Distributed Systems Security. Authentication Practice - 2. Prof. Steve Wilbur
|
|
- Shannon Hicks
- 6 years ago
- Views:
Transcription
1 Distribted Systems Secrity Athentication Practice - 2 Prof. Steve Wilbr s.wilbr@cs.cl.ac.k MSc in Data Commnications Networks and Distribted Systems, UCL Lectre Objectives Examine X.509 as a practical example of Pblic Key services MSc in Data Commnications Networks and Distribted Systems, UCL 4-2 Page 1 1
2 X.500 Directory Service X.500 is a family of standards for directory services providing information abot sers Developed in late-1980s by ITU X.509 defines a certificate strctre and protocols which are widely sed, eg.: o S/MIME o IP Secrity o SSL/TLS o SET X.509: o V1: 1988; V2: 1993; V3: 1995 MSc in Data Commnications Networks and Distribted Systems, UCL 4-3 X.509 Strctre Example of early definition of strctre in ASN.1 LHS = identifier; RHS = type certificate ::= SIGNED SEQUENCE { signatre AlgorithmIdentifier, isser Name, validity Validity, sbject Name, sbjectpkinfo SbjectPblicKeyInfo} Validity ::= SEQUENCE { notbefore UTCTime, notafter UTCTime} SbjectPblicKeyInfo ::= SEQUENCE{ algorithm AlgorithmIdentifier, sbjpk BITSTRING} AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL} MSc in Data Commnications Networks and Distribted Systems, UCL 4-4 Page 2 2
3 X.509 s Issed by trsted Certification Athority Directory Service only stores and distribtes them MSc in Data Commnications Networks and Distribted Systems, UCL 4-5 X.509 Strctre Version Serial Nmber Signatre Alg. ID Algorithm Parameters Isser Name Not Before Not After Validity Period Sbject Name Algorithms Versions 1, 2 and 3 Versions 2 and 3 Version 3 only Sbject PK Info. Isser Uniqe ID Sbject Uniqe ID Extensions Signatre Parameters Key Algorithms Parameters Encrypted Hash MSc in Data Commnications Networks and Distribted Systems, UCL 4-6 Page 3 3
4 X.509 s - 2 Version: Indicates format of certificate (1, 2 or 3) Serial Nmber: Integer associated with this C, niqe in issing CA Sig. Alg. ID: Algorithm sed to sign the C and any parameters (repeated in the Signatre field) Isser Name: Name of CA that created C Validity Period: First and last dates on which C is valid Sbject Name: Name of ser to whom C applies Sbject PK Info.: Pblic key, algorithm and any relevant parameters of sbject Isser Uniqe ID: Optional bit string to identify niqely CA in case name is not niqe Sbject Uniqe ID: Optional bit string to identify niqely CA in case name is not niqe Signatre: Covers all other fields of C MSc in Data Commnications Networks and Distribted Systems, UCL 4-7 X.509 s - 3 Inter-domain certification by CA s prodcing certificates for each other s Pblic Keys o Forward : of X generated by other Cas o Reverse s: s generated by X for another CA Generally arranged hierarchically so that easy for sers to find certification chain and reqest relevant certificates Otherwise, similar to theory MSc in Data Commnications Networks and Distribted Systems, UCL 4-8 Page 4 4
5 X.509 Revocation s sally issed for appropriate length of time, eg. stdents: 1 academic year May need to nllify C earlier if: o ser s secret key compromised o ser no longer within jrisdiction of CA, eg. left job o CA s certificate has been compromised Each CA keeps a list of all revoked bt not expired certificates Periodically pblished to directory via Revocation List (CRL) If end ser caches C s they mst also cache relevant CRL s MSc in Data Commnications Networks and Distribted Systems, UCL 4-9 X.509 Revocation List Signatre Alg. ID Isser Name This pdate date Next pdate date Revoked Algorithm Parameters Serial Nmber Revocation Date... Revoked Signatre Algorithms Parameters Encrypted Hash MSc in Data Commnications Networks and Distribted Systems, UCL 4-10 Page 5 5
6 X.509 s V.3 Limitations of V.2 Sbject field inadeqate to flly convey identity of owner (which j smith in that domain esp. if domain is broad eg. ISP) May be several different identities for a given ser, eg. mail address, URL, etc. - need to specify and relate them Need to indicate secrity policy information, so protocols can relate specific for this Need to limit damage from falty or malicios CA Important to keep separate keys sed by same owner at different times - key life cycle management MSc in Data Commnications Networks and Distribted Systems, UCL 4-11 X.509 s V.3 Flexible strctre to deal with these and other needs: extensions Each extension consists of: o extension identifier o criticality indicator o extension vale Criticality indicator indicates whether this extension can safely be ignored o if indicator is TRUE and application/protocol cannot deal with this extension type, then the certificate mst be treated as invalid MSc in Data Commnications Networks and Distribted Systems, UCL 4-12 Page 6 6
