CSE 127 Computer Security
|
|
- Hannah Cooper
- 8 years ago
- Views:
Transcription
1 CSE 127 Computer Security Fall 2012 Lecture #12 Physical Security Stefan Savage
2 Physical security What is physical security about? Controlling access to a physical space or object Examples: Gates/Barriers Locks Safes Alarms Mantraps Scanners
3 Same kind of problems as computer security Usability Security through obscurity Side channels Misplaced assumptions Securing the wrong thing Weakest link Lets look at some of this via locks
4 Locks Worlds oldest (pre-biblical) and most pervasive form of access control Egyptian tumbler lock design ~1000 BCE Modern Cylinder lock
5 How physical locks work Shear line Driver pins Plug Bottom pins courtesy Matt Blaze 5
6 How physical locks work courtesy Matt Blaze 6
7 Shared secrets There is a shared secret between the lock and the key its shape In fact, it s a digital code
8 Bitting codes A key can be precisely described with a discrete code Cuts at regular intervals (4-6 cuts) Depth of cuts quantized in standard fashion (typically 6-9 bins) digits sufficient to describe most keys 8
9 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine
10 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine
11 Lock bypass via manipulation Picking & Raking Bumping 11
12 Picking 12
13 Picking Two parts Tension wrench used to apply slight lateral force on plug Pick used to lift individual bottom pins to the shear line Tension causes driver pins to bind above shear line 13
14 Picking 14
15 Raking Similar idea, but less finesse Rake pick moved in and out quickly imparts force to bottom pins; driver pins bind Quick & easy
16 Bumping Similar idea to raking, but does all pins in parallel; super easy to do Max-depth key (bump key) used to impart force to bottom pins who transfer energy to driver pins (think billiards) 16
17 Bumping 17
18 Some defenses Security pins Spool pins, mushroom pins, interlocking pins» Shapes that get stuck when plug under tension
19 Some defenses Security pins Spool pins, mushroom pins, interlocking pins» Shapes that get stuck when plug under tension Pin rotation (angled cuts on keys)
20 Some defenses Ancillary locking mechanisms; sidebars (2)
21 Side issue: master keying How do master keys work? Second set of pins (spacers); multiple shear lines
22 Hmmm. problem? Suppose 6 pins and 10 positions per pin In principal 10 6 combinations; can t guess master But what if you have one working key Scenario: your key: , master: Make key: ; does it work? No, cut groove down one position; at position N it works! If N is not equal to 5, then N is the master cut for that pin Repeat for each pin; six keys are sufficient if all six pins have master pins; Rights Amplification 22
23 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine
24 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine
25 Problem The bitting code is only secret if the key is kept secure What if I borrow your key?
26 Lock bypass via surreptitious duplication Field casting Decoding 26
27 The power of decoding = Key Blank Key replica Code key cutting machine 27
28 28
29 29
30
31 Optical decoding Decode keys semi-automatically from photos Traditional computer vision problem (photometry) Normalize for scale and rotation 31
32 Sneakey: UCSD Reference key measured at control points User supplies correspondences between target key and reference image Image normalized (homographic transform), cut locations identified and cut depths measured (n guesses) 32
33 Works really well Almost perfectly from up close photos (e.g., cell phone cameras, etc) But that s no fun what would James Bond do?
34 Distance experiments 34
35 Where s the Key?
36 One defense: restricted keyways Key shape registered to customer and not avaialble for sale to anyone else 36
37 One defense: restricted keyways But 3D Printers Key milling machines 37
38 A better approach Electronic & mechanical keys Challenge/response via RF But own issues; batteries, replay, how to program, etc
39 Very high security Electronic; no battery; self-erase; heavy RF shielding; different combination for each user; unerasable audit log
40 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, you can t access what is protected
41 Design assumptions If you don t know the secret code, you can t open the lock The secret code is secret If you can t open the lock, everything is fine
42
43 Taking the big picture What is the threat? Capabilities, resources, goals Faster than the bear or faster than the next guy? What are all the ways the adversary might get access (the attack surface )?
