Chapter 1 What is Security Engineering Security Engineering

  • Slides: 12
Download presentation
Chapter 1 What is Security Engineering?

Chapter 1 What is Security Engineering?

Security Engineering l Building systems that remain stable Malice l Error l Mischance l

Security Engineering l Building systems that remain stable Malice l Error l Mischance l l Focuses on Tool l Processes l Methods l

Expertise for security Engineering l l l l l Cryptography Computer security Hardware tamper

Expertise for security Engineering l l l l l Cryptography Computer security Hardware tamper resistance Applied Psychology Audit methods Law System engineering Business process analysis Software engineering

Critical assurance requirements l Human life and environment l l l Economic infrastructure l

Critical assurance requirements l Human life and environment l l l Economic infrastructure l l Medical system Business sectors l l l Bank systems Personal privacy l l Nuclear safety Military Pay TV Internet sale Crime l Burglar and car alarms

Security v software engineering l Software l Ensuring that certain things can happen and

Security v software engineering l Software l Ensuring that certain things can happen and happen properly l Security l Ensuring that certain things can not happen

A Secure system needs l User authentication l Transaction integrity l Accountability l Fault-tolerance

A Secure system needs l User authentication l Transaction integrity l Accountability l Fault-tolerance l Message secrecy l Covertness

Review of 4 systems l Banks have been a driving force in security and

Review of 4 systems l Banks have been a driving force in security and accounting controls l Air l force base Military has been motivator of technology l Healthcare l Patient safety and privacy l Home l More and more important

Terms and uses l System l Subject, Principal, Identity l Trust, Trustworthy l Confidentiality,

Terms and uses l System l Subject, Principal, Identity l Trust, Trustworthy l Confidentiality, Privacy, Secrecy l Authenticity, Integrity l Vulnerability, Threat, Security failure

Articles for Friday 1/21 l l l What is security engineering Documentation of “system”

Articles for Friday 1/21 l l l What is security engineering Documentation of “system” like in text Confidentiality versus privacy versus secrecy System used for domestic spying (Wiretaps) Find article email to classmates before Thursday noon prepare to lead discussion.

Previous articles l An interesting discussion of the FBI's Carnivore system and its confidentiality.

Previous articles l An interesting discussion of the FBI's Carnivore system and its confidentiality. l l A news article on the latest version of i. Tunes; Privacy concerns over the 'Ministore' l l http: //www. scoop. co. nz/stories/HL 0601/S 00047. htm Intelligence info in plain site l l http: //www. msnbc. msn. com/id/9602401/site/newsweek (A lot to do with Echelon) l l http: //www. consumeraffairs. com/news 04/2006/01/scam_marine. html (Sort of a long article, sorry) l l http: //www. purdueexponent. com/index. php/module/Issue/action/Article/article_id/2447 Speaks about a changing threat and people who pose as others. . . l l http: //www. mercurynews. com/mld/mercurynews/business/technology/13662299. htm Talking about tailoring data to specific people. . . l l http: //www. sweetliberty. org/issues/privacy/corporate. htm http: //www. cbsnews. com/stories/2006/01/10/eveningnews/main 1198667. shtml Cell phone Privacy l http: //www. cbsnews. com/stories/2006/01/12/eveningnews/main 1206518. shtml

Links to resources l What is Security Engineering (author links) http: //www. cl. cam.

Links to resources l What is Security Engineering (author links) http: //www. cl. cam. ac. uk/~rja 14/book. html l http: //www. cl. cam. ac. uk/~rja 14/ l l. A few great BLOGS to get started http: //www. lightbluetouchpaper. org/ l http: //www. schneier. com/blog/ l

Links to resources l What l l do secure systems need: http: //en. wikipedia.

Links to resources l What l l do secure systems need: http: //en. wikipedia. org/wiki/Computer_security www. sans. org http: //books. slashdot. org/article. pl? sid=02/02/28/163234 Ross Andersons Home page l http: //www. cl. cam. ac. uk/~rja 14/

Security Engineering Chapter 6 Distributed Systems Security EngineeringSecurity Engineering Chapter 6 Distributed Systems Security Engineering
Chapter 13 Security Engineering 12112014 Chapter 13 SecurityChapter 13 Security Engineering 12112014 Chapter 13 Security
Engineering Definitions ENGINEERING What is Engineering Engineering isEngineering Definitions ENGINEERING What is Engineering Engineering is
CIVIL ENGINEERING CONSTRUCTION ENGINEERING STRUCTURAL ENGINEERING GEOTECHNICAL ENGINEERINGCIVIL ENGINEERING CONSTRUCTION ENGINEERING STRUCTURAL ENGINEERING GEOTECHNICAL ENGINEERING
CIVIL ENGINEERING CONSTRUCTION ENGINEERING STRUCTURAL ENGINEERING GEOTECHNICAL ENGINEERINGCIVIL ENGINEERING CONSTRUCTION ENGINEERING STRUCTURAL ENGINEERING GEOTECHNICAL ENGINEERING
Chapter 15 Security The Security Problem n SecurityChapter 15 Security The Security Problem n Security
Chapter 6 Operating System Security Security Security refersChapter 6 Operating System Security Security Security refers
Chapter 9 Security Security Security is a measureChapter 9 Security Security Security is a measure
Exploring Engineering Chapter 16 Green Engineering Green EngineeringExploring Engineering Chapter 16 Green Engineering Green Engineering
Chapter 15 Security Chapter 15 Security n TheChapter 15 Security Chapter 15 Security n The
Chapter 15 Security Chapter 15 Security n TheChapter 15 Security Chapter 15 Security n The