7 X.509 s V.3 Key and Policy Information -1 Athority Key Identifier: Identifies which of CAs keys to se to validate C. Allows CAs key pairs to be pdated Sbject Key Identifier: Similar to above. Key Usage: Policy restrictions on key, eg. digital signatre, data encryption, key encryption etc. MSc in Data Commnications Networks and Distribted Systems, UCL 4-13 X.509 s V.3 Key and Policy Information -2 Private-key Usage Period: Private key may be valid for a mch shorter period than the pblic key, eg. signing (private) key validity less than verifying (pblic) key Policies: Lists policies this certificate spports and optional qalifier information Policy Mappings: For s for CAs issed by other CAs. Indicates policies in isser domain which are eqivalent in the sbject CAs domain MSc in Data Commnications Networks and Distribted Systems, UCL 4-14 Page 7 7
8 X.509 s V.3 Sbject & Isser Attribtes Provide alternative names in alternative formats Increase ser s confidence that C relates to particlar person or entity Examples: o postal address o position within organisation o pictre Sbject Alternative Name: One or more alternative names. Some apps se their own name forms MSc in Data Commnications Networks and Distribted Systems, UCL 4-15 X.509 s V.3 Sbject & Isser Attribtes -2 Sbject Alternative Name: One or more alternative names. Some apps se their own name forms Isser Alternative Name: Similar to above, bt for isser Sbject Directory Attribtes: X.500 directory attribtes for the sbject MSc in Data Commnications Networks and Distribted Systems, UCL 4-16 Page 8 8
9 X.509 s V.3 Certification Path Constraints May provide constraints on which crosscertificates may appear in certification chains May constrain the types of certificates that the sbject CA can isse Basic Constraints: Indicates if sbject may act as CA. May inclde a max. certification path length. Name Constraints: Limits name space for all sbject names in sbseqent Cs in a path Policy Constraints: May enforce explicit policy specification in the rest of the certification path MSc in Data Commnications Networks and Distribted Systems, UCL 4-17 Creation Algorithmically, this is easy BUT, need to think careflly abot processes within organisation or domain Following diagrams show schematics of isse nder athority of a commercial or government isser Assmes that sbject s company has established its credential beforehand with issing athority MSc in Data Commnications Networks and Distribted Systems, UCL 4-18 Page 9 9
10 Generation User Credentials LA Creds SK LA Pblic Key Generation PK U Reqest Generation SK U M Remote Site Key Store Generation SKCA CA Directory M is of form: LA, {RQCert, LA, User, Creds, PK}SK LA CA - Certification Athority LA - Local Athority MSc in Data Commnications Networks and Distribted Systems, UCL 4-19 Local Generation User Credentials LA Creds Athenticate Pblic Key Generation SK U PK U Generation SKCA CA Key Store Directory CA - Certification Athority LA - Local Athority MSc in Data Commnications Networks and Distribted Systems, UCL 4-20 Page 10 10
11 Issing Isses How do yo prove to someone who yo are? o Driving licence? o P45? o Letter of reference? o Birth? How mch certainty is reqired? If yo by/program key-pair generation software how do yo know it is sond? What tests wold yo apply to it? MSc in Data Commnications Networks and Distribted Systems, UCL 4-21 Issing Isses - 2 Are copies of Private Keys kept - escrowed? All of them, non, some? How are Private Keys stored? How secre is this? If PKs are encrypted while not in se (key chain) how secre is the encryption? Based on password or phrase? What procedres does CA expect LA to carry ot? What aditing needs to be done? Does this introdce potential weaknesses MSc in Data Commnications Networks and Distribted Systems, UCL 4-22 Page 11 11
12 Frther Reading Stallings W, Cryptography and Network Secrity: Principles and Practice, 2ed, Prentice Hall, 1999, o X.509 Athentication and s: pp Pfleeger C, Secrity in Compting, 2ed, Prentice Hall, 1997, o s: pp Ford W, Advances in Pblic-Key Standards, ACM SIGSAC Review, Jly 1995 MSc in Data Commnications Networks and Distribted Systems, UCL 4-23 Frther Reading - 2 Ford W, Advances in Pblic-Key Standards, ACM SIGSAC Review, Jly 1995 MSc in Data Commnications Networks and Distribted Systems, UCL 4-24 Page 12 12
Requirements Engineering. Objectives. System requirements. Types of requirements. FAQS about requirements. Requirements problems
Reqirements Engineering Objectives An introdction to reqirements Gerald Kotonya and Ian Sommerville To introdce the notion of system reqirements and the reqirements process. To explain how reqirements
More informationLDAP Configuration Guide
LDAP Configration Gide Content Content LDAP directories on Gigaset phones............................................... 3 Configration.....................................................................
