Protection and Security. Sarah Diesburg Operating Systems CS 3430
|
|
- Elwin Farmer
- 6 years ago
- Views:
Transcription
1 Protection and Security Sarah Diesburg Operating Systems CS 3430
2 Definitions Security: policy of authorizing accesses Prevents intentional misuses of a system Protection: the actual mechanisms implemented to enforce the specialized policy Prevents either accidental or intentional misuses
3 Security Goals Data confidentiality: secret data remains secret Data integrity: unauthorized users should not be able to modify data System availability: nobody can make a system unusable
4 Security Components Authentication determines who the user is Authorization determines who is allowed to do what Enforcement makes it so people can do only what they are allowed to do
5 Authentication The most common approach: passwords If I know the secret, the machine can assume that I m the user Problems: 1. Password storage 2. Poor passwords
6 Password Storage Encryption Uses a key to transform the data Difficult to reverse without the key UNIX stores encrypted passwords in /etc/passwd Uses one-way transformations Encrypts a typed password and compares encrypted passwords
7 Poor Passwords Short passwords Easy to crack Long passwords Tend to be written down somewhere
8 Original UNIX Required only lower-case, 5-lettered passwords 26 5 or 1 million combinations In 1975, it would take one day to crack one password Today, we can go through all those combinations < 1 second
9 Partial Solutions Extend password with a unique number Require more complex passwords 6 letters of upper, lower cases, numbers, and special characters 70 6 or 100 billion combinations Unfortunately, people still pick common words
10 Partial Solutions Delay every login by 1 second Assign very long passwords Give everyone a password calculator (credit card) Requires a physical theft to steal the password
11 Authentication in Distributed Systems Private key encryption of data Encrypt(Key, Plaintext) = Cipher text Decrypt(Key, Cipher text) = Plaintext Hard to reverse without the key With the plaintext and the cipher text, one cannot derive the key Provides secrecy and authentication, as long as the key stays secret
12 How to distribute the keys? Authentication server Keeps a list of keys
13 Kerberos Protocol Key xy is needed to talk between x and y Server S Encrypt(Key AS, I want Key AB ) Client A Client B Key AS Key BS
14 Kerberos Protocol Key xy is needed to talk between x and y Server S Encrypt(Key AS, Here is Key AB and a message to B ) Client A Client B Key AS Key BS
15 Kerberos Protocol Key xy is needed to talk between x and y Server S Client A Client B Key AS Key BS message Encrypt(Key BS, use Key AB to talk to A )
16 Additional Details Expiration timestamp for a key Prevents a machine from replaying messages (e.g., deposit $100 ) Checksum for an encrypted message Prevents modifications to a message (e.g., deposit $1000 ) Key AS and Key BS are renewed periodically to reduce their exposures
17 Public Key Encryption Separates authentication from secrecy Involves a public key and private key Encrypt(Key public, plaintext) = cipher text Decrypt(Key private, cipher text) = plaintext Encrypt(Key private, plaintext) = cipher text Decrypt(Key public, cipher text) = plaintext
18 Public Key Encryption Idea: Private key is kept secret Public key is advertised
19 Public Key Encryption Encrypt(Key my_public, Hi, Sarah ) Anyone can create it, but only I can read it (secrecy) Encrypt(Key my_private, I m Sarah ) Everyone can read it, but only I can create it (authentication)
20 Public Key Encryption Encrypt(Key your_public, Encrypt(Key my_private, I know your secret )) Only I can create it, and only you can read it
21 Authorization Access matrix describes who can do what File 1 Bart read,write read Lisa Maggie Lisa s diary File3 read, write -The matrix tends to be sparse
22 Access Control List Stores all permissions for all users with each object Analogy: a guard in front of a door Checks for a list of people allowed to enter UNIX: permission of each file is specified according to its owner, group, and the world
23 Capability List Stores all objects a process can touch Analogy: Keys A key owner has the right of entry Example: page tables Each process has a list of pages that it can access
24 Access Control List vs. Capability List Access control list (commonly used) Easy to know who can access the object Hard to know which objects a user can access Capability list A user knows the list of objects to access Hard to know who can access an object More difficult to revoke capabilities
25 Enforcement Enforcer programs check passwords, access control lists, and so on In UNIX, enforcers are run as superuser If there is a bug, you are hosed!
