Anonymity Questions. Leland Smith
|
|
- Rosalind Blake
- 6 years ago
- Views:
Transcription
1 Anonymity Questions Leland Smith Publius 1. One of Publius's goals is to be censorship resistant. Another is to be tamperevident. Don't these goals clash if tampering with a sufficient number of shares causes all the tamper checks to fail and the document to be considered irretrievable? (Glenn Fink) 2. In Figure 1, the serverlist[] array is used before it is defined. This array is used to compute the server's IP address. Where does it come from? (Glenn Fink) 3. If the documents and even the URLs themselves are encrypted, and if special software is required to retrieve and read them, is Publius information truly "published?" Seems like a very obscure way to publish. (Glenn Fink) 4. Will anyone read these documents? (Glenn Fink) 5. Will any search engine index them? (Glenn Fink) 6. If any user can view Publius published information, can't a malicious user find out which URLs the Publius client is accessing and force the administrators to delete this content? (Glenn Fink) 7. Since Publius requires a user proxy that works transparently, could an adversary defeat it by posting a false "upgrade" to Publius users that didn't work correctly? Could he use this trojaned version to redirect users to his own pages rather than the material he was trying to block? (Glenn Fink) 8. Do all the HTML features work with Publius? For example, can a publisher implement access control to files he publishes? (Glenn Fink) 9. Increasing n (the number of shares) or decreasing k (the number of shares needed to reconstruct the key) makes it harder for an adversary to delete a sufficient number of documents to censor Publius content. But doesn't decreasing k also make an adversary's job easier when he is conducting an update corruption (redirection) attack? (Glenn Fink) 10. In general, what is the applicability of the Publius? (Haiyen Cheng) 11. Although it solves the anonymous problem, the whole procedure is complicated. If a dynamic link needs to be updated by the publisher, then all associated links have to go through the process again. (Haiyen Cheng)
2 12. In the limitation part, the author said that the more we increase n, or the more we decrease k, the harder we make it for an individual, or group of individuals, to censor a published document. The n part is understandable, but for k, if k is decrease, would it be easy to reproduce the key? (Haiyen Cheng) 13. Successfully using Publius requires anonymize all hyperlinks in a published html file, so the better anonymity is tied with less links contained in the html file. In that sense, will it contradict with the functionality of the html being hyperlink? (Haiyen Cheng) 14. If one of the available servers has problem and the static table of available server needs to be updated, should the publisher repost all of his/her published material? (Haiyen Cheng) 15. Is it possible to validate the credentials of anonymous posts to avoid cranks? (Darrell Hyatt) 16. Based upon the attack described as faking an update and the remedy to it (marking a document un-updateable), PUBLIUS UPDATE seems like a useless feature. (Darrell Hyatt) 17. Publishing directory is not clear. (Vinod Eligeti) 18. After the author publishes a document he gets a URL for the document. Is this one put on net to access the document? In that case some one can update by taking this Url and giving it to the publius proxy easily? This wil change the content of the file. (Vinod Eligeti) 19. How many anonymous authors are using this by the way? Instead of anonymous publishing it is more appropriate to say anonymous content location. But I don t think the number of Publius servers deployed are many. So only the issue is the processing time. Any attacker can wait till the system gets compromised. (Vinod Eligeti) 20. The paper says the Publius servers don t know who is publishing. But it can know by which Publius proxy server has posted that document. So an attacker who sits as at the Publius server can know at which proxy is sending. Then the attacker can sit on the Publius proxy and can know who is sending the document. (Vinod Eligeti) 21. Isnt there a conflict with regards to the design in one case we say that we need to increase n or decrease k to make it harder to censor the document. At the same time we say to prevent update file deletion or corruption we need to have a larger values of k. (Bharath Ramesh)