More informationAddressing in Future Internet: Problems, Issues, and Approaches
Addressing in Ftre Internet: Problems, Isses, and Approaches Mltimedia and Mobile commnications Laboratory Seol National University Jaeyong Choi, Chlhyn Park, Hakyng Jng, Taekyong Kwon, Yanghee Choi 19
More informationEMC ViPR. Controller REST API Developer Guide. Version
EMC ViPR Version 1.1.0 Controller REST API Developer Gide 302-000-496 01 Copyright 2013-2014 EMC Corporation. All rights reserved. Pblished in USA. Pblished Febrary, 2014 EMC believes the information in
More informationEMC ViPR. User Guide. Version
EMC ViPR Version 1.1.0 User Gide 302-000-481 01 Copyright 2013-2014 EMC Corporation. All rights reserved. Pblished in USA. Pblished Febrary, 2014 EMC believes the information in this pblication is accrate
More informationSecure Biometric-Based Authentication for Cloud Computing
Secre Biometric-Based Athentication for Clod Compting Kok-Seng Wong * and Myng Ho Kim School of Compter Science and Engineering, Soongsil University, Sangdo-Dong Dongjak-G, 156-743 Seol Korea {kswong,kmh}@ss.ac.kr
More informationLocal Run Manager. Software Reference Guide for MiSeqDx
Local Rn Manager Software Reference Gide for MiSeqDx Local Rn Manager Overview 3 Dashboard Overview 4 Administrative Settings and Tasks 7 Workflow Overview 12 Technical Assistance 17 Docment # 1000000011880
More informationdss-ip Manual digitalstrom Server-IP Operation & Settings
dss-ip digitalstrom Server-IP Manal Operation & Settings Table of Contents digitalstrom Table of Contents 1 Fnction and Intended Use... 3 1.1 Setting p, Calling p and Operating... 3 1.2 Reqirements...
More informationOverview of Security Support in Vector Tools
Overview of Secrity Spport in Vector Tools Secrity Manager V0.2 2017-09-22 Agenda Motivation Challenges Secrity Manager Otlook 2 Motivation Secrity protects Featres and Bsiness Models Secrity Goals: Integrity
More informationKey Management and Distribution
2 and Distribution : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 css441y15s2l10, Steve/Courses/2015/s2/css441/lectures/key-management-and-distribution.tex,
More informationDiagnostics is evolving
Diagnostics is evolving Vector India Conference, 208-07-8 V.0 208-07-3 Agenda AUTOSAR Development Remote Diagnostics and OTA Secrity 2 AUTOSAR Development DEXT Diagnostic Extract Template (=DEXT) Part
More informationContent Content Introduction
Content Content Introdction...................................................................... 3 Roles in the provisioning process............................................................... 4 Server
More informationOn the Computational Complexity and Effectiveness of N-hub Shortest-Path Routing
1 On the Comptational Complexity and Effectiveness of N-hb Shortest-Path Roting Reven Cohen Gabi Nakibli Dept. of Compter Sciences Technion Israel Abstract In this paper we stdy the comptational complexity
More informationNetwork Security Essentials
Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of
More informationIsilon InsightIQ. Version 2.5. User Guide
Isilon InsightIQ Version 2.5 User Gide Pblished March, 2014 Copyright 2010-2014 EMC Corporation. All rights reserved. EMC believes the information in this pblication is accrate as of its pblication date.
