1 SECURITY IN COMPUTING FIFTH EDITION Chapter 2
- Slides: 40
1 SECURITY IN COMPUTING, FIFTH EDITION Chapter 2: Toolbox: Authentication, Access Control, and Cryptography From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
2 Objectives for Chapter 2 • Survey authentication mechanisms • List available access control implementation options • Explain the problems encryption is designed to solve • Understand the various categories of encryption tools as well as the strengths, weaknesses, and applications of each • Learn about certificates and certificate authorities From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
3 Authentication • The act of proving that a user is who she says she is • Methods: • Something the user knows • Something the user is • Something user has From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
4 Something You Know • Passwords • Security questions • Attacks on “something you know”: • Dictionary attacks • Inferring likely passwords/answers • Guessing • Defeating concealment • Exhaustive or brute-force attack • Rainbow tables From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
5 Distribution of Password Types From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
6 Password Storage Plaintext Concealed From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
7 Biometrics: Something You Are From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
8 Problems with Biometrics • Intrusive • Expensive • Single point of failure • Sampling error • False readings • Speed • Forgery From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
9 Tokens: Something You Have From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
10 Federated Identity Management From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
11 Single Sign-On From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
12 Access Control From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
13 Access Policies • Goals: • Check every access • Enforce least privilege • Verify acceptable usage • Track users’ access • Enforce at appropriate granularity • Use audit logging to track accesses From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
14 Implementing Access Control • Reference monitor • Access control directory • Access control matrix • Access control list • Privilege list • Capability • Procedure-oriented access control • Role-based access control From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
15 Reference Monitor From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
16 Access Control Directory From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
17 Access Control Matrix From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
18 Access Control List From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
19 Problems Addressed by Encryption • Suppose a sender wants to send a message to a recipient. An attacker may attempt to • Block the message • Intercept the message • Modify the message • Fabricate an authentic-looking alternate message From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
20 Encryption Terminology • Sender • Recipient • Transmission medium • Interceptor/intruder • Encrypt, encode, or encipher • Decrypt, decode, or decipher • Cryptosystem • Plaintext • Ciphertext From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
21 Encryption/Decryption Process From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
22 Symmetric vs. Asymmetric From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
23 Stream Ciphers From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
24 Block Ciphers From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
25 Stream vs. Block From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
26 DES: The Data Encryption Standard • Symmetric block cipher • Developed in 1976 by IBM for the US National Institute of Standards and Technology (NIST) From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
27 AES: Advanced Encryption System • Symmetric block cipher • Developed in 1999 by independent Dutch cryptographers • Still in common use From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
28 DES vs. AES From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
29 Public Key (Asymmetric) Cryptography • Instead of two users sharing one secret key, each user has two keys: one public and one private • Messages encrypted using the user’s public key can only be decrypted using the user’s private key, and vice versa From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
30 Secret Key vs. Public Key Encryption From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
31 Public Key to Exchange Secret Keys From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
32 Key Exchange Man in the Middle From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
33 Error Detecting Codes • Demonstrates that a block of data has been modified • Simple error detecting codes: • Parity checks • Cyclic redundancy checks • Cryptographic error detecting codes: • One-way hash functions • Cryptographic checksums • Digital signatures From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
34 Parity Check From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
35 One-Way Hash Function From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
36 Digital Signature From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
37 Certificates: Trustable Identities and Public Keys • A certificate is a public key and an identity bound together and signed by a certificate authority. • A certificate authority is an authority that users trust to accurately verify identities before generating certificates that bind those identities to keys. From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
38 Certificate Signing and Hierarchy From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
39 Cryptographic Tool Summary From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
40 Summary • Users can authenticate using something they know, something they are, or something they have • Systems may use a variety of mechanisms to implement access control • Encryption helps prevent attackers from revealing, modifying, or fabricating messages • Symmetric and asymmetric encryption have complementary strengths and weaknesses • Certificates bind identities to digital signatures From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
Security in computing pfleeger ppt
Security in computing 5th edition answers
Principles of marketing fifth european edition
Lazarus's appraisal theory
Fundamentals of corporate finance fifth edition
Democritus atomic model diagram
Molecular biology of the cell
Molecular biology
Human anatomy fifth edition
Human anatomy fifth edition
Private securty
Using mis (10th edition) 10th edition
Using mis 10th edition
Conventional computing and intelligent computing
The harder you push the harder the system pushes back
Fifth chapter menu
Failure of supporting utilities and structural collapse
William stallings network security essentials 5th edition
Modulo table
Computer security principles and practice 4th edition
Management of information security 5th edition
Cryptography and network security 6th edition pdf
Cryptography and network security 4th edition
Principles of business information systems
Information asset classification worksheet
Computer security fundamentals 4th edition
Principles of information security 4th edition
Bull's eye model in information security
Computer security principles and practice 4th edition
Cryptographic systems are generically classified by
Pearson cryptography and network security
Security in computing pfleeger
Grid computing security
Nist cloud computing reference architecture with diagram
Cloud computing security model
Security problems in computing
Osi security services
Guide to network security
Wireless security in cryptography and network security
Explain about visa international security mode
Electronic mail security in network security
