• Home

  • Documents

  • Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity...
9
9/13/2010 CS 686 Definition of Security/Privacy EJ Jung [email protected] CS 686 Special Topics in CS Privacy and Security 9/13/2010 CS 686 Henric Johnson 2 Attacks, Services and Attacks, Services and Mechanisms Mechanisms ! Security Attack: Any action that compromises the security of information. ! Security Mechanism: A mechanism that is designed to detect, prevent, or recover from a security attack. ! Security Service: A service that enhances the security of data processing systems and information transfers. A security service makes use of one or more security mechanisms.

Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

Embed Size (px)

Citation preview

Page 1: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Definition of Security/Privacy

EJ [email protected]

CS 686 Special Topics in CSPrivacy and Security

9/13/2010 CS 686Henric Johnson 2

Attacks, Services andAttacks, Services andMechanismsMechanisms

! Security Attack: Any action that compromises thesecurity of information.

! Security Mechanism: A mechanism that is designed todetect, prevent, or recover from a security attack.

! Security Service: A service that enhances thesecurity of data processing systems and informationtransfers. A security service makes use of one ormore security mechanisms.

Page 2: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Passive attack (1) - Eavesdrop

!Code talkers

9/13/2010 CS 686

Passive attack (2) - Analysis

!Alexa

Page 3: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Active attack (1) - impersonation

! Impostors on Facebook

9/13/2010 CS 686

Active (2) - replay

Page 4: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Active (3) – intercept&modify

9/13/2010 CS 686

Active (4) - DoS

!Distributed DoS

Page 5: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Summary of attacks

Henric Johnson 9

9/13/2010 CS 686Henric Johnson 10

Security ServicesSecurity Services! Confidentiality (privacy)

! Authentication (who created or sent the data)

! Integrity (has not been altered)

! Non-repudiation (the order is final)

! Access control (prevent misuse of resources)

! Availability (permanence, non-erasure)

• Denial of Service Attacks

• Virus that deletes files

Page 6: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

network

Attack on Authenticity

!Authenticity is identification and assurance oforigin of information

Unauthorized assumption ofanother’s identity

9/13/2010 CS 686

network

Attack on Confidentiality

!Confidentiality is concealment of information

Eavesdropping,packet sniffing,illegal copying

Page 7: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

network

Attack on Integrity

! Integrity is prevention of unauthorized changes

Intercept messages,tamper, release again

9/13/2010 CS 686

network

Attack on Availability

!Availability is ability to use information orresources desired

Overwhelm or crash servers,disrupt infrastructure

Page 8: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Famous words

! Encrypt and decrypt! Plaintext and ciphertext

• encrypt plaintext -> ciphertext• decrypt ciphertext -> plaintext• easy example: XOR

!Digital signature• as you sign on paper• for non-repudiation and accountability

! Session• one conversation/communication unit

9/13/2010 CS 686

Model for Network Security

Page 9: Definition of Security/Privacy - USF Computer Scienceejung/courses/686/lectures/02def.pdfSecurity Attack: Any action that compromises the security of information.!Security Mechanism:

9/13/2010 CS 686

Access Control Model


Compromises Fail

Compromises Fail

Documents
23.3 Failed Compromises

23.3 Failed Compromises

Documents
Data Security Basics for Small Merchants - Visa3 | Data Security Basics for Small Merchants | 28 October 2015 Visa Public •Compromises and Small Businesses •Impacted Industries

Data Security Basics for Small Merchants - Visa3 | Data Security Basics for Small Merchants | 28 October 2015 Visa Public •Compromises and Small Businesses •Impacted Industries

Documents
Privacy and Security Incident Management Protocol Incident Protocol_Public... · • Compromises CIHI’s information security controls (security breach). Some examples of breaches

Privacy and Security Incident Management Protocol Incident Protocol_Public... · • Compromises CIHI’s information security controls (security breach). Some examples of breaches

Documents
( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers

( 2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers

Documents
Emsisoft Internet Security · PDF fileEmsisoft Internet Security 11 Emsisoft Internet Security No Bloat, No Compromises - Just Security. Dual Engine 3-Layer Protection Firewall 2014

Emsisoft Internet Security · PDF fileEmsisoft Internet Security 11 Emsisoft Internet Security No Bloat, No Compromises - Just Security. Dual Engine 3-Layer Protection Firewall 2014