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution
Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University
More informationNetworks An introduction to microcomputer networking concepts
Behavior Research Methods& Instrmentation 1978, Vol 10 (4),522-526 Networks An introdction to microcompter networking concepts RALPH WALLACE and RICHARD N. JOHNSON GA TX, Chicago, Illinois60648 and JAMES
More informationTdb: A Source-level Debugger for Dynamically Translated Programs
Tdb: A Sorce-level Debgger for Dynamically Translated Programs Naveen Kmar, Brce R. Childers, and Mary Lo Soffa Department of Compter Science University of Pittsbrgh Pittsbrgh, Pennsylvania 15260 {naveen,
More informationBackground. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33
Background Network Security - Certificates, Keys and Signatures - Dr. John Keeney 3BA33 Slides Sources: Karl Quinn, Donal O Mahoney, Henric Johnson, Charlie Kaufman, Wikipedia, Google, Brian Raiter. Recommended
More informationEMC AppSync. User Guide. Version REV 01
EMC AppSync Version 1.5.0 User Gide 300-999-948 REV 01 Copyright 2012-2013 EMC Corporation. All rights reserved. Pblished in USA. EMC believes the information in this pblication is accrate as of its pblication
More informationEMC VNX Series. Problem Resolution Roadmap for VNX with ESRS for VNX and Connect Home. Version VNX1, VNX2 P/N REV. 03
EMC VNX Series Version VNX1, VNX2 Problem Resoltion Roadmap for VNX with ESRS for VNX and Connect Home P/N 300-014-335 REV. 03 Copyright 2012-2014 EMC Corporation. All rights reserved. Pblished in USA.
More informationContent Safety Precaution... 4 Getting started... 7 Input method... 9 Using the Menus Use of USB Maintenance & Safety...
STAR -1- Content 1. Safety Precation... 4 2. Getting started... 7 Installing the cards and the Battery... 7 Charging the Battery... 8 3. Inpt method... 9 To Shift Entry Methods... 9 Nmeric and English
More informationLecture 4: Routing. CSE 222A: Computer Communication Networks Alex C. Snoeren. Thanks: Amin Vahdat
Lectre 4: Roting CSE 222A: Compter Commnication Networks Alex C. Snoeren Thanks: Amin Vahdat Lectre 4 Overview Pop qiz Paxon 95 discssion Brief intro to overlay and active networking 2 End-to-End Roting
More informationWhat s New in AppSense Management Suite Version 7.0?
What s New in AMS V7.0 What s New in AppSense Management Site Version 7.0? AppSense Management Site Version 7.0 is the latest version of the AppSense prodct range and comprises three prodct components,
More informationCS 153 Design of Operating Systems
CS 153 Design of Operating Systems Spring 18 Lectre 3: OS model and Architectral Spport Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian Last time/today
More informationDPDK s Best Kept Secret: Micro-benchmarks. M Jay DPDK Summit - San Jose 2017
DPDK s Best Kept Secret: Micro-benchmarks M Jay Mthrajan.Jayakmar@intel.com DPDK Smmit - San Jose 2017 Legal Information Optimization Notice: Intel s compilers may or may not optimize to the same degree
More informationCS 153 Design of Operating Systems Spring 18
CS 153 Design of Operating Systems Spring 18 Lectre 8: Threads Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian Processes P1 P2 Recall that Bt OS A process
More informationServer-based Certificate Validation Protocol
Server-based Certificate Validation Protocol Digital Certificate and PKI a public-key certificate is a digital certificate that binds a system entity's identity to a public key value, and possibly to additional
More informationEXAMINATIONS 2010 END OF YEAR NWEN 242 COMPUTER ORGANIZATION
EXAINATIONS 2010 END OF YEAR COPUTER ORGANIZATION Time Allowed: 3 Hors (180 mintes) Instrctions: Answer all qestions. ake sre yor answers are clear and to the point. Calclators and paper foreign langage
More informationGigaset M34 USB Ya-LBA / englisch / A31008-M403-R / cover_front.fm / User Manual
User Manal Contents Contents For yor safety.............................. 4 Notes on the operating instrctions....................................... 4 Safety precations.....................................................