26 The State of the World in Security Authentication Poor passwords Nobody encrypts s Authorization Coarse-grained access control list Often turned off for sharing Enforcement Buggy operating systems
27 Classes of Security Problems Eavesdropping is the listener approach Tap into the Ethernet and see everything Countermeasure: pressurized cabled Abuse of privilege If the superuser is evil, there is nothing you can do
28 Classes of Security Problems Imposter breaks into the system by pretending to be someone else Recorded voice and facial image Countermeasure: behavioral monitoring to look for suspicious activities Overwriting the boot block
29 Classes of Security Problems A Trojan horse is a seemingly innocent program that performs an unexpected function Countermeasure: integrity checking Periodically, check binaries against their checksums
30 Classes of Security Problems Salami attack builds up an attack, one-bit at a time Example: send partial pennies to a bank account Countermeasure: code reviews
31 Classes of Security Problems Logic bombs: a programmer may secretly insert a piece of code into the production system A programmer feeds the system password periodically If the programmer is fired, the logic bomb goes off Countermeasure: code reviews
32 Classes of Security Problems Denial-of-service attacks aim to reduce system availability A handful of machines can flood a victim machine to disrupt its normal use Countermeasure: open
33 Pentagon Traffic Analysis Before the 1991 Persian Gulf War Foreign intelligence tried to predict the starting date of the war time
34 Pentagon Traffic Analysis So much for the element of surprise
35 Tenex Used to be the most popular system at universities before UNIX Thought to be very secure
36 Tenex Source code for the password check: for (j = 0; j < 8; j++) { } if (input[j]!= pw[j]) { } // go to error; Need to go through combinations
37 Tenex Unfortunately, Tenex used virtual memory in memory password on disk A fast password check means that the first character is wrong (error) A slow check means that the first character is correct (page fault)
38 Tenex checks to crack a password is reduced down to 256 * 8 checks
39 The Internet Worm In 1988, a Cornell graduate student, RTM, released a worm into the Internet The worm used three attacks rsh fingerd sendmail
40 The Internet Worm Some machines trust other machines, the use of rsh was sufficient to get into a remote machine without authentication
41 The Internet Worm finger command did not check the input buffer size finger Overflow the buffer Overwrite the return address of a procedure Jump and execute a shell (under root privilege)
42 The Internet Worm sendmail allowed the worm to mail a copy of the code and get it executed The worm was caught due to multiple infections People noticed the high CPU load
19.1. Security must consider external environment of the system, and protect it from:
Module 19: Security The Security Problem Authentication Program Threats System Threats Securing Systems Intrusion Detection Encryption Windows NT 19.1 The Security Problem Security must consider external
More informationModule 20: Security. The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption. Operating System Concepts 20.
Module 20: Security The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption 20.1 The Security Problem Security must consider external environment of the system,
More informatione-commerce Study Guide Test 2. Security Chapter 10
e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationProtection and Security
Protection and Security CS 502 Spring 99 WPI MetroWest/Southboro Campus Three Circles of Computer Security Inner Circle Memory, CPU, and File protection. Middle Circle Security Perimeter. Authentication
More informationThe Security Problem
CSC 4103 - Operating Systems Spring 2007 Lecture - XX Protection and Security Tevfik Koşar Louisiana State University April 12 th, 2007 1 The Security Problem Security must consider external environment
More informationLanguage-Based Protection
Language-Based Protection Specification of protection in a programming language allows the high-level description of policies for the allocation and use of resources. Language implementation can provide
More informationChapter 15: Security. Chapter 15: Security
Chapter 15: Security Chapter 15: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Firewalling to Protect Systems and Networks
More informationProtection and Security
Protection and Security Security: policy for controlling access to system Protection: mechanism implementing security policy Why: users can do bad things to system either maliciously or unintentionally
More informationSecurity and Authentication
Security and Authentication Authentication and Security A major problem with computer communication Trust Who is sending you those bits What they allow to do in your system 2 Authentication In distributed
More informationIntroduction to Security and User Authentication
Introduction to Security and User Authentication Brad Karp UCL Computer Science CS GZ03 / M030 14 th November 2016 Topics We ll Cover User login authentication (local and remote) Cryptographic primitives,
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationCISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks
CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationCS 43: Computer Networks Security. Kevin Webb Swarthmore College December 7, 2017
CS 43: Computer Networks Security Kevin Webb Swarthmore College December 7, 2017 Topics Spying on network traffic Classic problem: buffer overflow attack Monetizing botnets Once upon a time The Internet
More informationCS162 Operating Systems and Systems Programming Lecture 26. Protection and Security in Distributed Systems II
CS162 Operating Systems and Systems Programming Lecture 26 Protection and Security in Distributed Systems II November 30, 2005 Prof. John Kubiatowicz http://inst.eecs.berkeley.edu/~cs162 Review: Authentication:
More informationOperating System Security. 0Handouts: Quizzes ProsoftTraining All Rights Reserved. Version 3.07
0Handouts: Lesson 1 Quiz 1. What is the working definition of authentication? a. The ability for a person or system to prove identity. b. Protection of data on a system or host from unauthorized access.
