A brief introduction to information security. Outline. Safety vs. Security. Safety vs. Security. Notes. Notes. Notes. Part I.
|
|
- Daniel Cannon
- 5 years ago
- Views:
Transcription
1 A brief introduction to information security Part I Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX August 23, 2012 Outline / 41 Safety vs. Security Safety Protects against accidents Defends against nature Can be modeled using probability theory with historical data Security Protects against intentional malice Defends against intelligent beings Must model the strategy of adversaries 4 / 41 Safety vs. Security Safety Security Question: If you were in charge of a building s security, how would preparations differ for a tornado versus a terrorist attack? Hint: When preparing for a tornado, should you consider whether neighboring buildings have been protected? 5 / 41
2 Definition Digital information: information encoded in discrete numbers Hi! 0x / 41 What are the implications of digital representation of information? 1 Costless to create perfect copies 2 Information can be transmitted anywhere immediately 3 Information can be remembered indefinitely Easy to keep detailed record of transactions 4 Digitally encoded information lacks provenance Modifications can t be identified by just looking at the data 7 / 41 Information security is the endeavor to achieve protection goals specific to information. What are those goals? 1 Confidentiality: information is accessible only to authorized parties 2 Integrity: modification of information can be detected 3 Availability: authorized parties can access information (and use resources) when and where it is needed 8 / 41 Confidentiality Broker Exchange BUY,200,GOOG,$ Eve 9 / 41
3 Confidentiality caveats Confidentiality does not cover prior knowledge Breaches of confidentiality cannot be undone Breaches of confidentiality can be difficult to detect Question: what characteristics of digital information make protecting confidentiality difficult? 10 / 41 Integrity Broker Exchange BUY,200,GOOG,$ $ Mallory 11 / 41 Integrity caveats Protecting integrity = correcting modifications Integrity simply ensures that information hasn t been altered Integrity makes no claim of absolute correctness Question: what characteristics of digital information make protecting integrity difficult? 12 / 41 Availability Broker Exchange BUY,200,GOOG,$ BUY,200,GOOG,$ Mallory 13 / 41
4 Availability caveats Integrity is widely seen to be harder to guarantee than confidentiality or integrity Why? guarantees must often be made for more than the information Guarantees of the functionality of other parties may be required 14 / 41 Who are these authorized parties the definitions speak of? Who is an authorized party? How are they authorized? By whom? Parties: human beings controlling computer system, or programs acting on their behalf Authorization: decision a principal must take on whether a party is allowed to undertake a task Authorization decision is the fundamental challenge of security engineering 15 / 41 Identification vs. Authentication vs. Authorization Identification, authentication and authorization answer different questions Identification: Who are you? Authentication: Is it really you? Authorization: Knowing who you are, are you allowed to do something? Common mistake: conflating these concepts Deploying an authentication system does not solve the authorization problem 16 / 41 How computers identify people In order to authorize a user to access computer resources, systems must figure out who they re interacting with Computer systems store (ID, attribute) pairs Upon encountering a user, the system prompts for the ID and attribute. IDs should be unique If the attribute is only known to the user (e.g., a password), it can be used to authenticate the user to the system 17 / 41
5 Case study: authentication and authorization at ATMs ATM Authentication steps 1. Insert card 2. Request matching PIN 3. Enter PIN Authorization steps 4. How much to withdraw? 5. Request $ Dispense $ Balance $100? Bank 7. Approve withdrawal 18 / 41 Authentication failure: ATM fails to authenticate user ATM Authentication steps 1. Insert card 2. Request matching PIN Guess PIN 3. Enter PIN Authorization steps 4. How much to withdraw? 5. Request $ Dispense $100 Mallory 6. Balance $100? Bank 7. Approve withdrawal 19 / 41 Card skimmers: ATM incorrectly authenticates user Source: 20 / 41 Authentication failure: User fails to authenticate ATM ATM Authentication steps 1. Insert card 2. Request matching PIN 3. Enter PIN Authorization steps 4. How much to withdraw? 5. Request $ Dispense $100 Fake ATM Mallory 6. Balance $100? Bank 7. Approve withdrawal 21 / 41
6 Fake ATMs: User fails to authenticate ATM Source: 22 / 41 Question: how does authentication fail on phishing websites? 23 / 41 Four fundamental ideas of computer architecture 1 Code is data 2 Layers of abstraction 3 Moore s law 4 Halting problem 25 / 41 The von Neumann computer architecture The pervasive von Neumann computer architecture does not distinguish between instructions for computer programs and data Consequently, Code is Data Enables great flexibility in reprogramming computers Programs can be costlessly reproduced, not just data There are unfortunate security implications John von Neumann 26 / 41