44 Deterrence No physical security is perfect For indiscriminate adversary (e.g., burglar) goal is to make cost higher than its worth Go elsewhere Deterrence can be indirect Lojack story Determined adversary may not be deterable How to increase risk, response, cost, time E.g. time locks, relockers
45 Physical security metrics What are you protecting against? Covert entry Time oriented» Group 1: resist expert manipulation for 20 hrs» Group 2m: resist expert manipulation for 2hrs Capability oriented» Group 1r: sub-category of group 1 that resists radiological probing Destructive entry Container drill resistance (e.g., 15, 30, 60 mins)
46 Defying assumptions
47 Also: Denial of service 47
48 Worse denial of service
49 For those interested Check out Matt Blaze s work» Safecracking for the Computer Scientist» Cryptology and Physical Security: Rights Amplification in Master- Keyed Mechanical Locks» Notes on Picking Pin Tumbler Locks, MIT Guide to Lockpicking Locksport International ( Matt Tobias s books (Locks, Safes and Security the bible) However NEVER pick a lock you do not own ALWAYS know the local law about using such tools 49
50 Comparison Both physical and computer security require similar mindset What could an adversary do, what is the easiest way for them to do it, what is the easiest way to stop them, etc Both vulnerable to technological surprise Lock bumping and computational code solving Some differences Physical objects subject to physical laws, but imprecise notion of hardness to break (e.g., Class I safes); less complex dependencies Digital objects exist in largely self-contained world; hardness can sometime be precise; complex dependencies 50
51 Next time Malware I And midterm return 51
Physical Security: From Locks to Dox
Physical Security: From Locks to Dox Introduction to Red Team Physical Security Penetration Testing Jess Hires Jax Locksport www.hacksonville.com Disclaimer This information is to be used for professional
More informationLOCKS AND HIGH INSECURITY: PROTECTING CRITICAL INFRASTRUCTURE
LOCKS AND HIGH INSECURITY: PROTECTING CRITICAL INFRASTRUCTURE SECURITY VULNERABILITIES FOR MECHANICAL AND ELECTRONIC LOCKING SYSTEMS THAT ARE USED FOR PROTECTING CRITICAL ASSETS CRITICAL FACILITIES TRANSPORTATION
More informationSection 2.2 Locks and Keys. Legal Notice
Section 2.2 Locks and Keys Digital security often begins with physical security 1 Legal Notice Laws regarding lock picking vary significantly state-bystate In most states purchase and possession of dedicated
More informationTechno Security's Guide to Securing SCADA
Techno Security's Guide to Securing SCADA Foreword xxiii Chapter 1 Physical Security: SCADA and the Critical Infrastructure's Biggest Vulnerability 1 Introduction 2 Key Control 3 Check All Locks for Proper
More informationPublic-Key Cryptography
Public-Key Cryptography Separate keys are used for encryption and decryption. Sender Communication channel Recipient encrypt decrypt plaintext ciphertext plaintext plaintext public key private key Attacker
More informationCryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks
Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Matt Blaze AT&T Labs Research mab@crypto.com, mab@research.att.com 15 September 2002 PREPRINT: This paper can be
More informationCryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks
Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Matt Blaze AT&T Labs Research mab@crypto.com, mab@research.att.com PREPRINT 15 Sept 2002 (Revised 2 March 2003).
