Overview

Project 25 Security Services Overview Project 25 Security Services Overview Bill Janky Director, System Design Harris Corporation 1 Agenda Overview of P25 Security Services What s new; What s coming Other topics 2 If you re in Public Safety...

More information

What locks do I have Timber Doors

What locks do I have Timber Doors What locks do I have Timber Doors Introduction Locking mechanisms on doors are varied and it can be difficult to judge whether what you have is good, bad or indifferent. This information takes you through

More information

HIGHER STANDARDS. For Magnetic Contacts Needed As Security Vulnerabilities Are Exposed WHITE PAPER

HIGHER STANDARDS. For Magnetic Contacts Needed As Security Vulnerabilities Are Exposed WHITE PAPER HIGHER STANDARDS For ic Contacts Needed As Security Vulnerabilities Are Exposed WHITE PAPER HIGHER STANDARDS For ic Contacts Needed As Security Vulnerabilities Are Exposed INTRODUCTION The reed switch

More information

Cyber Security Threats

Cyber Security Threats Cyber Security Threats What keeps us up at night? Doug Jacobson Information Assurance Center www.iac.iastate.edu Information Assurance Center Iowa State University 1 Outline Who are the players The good,

More information

Viewpoint Paper. Being Vulnerable to the Threat of Confusing Threats with Vulnerabilities*

Viewpoint Paper. Being Vulnerable to the Threat of Confusing Threats with Vulnerabilities* Viewpoint Paper Being Vulnerable to the Threat of Confusing Threats with Vulnerabilities* Roger G. Johnston Vulnerability Assessment Team Nuclear Engineering Division Argonne National Laboratory The following

More information

Remote Access Securing Your Employees Out of the Office

Remote Access Securing Your Employees Out of the Office Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction

More information

Secrets of Vulnerability Scanning: Nessus, Nmap and More. Ron Bowes - Researcher, Tenable Network Security

Secrets of Vulnerability Scanning: Nessus, Nmap and More. Ron Bowes - Researcher, Tenable Network Security Secrets of Vulnerability Scanning: Nessus, Nmap and More Ron Bowes - Researcher, Tenable Network Security 1 About me Ron Bowes (@iagox86) My affiliations (note: I m here to educate, not sell) 2 SkullSpace

More information

Geotechnical Measurements and Explorations Prof. Nihar Ranjan Patra Department of Civil Engineering Indian Institute of Technology, Kanpur

Geotechnical Measurements and Explorations Prof. Nihar Ranjan Patra Department of Civil Engineering Indian Institute of Technology, Kanpur Geotechnical Measurements and Explorations Prof. Nihar Ranjan Patra Department of Civil Engineering Indian Institute of Technology, Kanpur Lecture No. # 13 (Refer Slide Time: 00:18) So last class, it was

More information

Understanding and evaluating risk to information assets in your software projects

Understanding and evaluating risk to information assets in your software projects Understanding and evaluating risk to information assets in your software projects ugh.. what a mouthful Dana Epp Windows Security MVP Who am I? Microsoft Windows Security MVP Information Security Professional

More information

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced

More information

A Primer on Cyber Threat Intelligence

A Primer on Cyber Threat Intelligence A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly

More information

Policy for Protecting Customer Data

Policy for Protecting Customer Data Policy for Protecting Customer Data Store Name Store Owner/Manager Protecting our customer and employee information is very important to our store image and on-going business. We believe all of our employees

More information

Optimizing Network Vulnerability

Optimizing Network Vulnerability SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965

More information

83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff

83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff 83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff Computer security is a matter of controlling how data is shared for reading and modifying. Type enforcement is a new security

More information

White Paper. Top Five Ways to Cheat a Truck Scale. How To Prevent it from Happening to You

White Paper. Top Five Ways to Cheat a Truck Scale. How To Prevent it from Happening to You White Paper Top Five Ways to Cheat a Truck Scale How To Prevent it from Happening to You Theft, forgery and credit card fraud. Those are all ways that criminals cheat the system for their own personal