3 22. An attacker can eavesdrop on the Publius servers and get the encrypted version of the password and then go ahead request for that URL and generate the key and then tamper with the password and modify or censor the content, which defeats the purpose of using Publius. (Bharath Ramesh) 23. How do you publish Publius URLs anonymously? 24. In the paper, the authors mentioned that Note that the name are dependent on every bit of the web page contents and share contents is this practical especially when the size of the content get larger. This thing could be advantages if the content size is relatively small but is this is not the case this will overload the system. 25. Since the list of the Publius s server is static, this means after awhile the locations and the identities of the servers will be in jeopardy, any one who interest to know this information will be able to do this. Is this a big weakness in the Pubius? 26. In Publius, the produced URL contains at least d name values concatenated together. Could someone guess the identity of the author based on this? 27. When n and k get large, the term (nk) will substantially become too large; this means Bob will spend significant time trying to retrieve the document. This will degrade the performance of the system if for example 10 user doing the same process simultaneously. Does the system suffer from the scalability problem? 28. If one of the key shares get corrupted for any reason. This means that no one could have access to this document any more so after awhile the servers will be filled by garbage documents. 29. Circular dependency problem will put limitation on the flexibility. (Muhammad Abu-Saqer) Crowds 1. Are there advantages to the crowds (P2P) approach to routing messages over the Onion Routing approach? (Glenn Fink) 2. If the paths are static, doesn't this make new members readily identifiable? (Glenn Fink) 3. Is the process of regenerating the paths efficient enough to do periodically? (Glenn Fink)
4 4. Over time and multiple path changes, is it possible for an attacker within a crowd to collect enough information from the web transactions it sees to make at least some connections between initiators and servers? (Glenn Fink) 5. What is the optimal size of the Crowds for an acceptable performance? (Haiyen Cheng) 6. Does the degree of Anonymity depend heavily on how good the random generator is? (Haiyen Cheng) 7. How to properly balance the anonymity of the sender and the anonymity of the message? It seems there s a dilemma. The more anonymity the sender is, the larger the crowds is, the less the anonymity of the message is. (Haiyen Cheng) 8. Do the members in the Crowds have some kind trust relationship? What are the cons of joining the Crowds? (Haiyen Cheng) 9. Could multiple jondos cause congestion by all running their messages through jondo X? (Darrell Hyatt) 10. Would some requests never be received by the end-server because of looping among jondos? (Darrell Hyatt) 11. I am unclear as to how the end-server's reply gets back to the original requester. Does each jondo store which predecessor sent it which request? (Darrell Hyatt) 12. Since the last jundo parses the html file, is it not a overhead on the whole system? (Vinod Eligeti) 13. The protocol seems to allow for the possibility that a message will bounce around a set of jondos forever. Is there anything in the specification that will enforce eventual message transmission? Are there some practical restrictions that should be placed on the probability of forwarding? (Sean Kugele) 14. The paper mentions a mechanism to prevent timing attacks that relies on the user's response time being slower than some time that is less than a second. Does this mean that if the user is using some type of automated user agent, such as a spider, that his anonymity may be compromised? (Sean Kugele) 15. In the discussion on Jondo membership and the size of a collaboration set of attackers the authors suggest that it would be extremely difficult in a large public crowd to secure a significant fraction of the membership to compromise group privacy as a whole. It seems that a worm targeting machines running the jondo client software could pull off such an attack. Is this a risk? (Sean Kugele)
5 16. In the performance analysis it will took over 13 seconds to download 25 1kB images; even the web page retrieval speeds are extremely slow for path sizes approaching (Sean Kugele) 17. In light of this is the tested implementation too slow to be usable? (Sean Kugele) 18. Isn't there a trust issue with relying on fellow crowd members instead of "trusted" central servers to route information? (Ranjit Randhawa) 19. Another trust issue is that if sensitive information is being routed through a users machine by a member of the crowd isn't the user partly responsible or can they claim ignorance? (Ranjit Randhawa) 20. Can the lack of central proxies/crowds servers mean this system/crowd will be as slow as its slowest member? (Ranjit Randhawa) 21. Is this implemented only for HTTP or can it be extended to other protocols? (Ranjit Randhawa) 22. Is there a way by which a user can repudiate his messages in Crowds? (Aparna Sharma) 23. How do the authors determine 6 degrees of anonymity? Are more degrees possible? (Aparna Sharma) 24. It is possible for a message to be forwarded infinitely within a large crowd (n ). Is there a max limit on the path length? Do messages have an expiration time beyond which they should be discarded from the crowd? (Aparna Sharma) 25. A jando flips a biased coin to determine whether or not to forward a request to another jando; the coin indicates to forward with the probability pf. How is this probability pf calculated? (Aparna Sharma) 26. Are there any checks made to find cycles within the paths in crowd? What are the restrictions on the permissible paths? (Aparna Sharma) 27. What are the implications if a path key is shared by a malicious jondo outside the crowd? (Aparna Sharma) 28. What is the frequency at which a jando checks for failed jandos and how does it accomplish this? (Aparna Sharma) 29. What are the overheads for re-establishing the paths in a crowd? (Aparna Sharma)
6 30. For a very large n (n ) the path length maybe large too. In this case the response latency would greatly increase. How scaleable is Crowds for such large path lengths given the huge latency response time? (Aparna Sharma) 31. How is jando failure detected in Crowds? (Aparna Sharma) 32. Currently, do we have versions of Crowds where the blender serves only to distribute the Diffie-Hellman public keys of crowd members? (Aparna Sharma) 33. How does the blender broadcast the join commit? (Aparna Sharma) 34. At present is Crowds deployed in the real world apart from being used in AT&T? (Aparna Sharma) 35. In Crowds the path is calculated as the request traverses the network. If one of the node in between can go down and wont that prevent the result of the request from reaching the user back. (Bharath Ramesh) 36. The strategy of crowds is built on the routing onion algorithm, which employs uniform message length and layered encryption to complicate traffic analysis, but it didn t come up with an efficient solution to make use of dummy traffic to significantly increase the protection from traffic analysis attacks. As a result, these systems do not employ dummy traffic, which implies that they are not very resistant against a powerful adversary. 37. If an initiator was revealed once, it can be recognized at each time due to the use of static paths. 38. Does Crowds protect against internal denial-of-service attacks. (Muhammad Abu- Saqer) 39. I am wondering if Crowds can work well with firewalls. Firewall will prevents a jondo outside the firewall from connecting to another behind the firewall. 40. Each jondo might be the one who actually sends the request to its destination. Could we reach case that jondo cannot distinguish between the request he originally initiate and the other he is forwarding. 41. While other jondos are not able to determine who originated a given request, however, could the contents of the request and reply may be exposed to them? This is primarily a concern when, e.g., passwords for accessing web pages are included in this content. 42. Could Crowds protect from global eavesdrops.
7 General 1. All anonymity solutions seem to consume a lot of resources for. e.g. more cpu for encryption, increased bandwidth and delay due to random routing, increased storage of multiple copies). Does this put a limit on scalability and deployment of these solutions? Without widespread deployment the degree of anonymity that can be promised is reduced. (Ved Vyas Duggirala) 2. My question is in the other side of the map, the side where some web resources are requested by anonymity side, could the web server distinguish the anonymity traffic. Is there any mechanism that enables the server to know that the requestor is not presenting his/her real identity? 3. Full freedom sometimes could be misused, also full control sometimes could be abused we need a system that make kind of subtle balance these two tradeoff. I think neither Publius nor Crowds achieve this, does we really need such systems. 4. If someone misuses the power that is his /her identity could not be recognized to publish some wrong content. Theses two system don t provide solutions for such cases since it is contrary to its principles and goals. However, these cases frequently happened. What can be done to prevent this? Questions received from: Glenn Fink Ranjit Randhawa Haiyen Cheng Darrell Hyatt Vinod Eligeti Sean Kugele Aparna Sharma Bharath Ramesh Ved Vyas Duggirala Muhammad Abu-Saqer
Shibboleth Questions
CS6204 Shibboleth Questions February 8, 2005 Discussant: Markus Lorch Paper: Erdos & Cantor, Shibboleth-Architecture Draft v05 (2002) General Questions 1. (Vinod Eligeti) Why so many specifications, standards
More informationCrowds Anonymous Web Transactions. Why anonymity?
