How To Secure A Computer System From A Hacker

Similar documents
Lukasz Pater CMMS Administrator and Developer

An Introduction to Cryptography as Applied to the Smart Grid

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Savitribai Phule Pune University

Chapter 7: Network security

Mathematics of Internet Security. Keeping Eve The Eavesdropper Away From Your Credit Card Information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Computer Security: Principles and Practice

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

SECURITY IN NETWORKS

Network Security. HIT Shimrit Tzur-David

Chapter 23. Database Security. Security Issues. Database Security

CRYPTOGRAPHY IN NETWORK SECURITY

What is network security?

7! Cryptographic Techniques! A Brief Introduction

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Software Tool for Implementing RSA Algorithm

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

An Efficient data storage security algorithm using RSA Algorithm

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS

Symmetric Key cryptosystem

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Secure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection

A Novel Approach to combine Public-key encryption with Symmetric-key encryption

An Introduction to Cryptography and Digital Signatures

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Database Security and Authorization

Chapter 24. Database Security. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley

Properties of Secure Network Communication

Peer-to-Peer Networks Anonymity (1st part) 8th Week

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

The science of encryption: prime numbers and mod n arithmetic

Lecture 2: Complexity Theory Review and Interactive Proofs

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Lecture 9: Application of Cryptography

Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester

Getting the most from Apple Mail

A Factoring and Discrete Logarithm based Cryptosystem

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

The Mathematics of the RSA Public-Key Cryptosystem

Secure Network Communication Part II II Public Key Cryptography. Public Key Cryptography

CSCE 465 Computer & Network Security

Cryptography and Network Security

The New Approach of Quantum Cryptography in Network Security

Module 7 Security CS655! 7-1!

Chapter 23. Database Security. Security Issues. Database Security

Chapter 37. Secure Networks

Chapter 10. Network Security

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

CPSC 467b: Cryptography and Computer Security

Public Key (asymmetric) Cryptography

Associate Prof. Dr. Victor Onomza Waziri

Understanding Digital Certificates and Wireless Transport Layer Security (WTLS)

Alternative machine models

Cryptography and Network Security Chapter 9

Network Security Protocols

Network Security. Chapter 2 Basics 2.2 Public Key Cryptography. Public Key Cryptography. Public Key Cryptography

CS 758: Cryptography / Network Security

Application of Digital Signature for Securing Communication Using RSA Scheme based on MD5

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

A Knowledge-Based Intrusion Detection Engine to detect attacks on security protocols

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

DRAFT Standard Statement Encryption

Public Key Cryptography: RSA and Lots of Number Theory

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

A Simulation Game for Teaching Secure Data Communications Protocols

Security in Electronic Payment Systems

Public Key Cryptography. c Eli Biham - March 30, Public Key Cryptography

How To Encrypt Data With Encryption

STUDY AND COMPARISON OF CRYPTOGRAPHIC METHODS FOR CLOUD SECURITY

Security & Privacy on the WWW. Topic Outline. Information Security. Briefing for CS4173

PGP (Pretty Good Privacy) INTRODUCTION ZHONG ZHAO

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Cornerstones of Security

CSE/EE 461 Lecture 23

ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING

Lecture 6 - Cryptography

Künftige Cyber-Attacken: Risiken und Techniken. Future Cyber attacks: Risks and techniques. Prof. Dr. T. Nouri sd&m

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Global Telehealth Conference 2012

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Quantum Safe Security Workgroup Presentation. Battelle / ID Quantique / QuantumCTek CSA EMEA Congress, Rome 19 November 2014

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Cryptography and Network Security

Notes on Network Security Prof. Hemant K. Soni

Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

I N F O R M A T I O N S E C U R I T Y

A Fully Homomorphic Encryption Implementation on Cloud Computing

Secure Automated Document Delivery

Secure File Transfer Using USB

First Semester Examinations 2011/12 INTERNET PRINCIPLES

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Center for Internet Security. INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO

Transcription:

Lecture 10 Security (Part 2) <lecturer, date>

Outline Securing computer systems Cryptography Virtual Private Networks (VPN) Access controls Mandatory access control Discretionary access control Role based access control Role based access control

Cryptography Kryptos- hidden secret and graphein- writing Study of techniques for securing information in the presence of adversaries to secure online credit card transactions to secure data stored online, like in Google drive Encryption process of encoding messages such that only authorized people can use it technique of transforming information into an unusable form e.g., replace A by 1, B by 2, C by 3, and so on Relies on the assumption of computational hardness Theoretically possible to break such systems Hard to do in practice by any known means