7 The dark side of Code is Data Source: 27 / 41 Layers of abstraction Abstraction: specifying meaning and behavior of software while hiding implementation details Modular code exploits abstraction and enables composition and reuse Abstraction and code modularity enables rapid software development (which has in turn led to a rapid rise in software complexity) Unlike for mechanical engineering, in software engineering there is no practical limit to the potential combinations of code 28 / 41 Abstraction solves everything? All problems in computer science can be solved by another level of indirection. David Wheeler 29 / 41 Layered computer architecture Active content Application Libraries Operating system Hardware Facebook Mozilla Firefox Gecko, NSPR, OJI,... Microsoft Windows Intel x86 30 / 41
8 Layers good or bad? + Abstraction enables greater compatibility since higher layer only interacts with next layer + Layered approach means that developers can ignore problems already solved at other layers - Higher layers cannot identify or prevent malfunctions at lower layers - Vulnerabilities propagate up the stack - Flaws in a single layer can affect all software developed on top Think back to when Windows was ridden with holes Question: at what layer can a strategic attacker wreak the most havoc at least cost? 31 / 41 Abstraction solves everything? All problems in computer science can be solved by another level of indirection, except security problems. 32 / 41 Moore s law Intel founder Gordon Moore noticed in 1965 that integrated circuit density had been doubling since the 1950s He predicted the trend to continue Moore s Law: computer performance roughly doubles every 18 months Figure from Moore s original paper speculating on the implications of exponential growth in computing power 33 / 41 The halting problem In 1936, Alan Turing proved that it is impossible to write a general-purpose program that can determine whether another program will stop Bear this in mind the next time someone complains that software developers should be able to find and remove all vulnerabilities in their code 34 / 41
9 The Internet circa 1971 Source: 35 / 41 It has long been recognized that there could be value in connecting computers together Researchers developed protocols that specified how computers could communicate with each other Networking protocols also leverage abstraction layers 36 / 41 Networking protocol stack Application Transport Network Data Link Physical HTTP, SMTP, BGP IP TCP, UDP Ethernet n 37 / 41 Networking protocols IP protocol Each computer has a 32-bit unique address (e.g., ) Any computer should be reachable using its IP address Transport layer TCP: establishes connection between devices before sending traffic UDP: connectionless data is simply transmitted Application layer Many available applications, each operating on a different port HTTP (port 80): protocol for web sites (e.g., connecting to :80 delivers the SMU home page) SMTP (port 25): protocol for sending SSH (port 22): secure remote login to computers BGP (port 179): protocol for connecting Internet providers Many applications have been developed (e.g., see a list of common port numbers at 38 / 41
10 Global routing via BGP Source: report/interx-report/at_download/fullreport 39 / 41 Important design decisions for networking protocols Internet protocols incorporated a number of design decisions that impact security 1 IP makes computers globally addressable 2 Packets are delivered on a best-effort basis, making it hard to distinguish malice from bad luck 3 No built-in authentication to protocols, which enables spoofing 4 Design is inherently decentralized, which makes coordination difficult (e.g., to upgrade to a more secure protocol) 40 / 41 Recap / 41
CSC 574 Computer and Network Security. TCP/IP Security
CSC 574 Computer and Network Security TCP/IP Security Alexandros Kapravelos kapravelos@ncsu.edu (Derived from slides by Will Enck and Micah Sherr) Network Stack, yet again Application Transport Network
More informationCSCI 680: Computer & Network Security
CSCI 680: Computer & Network Security Lecture 15 Prof. Adwait Nadkarni Fall 2017 Derived from slides by William Enck and Micah Sherr 1 Grading Class Participat ion and Quizzes 10% Grade Breakdown Homewo
More informationSecurity & Privacy. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of
Contents Security & Privacy Contents Web Architecture and Information Management [./] Spring 2009 INFO 190-02 (CCN 42509) Erik Wilde, UC Berkeley School of Information Abstract 1 Security Concepts Identification
More informationThe tale of one thousand and one ADSL modems
The tale of one thousand and one ADSL modems Fabio Assolini, Malware Researcher, twitter.com/assolini Virus Bulletin 2012 Dallas, USA PAGE 2 If we can t attack a computer or a server, we ll attack a router
More informationComputer Security & Privacy
Computer Security & Privacy Melissa Winstanley (mwinst@cs.washington.edu) (based on slides by Daniel Halperin) How exploration sessions work You get 1/3 point of extra credit for each session Attendance
More informationCYBER ATTACKS EXPLAINED: PACKET SPOOFING
CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service
More informationHow to Build a Culture of Security
How to Build a Culture of Security March 2016 Table of Contents You are the target... 3 Social Engineering & Phishing and Spear-Phishing... 4 Browsing the Internet & Social Networking... 5 Bringing Your
More informationLecture 3 - Passwords and Authentication
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 3 - Passwords and Authentication CSE497b - Spring 2007 Introduction Computer and Network Security Professor
More informationUnderstanding the Internet
Announcements U.S. National Cybersecurity Understanding the Internet Axess Forum Bios/Photos Law School Event William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University
More informationStrategies, approaches and ethical considerations
Strategies, approaches and ethical considerations q Internet design principles and measurements q Strategies and standards q Experimental approaches q Ethical considerations Design principles of the Internet
More informationIntroduction to Security and User Authentication
Introduction to Security and User Authentication Brad Karp UCL Computer Science CS GZ03 / M030 14 th November 2016 Topics We ll Cover User login authentication (local and remote) Cryptographic primitives,
More informationCNT Computer and Network Security: BGP Security
CNT 5410 - Computer and Network Security: BGP Security Professor Kevin Butler Fall 2015 Internet inter-as routing: BGP BGP (Border Gateway Protocol): the de facto standard BGP provides each AS a means
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 4.1: Network Security Basics Endadul Hoque Slide Acknowledgment Contents are based on slides from Cristina Nita-Rotaru (Northeastern) 2 Network Security INTRODUCTION 3 What
More informationFirewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003
Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003 A system or combination of systems that enforces a boundary between two or more networks - NCSA
More informationMulti-Layered Security Framework for Metro-Scale Wi-Fi Networks
Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks A Security Whitepaper January, 2004 Photo courtesy of NASA Image exchange. Image use in no way implies endorsement by NASA of any of the
More informationComputer Networking Introduction
Computer Networking Introduction Halgurd S. Maghdid Software Engineering Department Koya University-Koya, Kurdistan-Iraq Lecture No.3 Chapter 1: roadmap 1.1 what is the Internet? 1.2 network edge end systems,
More informationCopyright ECSC Group plc 2017 ECSC - UNRESTRICTED
Copyright ECSC Group plc 2017 ECSC - UNRESTRICTED ECSC - UNRESTRICTED Introduction A Web Application Firewall (WAF) is, in our experience, the most important layer of defence against a wide range of attacks
More informationLecture 3 - Passwords and Authentication
Lecture 3 - Passwords and Authentication CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12 What is authentication? Reliably verifying
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationCS4700/CS5700 Fundaments of Computer Networks
CS4700/CS5700 Fundaments of Computer Networks Lecture 5: Internet architecture Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang Alan Mislove amislove at ccs.neu.edu
More informationLecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015
Lecture 6 Internet Security: How the Internet works and some basic vulnerabilities Thursday 19/11/2015 Agenda Internet Infrastructure: Review Basic Security Problems Security Issues in Routing Internet
More informationNetwork Insecurity with Switches
Network Insecurity with Switches Aaron D. Turner aturner@pobox.com http://www.synfin.net/ December 4, 2000 Scope The goal of this paper is to discuss the common misconceptions and poorly publicized issues
More informationFAQ: Database System Development Life Cycle
Question 1: Why study database management system (DBMS) designs? Answer 1: Understanding and designing databases is truly an evolutionary learning process. There is not a right way or a wrong way to develop
More informationPLEASE READ CAREFULLY BEFORE YOU START
Page 1 of 11 MIDTERM EXAMINATION #1 OCT. 16, 2013 COMPUTER NETWORKS : 03-60-367-01 U N I V E R S I T Y O F W I N D S O R S C H O O L O F C O M P U T E R S C I E N C E Fall 2013-75 minutes This examination
More informationProject 4: ATM Design and Implementation
University of Maryland CMSC414 Computer and Network Security (Spring 2015) Instructor: Dave Levin (project originally created by Jonathan Katz) Updated April 30, 9:00am: Valid user names are now at most
More informationSPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
SPOOFING Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Determine relevance of
More informationNetwork Control, Con t
Network Control, Con t CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationprecise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level)
Protocols precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet protocol (bottom level) all packets shipped from network to network as IP packets
More informationRemote Desktop Security for the SMB
A BWW Media Group Brand Petri Webinar Brief October 5th, 2018 Remote Desktop Security for the SMB Presenter: Michael Otey Moderator: Brad Sams, Petri IT Knowledgebase, Executive Editor at Petri.com There
More informationCSEE 4119 Computer Networks. Chapter 1 Introduction (4/4) Introduction 1-1
CSEE 4119 Computer Networks Chapter 1 Introduction (4/4) Introduction 1-1 Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge! end systems, access networks, links 1.3 Network core! circuit switching,
More informationAdvanced Computer Networks Exercise Session 7. Qin Yin Spring Semester 2013
Advanced Computer Networks 263-3501-00 Exercise Session 7 Qin Yin Spring Semester 2013 1 LAYER 7 SWITCHING 2 Challenge: accessing services Datacenters are designed to be scalable Datacenters are replicated
More informationSecurity Course. WebGoat Lab sessions
Security Course WebGoat Lab sessions WebGoat Lab sessions overview Initial Setup Tamper Data Web Goat Lab Session 4 Access Control, session information stealing Lab Session 2 HTTP Basics Sniffing Parameter
More informationPluggable Transports Roadmap
Pluggable Transports Roadmap Steven J. Murdoch and George Kadianakis steven.murdoch@cl.cam.ac.uk,asn@torproject.org Tor Tech Report 2012-03-003 March 17, 2012 Abstract Of the currently available pluggable
More informationCIT 380: Securing Computer Systems. Network Security Concepts
CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines
More informationCSE Computer Security
CSE 543 - Computer Security Lecture 19 - Network Security November 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Big picture Abstract Introduction Results Summary Background Problem Description/Finalized
More informationSECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA
SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA CTO Office www.digi.me another Engineering Briefing digi.me keeping your data secure at all times ALL YOUR DATA IN ONE PLACE TO SHARE WITH PEOPLE WHO
More information20-CS Cyber Defense Overview Fall, Network Basics
20-CS-5155 6055 Cyber Defense Overview Fall, 2017 Network Basics Who Are The Attackers? Hackers: do it for fun or to alert a sysadmin Criminals: do it for monetary gain Malicious insiders: ignores perimeter
More informationAuthentication and Password CS166 Introduction to Computer Security 2/11/18 CS166 1
Authentication and Password CS166 Introduction to Computer Security 2/11/18 CS166 1 CIA Triad Confidentiality Prevent disclosure of information to unauthorized parties Integrity Detect data tampering Availability
More informationEconomies of Scale in Hacking Dave Aitel Immunity
Economies of Scale in Hacking Dave Aitel Immunity Ekoparty, 2008 (Argentina) 10/01/08 1 Demand Side/Supply Side Economies of Scale Networked increase in value High barrier of entry Cheaper as you get bigger
More informationLecture 2: Internet Architecture
CS 3700 Networks and Distributed Systems Lecture 2: Internet Architecture Revised 1/6/14 Organizing Network Functionality 2 Organizing Network Functionality 2 Networks are built from many components! Networking
More informationProject 4: ATM Design and Implementation
University of Maryland CMSC414 Computer and Network Security (Spring 2017) Instructor: Udaya Shankar (project originally created by Jonathan Katz) Project 4: ATM Design and Implementation Due dates May
More informationLast time. Security Policies and Models. Trusted Operating System Design. Bell La-Padula and Biba Security Models Information Flow Control
Last time Security Policies and Models Bell La-Padula and Biba Security Models Information Flow Control Trusted Operating System Design Design Elements Security Features 10-1 This time Trusted Operating
More informationOur Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II
Our Narrow Focus 15-441 15-441 Computer Networking 15-641 Lecture 22 Security: DOS Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Yes: Creating a secure channel for communication (Part I) Protecting
More informationLecture outline. Internet Routing Security Issues. Previous lecture: Effect of MinRouteAdver Timer. Recap of previous lecture
Lecture outline Internet Routing Security Issues Z. Morley Mao Lecture 3 Jan 14, 2003 Recap of last lecture, any questions? Existing routing security mechanisms - SBGP General threats to routing protocols
More information[PDF] Hacking: The Ultimate Beginners Guide To The World Of Hacking
[PDF] Hacking: The Ultimate Beginners Guide To The World Of Hacking In the world of information technology (IT), hacking is the manipulation of the normal behavior of network connections, systems and computer
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationCS4700/5700: Network fundamentals
Cristina Nita-Rotaru CS4700/5700: Network fundamentals. 1: Organizing network functionality } Networks are built from many components } Networking technologies } Ethernet, Wifi, Bluetooth, Fiber Optic,
More informationCS3600 SYSTEMS AND NETWORKS
CS3600 SYSTEMS AND NETWORKS NORTHEASTERN UNIVERSITY Lecture 17: Internet architecture Prof. Alan Mislove (amislove@ccs.neu.edu) Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion
More informationNote: If a New Account Representative provided you a NetTeller ID at new account opening, skip this section of the enrollment process.