More informationOperating Systems Design Exam 3 Review: Spring Paul Krzyzanowski
Operating Systems Design Exam 3 Review: Spring 2012 Paul Krzyzanowski pxk@cs.rutgers.edu 1 Question 1 An Ethernet device driver implements the: (a) Data Link layer. (b) Network layer. (c) Transport layer.
More informationHacking Terminology. Mark R. Adams, CISSP KPMG LLP
Hacking Terminology Mark R. Adams, CISSP KPMG LLP Backdoor Also referred to as a trap door. A hole in the security of a system deliberately left in place by designers or maintainers. Hackers may also leave
More informationChapter 19 Security. Chapter 19 Security
Chapter 19 Security Outline 19.1 Introduction 19.2 Cryptography 19.2.1 Secret-Key Cryptography 19.2.2 Public-Key Cryptography 19.3 Authentication 19.3.1 Basic Authentication 19.3.2 Biometrics and Smart
More informationCOS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy
Topics COS 318: Operating Systems File Systems hierarchy File system abstraction File system operations File system protection 2 Traditional Data Center Hierarchy Evolved Data Center Hierarchy Clients
More informationDistributed Systems. Lecture 14: Security. Distributed Systems 1
06-06798 Distributed Systems Lecture 14: Security Distributed Systems 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationDistributed Systems. Lecture 14: Security. 5 March,
06-06798 Distributed Systems Lecture 14: Security 5 March, 2002 1 What is security? policies and mechanisms threats and attacks Overview Security of electronic transactions secure channels authentication
More informationSE420 Software Quality Assurance
SE420 Software Quality Assurance Encryption Backgrounder September 5, 2014 Sam Siewert Encryption - Substitution Re-map Alphabet, 1-to-1 and On-to (function) A B C D E F G H I J K L M N O P Q R S T U V
More informationESE 333 Real-Time Operating Systems 163 Review Deadlocks (Cont.) ffl Methods for handling deadlocks 3. Deadlock prevention Negating one of four condit
Review Deadlocks ffl Non-sharable resources ffl Necessary conditions for a deadlock to occur 1. Mutual exclusion 2. Hold and wait 3. No preemption 4. Circular wait ffl Resource graph ffl Use resource graph
More informationCSE 127: Computer Security. Security Concepts. Kirill Levchenko
CSE 127: Computer Security Security Concepts Kirill Levchenko October 3, 2014 Computer Security Protection of systems against an adversary Secrecy: Can t view protected information Integrity: Can t modify
More information(a) Which of these two conditions (high or low) is considered more serious? Justify your answer.