Why anonymity? The web contains a wealth of information on topics that you might want to explore privately Support groups victims of crime private health concerns Job search don t want to inform current
More informationAnonymous communications: Crowds and Tor
Anonymous communications: Crowds and Tor Basic concepts What do we want to hide? sender anonymity attacker cannot determine who the sender of a particular message is receiver anonymity attacker cannot
More informationPublius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System
Publius A Robust, Tamper Evident, Censorship Resistant WWW Based Publishing System By Lorrie Cranor AT&T Labs Avi Rubin Marc Waldman New York University Proc. 9th USENIX Security Symposium, 2000 Presented
More informationPort-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009
Port-Scanning Resistance in Tor Anonymity Network Presented By: Shane Pope (Shane.M.Pope@gmail.com) Dec 04, 2009 In partial fulfillment of the requirements for graduation with the Dean's Scholars Honors
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationANONYMOUS CONNECTIONS AND ONION ROUTING
I J C I T A E Serials Publications 6(1) 2012 : 31-37 ANONYMOUS CONNECTIONS AND ONION ROUTING NILESH MADHUKAR PATIL 1 AND CHELPA LINGAM 2 1 Lecturer, I. T. Dept., Rajiv Gandhi Institute of Technology, Mumbai
More informationCNT Computer and Network Security: Privacy/Anonymity
CNT 5410 - Computer and Network Security: Privacy/Anonymity Professor Kevin Butler Fall 2015 When Confidentiality is Insufficient 2 Privacy!= Confidentiality Confidentiality refers to the property of the
More informationAnonymity. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel
Anonymity Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 1 Anonymity 2 The Internet can t be censored The Net treats censorship as damage and routes around it. - John Gillmore
More informationA Look Back at Security Problems in the TCP/IP Protocol Suite Review
A Look Back at Security Problems in the TCP/IP Protocol Suite Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka October 26, 2011 1 Introduction to the topic and the reason
More informationPublius A Robust, Tamper-Evident, Censorship- Resistant Web Publishing System
Publius A Robust, Tamper-Evident, Censorship- Resistant Web Publishing System Publius Pen name used by authors of Federalist Papers Federalist Papers influential in convincing NY voters to ratify US constitution.
More informationPractical Anonymity for the Masses with MorphMix
Practical Anonymity for the Masses with MorphMix Marc Rennhard, Bernhard Plattner () Financial Cryptography 2004 12 th February 2004 http://www.tik.ee.ethz.ch/~morphmix Overview Circuit-based mix networks
More informationUKNova s Getting Connectable Guide
UKNova s Getting Connectable Guide Version 1.2 2010/03/22 1. WHAT IS "BEING CONNECTABLE" AND WHY DO I NEED IT? Being connectable means being able to give back to others it is the fundamental principle
More informationTable of Contents. Cisco How NAT Works
Table of Contents How NAT Works...1 This document contains Flash animation...1 Introduction...1 Behind the Mask...2 Dynamic NAT and Overloading Examples...5 Security and Administration...7 Multi Homing...9
More informationOutline More Security Protocols CS 239 Computer Security February 6, 2006
Outline More Security Protocols CS 239 Computer Security February 6, 2006 Combining key distribution and authentication Verifying security protocols Page 1 Page 2 Combined Key Distribution and Authentication
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationLast lecture we talked about how Intrusion Detection works. Today we will talk about the attacks. Intrusion Detection. Shell code
4/25/2006 Lecture Notes: DOS Beili Wang Last lecture we talked about how Intrusion Detection works. Today we will talk about the attacks. Intrusion Detection Aps Monitor OS Internet Shell code Model In
More informationSaaS Providers. ThousandEyes for. Summary
USE CASE ThousandEyes for SaaS Providers Summary With Software-as-a-Service (SaaS) applications rapidly replacing onpremise solutions, the onus of ensuring a great user experience for these applications
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationOutline More Security Protocols CS 239 Computer Security February 4, 2004
Outline More Security Protocols CS 239 Computer Security February 4, 2004 Combining key distribution and authentication Verifying security protocols Page 1 Page 2 Combined Key Distribution and Authentication
More informationSIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels
Network Security - ISA 656 Voice Over IP (VoIP) Security Simple SIP ing Alice s Bob Session Initiation Protocol Control channel for Voice over IP (Other control channel protocols exist, notably H.323 and
More informationAnalysis of OpenFlow Networks.
