1 / 23

Security Services

ECE 646 - Lecture 1. Security Services. Need for information security. widespread use of data processing equipment: computer security widespread use of computer networks and distributed computing systems: network security. Security Threats in Banking Systems.

canderson
Télécharger la présentation

Security Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECE 646 - Lecture 1 Security Services

  2. Need for information security • widespread use of data processing equipment: • computer security • widespread use of computer networks and • distributed computing systems: • network security

  3. Security Threats in Banking Systems Bank B Bank A interception fabrication modification Timing attacks ATM Radiation analysis unauthorized access

  4. Electronic Commerce ELECTRONIC DATA INTERCHANGE - EDI ELECTRONIC FUND TRANSFER - EFT • intra-bank fund transfers • inter-bank fund transfers • home banking • electronic cash • financial transactions • among companies HOME-SHOPPING • non-digital goods (e.g., books, CDs) • services (e.g., travel reservations) • digital goods (e.g., software, music, video) • micropayments (e.g., database access)

  5. Electronic Data Interchange • transactions between computers • human participation in routine transactions • limited or non-existent • paper records eliminated • less time to detect and correct errors

  6. Other types of data needing security • financial records • medical records • commercial secrets • business and private correspondence • technical specifications

  7. Potential attackers • hackers • industrial competitors • spies • press • government agencies

  8. Security on the Internet Alice, Love you, Bob Alice Smurftown, SL 22030 Smurfland E-MAIL  SECURE E-MAIL 

  9. NSA National Security Agency (also known as “No Such Agency” or “Never Say Anything”) Created in 1952 by president Truman Goals: • designing strong ciphers (to protect U.S. communications) • breaking ciphers (to listen to non-U.S. communications) Budget and number of employees kept secret Largest employer of mathematicians in the world Larger purchaser of computer hardware

  10. RSA Security Inc. (currently the security division of EMC) • original patents for RSA (expired in 2000), • RC5, RC6 and other cryptographic algorithms • over 1 billion users of the basic cryptographic library • BSAFE • RSA Laboratories • RSA Conference • spin-off companies • VeriSign - Public Key Infrastructure

  11. American and international standards regarding public key cryptography International standards Banking standards ISO Informal industrial standards Industrial standards ISO ANSI RSA Labs PKCS IEEE ANSI X9 P1363 Federal standards PKCS NIST FIPS

  12. American and international standards regarding public key cryptography IEEE - Institute of Electrical and Electronics Engineers ANSI - American National Standards Institute NIST - National Institute of Standards and Technology ISO – International Organization for Standardization PKCS – Public Key Cryptography Standards FIPS - Federal Information Processing Standards

  13. Security services Protecting data in transit at rest • access control • - identification • - authorization • - auditing • confidentiality • integrity • authentication • non-repudiation • availability

  14. Identification (User Authentication) On the basis of • what you know (passwords, PINs) • what you have (magnetic card, smart card) • what you are (fingerprints, handprints, voiceprints, • keystroke timing, signatures, retinal • scanners)

  15. Basic Security Services (1) 1. Confidentiality Bob Alice Charlie 2. Message integrity Bob Alice Charlie 3. Message authentication Bob Alice Charlie

  16. Basic Security Services (2) 4. Non-repudiation - of sender - of receiver - mutual Technique: digital signature Signature DIGITAL HANDWRITTEN A6E3891F2939E38C745B 25289896CA345BEF5349 245CBA653448E349EA47 • unique identification • proof of agreement to the contents • of the document Main Goals:

  17. Handwritten and digital signatures Common Features Digital signature Handwritten signature 1. Unique 2. Impossible to be forged 3. Impossible to be denied by the author 4. Easy to verify by an independent judge 5. Easy to generate

  18. Handwritten and digital signatures Differences Digital signature Handwritten signature 6. Associated physically with the document 7. Almost identical for all documents 8. Usually at the last page 6. Can be stored and transmitted independently of the document 7. Function of the document 8. Covers the entire document

  19. Relations among security services NON-REPUDIATION AUTHENTICATION CONFIDENTIALITY INTEGRITY

  20. Network Security Threats (1) Interruption Interception Fabrication Modification

  21. Network Security Threats (2) Active Passive Interception Fabrication (authenticity) Interruption (availability) Release of message contents Traffic analysis Modification (integrity)

More Related