CSCE 813 Internet Security Final Exam Preview

Similar documents
CSCE 813 Internet Security Secure Services I

Security+ SY0-501 Study Guide Table of Contents

CSCE 813 Internet Security Kerberos

CIS 4360 Secure Computer Systems Applied Cryptography

AIT 682: Network and Systems Security

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Introduction to Network Security Missouri S&T University CPE 5420 Exam 2 Logistics

Introduction and Overview. Why CSCI 454/554?

Data Security and Privacy. Topic 14: Authentication and Key Establishment

User Authentication Principles and Methods

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Security: Focus of Control. Authentication

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Transport Layer Security

Connecting Securely to the Cloud

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Most Common Security Threats (cont.)

CS November 2018

Security: Focus of Control

MLR Institute of Technology

Lecture 6 - Cryptography

Cryptographic Protocols 1

Cryptography and Network Security

Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science

Total No. of Questions : 09 ] [ Total No.of Pages : 02

CSCE 548 Building Secure Software Entity Authentication. Professor Lisa Luo Spring 2018

CSC/ECE 774 Advanced Network Security

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

CS 356 Internet Security Protocols. Fall 2013

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

BlackBerry Dynamics Security White Paper. Version 1.6

This version of the des Secure Enterprise MAC Client can be used on Mac OS X 10.7 Lion platform.

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Information Security CS 526

SSH. Partly a tool, partly an application Features:

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

CSCE 813 Internet Security Network Access Control

Implementing Cisco Network Security (IINS) 3.0

CSE484 Final Study Guide

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

CS System Security 2nd-Half Semester Review

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Release Notes. NCP Secure Enterprise Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Deploying a New Hash Algorithm. Presented By Archana Viswanath

Pretty Good Privacy (PGP

Chip Authentication for E-Passports: PACE with Chip Authentication Mapping v2

Tungsten Security Whitepaper

(2½ hours) Total Marks: 75

Digital Certificates Demystified

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

IT443 Network Security Administration Spring Gabriel Ghinita University of Massachusetts at Boston

Diffie-Hellman. Part 1 Cryptography 136

Configuring SSL Security

CIS 6930/4930 Computer and Network Security. Topic 6.2 Authentication Protocols

Cryptography and Network Security

Network Security and Cryptography. 2 September Marking Scheme

Key Agreement Schemes

APNIC elearning: Cryptography Basics

T Cryptography and Data Security

Datasäkerhetsmetoder föreläsning 7

BlackBerry Enterprise Solution Security

Network Security and Cryptography. December Sample Exam Marking Scheme

Release Notes. NCP Secure Enterprise Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3.

Understand the TLS handshake Understand client/server authentication in TLS. Understand session resumption Understand the limitations of TLS

Kerberos and Single Sign On with HTTP

NCP Secure Enterprise macos Client Release Notes

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

CompTIA Security+ Certification

Data Sheet. NCP Secure Enterprise macos Client. Next Generation Network Access Technology

Real-time protocol. Chapter 16: Real-Time Communication Security

Pre-exam 3 Review. Fall Paul Krzyzanowski Distributed Systems

Operating Systems Design Exam 3 Review: Spring 2011

One Year of SSL Internet Measurement ACSAC 2012

CompTIA Security+ (Exam SY0-401) Course 01 Security Fundamentals

CSC 774 Network Security

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

10EC832: NETWORK SECURITY

CS 494/594 Computer and Network Security

CS 425 / ECE 428 Distributed Systems Fall 2017

Protecting Information Assets - Week 10 - Identity Management and Access Control. MIS 5206 Protecting Information Assets

Lesson 13 Securing Web Services (WS-Security, SAML)

Cloud-Security: Show-Stopper or Enabling Technology?

Session key establishment protocols

The Xirrus Wi Fi Array XS4, XS8 Security Policy Document Version 1.0. Xirrus, Inc.