CS140 Winter 2006 Final Exam Solutions (1) In class we talked about the link count in the inode of the Unix file system being incorrect after a crash. The reference count can either be either too high
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationCS 333 Introduction to Operating Systems Class 19 - Security
CS 333 Introduction to Operating Systems Class 19 - Security Jonathan Walpole Computer Science Portland State University Overview Different aspects of security User authentication Protection mechanisms
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationCS 425 / ECE 428 Distributed Systems Fall 2017
CS 425 / ECE 428 Distributed Systems Fall 2017 Indranil Gupta (Indy) Dec 5, 2017 Lecture 27: Security All slides IG Security Threats Leakage Unauthorized access to service or data E.g., Someone knows your
More informationStorage and File System
COS 318: Operating Systems Storage and File System Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Topics Storage hierarchy File
More informationAccounting Information Systems
Accounting Information Systems Fourteenth Edition Chapter 6 Computer Fraud and Abuse Techniques ALW AYS LEARNING Learning Objectives Compare and contrast computer attack and abuse tactics. Explain how
More informationCristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.
CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How
More informationMalware, , Database Security
Malware, E-mail, Database Security Malware A general term for all kinds of software with a malign purpose Viruses, Trojan horses, worms etc. Created on purpose Can Prevent correct use of resources (DoS)
More informationCHAPTER 8 SECURING INFORMATION SYSTEMS
CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 3 User Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown User Authentication fundamental security building
More information2. INTRUDER DETECTION SYSTEMS
1. INTRODUCTION It is apparent that information technology is the backbone of many organizations, small or big. Since they depend on information technology to drive their business forward, issues regarding
More information10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms
Authentication IT443 Network Security Administration Instructor: Bo Sheng Authentication Mechanisms Key Distribution Center and Certificate Authorities Session Key 1 2 Authentication Authentication is
More informationCOMPUTER PASSWORDS POLICY
COMPUTER PASSWORDS POLICY 1.0 PURPOSE This policy describes the requirements for acceptable password selection and maintenance to maximize security of the password and minimize its misuse or theft. Passwords
More informationWhat did we talk about last time? Public key cryptography A little number theory
Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive
More informationData Communication. Chapter # 5: Networking Threats. By: William Stalling
Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals
More informationCS140 Operating Systems and Systems Programming Final Exam
CS140 Operating Systems and Systems Programming Final Exam March 24, 2006 Name: (please print) In recognition of and in the spirit of the Stanford University Honor Code, I certify that I will neither give
More informationMU2a Authentication, Authorization & Accounting Questions and Answers with Explainations
98-367 MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations Which are common symptoms of a virus infection? (Lesson 5 p 135-136) Poor system performance. Unusually low
More informationIntroduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright Chapter 12 1
Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005 Chapter 12 1 IT Ethics, Impacts, and Security Chapter 12 2 Chapter Outline Ethical Issues Impact
More informationEECE 412, Fall Quiz #4
EECE 412, Fall 2010 Quiz #4 This quiz consists of 7 pages. Please check that you have a complete copy. You may use both sides of each sheet if needed. Your Family name: Your Given name: Your student ID:
More informationChapter 15: Security. Operating System Concepts 9 th Edition
Chapter 15: Security Silberschatz, Galvin and Gagne 2013 Chapter 15: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing
More information5. Authentication Contents
Contents 1 / 47 Introduction Password-based Authentication Address-based Authentication Cryptographic Authentication Protocols Eavesdropping and Server Database Reading Trusted Intermediaries Session Key
More informationDefine information security Define security as process, not point product.
CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is
More informationSecurity. Reading: Chapter 15, [OSC] (except Section 15.9)
Security Reading: Chapter 15, [OSC] (except Section 15.9) Slides adapted from [OSC] book and M.E. Whitman and H.J. Mattord, Principles of Information Security, 5th edition, Cengage Learning, 2014. 1 Outline
More informationIntroduction to Information Security Prof. V. Kamakoti Department of Computer Science and Engineering Indian Institute of Technology, Madras
Introduction to Information Security Prof. V. Kamakoti Department of Computer Science and Engineering Indian Institute of Technology, Madras Lecture 09 Now, we discuss about the insecurity of passwords.