More information

Your Mobility Strategy Guide Book

Your Mobility Strategy Guide Book The fast adoption in the use of mobile devices to access work files, data and customer information requires companies to deepen their understanding about how to create a balance between flexibility and

More information

Detect, Contain and Control Cyberthreats

Detect, Contain and Control Cyberthreats A SANS Whitepaper Written by Eric Cole, PhD June 2015 Sponsored by Raytheon Websense 2015 SANS Institute Introduction Dwell Time Relates to damage because the longer a system is compromised, the bigger

More information

Bridging the gap between COTS tool alerting and raw data analysis

Bridging the gap between COTS tool alerting and raw data analysis Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading

More information

Choosing a Computer for Running SLX, P3D, and P5

Choosing a Computer for Running SLX, P3D, and P5 Choosing a Computer for Running SLX, P3D, and P5 This paper is based on my experience purchasing a new laptop in January, 2010. I ll lead you through my selection criteria and point you to some on-line

More information

Rethinking Cybersecurity. Rethinking Cybersecurity. Page 1

Rethinking Cybersecurity. Rethinking Cybersecurity. Page 1 Rethinking Cybersecurity Page 1 Engineering Control, Freedom & Privacy: TABLE OF CONTENTS It s not about the networks, it s about the data. It s the data that s valuable, and it s the data that s risky.

More information

Assignment 1 Biometric authentication

Assignment 1 Biometric authentication Assignment 1 Biometric authentication Internet Security and Privacy Alexandre Fustier Vincent Burger INTRODUCTION:...3 I. TYPES AND DESCRIPTION OF BIOMETRICS...4 1. PHYSIOLOGICAL BIOMETRIC...4 a. Fingerprints...4

More information

Twist Drill Grinding Attachment By Steven Skiprat Jackson June 2009

Twist Drill Grinding Attachment By Steven Skiprat Jackson June 2009 Twist Drill Grinding Attachment By Steven Skiprat Jackson June 2009 Part 1. About the tool Part 2. Mounting the tool Part 3. Using the tool Part 1. About the tool This little gadget while not a precision

More information

M113 VEHICLE FAMILY RUBBER TRACK INSTALLATION INSTRUCTIONS SOUCY TRACK SYSTEM 04-M113-1ENS (SPLIT IDLER) Litho d in Canada 1 04-M113-1ENS

M113 VEHICLE FAMILY RUBBER TRACK INSTALLATION INSTRUCTIONS SOUCY TRACK SYSTEM 04-M113-1ENS (SPLIT IDLER) Litho d in Canada 1 04-M113-1ENS M113 VEHICLE FAMILY RUBBER TRACK INSTALLATION INSTRUCTIONS (SPLIT IDLER) 1 # TABLE OF CONTENTS List of parts and tools................................................3 Installation of complete kit...................................................5

More information

Computer and Network Security

Computer and Network Security Computer and Network Security R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu Introduction to Computer and Network Security

More information

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography

More information

ikompass PMP Exam tips

ikompass PMP Exam tips ikompass PMP Certification Singapore ikompass PMP Exam tips Taking an exam can be a daunting task for people of any age. The unique structure of the PMP exam which involves rules like being sensitive to

More information

Measuring Software Security

Measuring Software Security Measuring Software Security Defining Security Metrics Dr. Bill Young Department of Computer Science University of Texas at Austin Last updated: July 1, 2014 at 14:53 Dr. Bill Young: 1 Why Is CyberSecurity

More information

Media Damage and Hard Drive Data Recovery. The term media refers to the platters. Data resides on the platter surfaces.

Media Damage and Hard Drive Data Recovery. The term media refers to the platters. Data resides on the platter surfaces. Media Damage and Hard Drive Data Recovery Many clients are stunned to learn that their hard drives have suffered a head crash, resulting in significant internal damage. But I only dropped it a few (inches

More information

Incident Response. Six Best Practices for Managing Cyber Breaches. www.encase.com

Incident Response. Six Best Practices for Managing Cyber Breaches. www.encase.com Incident Response Six Best Practices for Managing Cyber Breaches www.encase.com What We ll Cover Your Challenges in Incident Response Six Best Practices for Managing a Cyber Breach In Depth: Best Practices

