Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 1 What is Security Engineering?. Security Engineering Building systems that remain stable Malice Error Mischance Focuses on Tool Processes Methods.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 1 What is Security Engineering?. Security Engineering Building systems that remain stable Malice Error Mischance Focuses on Tool Processes Methods."— Presentation transcript:

1 Chapter 1 What is Security Engineering?

2 Security Engineering Building systems that remain stable Malice Error Mischance Focuses on Tool Processes Methods

3 Expertise for security Engineering Cryptography Computer security Hardware tamper resistance Applied Psychology Audit methods Law System engineering Business process analysis Software engineering

4 Critical assurance requirements Human life and environment Nuclear safety Military Economic infrastructure Bank systems Personal privacy Medical system Business sectors Pay TV Internet sale Crime Burglar and car alarms

5 Security v software engineering Software Ensuring that certain things can happen and happen properly Security Ensuring that certain things can not happen

6 A Secure system needs User authentication Transaction integrity Accountability Fault-tolerance Message secrecy Covertness

7 Review of 4 systems Bank Banks have been a driving force in security and accounting controls Air force base Military has been motivator of technology Healthcare Patient safety and privacy Home More and more important

8 Terms and uses System Subject, Principal, Identity Trust, Trustworthy Confidentiality, Privacy, Secrecy Authenticity, Integrity Vulnerability, Threat, Security failure

9 Articles for Friday 1/21 What is security engineering Documentation of “system” like in text Confidentiality versus privacy versus secrecy System used for domestic spying (Wiretaps) Find article email to classmates before Thursday noon prepare to lead discussion.

10 Previous articles An interesting discussion of the FBI's Carnivore system and its confidentiality. http://www.sweetliberty.org/issues/privacy/corporate.htm A news article on the latest version of iTunes; Privacy concerns over the 'Ministore' http://www.mercurynews.com/mld/mercurynews/business/technology/13662299.htm Talking about tailoring data to specific people... http://www.purdueexponent.com/index.php/module/Issue/action/Article/article_id/2447 Speaks about a changing threat and people who pose as others... http://www.consumeraffairs.com/news04/2006/01/scam_marine.html (Sort of a long article, sorry) http://www.msnbc.msn.com/id/9602401/site/newsweek (A lot to do with Echelon) http://www.scoop.co.nz/stories/HL0601/S00047.htm Intelligence info in plain site http://www.cbsnews.com/stories/2006/01/10/eveningnews/main1198667.shtml Cell phone Privacy http://www.cbsnews.com/stories/2006/01/12/eveningnews/main1206518.shtml

11 Links to resources What is Security Engineering (author links) http://www.cl.cam.ac.uk/~rja14/book.html http://www.cl.cam.ac.uk/~rja14/ A few great BLOGS to get started http://www.lightbluetouchpaper.org/ http://www.schneier.com/blog/

12 Links to resources What do secure systems need: http://en.wikipedia.org/wiki/Computer_security www.sans.org http://books.slashdot.org/article.pl?sid=02/02/28/163234 Ross Andersons Home page http://www.cl.cam.ac.uk/~rja14/

Download ppt "Chapter 1 What is Security Engineering?. Security Engineering Building systems that remain stable Malice Error Mischance Focuses on Tool Processes Methods."

Similar presentations

How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Chapter 1  Introduction 1 Chapter 1: Introduction.

Chapter 1  Introduction 1 Chapter 1: Introduction.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.

A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.
Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman

Class 1 Background, Tools, and Trust CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.

A Gift of Fire, 2edChapter 3: Encryption and Interception of Communications1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical.
Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:

Chapter 1  Introduction 1 Overview  What is a secure computer system?  Concerns of a secure system o Data: Privacy, Integrity, Availability o Users:
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”

Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
Instructions for Weds. Jan. 10 1.Get your Century 21 Jr. textbook 2.Log in to the computers 3.On page 80, read the Objectives listed under “Lesson 13:

Instructions for Weds. Jan Get your Century 21 Jr. textbook 2.Log in to the computers 3.On page 80, read the Objectives listed under “Lesson 13:
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
DATABASES FROM HCT LIBRARIES. HCT has many online databases for students to use to find information. A database is a collection of information organized.

DATABASES FROM HCT LIBRARIES. HCT has many online databases for students to use to find information. A database is a collection of information organized.
David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.

David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.
Securing Information Systems

Securing Information Systems
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
CS 4001Mary Jean Harrold1 Class 8 ŸQuestions about term paper—list of possible topics available later today ŸCommunications discussion ŸCommunications.

CS 4001Mary Jean Harrold1 Class 8 ŸQuestions about term paper—list of possible topics available later today ŸCommunications discussion ŸCommunications.

Similar presentations

Ads by Google