More informationChapter 15: Security. Operating System Concepts 8 th Edition,
Chapter 15: Security, Silberschatz, Galvin and Gagne 2009 Chapter 15: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing
More informationOutline. Operating System Security CS 239 Computer Security February 23, Introduction. Server Machines Vs. General Purpose Machines
Outline Operating System Security CS 239 Computer Security February 23, 2004 Introduction Memory protection Interprocess communications protection File protection Page 1 Page 2 Introduction Why Is OS Security
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 1: Introduction to Systems Security Endadul Hoque 1 Why should you care? Security impacts our day-to-day life Become a security-aware user Make safe decisions Become a security-aware
More informationKeys and Passwords. Steven M. Bellovin October 17,
Keys and Passwords Steven M. Bellovin October 17, 2010 1 Handling Long-Term Keys Where do cryptographic keys come from? How should they be handled? What are the risks? As always, there are tradeoffs Steven
More informationCS Final Exam
CS 600.443 Final Exam Name: This exam is closed book and closed notes. You are required to do this completely on your own without any help from anybody else. Feel free to write on the back of any page
More informationPotential Security Violations CSE 513: Distributed Systems (Security)
Potential Security Violations CSE 513: Distributed Systems (Security) Guohong Cao Department of Computer Science& Engineering 310 Pond Lab gcao@cse.psu.edu Unauthorized information releases An unauthorized
More informationStorage and File Hierarchy
COS 318: Operating Systems Storage and File Hierarchy Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics Storage hierarchy File system
More informationINF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015
INF3700 Informasjonsteknologi og samfunn Application Security Audun Jøsang University of Oslo Spring 2015 Outline Application Security Malicious Software Attacks on applications 2 Malicious Software 3
More informationCompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management
CompTIA Security+ Lecture Six Threats and Vulnerabilities Vulnerability Management Copyright 2011 - VTC Malware Malicious code refers to software threats to network and systems, including viruses, Trojan
More informationCOS 318: Operating Systems
COS 318: Operating Systems File Systems: Abstractions and Protection Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics What s behind
More informationCIS 4360 Secure Computer Systems Applied Cryptography
CIS 4360 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2017 Symmetric vs. Asymmetric Cryptography Symmetric cipher is much faster With asymmetric ciphers, you can post your Public
More informationSSH. Partly a tool, partly an application Features:
Internet security SSH 1 Secure Shell: SSH Partly a tool, partly an application Features: Encrypted login and shell connections Easy, drop-in replacements for rlogin, rsh, rcp Multiple means of authentication
More information1-7 Attacks on Cryptosystems
1-7 Attacks on Cryptosystems In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from
More informationPassword. authentication through passwords
Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse
More informationCS 161 Computer Security
Popa Spring 2018 CS 161 Computer Security Discussion 2 Week of January 29, 2018 Question 1 Software Vulnerabilities (20 min) For the following code, assume an attacker can control the value of basket passed
More informationL7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L7: Key Distributions Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 9/16/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are
More informationWrapup. CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger.
Wrapup CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ Final 2 The final is on Tuesday, May 8, 8:00 in 160 Willard (here) Be late
More informationThe Kerberos Authentication System Course Outline
The Kerberos Authentication System Course Outline Technical Underpinnings - authentication based on key sharing - Needham-Schroeder protocol - Denning and Sacco protocol Kerbeors V - Login and client-server
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More information1/11/11. o Syllabus o Assignments o News o Lecture notes (also on Blackboard)
Dr. Jelena Mirkovic (Y-Ellen-a) University of Southern California Information Sciences Institute If you wish to enroll and do not have D clearance yet, send an email to CSci530@usc.edu with: o Your name
More informationOperating Systems Design Exam 3 Review: Spring 2011
Operating Systems Design Exam 3 Review: Spring 2011 Paul Krzyzanowski pxk@cs.rutgers.edu 1 1. Why does an IP driver need to use ARP, the address resolution protocol? IP is a logical network. An IP address
More informationCopyright 2006 Prentice-Hall. All rights reserved. 1
PC Basics CPSC 100 Hardware Software Networking Copyright 2006 Prentice-Hall. All rights reserved. 1 Objectives Identify basic components of a computer (hardware) Gain insight into how computers work (software)
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationMASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.893 Fall 2009 Quiz II All problems are open-ended questions. In order to receive credit you must answer
More informationAuthentication in real world: Kerberos, SSH and SSL. Zheng Ma Apr 19, 2005
Authentication in real world: Kerberos, SSH and SSL Zheng Ma Apr 19, 2005 Where are we? After learning all the foundation of modern cryptography, we are ready to see some real world applications based
More informationMODULE NO.28: Password Cracking
SUBJECT Paper No. and Title Module No. and Title Module Tag PAPER No. 16: Digital Forensics MODULE No. 28: Password Cracking FSC_P16_M28 TABLE OF CONTENTS 1. Learning Outcomes 2. Introduction 3. Nature
More informationCSCI 420: Mobile Application Security. Lecture 7. Prof. Adwait Nadkarni. Derived from slides by William Enck, Patrick McDaniel and Trent Jaeger
CSCI 420: Mobile Application Security Lecture 7 Prof. Adwait Nadkarni Derived from slides by William Enck, Patrick McDaniel and Trent Jaeger 1 cryptography < security Cryptography isn't the solution to
More informationIntroduction to SSL. Copyright 2005 by Sericon Technology Inc.