More information

TS93 EMR T/PT/TDE. Surface applied door closer

TS93 EMR T/PT/TDE. Surface applied door closer TS EMR T/PT/TDE Surface applied door closer Installation instructions: Pull side track mount door closer with smoke detector (EMR T) Push side track mount door closer with smoke detector (EMR PT) Double

More information

Intrusion Detection Systems

Intrusion Detection Systems Intrusion Detection Systems Assessment of the operation and usefulness of informatics tools for the detection of on-going computer attacks André Matos Luís Machado Work Topics 1. Definition 2. Characteristics

More information

Combining Digital and Traditional Output in Prints

Combining Digital and Traditional Output in Prints SGCI2015:Demo Handout Combining Digital and Traditional Output in Prints Kelsey Stephenson, University of Tennessee, Saturday March 21, 10:00 11:30am, Printshop, AA 241 East SGCI Demo Handout Combining

More information

10 Quick Tips to Mobile Security

10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22

More information

Columbia University Web Security Standards and Practices. Objective and Scope

Columbia University Web Security Standards and Practices. Objective and Scope Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements

More information

8 secrets. Your Burglar Won't Tell You

8 secrets. Your Burglar Won't Tell You 8 secrets Your Burglar Won't Tell You In the United States alone, a home burglary occurs every 14 seconds. These kinds of statistics can be alarming, and the best thing you can do as a homeowner is educate

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)

SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity

More information

Encoded Phased Array Bridge Pin Inspection

Encoded Phased Array Bridge Pin Inspection Encoded Phased Array Bridge Pin Inspection James S. Doyle Baker Testing Services, Inc. 22 Reservoir Park Dr. Rockland, MA 02370 (781) 871-4458; fax (781) 871-0123; e-mail jdoyle@bakertesting.com Product

More information

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation

More information

The Need for Intelligent Network Security: Adapting IPS for today s Threats

The Need for Intelligent Network Security: Adapting IPS for today s Threats The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network

More information

Cylinders. Hardware By Professionals For Professionals. Hardware By Professionals For Professionals 223

Cylinders. Hardware By Professionals For Professionals. Hardware By Professionals For Professionals 223 Cylinders Hardware By Professionals For Professionals 222 Hardware By Professionals For Professionals 223 BS EN 1303 Classification Guide A guide to the classification for Mila Pro-Linea cylinders is below.

More information

Knowledge Based Authentication (KBA) Metrics

Knowledge Based Authentication (KBA) Metrics Knowledge Based Authentication (KBA) Metrics Santosh Chokhani, Ph.D. February, 2004 Background Model for KBA Issues and Considerations Practical Usage of KBA Metrics for KBA Applicability to U.S. Government

More information

INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA

INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA OVERVIEW Introduction Overview The IDS Puzzle Current State of IDS Threats I have a good firewall, why do I need an IDS? Expectations

More information

Contents TABLE OF. List of Illustrations... IX. Preface... XV. Chapter 1: How the Burglar Breaks into Your Home... 1

Contents TABLE OF. List of Illustrations... IX. Preface... XV. Chapter 1: How the Burglar Breaks into Your Home... 1 TABLE OF Contents List of Illustrations................................. IX Preface........................................... XV Why You Should Read This Book Burglars Kill Every Security System Can Be

More information

Getting Started with WebSite Tonight

Getting Started with WebSite Tonight Getting Started with WebSite Tonight WebSite Tonight Getting Started Guide Version 3.0 (12.2010) Copyright 2010. All rights reserved. Distribution of this work or derivative of this work is prohibited

More information

EasiShare Whitepaper - Empowering Your Mobile Workforce

EasiShare Whitepaper - Empowering Your Mobile Workforce Accessing files on mobile devices and sharing them with external parties presents serious security risks for companies. However, most current solutions are either too cumbersome or not secure enough for

More information

OPERATING INSTRUCTIONS FOR THE MODEL 210B-2 SRA

OPERATING INSTRUCTIONS FOR THE MODEL 210B-2 SRA OPERATING INSTRUCTIONS FOR THE MODEL 210B-2 SRA SAFETY PRECAUTIONS FOR THE MODEL 210B-2 SRA System Under Pressure: Shut off air supply and disconnect air hose before disassembling or disconnecting parts.

More information

AZEK Rail Install Guide

AZEK Rail Install Guide TRIM MOULDING DECK PORCH RAIL PAVERS AZEK Rail Install Guide Installing AZEK Rail with CableRail by Feeney... 1 Installing CableRail by Feeney for AZEK Rail... 7 Installing AZEK Rail Stairs with CableRail

More information

OPERATING INSTRUCTIONS FOR

OPERATING INSTRUCTIONS FOR OPERATING INSTRUCTIONS FOR MEDECO KEY MACHINES FOR MEDECO ORIGINAL, BIAXIAL, MEDECO 3, KEYMARK CLASSIC & KEYMARK X4 PRODUCTS MEDECO HIGH SECURITY LOCKS ASSUMES NO RESPONSIBILITY FOR INJURY OR PROPERTY

More information

White Paper Barcoding

White Paper Barcoding White Paper Barcoding White Paper Barcoding What is a barcode?... 1 The benefits... 1 Barcoding and simpro Enterprise... 3 Managing stock... 3 Asset management... 4 Optimised stocktake and stock transfer...

More information

Application Intrusion Detection

Application Intrusion Detection Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction

More information

CSE 227 Computer Security Winter 2012

CSE 227 Computer Security Winter 2012 CSE 227 Computer Security Winter 2012 Stefan Savage Course info Stefan Savage Web: http://www.cs.ucsd.edu/~savage E-mail: savage@cs.ucsd.edu Office hours: M 3-4pm (or by appt, or drop by) CSE 3106 Course

More information

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers. Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is

More information

Using CAD Data in Assembly - Advantages and Pitfalls

Using CAD Data in Assembly - Advantages and Pitfalls Using CAD Data in Assembly - Advantages and Pitfalls For years, electronic engineers and circuit board designers have shared information between their computer-aided-engineering (CAE) and computer-aided-design

More information

RadianceRail Installation Guide

RadianceRail Installation Guide RadianceRail Installation Guide Installing RadianceRail with CableRail by Feeney... 2 Installing CableRail by Feeney for RadianceRail... 7 Installing RadianceRail Stairs with CableRail by Feeney... 10

More information

Palm Beach County Sheriff s Office

Palm Beach County Sheriff s Office Palm Beach County Sheriff s Office Home Security Self Survey Since 1909, the deputies of Palm Beach County have provided a safe environment for thousands of people who live, work and visit Palm Beach County.

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?

More information

The Truth About Information Security in Schools Region V 23 rd Annual Spring Conference -April 4th, 2013 Evan Francen CISSP, CISM, CCSK President of FRSecure, LLC Thank You for Attending! & Many Thanks

More information

EECS 588: Computer and Network Security. Introduction January 14, 2014

EECS 588: Computer and Network Security. Introduction January 14, 2014 EECS 588: Computer and Network Security Introduction January 14, 2014 Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade

More information

Belt Drives and Chain Drives. Power Train. Power Train

Belt Drives and Chain Drives. Power Train. Power Train Belt Drives and Chain Drives Material comes for Mott, 2002 and Kurtz, 1999 Power Train A power train transmits power from an engine or motor to the load. Some of the most common power trains include: Flexible

More information

PERFORMING PENETRATION TESTING

PERFORMING PENETRATION TESTING 82-02-68 DATA SECURITY MANAGEMENT PERFORMING PENETRATION TESTING Stephen Fried INSIDE Basic Attack Strategies; Planning the Test; Performing the Test; Reporting Results BASIC ATTACK STRATEGIES Every security

More information

WIRE ROPE CUTTERS. Designed for new and unused wire rope. Since 1928

WIRE ROPE CUTTERS. Designed for new and unused wire rope. Since 1928 WIRE ROPE CUTTERS Designed for new and unused wire rope Since 1928 IMPACT 101 104 106 108 103 105 107 109 Model 1 (light duty): Model 1 3 /4 capacity 101 Cutter complete 8 lbs. 102 Casting base 4 lbs.

More information