More informationMIT Guide to Lock Picking. Ted the Tool
MIT Guide to Lock Picking Ted the Tool September 1, 1991 Distribution Copyright 1987, 1991 Theodore T. Tool. All rights reserved. Permission to reproduce this document on a non-prot basis is granted provided
More informationCryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks
Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks Matt Blaze AT&T Labs Research mab@crypto.com, mab@research.att.com PREPRINT 15 Sept 2002 (revised 6 Feb 2003). To
More informationMaker: Call a 3D Locksmith How 3D Printing can Defeat Physical Security
Paper ID #13406 Maker: Call a 3D Locksmith How 3D Printing can Defeat Physical Security Byron Doyle, Brigham Young University Byron is a recent graduate of Brigham Young University with a Bachelor s of
More informationPadlocks. 146 Padlocks FEATURES
146 Padlocks Padlocks FEATURES Medeco 3 BiLevel Medeco X4 CLIQ Medeco XT Nexgen Protector II Protector II body accepts 6 pin knob style cylinders Protector II is available as key retaining only System
More informationNotes on Network Security - Introduction
Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network
More informationDegree Key System. Technical Manual
Degree Key System Technical Manual Copyright 03-04, Sargent Manufacturing Company, an ASSA ABLOY Group company. All rights reserved. Reproduction in whole or in part without the express written permission
More informationCSE331: Introduction to Networks and Security. Lecture 1 Fall 2006
CSE331: Introduction to Networks and Security Lecture 1 Fall 2006 Basic Course Information Steve Zdancewic lecturer Web: http://www.cis.upenn.edu/~stevez E-mail: stevez@cis.upenn.edu Office hours: Tues.
More informationTen Things Everyone Should Know About Lockpicking & Physical Security Deviant Ollam
Ten Things Everyone Should Know About Lockpicking & Physical Security Deviant Ollam Physical security is an oft-overlooked component of data and system security in the technology world. While frequently
More informationYALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC
More informationKey Systems Answer Book
Key Systems Answer Book Contents 4 Mechanical Lock Guide 6 Schlage Keyway Guide 8 Cores 9 Key Systems Overview 11 Everest Keyway Family Overview 13 Primus XP Key Control Levels 16 Everest 29 T Keyways
More informationStrengths and Weaknesses of Access Control Systems. Eric Schmiedl and Mike Spindel
Strengths and Weaknesses of Access Control Systems Eric Schmiedl and Mike Spindel Choosing a System Error rate Environment Cost Physical Vulnerability Additional Constraints Error Rate False Reject Rate
More informationCyber Security and Science
Cyber Security and Science Peter Weinberger pjw@googlecom Feb 9, 2011 These opinions are only mine, no one else s and even then, only today They may change at any time Protecting intellectual property
More informationPretty Good Privacy (PGP)
Pretty Good Privacy (PGP) Contents...1 Abstract...2 Introduction...3 The importance of the cryptography...4 The idea about how (PGP) works...5 Legal issues surrounding (PGP)...6 The implementation and
More informationMilling Tools These are the tools currently available for use with the milling machine
Jason Ward Page 1 of 5 Milling Tools These are the tools currently available for use with the milling machine T1 Milling Tool The missile-shaped T1 milling tools are the highest precision of T-Tech's milling
More informationToday. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base
Important From Last Time A system is safety critical when its failure may result in injuries or deaths Verification and validation can dominate overall development effort Today Embedded system security
More informationSecurity Through Transparency: An Open Source Approach to Physical Security
Security Through Transparency: An Open Source Approach to Physical Security John Loughlin Stanton Concepts Lebanon, NJ jpl@stantonconcepts.us Security through obscurity has never been a sensible approach
More informationA secure email login system using virtual password
A secure email login system using virtual password Bhavin Tanti 1,Nishant Doshi 2 1 9seriesSoftwares, Ahmedabad,Gujarat,India 1 {bhavintanti@gmail.com} 2 SVNIT, Surat,Gujarat,India 2 {doshinikki2004@gmail.com}