Analysis of OpenFlow Networks. Vikram Kulkarni Jayesh Kawli Introduction: Enterprise data center networks are rapidly reaching a breaking point, because of the data center network scale and complexity
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner April 29, 2016 Announcements Final exam in RSF Fieldhouse, 5/10, arrive by 7PM HW4 due Monday, 5/2, 11:59pm Review
More informationCE Advanced Network Security Anonymity II
CE 817 - Advanced Network Security Anonymity II Lecture 19 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained
More informationthis security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities
INFRASTRUCTURE SECURITY this security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities Goals * prevent or mitigate resource attacks
More informationcommunication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.
Introduction to anonymous communication Claudia Díaz Katholieke Universiteit Leuven Dept. Electrical Engineering g ESAT/COSIC October 9, 2007 Claudia Diaz (K.U.Leuven) 1 a few words on the scope of the
More informationMicrosoft Exam Security fundamentals Version: 9.0 [ Total Questions: 123 ]
s@lm@n Microsoft Exam 98-367 Security fundamentals Version: 9.0 [ Total Questions: 123 ] Question No : 1 The Active Directory controls, enforces, and assigns security policies and access rights for all
More informationFirewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003
Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003 A system or combination of systems that enforces a boundary between two or more networks - NCSA
More informationAnonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L
Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.
More informationLecture Notes 14 : Public-Key Infrastructure
6.857 Computer and Network Security October 24, 2002 Lecture Notes 14 : Public-Key Infrastructure Lecturer: Ron Rivest Scribe: Armour/Johann-Berkel/Owsley/Quealy [These notes come from Fall 2001. These
More informationDissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures
Dissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures Srdjan Matic, Carmela Troncoso, Juan Caballero Dublin 31 March 2017 Privacy in electronic communications Alice Bob
More informationAcceptable Use Policy
Acceptable Use Policy Why is Cleveland Broadband providing this Policy to me? Cleveland Broadband s goal is to provide its customers with the best Internet service possible. In order to help accomplish
More informationAssignment 5. Georgia Koloniari
Assignment 5 Georgia Koloniari 2. "Peer-to-Peer Computing" 1. What is the definition of a p2p system given by the authors in sec 1? Compare it with at least one of the definitions surveyed in the last
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2, 2013 Goals For Today State-sponsored adversaries Anonymous communication Internet censorship State-Sponsored
More informationCSE Computer Security (Fall 2006)
CSE 543 - Computer Security (Fall 2006) Lecture 18 - Network Security November 7, 2006 URL: http://www.cse.psu.edu/~tjaeger/cse543-f06/ 1 Denial of Service Intentional prevention of access to valued resource
More informationEE122: Multicast. Kevin Lai October 7, 2002
EE122: Multicast Kevin Lai October 7, 2002 Internet Radio www.digitallyimported.com (techno station) - sends out 128Kb/s MP3 music streams - peak usage ~9000 simultaneous streams only 5 unique streams
More informationHerbivore: An Anonymous Information Sharing System
Herbivore: An Anonymous Information Sharing System Emin Gün Sirer August 25, 2006 Need Anonymity Online Current networking protocols expose the identity of communication endpoints Anyone with access to
More informationEE122: Multicast. Internet Radio. Multicast Service Model 1. Motivation
Internet Radio EE122: Multicast Kevin Lai October 7, 2002 wwwdigitallyimportedcom (techno station) - sends out 128Kb/s MP music streams - peak usage ~9000 simultaneous streams only 5 unique streams (trance,
More informationCS Final Exam
CS 600.443 Final Exam Name: This exam is closed book and closed notes. You are required to do this completely on your own without any help from anybody else. Feel free to write on the back of any page
More informationWeb insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.
Web Security Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming Web Security Slide 1/25 Outline Web insecurity Security strategies General security Listing of server-side risks Language
More informationOverview of Networking Concepts
, page 1 Overview Each Cisco Unity Connection server or cluster has a maximum number of users that it can serve. When the messaging needs of your organization require more than one Unity Connection server
More informationAnonymous Communication: DC-nets, Crowds, Onion Routing. Simone Fischer-Hübner PETs PhD course Spring 2012
Anonymous Communication: DC-nets, Crowds, Onion Routing Simone Fischer-Hübner PETs PhD course Spring 2012 DC (Dining Cryptographers) nets [Chaum 1988 ] Chaum, CACM 28(10), October 1985 Who paid for the
More informationPluggable Transports Roadmap
Pluggable Transports Roadmap Steven J. Murdoch and George Kadianakis steven.murdoch@cl.cam.ac.uk,asn@torproject.org Tor Tech Report 2012-03-003 March 17, 2012 Abstract Of the currently available pluggable
More informationCryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols
More informationTechnical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems
Technical Overview of in Windows 7 and Windows Server 2008 R2 Microsoft Windows Family of Operating Systems Published: January 2009 This document supports a preliminary release of a software product that
More informationSecurity Awareness. Presented by OSU Institute of Technology
Security Awareness Presented by OSU Institute of Technology Information Technologies Division Security Awareness Topics Social Engineering Phishing Social Networks Displaying Sensitive Information Wireless
More informationP1_L3 Operating Systems Security Page 1
P1_L3 Operating Systems Security Page 1 that is done by the operating system. systems. The operating system plays a really critical role in protecting resources in a computer system. Resources such as
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More informationIdentity Policies. Identity Policy Overview. Establishing User Identity through Active Authentication
You can use identity policies to collect user identity information from connections. You can then view usage based on user identity in the dashboards, and configure access control based on user or user
More informationA Survey of BGP Security Review
A Survey of BGP Security Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka November 16, 2011 1 Introduction to the topic and the reason for the topic being interesting Border
More informationECE 435 Network Engineering Lecture 10
ECE 435 Network Engineering Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 28 September 2017 Announcements HW#4 was due HW#5 will be posted. midterm/fall break You
More informationHome/Network Computing
Home/Network Computing How to avoid becoming road kill on the Internet (Information Superhighway) Home Computing not as simple as it used to be almost all computers need to have sys-admin disk drives will
More informationOutline. More Security Protocols CS 239 Security for System Software April 22, Needham-Schroeder Key Exchange
Outline More Security Protocols CS 239 Security for System Software April 22, 2002 Combining key distribution and authentication Verifying security protocols Page 1 Page 2 Combined Key Distribution and
More informationCYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun
CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun Reading This lecture [McGraw]: Ch. 7-9 2 Seven Touchpoints 1. Code review 2. Architectural
More information4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints
Reading This lecture [McGraw]: Ch. 7-9 CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun 2 Seven Touchpoints Application of Touchpoints
More informationNETWORK SECURITY. Ch. 3: Network Attacks
NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Instructor: Michael Fischer Lecture by Ewa Syta Lecture 25 April 18, 2012 CPSC 467b, Lecture 25 1/44 Anonymous Communication DISSENT- Accountable Anonymous
More informationDESIGN AS RISK MINIMIZATION
THOMAS LATOZA SWE 621 FALL 2018 DESIGN AS RISK MINIMIZATION IN CLASS EXERCISE As you come in and take a seat What were the most important risks you faced in a recent software project? WHAT IS A RISK? WHAT
More informationStorage and File System
COS 318: Operating Systems Storage and File System Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Topics Storage hierarchy File
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 6 Release 1 System i Security Digital Certificate Manager Version 6 Release 1 Note Before using this information and the product it supports, be sure