Cryptography 1. Symmetric key cryptography Encryption and decryption happens using the same key (rule) The receiver need to have the same key in order to read (make use of) the information An example is the Data Encryption Standard (DES) (reference 3) e.g., Suppose Bob and Alice want to communicate securely Bob replaces every alphabet by the following alphabet, i.e., to CAT becomes DBU Alice need to know this rule to decrypt DBU 2. Public key cryptography Encryption and decryption happens using different keys The sender need to know the receiver s public key in order to encrypt information so that the receiver can decrypt it using his private key An example is the RSA encryption algorithm (reference 4) e.g., Suppose Alice s private key is A and public key is B Bob encrypts the message using B and sends it to Alice Alice decrypts the message using her private key A

Outline Securing computer systems Cryptography Virtual Private Networks (VPN) Access controls Mandatory access control Discretionary access control Role based access control Role based access control

Virtual Private Networks (VPN) A private network that is a part of a larger network (e.g., internet) that is composed of a selected set of members of the larger network. Example: OpenVPN Encrypts data between the members of the private network so that third party members (e.g., somebody in the larger network) cannot access the communication. Private because the traffic is visible only to the members One way of ensuring secure communication through e.g., internet Interesting in the context of internet of things since private networks connecting personal devices can be constructed on top of the internet

Outline Securing computer systems Cryptography Virtual Private Networks (VPN) Access controls Mandatory access control Discretionary access control Role based access control Role based access control

Access Controls Restricting access to resources and information on a selective basis Discretionary access control: individual users can set access controls to resources and information without restrictions Mandatory access control: individuals can set access controls to resources and information as long as it is consistent with the system wide policy Role based access control: individuals can set access controls to resources and information only if it is consistent with their role

Outline Securing computer systems Cryptography Virtual Private Networks (VPN) Access controls Mandatory access control Discretionary access control Role based access control Role based access control

Role Based Access Control Role based access control: individuals can set access controls to resources and information only if it is consistent with their role. Common terminology: Subject: A person or a software service, e.g., an employee Role: The function in the organization that corresponds to an authority level, e.g., system admin Permissions: The mode of access to a resource, e.g., full access, restricted access etc Transaction: Any activity carried out by the subject. Role-based permissions Each role is associated with a certain set of permissions Need to prove identity to be able to use the system Common methods for validating identity: Passwords Biometrics such as finger-prints Access cards (RFID etc)

Role Based Access Control Basic rules for RBAC: 1. Role Assignment: Each subject in the system must have an assigned role. 1. Role Authorization: The role must be authorized by some authority, e.g., a system admin. 2. Transaction Authorization: Every transaction carried out by the subject must be authorized, e.g., by a system admin

Advantages of Role Based Access Control Easy to administer Every subject can be given permission based on his role e.g., a security guard does not need permissions to see company operations Every subject with the same role has same permissions New roles can be created with customized permissions e.g., during company expansions Support for multi-functionality Each subject can be assigned multiple functions Seamless transition between roles Subjects can transition between roles without changing their identities Improves security: each subject has a single identity in the system (albeit different roles)

References 1) Basic concepts and taxonomy of dependable and secure computing, Avizienis, A. ; Laprie, J.-C. ; Randell, B. ; Landwehr, C., IEEE Transactions on Dependable and Secure Computing, 2004 2) Industrial Control Systems Cyber Emergency Response Team, https://icscert.us-cert.gov/standards-and-references 3) Data Encryption Standard, http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf 4) A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, Rivest, R.; Shamir, A.; Adleman, L., http://people.csail.mit.edu/rivest/rsapaper.pdf 5) Multiuser cryptographic techniques, Diffie, W. and Hellman, M., AFIPS '76 Proceedings of the national computer conference and exposition.http://www.cin.ufpe.br/~mab/p109-diffie.pdf 6) Virtual Private Networking- an overview, https://technet.microsoft.com/enus/library/bb742566.aspx 7) OpenVPN, https://openvpn.net/index.php/open-source.html

References 8) Role-Based Access Controls, David F. Ferraiolo and D. Richard Kuhn, http://csrc.nist.gov/groups/sns/rbac/documents/ferraiolo-kuhn-92.pdf

Lab 10 Security (Part 2) <lecturer, date>

Description Implement role based access control for the mobile app that you developed Have two roles: 1. User: can only get readings and monitor for alarms 2. Admin: can get readings as well as set the values of temperature, water level etc

Seminar 10 Security (Part 2) <lecturer, date>

Description Discuss the solutions for the lab. Answer the following questions (1 page report): Is this the best solution? Can the security be breached, e.g., using any of the techniques that you learned? How can you further improve security? What are the challenges involved in securing such systems?

Mini-project 10 Security (Part 2) <lecturer, date>

Description Perform a literature survey on encryption techniques, with particular focus on mobile devices and embedded systems: State of the art Impact on size, weight and power constraints Emerging challenges Open problems

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information