Introduction to SSL The cornerstone of e-commerce is a Web site s ability to prevent eavesdropping on data transmitted to and from its site. Without this, consumers would justifiably be afraid to enter
More informationRace Condition Vulnerability Lab
Concordia Institute for Information Systems Engineering - INSE 6130 1 Race Condition Vulnerability Lab Copyright c 2006-2012 Wenliang Du, Syracuse University. The development of this document is funded
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 13: Operating System Security Department of Computer Science and Engineering University at Buffalo 1 Review Previous topics access control authentication session
More informationCS 161 Computer Security
Song Spring 2015 CS 161 Computer Security Discussion 6 February 24 & 25, 2015 Question 1 Security Principles (10 min) We discussed the following security principles in lecture: A. Security is economics
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationSecurity. 1 Introduction. Alex S. 1.1 Authentication
Security Alex S. 1 Introduction Security is one of the most important topics in the IT field. Without some degree of security, we wouldn t have the Internet, e-commerce, ATM machines, emails, etc. A lot
More information3.5 SECURITY. How can you reduce the risk of getting a virus?
3.5 SECURITY 3.5.4 MALWARE WHAT IS MALWARE? Malware, short for malicious software, is any software used to disrupt the computer s operation, gather sensitive information without your knowledge, or gain
More informationChapter 14: Security. Operating System Concepts Essentials 8 th Edition
Chapter 14: Security Silberschatz, Galvin and Gagne 2011 Chapter 14: Security The Security Problem Program Threats System and Network Threats Cryptography as a Security Tool User Authentication Implementing
More informationThe Internet of Things. Steven M. Bellovin November 24,
The Internet of Things Steven M. Bellovin November 24, 2014 1 What is the Internet of Things? Non-computing devices...... with CPUs... and connectivity (Without connectivity, it s a simple embedded system)
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More informationCSci 530 Final Exam. Fall 2007
CSci 530 Final Exam Fall 2007 Instructions: Show all work. No electronic devices are allowed. This exam is open book, open notes. You have 120 minutes to complete the exam. Please prepare your answers
More informationPasswords. EJ Jung. slide 1
Passwords EJ Jung slide 1 Basic Problem? How do you prove to someone that you are who you claim to be? Any system with access control must solve this problem slide 2 Many Ways to Prove Who You Are What
More informationChapter 10: Security and Ethical Challenges of E-Business
Chapter 10: Security and Ethical Challenges of E-Business Learning Objectives Identify several ethical issues in IT that affect employment, individuality, working condition, privacy, crime health etc.
More informationCS530 Authentication
CS530 Authentication Bill Cheng http://merlot.usc.edu/cs530-s10 1 Identification vs. Authentication Identification associating an identity (or a claimed identity) with an individual, process, or request
More informationInformation Security CS 526
Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationBS801E-BSCS. Cryptography
Jay-Ar Baliguat BS801E-BSCS Ms.Myrlen Maria Antoni Cryptography Cryptography can be defined as the conversion of data into a scrambled code that can be deciphered and sent across a public or private network.
More informationComputers and Security
The contents of this Supporting Material document have been prepared from the Eight units of study texts for the course M150: Date, Computing and Information, produced by The Open University, UK. Copyright
More information