More informationYour projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /30 * 100
You should worry if you are below this point Your projected and optimistically projected grades should be in the grade center soon o Projected: Your current weighted score /0 * 100 o Optimistic: (Your
More informationAdvantages of P2P systems. P2P Caching and Archiving. Squirrel. Papers to Discuss. Why bother? Implementation
Advantages of P2P systems P2P Caching and Archiving Tyrone Nicholas May 10, 2004 Redundancy built in - by definition there are a large number of servers Lends itself automatically to multiple copies of
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationCS526: Information security
Cristina Nita-Rotaru CS526: Information security Anonymity systems. Based on slides by Chi Bun Chan 1: Terminology. Anonymity Anonymity (``without name ) means that a person is not identifiable within
More informationshortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge
shortcut Your Short Cut to Knowledge The following is an excerpt from a Short Cut published by one of the Pearson Education imprints. Short Cuts are short, concise, PDF documents designed specifically
More informationA Review Paper on Network Security Attacks and Defences
EUROPEAN ACADEMIC RESEARCH Vol. IV, Issue 12/ March 2017 ISSN 2286-4822 www.euacademic.org Impact Factor: 3.4546 (UIF) DRJI Value: 5.9 (B+) A Review Paper on Network Security Attacks and ALLYSA ASHLEY
More informationNetworking Past, Present and Future
Networking 1 Networking Past, Present and Future Networking is a crucial feature of many modern games Used (12+ years ago) to be mainly PC Halo 2 brought online to the consoles Core feature of all consoles
More informationDepartment of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II
Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY 6.858 Fall 2011 Quiz II You have 80 minutes to answer the questions in this quiz. In order to receive credit
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationUntraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. EJ Jung
Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms EJ Jung Goals 1. Hide what you wrote encryption of any kind symmetric/asymmetric/stream 2. Hide to whom you sent and when pseudonym?
More informationThousandEyes for. Application Delivery White Paper
ThousandEyes for Application Delivery White Paper White Paper Summary The rise of mobile applications, the shift from on-premises to Software-as-a-Service (SaaS), and the reliance on third-party services
More informationMulticast EECS 122: Lecture 16
Multicast EECS 1: Lecture 16 Department of Electrical Engineering and Computer Sciences University of California Berkeley Broadcasting to Groups Many applications are not one-one Broadcast Group collaboration
More informationSystem Models. 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models. Nicola Dragoni Embedded Systems Engineering DTU Informatics
System Models Nicola Dragoni Embedded Systems Engineering DTU Informatics 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models Architectural vs Fundamental Models Systems that are intended
More informationExtremely Sensitive Communication
MSc System and Network Engineering Research Project 2 Extremely Sensitive Communication secure, secret, and private e-mail Author: Loek Sangers loek.sangers@os3.nl Supervisor: Ruud Verbij verbij.ruud@kpmg.nl
More information(a) Which of these two conditions (high or low) is considered more serious? Justify your answer.
CS140 Winter 2006 Final Exam Solutions (1) In class we talked about the link count in the inode of the Unix file system being incorrect after a crash. The reference count can either be either too high
More informationEnable the Always Offline Mode to Provide Faster Access to Files
Enable the Always Offline Mode to Provide Faster Access to Files 13 out of 16 rated this helpful - Rate this topic Published: April 18, 2012 Updated: July 3, 2013 Applies To: Windows 8, Windows 8.1, Windows
More informationOnline Anonymity & Privacy. Andrew Lewman The Tor Project
Online Anonymity & Privacy Andrew Lewman The Tor Project https://torproject.org/ Outline Why anonymity? Crash course on Tor Future Informally: anonymity means you can't tell who did what Who wrote this
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: Anonymity Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationDefine information security Define security as process, not point product.
CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is
More informationAnanta: Cloud Scale Load Balancing. Nitish Paradkar, Zaina Hamid. EECS 589 Paper Review
Ananta: Cloud Scale Load Balancing Nitish Paradkar, Zaina Hamid EECS 589 Paper Review 1 Full Reference Patel, P. et al., " Ananta: Cloud Scale Load Balancing," Proc. of ACM SIGCOMM '13, 43(4):207-218,
More informationCOS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy
Topics COS 318: Operating Systems File Systems hierarchy File system abstraction File system operations File system protection 2 Traditional Data Center Hierarchy Evolved Data Center Hierarchy Clients
More informatione-commerce Study Guide Test 2. Security Chapter 10
e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the
More informationSecurity and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web
Security and Privacy SWE 432, Fall 2016 Design and Implementation of Software for the Web Today Security What is it? Most important types of attacks Privacy For further reading: https://www.owasp.org/index.php/
More informationAuthors: Mark Handley, Vern Paxson, Christian Kreibich
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics Authors: Mark Handley, Vern Paxson, Christian Kreibich Exploitable Ambiguities NIDS does not have full range
More informationVAST: Versatile Anonymous System for Web Users
VAST: Versatile Anonymous System for Web Users IGOR MARGASISKI, KRZYSZTOF SZCZYPIORSKI Warsaw University of Technology, Institute of Telecommunications ul. Nowowiejska 15/19, 00-665 Warsaw, Poland e-mail:
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationCS232. Lecture 21: Anonymous Communications
CS232 Lecture 21: Anonymous Communications November 21, 2018 2 You Are Not Anonymous 3 Your IP address can be linked directly to you ISPs store communications records Usually for several years (Data Retention
More informationNetworking Presented by: Marcin Chady
Networking Presented by: Marcin Chady Networking Present and Future Originally the domain of PC games PC networked games are very popular Everquest, Diablo, Starcraft, WoW, EVE Online Counterstrike, Unreal
More informationA Security Model for Space Based Communication. Thom Stone Computer Sciences Corporation
A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog Everything that is not forbidden is compulsory -T.H. White They are after you Monsters in the Closet Virus
More informationFILE REPLICATION AND COLLABORATION REQUIREMENT: THE ESSENTIALS
101001010111011011010001010110111010101100101001010111011011010001010110111010101100101001010111011 101001010111011011010001010110111010101100101001010111011011010001010110111010101100101001010111011 101001010111011011010001010110111010101100101001010111011011010001010110111010101100101001010111011
More informationIntroduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?
Introduction Controlling Information Systems When computer systems fail to work as required, firms that depend heavily on them experience a serious loss of business function. M7011 Peter Lo 2005 1 M7011
More informationFeatures of a proxy server: - Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy
Que: -Proxy server Introduction: Proxy simply means acting on someone other s behalf. A Proxy acts on behalf of the client or user to provide access to a network service, and it shields each side from
More informationP2P. 1 Introduction. 2 Napster. Alex S. 2.1 Client/Server. 2.2 Problems
P2P Alex S. 1 Introduction The systems we will examine are known as Peer-To-Peer, or P2P systems, meaning that in the network, the primary mode of communication is between equally capable peers. Basically
More informationcrush malware that hasn't even been seen before. Alright, so not really like traditional antivirus. Cleans an already infected Mac, 14- day Premium
Malwarebytes 1043 I own a computer company. From many years of experience, this is absolutely the best anti-virus software on the market. Malwarebytes catches the malware that our antivirus misses. Cleanup
More informationChair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 8 System Vulnerabilities and Denial of Service Attacks System Vulnerabilities and
More informationEasyCrypt passes an independent security audit
July 24, 2017 EasyCrypt passes an independent security audit EasyCrypt, a Swiss-based email encryption and privacy service, announced that it has passed an independent security audit. The audit was sponsored
More information