Session key establishment protocols

econet smart grid gateways: econet SL and econet MSA FIPS Security Policy

E-commerce security: SSL/TLS, SET and others. 4.1

Networks and Communications MS216 - Course Outline -

Dell SonicWALL. NSA 220, NSA 220W and NSA 240. FIPS Non-Proprietary Security Policy

Information and Network Security UNIT-I PLANNING FOR SECURITY

Network Security Essentials

Transcription:

CSCE 813 Internet Security Final Exam Preview Professor Lisa Luo Fall 2017

Coverage All contents! Week1 ~ Week 15 The nature of the exam: 12 questions: 3 multiple choices questions 1 true or false question 8 short answer questions Time: 12/12 1:15pm ~ 3:00pm 2

Week 1 ~ Week 9 CIA+AA of Internet Security Cryptographic Tools: Symmetric encryption Asymmetric encryption Hash function Message authentication code Digital signature Two ways of establishing the secret key Use asymmetric crypto Public key distribution (?) Use Diffie-Hellman key agreement PKI and X.509 Certs Protocols HTTPS and TLS Kerberos HTTPS TLS Handshake HTTPS and Lock Icon Problems with HTTPS Invalid certs Mixed content Kerberos User authentication Message authentication How to change passwords? 3

Passive attacks Active attacks Model of Internet Security Establishing secret key o Use asymmetric crypto o DH key agreement Internet M M M M Public key distribution o X.509 Certs Goal: CIA+AA Tools: Cryptographic tools Schemes: Three communication channel schemes 4

Protocol: HTTPS Passive attacks Active attacks TLS Handshake 1. Establishing secret key o Use asymmetric crypto o DH key agreement 2. Server authentication o X.509 Certs (public key distribution) Internet M M M M HTTPS Goal: CIA+AA Tools: Cryptographic tools Schemes: Three communication channel schemes 5

Protocol: Kerberos Passive attacks Active attacks Intranet Kerberos 1. Authentication server 2. Ticket-granting server 3. Password-changing server 6

Week 1 ~ Week 9 Please refer to the midterm exam preview slides 7

Week 10 Mobile Phone Security Android Background Android system architecture UID DVM; DEX bytecode Three Android Security Problems: Android App Repackaging Android System Access Control Information Leakage via Logs TaintDroid 8

Week 10 Android App Repackaging Android APK generation process Why it is easy to repackage an App Countermeasures 9

Week 10 Android System Access Control How does Android system control resource access? Three mechanisms: Android permission: controlling system resources Android app UID: controlling app resources Android app package name: controlling app resource 10

Week 10 TaintDroid What is taint analysis? How it works? Taint sources: taint seed What you are tracking? Taint policy: taint tracker How do you track? Taint sinks: taint assert When and where will you check? 11

Week 12 11/07 Network Access Control Authorization vs. Authentication Access control policy: subject + object + operation Access matrix Network access enforcement methods IEEE 802.1X used in Ethernet, Wifi Firewall 12

Week 12 11/07 Firewall Packet filtering firewalls Know how to interpret the firewall rules limitations Stateful inspection firewalls Application-level gateways Circuit-level gateways 13

Week 12 11/09 Cloud Security Why do we need cloud computing? Three models of cloud service Software as a service (SaaS) Platform as a service (PaaS) Infrastructure as a service (IaaS) Cloud security risks Abuse of cloud computing Insecure interfaces and APIs Account or service hijacking Data loss or leakage Data protection in the cloud Basic requirement: encrypt data + access control 14

Week 13 ~ Week 14 E-mail security Internet Mail Architecture Email Protocols SMTP IMPA or POP MIME When SMTP is used and When IMPA/POP is used? Secure Email Protocols SMTP over TLS S/MIME 15

Week 13 ~ Week 14 E-mail Security PGP services Authentication Confidentiality Compression Segmentation PGP key management Session key Public key Private key Passphrase-based key PGP vs. PKI PGP: Web of Trust or decentralized trust PKI: Centralized Trust 16

Put Together

Web Applications Protocols: TLS; HTTPS;Kerberos; SMTP over TLS; PGP; Establishing secrete key: Asymmetric crypto Diffie-Hallman key agreement Distributing public key: PKI PGP Cryptographic tools: Symmetric encryption; Asymmetric encryption; Hash function;mac; Digital signature Security objectives: CIA + AA 18

19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback