Chapter 8 Information Technology

Similar documents
CCNA Security 1.1 Instructional Resource

Cryptography (Overview)

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Computer Security: Principles and Practice

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

HP Instant Support Enterprise Edition (ISEE) Security overview

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Most Common Security Threats (cont.)

Chapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

(2½ hours) Total Marks: 75

Network Security Chapter 8

Encryption. INST 346, Section 0201 April 3, 2018

Overview. SSL Cryptography Overview CHAPTER 1

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Sample excerpt. Virtual Private Networks. Contents

Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators

Getting to Grips with Public Key Infrastructure (PKI)

Stratusphere. Security Overview

Cryptography MIS

Pulseway Security White Paper

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Public Key Infrastructure

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Kurose & Ross, Chapters (5 th ed.)

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Remote Connectivity for SAP Solutions over the Internet Technical Specification

1.264 Lecture 28. Cryptography: Asymmetric keys

APNIC elearning: Cryptography Basics

Security. Communication security. System Security

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

NIST Revision 2: Guide to Industrial Control Systems (ICS) Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Cryptographic Concepts

Cryptography and Network Security. Sixth Edition by William Stallings

Introduction and Overview. Why CSCI 454/554?

Cipher Suite Configuration Mode Commands

CRYPTOGRAPHY & DIGITAL SIGNATURE

Network Security and Cryptography. 2 September Marking Scheme

Computers and Security

Cryptography. Submitted to:- Ms Poonam Sharma Faculty, ABS,Manesar. Submitted by:- Hardeep Gaurav Jain

Security+ SY0-501 Study Guide Table of Contents

Symmetric, Asymmetric, and One Way Technologies

Digital Certificates Demystified

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

ISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :

Formal Methods for Assuring Security of Computer Networks

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Diffie-Hellman. Part 1 Cryptography 136

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Cryptography. some history. modern secret key cryptography. public key cryptography. cryptography in practice

The evolving storage encryption market

NETWORK SECURITY & CRYPTOGRAPHY

Public-key Infrastructure Options and choices

14. Internet Security (J. Kurose)

Network Security. Chapter 8. MYcsvtu Notes.

PUBLIC KEY CRYPTO. Anwitaman DATTA SCSE, NTU Singapore CX4024. CRYPTOGRAPHY & NETWORK SECURITY 2018, Anwitaman DATTA

ETHICAL HACKING LAB SERIES. Lab 19: Using Certificates to Encrypt

Syllabus: The syllabus is broadly structured as follows:

Key Exchange. Secure Software Systems

Encrypted Phone Configuration File Setup

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

A policy that the user agrees to follow before being allowed to access a network.

DeltaV Mobile Cybersecurity Overview

Lecture 6: Overview of Public-Key Cryptography and RSA

CPSC 467: Cryptography and Computer Security

Network Security Issues and Cryptography

Introduction to Cryptography. Vasil Slavov William Jewell College

Oracle Tuxedo. Using Security in CORBA Applications 11g Release 1 ( ) March 2010

Ref:

Lorenz Cipher. Menu. Class 4: Modern Cryptography. British Cipher Machine. German Code-Breaking Efforts. Some loose ends on WWII Maurice Burnett

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Security in ECE Systems

An Overview of Secure and Authenticated Remote Access to Central Sites

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Encryption I. An Introduction

CS Computer Networks 1: Authentication

Information Security CS 526

The SafeNet Security System Version 3 Overview

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

BeOn Security Cybersecurity for Critical Communications Systems

Pretty Good Privacy PGP. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Enhanced Privacy ID (EPID), 156

ECE 646 Lecture 4. Pretty Good Privacy PGP

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

CS 425 / ECE 428 Distributed Systems Fall 2017

Transcription:

CRIM 2130 Introduction to Critical Infrastructure Protection Spring 2016 Chapter 8 Information Technology School of Criminology and Justice Studies University of Massachusetts Lowell

Enterprise systems Cybersecurity (used interchangeably with IT security) DMZ (demilitarized zone) in cybersecurity VPN (virtual private network) Asymmetric encryption Cipher AES (advanced encryption standard) CA (certificate of authority) TCB (trusted computer base) TCP (trusted computer path)

Authentication Verify authenticity of users and data Integrity Guarantee message or document has not been altered Confidentiality Ability to conceal content of messages and documents Nonrepudiation Inability to deny authenticity; non-concealment of ownership

Basic Principe of IT; secure Computing Privacy is another issue Trusted base and communication path to user Encapsulation is inviolate; sometimes called a DMZ Figure 8.1 in Text

Encapsulated through layers User level via authentication Network via encryption Hardware via firewalls and intrusion detection systems Figure 8.2 in Text - Encapsulation of IT assets inside of a hardened DMZ

Symmetric encryption is used to secure information between trusted parties Same key that is shared by both parties Asymmetric encryption is used to secure information between anonymous parties. Two keys; one to send, other to receive information Sender uses a public key; receiver uses a private key Requires a key broker in between, however

Digital Encryption Standard (DES) and triple-des (applies cipher algorithm three times to each data block) Older codes evolved from Lucifer (IBM) in 1960s and 1970s Adequate for short bursts of messages with short-lived keys Commonly used by cell phones and web sites Advanced Encryption Standard (AES) by the U.S. National Institute of Standards and Technology (NIST) in 2002 Strong encryption (256-bit keys); suitable for small computers such as those used in SCADA systems. 3DES and AES are Federal Information Processing Standards (FIPS) compliant Required by Federal Government.

Diffie-Hellman (D-H) cipher; Asymmetric ciphers rediscovered by Diffie and Hellman in 1976 Public key to encode Private key to decode. Rivest, Shamir, and Adleman (RSA) invented a practical method of performing the D-H algorithm RSA algorithm Makes it possible to authenticate users (digital signatures) and protect the security of sender and receiver

RSA encryption looks random Public Key Infrastructure (PKI) makes security possible Figure 8.3 in Text

Example of RSA encryption: private, public keys and plaintext/cyphertext Figure 8.4 in Text

PKI authenticates the identity of users by assuring that the sender is who he or she claims Guarantees integrity and security of the message by assuring that it has not been modified by an intermediary Assures privacy by ensuring message is decodable only by intended recipient Guarantees authentication, security and privacy by assuring the message is signed by the verified parties Guarantees non-repudiation by assuring that both parties cannot disavow or deny involvement with the transaction.

Four fundamental principles of IT sector security as defined by the IEEE X509 Standard Authentication Information integrity Information confidentiality Non-repudiation of ownership https://www.ieee.org/index.html

PKI example using a certificate Figure 8.5 in Text

Sample countermeasures to vulnerabilities typically found in enterprise systems Power failure and backup power supply Open modem and VPN Desktop and patches and antivirus software No firewall and install firewalls and filter ports Browser session open and time-out inactive screens Table 8.2 in Text

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback