1 / 22

Definition of Security/Privacy

CS 686 Special Topics in CS Privacy and Security. Definition of Security/Privacy. EJ Jung ejung@cs.usfca.edu. Announcements. Course Questionnaire and Consent Form No submission, no grades Service Lab community partners are coming Reading assignment in schedule read “ahead”.

barrett-scott
Download Presentation

Definition of Security/Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS 686 Special Topics in CS Privacy and Security Definition of Security/Privacy EJ Jung ejung@cs.usfca.edu CS 686

  2. Announcements • Course Questionnaire and Consent Form • No submission, no grades • Service Lab community partners are coming • Reading assignment in schedule • read “ahead” CS 686

  3. Course questionnaire results • 20 students • Previous courses • 13 networks, 10 OS, 3 crypto, 1 security • Familiar technology • 13 hash, 10 proxy, 9 SSL/TLS, 9 PKC, 3 TOR, 2 PGP, 1 IPsec, CS 686

  4. Current challenging problems • Conflicting goals: • privacy vs. utility, anonymity vs. authenticity • safety vs. convenience, usability • right to opt-out • happy medium • Hackers • User education and admin education • Data sharing among many parties • Data leak from social networks CS 686

  5. Want to solve • Hacking prevention, Server protection, Data protection • Vulnerability (loophole) analysis and mitigation • Intrusion detection • packet sniffing and monitoring • User education, usability • Malware, e.g. virus, key-loggers, prevention&detection • Identity theft, Phishing prevention/detection • Right to opt-out, Pay for privacy • Anonymity, Finding happy medium between anonymity and authenticity • TOR • Security software development • Secure data sharing among multiple parties, Data tracing CS 686

  6. After this course • Become knowledgeable • Find vulnerabilities • Protect systems and websites • without hurting performance and usability too much • Work as security specialist CS 686

  7. Attacks, Services and Mechanisms Security Attack: Any action that compromises the security of information. Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms. CS 686 Henric Johnson 7

  8. Passive attack (1) - Eavesdrop Code talkers CS 686

  9. Passive attack (2) - Analysis • Alexa CS 686

  10. Active attack (1) - impersonation Impostors on Facebook CS 686

  11. Active (2) - replay CS 686

  12. Active (3) – intercept&modify CS 686

  13. Active (4) - DoS Distributed DoS CS 686

  14. Summary of attacks CS 686 Henric Johnson 14

  15. Security Services Confidentiality (privacy) Authentication (who created or sent the data) Integrity (has not been altered) Non-repudiation (the order is final) Access control (prevent misuse of resources) Availability (permanence, non-erasure) Denial of Service Attacks Virus that deletes files CS 686 Henric Johnson 15

  16. Attack on Authenticity Unauthorized assumption of another’s identity network Authenticity is identification and assurance of origin of information CS 686

  17. Attack on Confidentiality Eavesdropping, packet sniffing, illegal copying network Confidentiality is concealment of information CS 686

  18. Attack on Integrity Intercept messages, tamper, release again network Integrity is prevention of unauthorized changes CS 686

  19. Attack on Availability Overwhelm or crash servers, disrupt infrastructure network Availability is ability to use information or resources desired CS 686

  20. Famous words • Encrypt and decrypt • Plaintext and ciphertext • encrypt plaintext -> ciphertext • decrypt ciphertext -> plaintext • easy example: XOR • Digital signature • as you sign on paper • for non-repudiation and accountability • Session • one conversation/communication unit CS 686

  21. Model for Network Security CS 686

  22. Access Control Model CS 686

More Related