More informationEMC M&R (Watch4net ) Installation and Configuration Guide. Version 6.4 P/N REV 02
EMC M&R (Watch4net ) Version 6.4 Installation and Configration Gide P/N 302-001-045 REV 02 Copyright 2012-2014 EMC Corporation. All rights reserved. Pblished in USA. Pblished September, 2014 EMC believes
More informationIllumina LIMS. Software Guide. For Research Use Only. Not for use in diagnostic procedures. Document # June 2017 ILLUMINA PROPRIETARY
Illmina LIMS Software Gide Jne 2017 ILLUMINA PROPRIETARY This docment and its contents are proprietary to Illmina, Inc. and its affiliates ("Illmina"), and are intended solely for the contractal se of
More informationVector Logger Cloud. VECTOR GB Ltd Conference, 28th Sept, 2017 V
Vector Logger Clod VECTOR GB Ltd Conference, 28th Sept, 2017 V1.0 2017-09-27 Agenda Challenges Vector Logger Clod Secrity Aspects Data Acqisition Policy Conclsion 2 Vector Logger Clod Challenges Growing
More informationLocal Run Manager Generate FASTQ Analysis Module
Local Rn Manager Generate FASTQ Analysis Modle Workflow Gide For Research Use Only. Not for se in diagnostic procedres. Overview 3 Set Parameters 3 Analysis Methods 5 View Analysis Reslts 5 Analysis Report
More informationMulti-lingual Multi-media Information Retrieval System
Mlti-lingal Mlti-media Information Retrieval System Shoji Mizobchi, Sankon Lee, Fmihiko Kawano, Tsyoshi Kobayashi, Takahiro Komats Gradate School of Engineering, University of Tokshima 2-1 Minamijosanjima,
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationPublic Key Infrastructure
Public Key Infrastructure Ed Crowley Summer 11 1 Topics Public Key Infrastructure Defined PKI Overview PKI Architecture Trust Models Components X.509 Certificates X.500 LDAP 2 Public Key Infrastructure
More informationAn Adaptive Strategy for Maximizing Throughput in MAC layer Wireless Multicast
University of Pennsylvania ScholarlyCommons Departmental Papers (ESE) Department of Electrical & Systems Engineering May 24 An Adaptive Strategy for Maximizing Throghpt in MAC layer Wireless Mlticast Prasanna
More information(2, 4) Tree Example (2, 4) Tree: Insertion
Presentation for se with the textbook, Algorithm Design and Applications, by M. T. Goodrich and R. Tamassia, Wiley, 2015 B-Trees and External Memory (2, 4) Trees Each internal node has 2 to 4 children:
More informationCS 153 Design of Operating Systems
CS 53 Design of Operating Systems Spring 8 Lectre 6: Paging Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian Some slides modified from originals by Dave
More informationCS 153 Design of Operating Systems
CS 153 Design of Operating Systems Spring 18 Lectre 23: File Systems (2) Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian Last time Abstractions for the
More information6 Using Bookmarks Using Saved Pages Advanced Features
Overview... - Yahoo! Keitai... -3 Connecting to Yahoo! Keitai... -3 PC Site Browser... -5 PC Site Browser... -5 Connecting to PC Websites... -5 Page Operations... -8 Navigating Pages... -8 Jmping to Next
More information5 Performance Evaluation
5 Performance Evalation his chapter evalates the performance of the compared to the MIP, and FMIP individal performances. We stdy the packet loss and the latency to restore the downstream and pstream of
More informationAnalog Telephones. User Guide. BusinessPhone Communication Platform
Analog Telephones BsinessPhone Commnication Platform User Gide Cover Page Graphic Place the graphic directly on the page, do not care abot ptting it in the text flow. Select Graphics > Properties and make
More informationEvaluating Influence Diagrams
Evalating Inflence Diagrams Where we ve been and where we re going Mark Crowley Department of Compter Science University of British Colmbia crowley@cs.bc.ca Agst 31, 2004 Abstract In this paper we will
More informationVerification of Data Location in Cloud Networking
2011 Forth IEEE International Conference on Utility and Clod Compting Verification of Data Location in Clod Networking Thorsten Ries, Volker Fsenig, Christian Vilbois and Thomas Engel Interdisciplinary
More informationElements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy
Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted
More informationDSCS6020: SQLite and RSQLite
DSCS6020: SQLite and RSQLite SQLite History SQlite is an open sorce embedded database, meaning that it doesn t have a separate server process. Reads and writes to ordinary disk files. The original implementation
More informationPage # CISC360. Integers Sep 11, Encoding Integers Unsigned. Encoding Example (Cont.) Topics. Twoʼs Complement. Sign Bit
Topics CISC3 Integers Sep 11, 28 Nmeric Encodings Unsigned & Twoʼs complement Programming Implications C promotion rles Basic operations Addition, negation, mltiplication Programming Implications Conseqences
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Authentication Applications We cannot enter into alliance with neighbouring princes until
More informationConfiguring SSL. SSL Overview CHAPTER
CHAPTER 8 Date: 4/23/09 This topic describes the steps required to configure your ACE (both the ACE module and the ACE appliance) as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination.
More informationA choice relation framework for supporting category-partition test case generation
Title A choice relation framework for spporting category-partition test case generation Athor(s) Chen, TY; Poon, PL; Tse, TH Citation Ieee Transactions On Software Engineering, 2003, v. 29 n. 7, p. 577-593
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationFINITE ELEMENT APPROXIMATION OF CONVECTION DIFFUSION PROBLEMS USING GRADED MESHES
FINITE ELEMENT APPROXIMATION OF CONVECTION DIFFUSION PROBLEMS USING GRADED MESHES RICARDO G. DURÁN AND ARIEL L. LOMBARDI Abstract. We consider the nmerical approximation of a model convection-diffsion
More informationOn the Existence of Subliminal Channel in Instant Messaging Systems
, pp. 353-362 http://dx.doi.org/10.14257/ijsia.2015.9.3.27 On the Existence of Sbliminal Channel in Instant Messaging Systems Lingyn Xiang 1, Yha Xie 2, Gang Lo 3 and Weizheng Wang 1 1 School of Compter
More informationThe single-cycle design from last time
lticycle path Last time we saw a single-cycle path and control nit for or simple IPS-based instrction set. A mlticycle processor fies some shortcomings in the single-cycle CPU. Faster instrctions are not
More informationUnderstanding BGP Misconfiguration
Understanding BGP Misconfigration Ratl Mahajan David Wetherall Tom Anderson University of Washington Motivation BGP instabilities have widespread impact Misconfigrations can be a leading case of nreliability
More informationSecurity Protocols and Infrastructures. Winter Term 2015/2016
Security Protocols and Infrastructures Winter Term 2015/2016 Nicolas Buchmann (Harald Baier) Chapter 5: Standards for Security Infrastructures Contents Introduction and naming scheme X.509 and its core
More informationI7te Icon9{czusCcttcr
I7te Icon9{czsCcttcr No. 34 - October 15,1990 Version 8 of Icon Version 8 of Icon is now stable and there are implementations available for all platforms previosly spported. We've sent ot a lot of copies
More informationRisk Based Security. Automotive Safety & Security, 30. Mai 2017 Christof Ebert and Dominik Lieckfeldt, Vector Consulting Services V1.
Risk Based Secrity Atomotive Safety & Secrity, 30. Mai 2017 Christof Ebert and Dominik Lieckfeldt, Vector Conslting Services V1.0 2017-05-30 Agenda Motivation Risk-based approach to Cybersecrity Conslsion
More informationUnit Testing with VectorCAST and AUTOSAR
Unit Testing with VectorCAST and AUTOSAR Vector TechDay Software Testing with VectorCAST V1.0 2018-11-15 Agenda Introdction Unit Testing Demo Working with AUTOSAR Generated Code Unit Testing AUTOSAR SWCs
More informationConfiguring SSL CHAPTER
7 CHAPTER This chapter describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section
More informationStatistical Methods in functional MRI. Standard Analysis. Data Processing Pipeline. Multiple Comparisons Problem. Multiple Comparisons Problem
Statistical Methods in fnctional MRI Lectre 7: Mltiple Comparisons 04/3/13 Martin Lindqist Department of Biostatistics Johns Hopkins University Data Processing Pipeline Standard Analysis Data Acqisition
More informationBIS - Basic Package V4.6
Engineered Soltions BIS - Basic Package V4.6 BIS - Basic Package V4.6 www.boschsecrity.com The Bilding Integration System (BIS) BIS is a flexible, scalable secrity and safety management system that can
More informationVersion 3 X.509 Certificates
Entrust Technologies White Paper Author: Ian Curry Date: July 1996 Version: 1.0 Entrust Technologies, 1997. All rights reserved. 1 1. Introduction This document provides a description of the version 3
More informationSecurity Protocols and Infrastructures
Security Protocols and Infrastructures Dr. Michael Schneider michael.schneider@h-da.de Chapter 5: Standards for Security Infrastructures November 13, 2017 h_da WS2017/18 Dr. Michael Schneider 1 1 Introduction
More informationToday s Lecture. Software Architecture. Lecture 27: Introduction to Software Architecture. Introduction and Background of
Today s Lectre Lectre 27: Introdction to Software Architectre Kenneth M. Anderson Fondations of Software Engineering CSCI 5828 - Spring Semester, 1999 Introdction and Backgrond of Software Architectre
More informationCS 153 Design of Operating Systems Spring 18
CS 153 Design of Operating Systems Spring 18 Lectre 15: Virtal Address Space Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian OS Abstractions Applications
More informationEECS 487: Interactive Computer Graphics f
Interpolating Key Vales EECS 487: Interactive Compter Graphics f Keys Lectre 33: Keyframe interpolation and splines Cbic splines The key vales of each variable may occr at different frames The interpolation
More informationCost Based Local Forwarding Transmission Schemes for Two-hop Cellular Networks
Cost Based Local Forwarding Transmission Schemes for Two-hop Celllar Networks Zhenggang Zhao, Xming Fang, Yan Long, Xiaopeng H, Ye Zhao Key Lab of Information Coding & Transmission Sothwest Jiaotong University,
More informationCryptanalysis of Password Authentication Scheme Using Smart Cards
Jornal of Internet Technology an Secre Transactions (JITST, Volme 1, Isse 1, March 2012 Cryptanalysis of Passwor Athentication Scheme Using Smart Cars Sattar J Abo Department of Information Technology
More informationDoctor Web. All rights reserved
Enterprise Site 2004-2009 Doctor Web. All rights reserved This docment is the property of Doctor Web. No part of this docment may be reprodced, pblished or transmitted in any form or by any means for any
More informationConfiguring SSL. SSL Overview CHAPTER
7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:
More informationPOWER-OF-2 BOUNDARIES
Warren.3.fm Page 5 Monday, Jne 17, 5:6 PM CHAPTER 3 POWER-OF- BOUNDARIES 3 1 Ronding Up/Down to a Mltiple of a Known Power of Ronding an nsigned integer down to, for eample, the net smaller mltiple of
More informationThe extra single-cycle adders
lticycle Datapath As an added bons, we can eliminate some of the etra hardware from the single-cycle path. We will restrict orselves to sing each fnctional nit once per cycle, jst like before. Bt since
More informationElements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy
Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy Homework 3 Due: Monday, 11/28/2016 at 11:55pm PT Solution: Will be posted
More informationMETAMODEL FOR SOFTWARE SOLUTIONS IN COMPUTED TOMOGRAPHY
VOL. 10, NO 22, DECEBER, 2015 ISSN 1819-6608 ETAODEL FOR SOFTWARE SOLUTIONS IN COPUTED TOOGRAPHY Vitaliy ezhyev Faclty of Compter Systems and Software Engineering, Universiti alaysia Pahang, Gambang, alaysia
More informationSecure Sockets Layer (SSL) / Transport Layer Security (TLS)
Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Brad Karp UCL Computer Science CS GZ03 / M030 20 th November 2017 What Problems Do SSL/TLS Solve? Two parties, client and server, not previously
More informationReview Multicycle: What is Happening. Controlling The Multicycle Design
Review lticycle: What is Happening Reslt Zero Op SrcA SrcB Registers Reg Address emory em Data Sign etend Shift left Sorce A B Ot [-6] [5-] [-6] [5-] [5-] Instrction emory IR RegDst emtoreg IorD em em
More informationReal-time mean-shift based tracker for thermal vision systems
9 th International Conference on Qantitative InfraRed Thermography Jly -5, 008, Krakow - Poland Real-time mean-shift based tracker for thermal vision systems G. Bieszczad* T. Sosnowski** * Military University
More informationAdaptive Influence Maximization in Microblog under the Competitive Independent Cascade Model
International Jornal of Knowledge Engineering, Vol. 1, No. 2, September 215 Adaptie Inflence Maximization in Microblog nder the Competitie Independent Cascade Model Zheng Ding, Kai Ni, and Zhiqiang He
More informationPROVING WHO YOU ARE TLS & THE PKI
PROVING WHO YOU ARE TLS & THE PKI CMSC 414 MAR 29 2018 RECALL OUR PROBLEM WITH DIFFIE-HELLMAN The two communicating parties thought, but did not confirm, that they were talking to one another. Therefore,
More informationCrypto meets Web Security: Certificates and SSL/TLS
CSE 484 / CSE M 584: Computer Security and Privacy Crypto meets Web Security: Certificates and SSL/TLS Spring 2016 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,
More informationPART I: Adding Instructions to the Datapath. (2 nd Edition):
EE57 Instrctor: G. Pvvada ===================================================================== Homework #5b De: check on the blackboard =====================================================================
More informationSend documentation comments to
CHAPTER 6 Configuring Certificate Authorities and Digital Certificates This chapter includes the following topics: Information About Certificate Authorities and Digital Certificates, page 6-1 Default Settings,
More informationUSER S GUIDE: SPRINT RELAY CUSTOMER PROFILE
USER S GUIDE: SPRINT RELAY CUSTOMER PROFILE www.mysprintrelay.com/login n Log-in Go to www.mysprintrelay.com/login. If yo don t have a sername or password, click the gray men btton Cstomer New Profile/Call
More informationConfiguring Certificate Authorities and Digital Certificates
CHAPTER 43 Configuring Certificate Authorities and Digital Certificates Public Key Infrastructure (PKI) support provides the means for the Cisco MDS 9000 Family switches to obtain and use digital certificates
More informationA Certificateless and Across Administrative Domains Authenticated Key Exchange Scheme for E-payment
JOURNAL OF SOFTWARE OL 6 NO 0 OTOBER 20 985 A ertificateless and Across Administrative Domains Athenticated Key Exchange Scheme for E-payment Ming hen Kaigi W and Jiann D honging University/ollege of ompter
More informationCS 153 Design of Operating Systems Spring 18
CS 153 Design of Operating Systems Spring 18 Lectre 12: Deadlock Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian Deadlock the deadly embrace! Synchronization
More informationAN A. GPON Optical Network Terminal. Product Manual. Version: A/1. FiberHome Telecommunication Technologies Co., Ltd.
AN5506-01-A GPON Optical Network Terminal Prodct Manal Version: A/1 FiberHome Telecommnication Technologies Co., Ltd. April 2017 Thank yo for choosing or prodcts. We appreciate yor bsiness. Yor satisfaction
More informationCS 153 Design of Operating Systems Spring 18
CS 153 Design of Operating Systems Spring 18 Lectre 9: Synchronization (1) Instrctor: Chengy Song Slide contribtions from Nael Ab-Ghazaleh, Harsha Madhyvasta and Zhiyn Qian Cooperation between Threads
More informationS/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: November 10, 2011
S/MIME on Good for Enterprise MS Online Certificate Status Protocol Installation and Configuration Notes Updated: November 10, 2011 Installing the Online Responder service... 1 Preparing the environment...
More informationThe Disciplined Flood Protocol in Sensor Networks
The Disciplined Flood Protocol in Sensor Networks Yong-ri Choi and Mohamed G. Goda Department of Compter Sciences The University of Texas at Astin, U.S.A. fyrchoi, godag@cs.texas.ed Hssein M. Abdel-Wahab
More informationPublic-Key Infrastructure NETS E2008
Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1 Authenticity of Public Keys? private key Alice Bob public key Problem: How does Alice know that the public key
More informationConceptual Data Modeling The Entity-Relationship Diagram. Bridging the Gap
Chapter Conceptal Data Modeling The Entity-Relationship Diagram Conceptal Perception of an Enterprise Bridging the Gap STUDENT( ID, Name, Age, Address, GPA ) INSTRUCTOR ( Emp#, Name, Rank, Dept ) COURSE
More informationNortel DECT Handset 4025 User Guide
DECT 4025 Nortel DECT Handset 4025 User Gide Revision history Revision history October 2005 Standard 2.00. This docment is p-issed to spport Nortel Commnication Server 1000 Release 4.5. Febrary 2005 Standard
More informationIMPLEMENTATION OF OBJECT ORIENTED APPROACH TO MODIFIED ANT ALGORITHM FOR TASK SCHEDULING IN GRID COMPUTING
International Jornal of Modern Engineering Research (IJMER) www.imer.com Vol.1, Isse1, pp-134-139 ISSN: 2249-6645 IMPLEMENTATION OF OBJECT ORIENTED APPROACH TO MODIFIED ANT ALGORITHM FOR TASK SCHEDULING
More informationData/Metadata Data and Data Transformations
A Framework for Classifying Scientic Metadata Helena Galhardas, Eric Simon and Anthony Tomasic INRIA Domaine de Volcea - Rocqencort 7853 Le Chesnay France email: First-Name.Last-Name@inria.fr Abstract
More informationMembership Library in DPDK Sameh Gobriel & Charlie Tai - Intel DPDK US Summit - San Jose
Membership Library in DPDK 17.11 Sameh Gobriel & Charlie Tai - Intel DPDK US Smmit - San Jose - 2017 Contribtors Yipeng Wang yipeng1.wang@intel.com Ren Wang ren.wang@intel.com John Mcnamara john.mcnamara@intel.com
More informationDate: December 5, 1999 Dist'n: T1E1.4
12/4/99 1 T1E14/99-559 Project: T1E14: VDSL Title: Vectored VDSL (99-559) Contact: J Cioffi, G Ginis, W Y Dept of EE, Stanford U, Stanford, CA 945 Cioffi@stanforded, 1-65-723-215, F: 1-65-724-3652 Date:
More information