quick overview of the course
Download
Skip this Video
Download Presentation
Quick Overview of the Course

Loading in 2 Seconds...

play fullscreen
1 / 19

Quick Overview of the Course - PowerPoint PPT Presentation


  • 61 Views
  • Uploaded on

Computer Security. Quick Overview of the Course. Saeed Rajput, Ph.D. Wikileaks. Issues: Confidentiality Authentication Non-repudiation Availability Audit Privacy Anonymity. Google Versus China. http://www.cnn.com/2010/TECH/01/12/google.china/index.html Please read this Blog:

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Quick Overview of the Course' - manchu


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
wikileaks
Wikileaks
  • Issues:
    • Confidentiality
    • Authentication
    • Non-repudiation
    • Availability
    • Audit
    • Privacy
    • Anonymity
google versus china
Google Versus China
  • http://www.cnn.com/2010/TECH/01/12/google.china/index.html
  • Please read this Blog:
  • http://googleblog.blogspot.com/2010/01/new-approach-to-china.html

SANS: SysAdmin, Audit, Network, Security, Institute

  • http://www.sans.org/about/sans.php
recent news record data breaches in 2007
Recent News: Record data breaches in 2007

http://news.yahoo.com/s/ap/20071231/ap_on_hi_te/data_breaches_5

  • Loss or theft of personal data soared to unprecedented levels in 2007:
    • credit card numbers
    • Social Security numbers,
  • Foley’s Group: 79 million+ records reported compromised in the United States through Dec. 18.
    • Nearly fourfold increase from the nearly 20 million records reported in all of 2006.
  • Attrition.org, estimates more than 162 million records compromised through Dec. 21 — both in the U.S. and overseas, unlike the other group\'s U.S.-only list. Attrition reported 49 million last year.
  • Trend isn\'t expected to turn around anytime soon: (Why?)
    • Hackers stay a step ahead of security
    • Laptops disappear with sensitive information.
  • Companies, government agencies, schools and other institutions:
    • spending more to protect ever-increasing volumes of data with more sophisticated firewalls and encryption
older news 2005
Older News: 2005
  • Polo Ralph Lauren Customers\' Data Stolen
    • Theft of Credit Card Information at Polo Ralph Lauren Leaves 180,000 Vulnerable:
    • Thursday April 14, 11:52 pm ET
    • Possible security breach "of transaction data associated with a U.S.-based retailer" in January 2005.
    • Polo Ralph Lauren shares dropped 55 cents, or 1.4 percent, to $37.91 in afternoon trading on the New York Stock Exchange where they have traded in a 52-week range of $31.01 to $42.83.
    • Shares Outstanding:102.68M (Loss?)
  • http://www.usatoday.com/tech/news/computersecurity/infotheft/2005-04-14-polo-data-theft_x.htm
recent news
Recent News
  • ChoicePoint Inc., which is based in suburban Atlanta, disclosed in February 2005 that thieves, who operated undetected for more than a year, opened up 50 accounts and received vast amounts of data on some 145,000 consumers nationwide. Authorities said some 750 people were defrauded
overview of the course
Overview of the Course
  • What is Security?
  • Background
    • Basics of Operating Systems
  • Attacks and Threats
    • Attacks Against Information Systems
    • Classification of Threats
  • Security Concerns
    • Cryptography
    • Access Control
    • Confidentiality
    • Integrity
  • Security Areas:
    • Operating System Security
    • Database Security
basics of operating system
Basics of Operating System
  • Memory and Paging
  • General Object Access Control
  • Procedures
  • Files
  • User Authentication
risk analysis
Risk Analysis
  • Vulnerabilities
  • Threats
  • Controls (Countermeasures)
  • MOM
    • Method
    • Opportunity
    • Motive
attacks
Attacks
  • Known Attacks
  • Attack Classifications
    • Passive
      • Interception
    • Active
      • Modification
      • Fabrication
    • Denial of Service
      • Interruption
security services
Security Services
  • Availability
  • Integrity
  • Confidentiality
  • Authentication
cryptography
Cryptography
  • Symmetric Key Cryptography
  • Public Key Cryptography
  • Some Algorithms
other algorithms needed for cryptography
Other Algorithms Needed for Cryptography
  • Cryptographic Hash Functions
  • True Random Number Generators.
security services based on cryptography
Security Services based on Cryptography
  • Availability
  • Integrity (Hash Algorithms)
  • Confidentiality (Symmetric Key)
  • Authentication (Public/Symmetric Key Cryptography)
security infrastructures based on cryptography
Security Infrastructures based on Cryptography
  • Public Key Infrastructures
  • Some Security Protocols
    • SSL
    • IPSEC
access control
Access Control
  • Classical Security Models
    • Bell-La Padula Confidentiality Model
    • Biba Integrity Model
  • Graham-Denning Model
  • Lattice Model
  • Role Base Access Control (RBAC)
  • State Machine Model
  • Information Flow Model
  • Brewer Nash Model
  • Clark Wilson Model
network infrastructure security
Network/Infrastructure Security
  • Attacks through Networks
  • Firewalls and their types
  • Virtual Private Networks
  • Intrusion Detection Systems
operating system security
Operating System Security
  • Memory Protection
  • Access Control to General Objects
  • File Protection
  • User Authentication
  • Designing Trusted Operating Systems
database security
Database Security
  • Integrity
  • Access Control
  • Inference and Aggregation
  • Multilevel secure databases
    • Partitioned
    • Cryptographically Sealed, and filtered
ad