Thank you for choosing to bank online with First Security Bank! To begin the process of enrolling for online banking, visit our website at www.fsbmsla.com and click on the Enroll Now! link. Note: If a
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationOverview. Computer Network Lab, SS Security. Type of attacks. Firewalls. Protocols. Packet filter
Computer Network Lab 2017 Fachgebiet Technische Informatik, Joachim Zumbrägel Overview Security Type of attacks Firewalls Protocols Packet filter 1 Security Security means, protect information (during
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 19: Intrusion Detection Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Intruders Intrusion detection host-based network-based
More informationAttack Class: Address Spoofing
ttack Class: ddress Spoofing L. Todd Heberlein, Matt ishop Department of Computer Science University of California Davis, C 95616 bstract We present an analysis of a class of attacks we call address spoofing.
More informationThe DNS. Application Proxies. Circuit Gateways. Personal and Distributed Firewalls The Problems with Firewalls
Network Security - ISA 656 Application Angelos Stavrou August 20, 2008 Application Distributed Why move up the stack? Apart from the limitations of packet filters discussed last time, firewalls are inherently
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationPLEASE READ CAREFULLY BEFORE YOU START
Page 1 of 11 MIDTERM EXAMINATION #1 OCT. 13, 2011 COMPUTER NETWORKS : 03-60-367-01 U N I V E R S I T Y O F W I N D S O R S C H O O L O F C O M P U T E R S C I E N C E Fall 2011-75 minutes This examination
More informationThe Crossed Swords wargame: Catching NATO red teams with cyber deception
The Crossed Swords wargame: Catching NATO red teams with cyber deception 2015-2018 Cymmetria Inc. All rights reserved. 2 BACKSTORY Once a year, the pentesters* and red teams of the countries of NATO descend
More informationLARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF
LARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF MODULE 05 MULTIPROTOCOL LABEL SWITCHING (MPLS) AND LABEL DISTRIBUTION PROTOCOL (LDP) 1 by Xantaro IP Routing In IP networks, each router makes an independent
More informationINSE Lucky 13 attack - continued from previous lecture. Scribe Notes for Lecture 3 by Prof. Jeremy Clark (January 20th, 2014)
INSE 6150 Scribe Notes for Lecture 3 by Prof. Jeremy Clark (January 20th, 2014) Lucky 13 attack - continued from previous lecture The lucky 13 attack on SSL/TLS involves an active attacker who intercepts
More informationSecuring Internet Communication: TLS
Securing Internet Communication: TLS CS 161: Computer Security Prof. David Wagner March 11, 2016 Today s Lecture Applying crypto technology in practice Two simple abstractions cover 80% of the use cases
More informationPractical Magic with SSH. By David F. Skoll Roaring Penguin Software Inc. 1 February
Practical Magic with SSH By David F. Skoll Roaring Penguin Software Inc. 1 February 2001 http://www.roaringpenguin.com dfs@roaringpenguin.com Overview of Presentation Why SSH? Problems with Telnet & Friends
More informationHow Secured2 Uses Beyond Encryption Security to Protect Your Data
Secured2 Beyond Encryption How Secured2 Uses Beyond Encryption Security to Protect Your Data Secured2 Beyond Encryption Whitepaper Document Date: 06.21.2017 Document Classification: Website Location: Document
More informationThanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at
Thanks! Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at jim@stickleyonsecurity.com Don t forget to checkout Stickley on Security and learn about our
More informationData Communication. Chapter # 5: Networking Threats. By: William Stalling
Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals
More informationPaystar Remittance Suite Tokenless Two-Factor Authentication
Paystar Remittance Suite Tokenless Two-Factor Authentication Introduction Authentication is the process by which a computer system positively identifies a user It is commonly considered to be one of the
More informationWhat is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.
P1L4 Authentication What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource. Authentication: Who are you? Prove it.
More informationVulnerability and security issues in Auto teller machine transactions
Vulnerability and security issues in Auto teller machine transactions NAVNEET SHARMA Sr. Asstt. Professor Dept. of Computer Sc. The IIS University, Jaipur, Rajasthan, India E-Mail navneetsharma1977@gmail.com
More informationCYBER SECURITY MADE SIMPLE
CYBER SECURITY MADE SIMPLE Author: Christopher Gorog www.logiccentral.org www.newcyberfrontier.com Christopher Gorog, MBA, PMP, CISSP Lead Faculty for Cybersecurity at Colorado Technical University; Published
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationCS6501: Great Works in Computer Science
CS6501: Great Works in Computer Science Jan. 29th 2013 Longze Chen The Protection of Information in Computer Systems Jerome H. Saltzer and Michael D. Schroeder Jerry Saltzer Michael Schroeder 1 The Meaning
More informationend systems, access networks, links circuit switching, packet switching, network structure
Chapter 1: roadmap 1.1 What is the Internet? 1.2 Network edge end systems, access networks, links 1.3 Network core circuit switching, packet switching, network structure 1.4 Delay, loss and throughput
More informationAN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM
1 AN TOÀN LỚP 4: TCP/IP ATTACKS NGUYEN HONG SON PTITHCM 2 Introduction (1/2) TCP provides a full duplex reliable stream connection between two end points A connection is uniquely defined by the quadruple
More informationPasswords. Secure Software Systems
1 Passwords 2 Password Lifecycle Change/Reset Password Create Password (user choice) Use Password (user supplies for auth) Store Password (with user identifier) 3 Password Creation 4 Password Creation
More informationCommon IAM Flaws Plaguing Systems After Years of Assessment
SESSION ID: IDY-R04 Common IAM Flaws Plaguing Systems After Years of Assessment john (Steven) icto, Principal Consultant Cigital Inc. @m1splacedsoul What is an Architectural Flaw? Bug Flaw Metaphor: Fixing
More informationWeek 2 / Paper 1. The Design Philosophy of the DARPA Internet Protocols
Week 2 / Paper 1 The Design Philosophy of the DARPA Internet Protocols David D. Clark ACM CCR, Vol. 18, No. 4, August 1988 Main point Many papers describe how the Internet Protocols work But why do they
More informationIntegrated Access Management Solutions. Access Televentures
Integrated Access Management Solutions Access Televentures Table of Contents OVERCOMING THE AUTHENTICATION CHALLENGE... 2 1 EXECUTIVE SUMMARY... 2 2 Challenges to Providing Users Secure Access... 2 2.1
More informationIPv6 Deployment: Dealing with Dependencies
IPv6 Deployment: Dealing with Dependencies Marco Hogewoning External Relations Officer marcoh@ripe.net IPv6 Requires Changes Somewhere else 2 You need to be able to exchange IPv6 traffic Applications you
More informationOTP Server Authentication System Authentication Schemes V1.0. Feitian Technologies Co., Ltd. Website:
OTP Server Authentication System Authentication Schemes V1.0 Feitian Technologies Co., Ltd. Revision History: Date Revision Description Mar. 2010 V1.0 Release of the first version i Software Developer
More informationContents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Symbolic Links 4. Deploy A Firewall 5
Contents Is Rumpus Secure? 2 Use Care When Creating User Accounts 2 Managing Passwords 3 Watch Out For Symbolic Links 4 Deploy A Firewall 5 Minimize Running Applications And Processes 5 Manage Physical
More informationSecurity and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web
Security and Privacy SWE 432, Fall 2016 Design and Implementation of Software for the Web Today Security What is it? Most important types of attacks Privacy For further reading: https://www.owasp.org/index.php/
More informationApplication vulnerabilities and defences
Application vulnerabilities and defences In this lecture We examine the following : SQL injection XSS CSRF SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database
More informationStaying Safe on the Internet. Mark Schulman
Staying Safe on the Internet Mark Schulman 1 Your Presenter Mark Schulman IT professional for almost 40 years No affiliation with any product 2 What We ll Talk About Passwords Email Safety Staying Safe
More informationIPv6 Traffic Hijack Test System and Defense Tools Using DNSSEC
IPv6 Traffic Hijack Test System and Defense Tools Using DNSSEC Lin Tao lintao850711@sina.com Liu Wu liuwu@cernet.edu.cn Duan Haixin dhx@cernet.edu.cn Sun Donghong sdh@cernet.edu.cn Abstract IPv6 is widely
More informationLab 1: Packet Sniffing and Wireshark
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer
More informationBiometrics problem or solution?
Biometrics problem or solution? Summary Biometrics are a security approach that offers great promise, but also presents users and implementers with a number of practical problems. Whilst some of these
More informationProtection and Security
Protection and Security Security: policy for controlling access to system Protection: mechanism implementing security policy Why: users can do bad things to system either maliciously or unintentionally
More informationTop-Down Network Design
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer 1 Network Security Design The steps for security design are: 1. Identify
More informationINTERNET SAFETY IS IMPORTANT
INTERNET SAFETY IS IMPORTANT Internet safety is not just the ability to avoid dangerous websites, scams, or hacking. It s the idea that knowledge of how the internet works is just as important as being
More informationUsing Biometric Authentication to Elevate Enterprise Security
Using Biometric Authentication to Elevate Enterprise Security Biometric authentication in the enterprise? It s just a matter of time Mobile biometric authentication is officially here to stay. Most of
More informationApplication Firewalls
Application Moving Up the Stack Advantages Disadvantages Example: Protecting Email Email Threats Inbound Email Different Sublayers Combining Firewall Types Firewalling Email Enforcement Application Distributed
More informationPart 1: Introduction. Goal: Review of how the Internet works Overview
Part 1: Introduction Goal: Review of how the Internet works Overview Get context Get overview, feel of the Internet Application layer protocols and addressing Network layer / Routing Link layer / Example
More informationCSE 127: Computer Security. Security Concepts. Kirill Levchenko
CSE 127: Computer Security Security Concepts Kirill Levchenko October 3, 2014 Computer Security Protection of systems against an adversary Secrecy: Can t view protected information Integrity: Can t modify
More informationTo learn more about Stickley on Security visit You can contact Jim Stickley at
Thanks for attending this session on March 15th. To learn more about Stickley on Security visit www.stickleyonsecurity.com You can contact Jim Stickley at jim@stickleyonsecurity.com Have a great day! Fraud
More informationPractical Guide to Securing the SDLC
Practical Guide to Securing the SDLC Branko Ninkovic Dragonfly Technologies Founder Agenda Understanding the Threats Software versus Security Goals Secure Coding and Testing A Proactive Approach to Secure
More informationProvide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationSECURE INFORMATION EXCHANGE: REFERENCE ARCHITECTURE
SECURE INFORMATION EXCHANGE: REFERENCE ARCHITECTURE MAY 2017 A NEXOR WHITE PAPER NEXOR 2017 ALL RIGHTS RESERVED CONTENTS 3 4 5 6 8 9 10 11 12 14 15 16 INTRODUCTION THREATS RISK MITIGATION REFERENCE ARCHITECTURE
More informationAnalytics, Insights, Cookies, and the Disappearing Privacy
Analytics, Insights, Cookies, and the Disappearing Privacy What Are We Talking About Today? 1. Logfiles 2. Analytics 3. Google Analytics 4. Insights 5. Cookies 6. Privacy 7. Security slide 2 Logfiles Every
More informationHacking Demonstration. Dr John McCarthy Ph.D. BSc (Hons) MBCS
Hacking Demonstration Dr John McCarthy Ph.D. BSc (Hons) MBCS Demonstration Deploying effective cyber security is one of the 21 st century s greatest challenges for business. The threats facing businesses
More informationPrivacy defense on the Internet. Csaba Kiraly
Advanced Networking Privacy defense on the Internet Csaba Kiraly 1 Topics Anonymity on the Internet Chaum Mix Mix network & Onion Routing Low-latency anonymous routing 2 Anonymity: Chaum mix David L. Chaum
More information