More informationPaper Airplanes & Scientific Methods
Paper Airplanes 1 Name Paper Airplanes & Scientific Methods Scientific Inquiry refers to the many different ways in which scientists investigate the world. Scientific investigations are done to answer
More informationCourse mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication
CS 458 / 658 Computer Security and Privacy Module 1 Introduction to Computer Security and Privacy Fall 2008 Course mechanics Instructor: Ian Goldberg Contact info: http://www.cs.uwaterloo.ca/ iang/ Office
More informationThe Basics of Robot Mazes Teacher Notes
The Basics of Robot Mazes Teacher Notes Why do robots solve Mazes? A maze is a simple environment with simple rules. Solving it is a task that beginners can do successfully while learning the essentials
More informationVERY IMPORTANT NOTE! - RAID
Disk drives are an integral part of any computing system. Disk drives are usually where the operating system and all of an enterprise or individual s data are stored. They are also one of the weakest links
More informationHey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage
Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage UCSD MIT UCSD UCSD Today s talk in one slide Third-party
More informationPatented technology ASSA P600. Reliable master key system. ASSA ABLOY, the global leader in door opening solutions
Patented technology ASSA P600 Reliable master key system ASSA ABLOY, the global leader in door opening solutions 2 The ASSA P600 cylinder finish has been designed to match the finish of other architectual
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More informationCyber intelligence in an online world
Cyber intelligence in an online world James Hanlon CISM, CISSP, CMI Cyber Strategy & GTM, EMEA Cyber intelligence in an online world SYMANTEC VISION SYMPOSIUM 2014 2 Software and data powers the world
More informationManagement Information System Prof. Biswajit Mahanty Department of Industrial Engineering & Management Indian Institute of Technology, Kharagpur
Management Information System Prof. Biswajit Mahanty Department of Industrial Engineering & Management Indian Institute of Technology, Kharagpur Lecture - 02 Introduction Part II Welcome to all of you
More informationWhite Paper. Top Five Ways to Cheat a Truck Scale. How To Prevent it from Happening to You
White Paper Top Five Ways to Cheat a Truck Scale How To Prevent it from Happening to You Theft, forgery and credit card fraud. Those are all ways that criminals cheat the system for their own personal
More informationGATES, GUARDS, AND GADGETS: AN INTRODUCTION TO THE PHYSICAL SECURITY OF IT
GATES, GUARDS, AND GADGETS: AN INTRODUCTION TO THE PHYSICAL SECURITY OF IT Kai Axford, MBA, CPP, CISSP, ACE Manager, IT Security Services Accretive Solutions kaxford@accretivesolutions.com THIS SESSION
More informationProject 25 Security Services Overview
Project 25 Security Services Overview Bill Janky Director, System Design Harris Corporation 1 Agenda Overview of P25 Security Services What s new; What s coming Other topics 2 If you re in Public Safety...
More informationLead Screw Backlash and Mach3, version 2
Lead Screw Backlash and Mach3, version 2 By R. G. Sparber Copyleft protects this document. 1 This article looks closely at backlash and then explains how to measure it. The resulting numbers are used in
More informationThe Hive Bodies. In the Beekeeper s Work Shop. Building a Bee Hive: The Hive Bodies. by Stephen E. Tilmann
The Hive Bodies In the Beekeeper s Work Shop The hive body is the heart of a managed bee hive colony (Figure 1). It is where the queen lays her eggs, the house bees raise the brood and the workers store
More informationHIGHER STANDARDS. For Magnetic Contacts Needed As Security Vulnerabilities Are Exposed WHITE PAPER
HIGHER STANDARDS For ic Contacts Needed As Security Vulnerabilities Are Exposed WHITE PAPER HIGHER STANDARDS For ic Contacts Needed As Security Vulnerabilities Are Exposed INTRODUCTION The reed switch
More informationSecrets of Vulnerability Scanning: Nessus, Nmap and More. Ron Bowes - Researcher, Tenable Network Security