Documents
Compromises, Arrangements and Amalgamations

Compromises, Arrangements and Amalgamations

Documents
VIOLATIONS AND COMPROMISES - jsac-dfw.org

VIOLATIONS AND COMPROMISES - jsac-dfw.org

Documents
Constitutional Foundations--Institutions and Compromises

Constitutional Foundations--Institutions and Compromises

News & Politics
Security & The Internet of Things - Virginia Tech Account Compromises • We took action in Jan/Feb to reduce system compromises leading to email spam attacks • Attackers have changed

Security & The Internet of Things - Virginia Tech Account Compromises • We took action in Jan/Feb to reduce system compromises leading to email spam attacks • Attackers have changed

Documents
Slavery compromises

Slavery compromises

Education
Introduction to Cyber Security Cont. · Security attack – An action that compromises security of the system or exchanged information Security service – A service that enhances

Introduction to Cyber Security Cont. · Security attack – An action that compromises security of the system or exchanged information Security service – A service that enhances

Documents
The Compromises

The Compromises

Documents
Security Assessment of Electricity Distribution Networks under … · 2016-08-15 · SECURITY OF ELECTRICTY DNS UNDER NODE COMPROMISES 3 and qcnom i are the real and reactive components

Security Assessment of Electricity Distribution Networks under … · 2016-08-15 · SECURITY OF ELECTRICTY DNS UNDER NODE COMPROMISES 3 and qcnom i are the real and reactive components

Documents
Compromises and not solution

Compromises and not solution

Business
HEALTHCON 2016 HIPAA Privacy and Security Breaches 10 ... · which compromises the security or privacy of the protected health information. April 11, 2016 HIPAA Breaches –10 Things

HEALTHCON 2016 HIPAA Privacy and Security Breaches 10 ... · which compromises the security or privacy of the protected health information. April 11, 2016 HIPAA Breaches –10 Things

Documents
Constitutional compromises and plans new

Constitutional compromises and plans new

Education
Securing your Laptop like you mean it: Virtualization ... COMMSEC - Securing Your L… · *Decent security with reasonable compromises . 21 ... Virtualization Based Security with

Securing your Laptop like you mean it: Virtualization ... COMMSEC - Securing Your L… · *Decent security with reasonable compromises . 21 ... Virtualization Based Security with

Documents
Cyber Security Issues - Center of Excellence in Rural …...or disclosure of protected health information which compromises the security or privacy of the protected health information

Cyber Security Issues - Center of Excellence in Rural …...or disclosure of protected health information which compromises the security or privacy of the protected health information

Documents
 · 2019-12-17 · data security compromises has increased. In 2005, there were over 130 compromises that resulted in the exposure of over 50 million account numbers. The growth in

 · 2019-12-17 · data security compromises has increased. In 2005, there were over 130 compromises that resulted in the exposure of over 50 million account numbers. The growth in

Documents
Political Compromises to Save the Union

Political Compromises to Save the Union

Documents
REVISION CSE2500 SYSTEM SECURITY & PRIVACY. RevisionSrini & Nandita2 Introduction to security Security attack - action that compromises the security of

REVISION CSE2500 SYSTEM SECURITY & PRIVACY. RevisionSrini & Nandita2 Introduction to security Security attack - action that compromises the security of

Documents
Gender Differences in Reactions to Ethical Compromises ... · Gender Differences in Reactions to Ethical Compromises ... more than men, find ethical compromises ... perceived more

Gender Differences in Reactions to Ethical Compromises ... · Gender Differences in Reactions to Ethical Compromises ... more than men, find ethical compromises ... perceived more

Documents
Compromises Fail and the Coming of Warasms.psd202.org/documents/dmadigan/1568981409.pdf · Compromises only offered temporary solutions. Eventually, compromises would not be enough

Compromises Fail and the Coming of Warasms.psd202.org/documents/dmadigan/1568981409.pdf · Compromises only offered temporary solutions. Eventually, compromises would not be enough

Documents
Mitigating Covert Compromises - Aron Laszka

Mitigating Covert Compromises - Aron Laszka

Documents
Comparing the Compromises - cpb-us-e1.wpmucdn.com€¦ · Comparing the Compromises The Compromises of 1820 and 1850 The United States in 1810 The Compromise of 1820 The Compromise

Comparing the Compromises - cpb-us-e1.wpmucdn.com€¦ · Comparing the Compromises The Compromises of 1820 and 1850 The United States in 1810 The Compromise of 1820 The Compromise

Documents
Compromises and Ratification of Constitution

Compromises and Ratification of Constitution

Documents
The Constitution and Compromises

The Constitution and Compromises

Documents
No more compromises

No more compromises

Documents
MAJOR CONSITUTIONAL COMPROMISES

MAJOR CONSITUTIONAL COMPROMISES

Documents