Secrets of Vulnerability Scanning: Nessus, Nmap and More Ron Bowes - Researcher, Tenable Network Security 1 About me Ron Bowes (@iagox86) My affiliations (note: I m here to educate, not sell) 2 SkullSpace
More informationCyber Security Threats
Cyber Security Threats What keeps us up at night? Doug Jacobson Information Assurance Center www.iac.iastate.edu Information Assurance Center Iowa State University 1 Outline Who are the players The good,
More informationWhat locks do I have Timber Doors
What locks do I have Timber Doors Introduction Locking mechanisms on doors are varied and it can be difficult to judge whether what you have is good, bad or indifferent. This information takes you through
More informationRemote Access Securing Your Employees Out of the Office
Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction
More informationGeotechnical Measurements and Explorations Prof. Nihar Ranjan Patra Department of Civil Engineering Indian Institute of Technology, Kanpur
Geotechnical Measurements and Explorations Prof. Nihar Ranjan Patra Department of Civil Engineering Indian Institute of Technology, Kanpur Lecture No. # 13 (Refer Slide Time: 00:18) So last class, it was
More informationViewpoint Paper. Being Vulnerable to the Threat of Confusing Threats with Vulnerabilities*
Viewpoint Paper Being Vulnerable to the Threat of Confusing Threats with Vulnerabilities* Roger G. Johnston Vulnerability Assessment Team Nuclear Engineering Division Argonne National Laboratory The following
More informationEncoded Phased Array Bridge Pin Inspection
Encoded Phased Array Bridge Pin Inspection James S. Doyle Baker Testing Services, Inc. 22 Reservoir Park Dr. Rockland, MA 02370 (781) 871-4458; fax (781) 871-0123; e-mail jdoyle@bakertesting.com Product
More informationTHE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE
THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced
More informationUnderstanding and evaluating risk to information assets in your software projects
Understanding and evaluating risk to information assets in your software projects ugh.. what a mouthful Dana Epp Windows Security MVP Who am I? Microsoft Windows Security MVP Information Security Professional
More informationPolicy for Protecting Customer Data
Policy for Protecting Customer Data Store Name Store Owner/Manager Protecting our customer and employee information is very important to our store image and on-going business. We believe all of our employees
More information83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff
83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff Computer security is a matter of controlling how data is shared for reading and modifying. Type enforcement is a new security
More informationA Primer on Cyber Threat Intelligence
A Primer on Cyber Threat Intelligence AS ADVERTISED 2 BUZZWORD BINGO! 3 TODAY S CYBER SECURITY CHALLENGES CISOs finding it difficult to define security ROI to executives Short shelf life for CISOs Vastly
More informationOptimizing Network Vulnerability
SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965
More informationYour Mobility Strategy Guide Book
The fast adoption in the use of mobile devices to access work files, data and customer information requires companies to deepen their understanding about how to create a balance between flexibility and
More informationDetect, Contain and Control Cyberthreats
A SANS Whitepaper Written by Eric Cole, PhD June 2015 Sponsored by Raytheon Websense 2015 SANS Institute Introduction Dwell Time Relates to damage because the longer a system is compromised, the bigger
More informationThe Business of Personalization. Udi Manber, Ash Patel, and John Robison. Experience with
The Business of Personalization Udi Manber, Ash Patel, and John Robison YAHOO! Experience with PERSONALIZATION ON When designing Web personalization products, make sure you address all your users. Yahoo!
More informationRethinking Cybersecurity. Rethinking Cybersecurity. Page 1
Rethinking Cybersecurity Page 1 Engineering Control, Freedom & Privacy: TABLE OF CONTENTS It s not about the networks, it s about the data. It s the data that s valuable, and it s the data that s risky.
More informationBridging the gap between COTS tool alerting and raw data analysis
Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading
More informationComputer and Network Security
Computer and Network Security R. E. Newman Computer & Information Sciences & Engineering University Of Florida Gainesville, Florida 32611-6120 nemo@cise.ufl.edu Introduction to Computer and Network Security
More informationAssignment 1 Biometric authentication
Assignment 1 Biometric authentication Internet Security and Privacy Alexandre Fustier Vincent Burger INTRODUCTION:...3 I. TYPES AND DESCRIPTION OF BIOMETRICS...4 1. PHYSIOLOGICAL BIOMETRIC...4 a. Fingerprints...4
More informationChoosing a Computer for Running SLX, P3D, and P5
Choosing a Computer for Running SLX, P3D, and P5 This paper is based on my experience purchasing a new laptop in January, 2010. I ll lead you through my selection criteria and point you to some on-line
More informationSkoot Secure File Transfer
Page 1 Skoot Secure File Transfer Sharing information has become fundamental to organizational success. And as the value of that information whether expressed as mission critical or in monetary terms increases,
More informationTwist Drill Grinding Attachment By Steven Skiprat Jackson June 2009
Twist Drill Grinding Attachment By Steven Skiprat Jackson June 2009 Part 1. About the tool Part 2. Mounting the tool Part 3. Using the tool Part 1. About the tool This little gadget while not a precision
More informationM113 VEHICLE FAMILY RUBBER TRACK INSTALLATION INSTRUCTIONS SOUCY TRACK SYSTEM 04-M113-1ENS (SPLIT IDLER) Litho d in Canada 1 04-M113-1ENS
M113 VEHICLE FAMILY RUBBER TRACK INSTALLATION INSTRUCTIONS (SPLIT IDLER) 1 # TABLE OF CONTENTS List of parts and tools................................................3 Installation of complete kit...................................................5
More informationikompass PMP Exam tips
ikompass PMP Certification Singapore ikompass PMP Exam tips Taking an exam can be a daunting task for people of any age. The unique structure of the PMP exam which involves rules like being sensitive to
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 02 Overview on Modern Cryptography
More informationMedia Damage and Hard Drive Data Recovery. The term media refers to the platters. Data resides on the platter surfaces.
Media Damage and Hard Drive Data Recovery Many clients are stunned to learn that their hard drives have suffered a head crash, resulting in significant internal damage. But I only dropped it a few (inches
More informationMeasuring Software Security
Measuring Software Security Defining Security Metrics Dr. Bill Young Department of Computer Science University of Texas at Austin Last updated: July 1, 2014 at 14:53 Dr. Bill Young: 1 Why Is CyberSecurity
More informationIntrusion Detection Systems
Intrusion Detection Systems Assessment of the operation and usefulness of informatics tools for the detection of on-going computer attacks André Matos Luís Machado Work Topics 1. Definition 2. Characteristics
More informationTS93 EMR T/PT/TDE. Surface applied door closer
TS EMR T/PT/TDE Surface applied door closer Installation instructions: Pull side track mount door closer with smoke detector (EMR T) Push side track mount door closer with smoke detector (EMR PT) Double
More informationColumbia University Web Security Standards and Practices. Objective and Scope
Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements
More informationIncident Response. Six Best Practices for Managing Cyber Breaches. www.encase.com
Incident Response Six Best Practices for Managing Cyber Breaches www.encase.com What We ll Cover Your Challenges in Incident Response Six Best Practices for Managing a Cyber Breach In Depth: Best Practices
More informationCombining Digital and Traditional Output in Prints
SGCI2015:Demo Handout Combining Digital and Traditional Output in Prints Kelsey Stephenson, University of Tennessee, Saturday March 21, 10:00 11:30am, Printshop, AA 241 East SGCI Demo Handout Combining
More informationSECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)
SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationCourse Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)
Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationEasiShare Whitepaper - Empowering Your Mobile Workforce
Accessing files on mobile devices and sharing them with external parties presents serious security risks for companies. However, most current solutions are either too cumbersome or not secure enough for
More informationOPERATING INSTRUCTIONS FOR THE MODEL 210B-2 SRA
OPERATING INSTRUCTIONS FOR THE MODEL 210B-2 SRA SAFETY PRECAUTIONS FOR THE MODEL 210B-2 SRA System Under Pressure: Shut off air supply and disconnect air hose before disassembling or disconnecting parts.
More informationThe Need for Intelligent Network Security: Adapting IPS for today s Threats
The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network
More informationKnowledge Based Authentication (KBA) Metrics
Knowledge Based Authentication (KBA) Metrics Santosh Chokhani, Ph.D. February, 2004 Background Model for KBA Issues and Considerations Practical Usage of KBA Metrics for KBA Applicability to U.S. Government
More informationApplication Intrusion Detection
Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction
More informationINTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA
INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA OVERVIEW Introduction Overview The IDS Puzzle Current State of IDS Threats I have a good firewall, why do I need an IDS? Expectations
More information8 secrets. Your Burglar Won't Tell You
8 secrets Your Burglar Won't Tell You In the United States alone, a home burglary occurs every 14 seconds. These kinds of statistics can be alarming, and the best thing you can do as a homeowner is educate
More informationCylinders. Hardware By Professionals For Professionals. Hardware By Professionals For Professionals 223
Cylinders Hardware By Professionals For Professionals 222 Hardware By Professionals For Professionals 223 BS EN 1303 Classification Guide A guide to the classification for Mila Pro-Linea cylinders is below.
More informationUsing CAD Data in Assembly - Advantages and Pitfalls
Using CAD Data in Assembly - Advantages and Pitfalls For years, electronic engineers and circuit board designers have shared information between their computer-aided-engineering (CAE) and computer-aided-design
More informationGetting Started with WebSite Tonight
Getting Started with WebSite Tonight WebSite Tonight Getting Started Guide Version 3.0 (12.2010) Copyright 2010. All rights reserved. Distribution of this work or derivative of this work is prohibited
More informationContents TABLE OF. List of Illustrations... IX. Preface... XV. Chapter 1: How the Burglar Breaks into Your Home... 1
TABLE OF Contents List of Illustrations................................. IX Preface........................................... XV Why You Should Read This Book Burglars Kill Every Security System Can Be
More informationCSE 227 Computer Security Winter 2012
CSE 227 Computer Security Winter 2012 Stefan Savage Course info Stefan Savage Web: http://www.cs.ucsd.edu/~savage E-mail: savage@cs.ucsd.edu Office hours: M 3-4pm (or by appt, or drop by) CSE 3106 Course
More informationAZEK Rail Install Guide
TRIM MOULDING DECK PORCH RAIL PAVERS AZEK Rail Install Guide Installing AZEK Rail with CableRail by Feeney... 1 Installing CableRail by Feeney for AZEK Rail... 7 Installing AZEK Rail Stairs with CableRail
More informationPalm Beach County Sheriff s Office
Palm Beach County Sheriff s Office Home Security Self Survey Since 1909, the deputies of Palm Beach County have provided a safe environment for thousands of people who live, work and visit Palm Beach County.
More informationPERFORMING PENETRATION TESTING
82-02-68 DATA SECURITY MANAGEMENT PERFORMING PENETRATION TESTING Stephen Fried INSIDE Basic Attack Strategies; Planning the Test; Performing the Test; Reporting Results BASIC ATTACK STRATEGIES Every security
More informationWhite Paper Barcoding
White Paper Barcoding White Paper Barcoding What is a barcode?... 1 The benefits... 1 Barcoding and simpro Enterprise... 3 Managing stock... 3 Asset management... 4 Optimised stocktake and stock transfer...
More informationBelt Drives and Chain Drives. Power Train. Power Train
Belt Drives and Chain Drives Material comes for Mott, 2002 and Kurtz, 1999 Power Train A power train transmits power from an engine or motor to the load. Some of the most common power trains include: Flexible
More informationThe Truth About Information Security in Schools Region V 23 rd Annual Spring Conference -April 4th, 2013 Evan Francen CISSP, CISM, CCSK President of FRSecure, LLC Thank You for Attending! & Many Thanks
More informationRadianceRail Installation Guide
RadianceRail Installation Guide Installing RadianceRail with CableRail by Feeney... 2 Installing CableRail by Feeney for RadianceRail... 7 Installing RadianceRail Stairs with CableRail by Feeney... 10
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationEECS 588: Computer and Network Security. Introduction January 14, 2014
EECS 588: Computer and Network Security Introduction January 14, 2014 Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade
More information1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.
Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is
More information