Understanding Security

Slides:

Advertisements

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Advertisements

.NET Framework Application Security Overview

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Grid Security. Typical Grid Scenario Users Resources.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

Core Web Service Security Patterns

Security Chapters 14,15. The Security Environment Threats Security goals and threats.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.

Securing Information Transfer in Distributed Computing Environments AbdulRahman A. Namankani.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Access Control in IIS 6.0 Windows 2003 Server Prepared by- Shamima Rahman School of Science and Computer Engineering University of Houston - Clear Lake.

Security Management.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.

Understanding Security Lesson 6. Objective Domain Matrix Skills/ConceptsMTA Exam Objectives Understanding the System.Security Namespace Understand the.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Chapter 10: Authentication Guide to Computer Network Security.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

Public-key Cryptography Strengths and Weaknesses Matt Blumenthal.

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

SECURITY ISSUES. Introduction The.NET Framework includes a comprehensive set of security tools –Low-level classes and an overall framework –Managing code.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Csci5233 computer security & integrity 1 Cryptography: an overview.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

DIGITAL SIGNATURE.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Creating and Managing Digital Certificates Chapter Eleven.

Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.

Understand Permissions LESSON Security Fundamentals.

Privilege Management Chapter 22.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Pertemuan #8 Key Management Kuliah Pengaman Jaringan.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Cryptography: an overview

Cryptography: an overview

Cryptography: an overview

Operating System Concepts

Presentation transcript:

Understanding Security Lesson 6

Objective Domain Matrix Skills/Concepts MTA Exam Objectives Understanding the System.Security Namespace Understand the System Security namespace (5.1) Understanding Authentication and Authorization Understand authentication and authorization (5.2) Understanding Cryptography Understanding Code Access Security Understand authentication and authorization (5.2) Tip: Add your own speaker notes here.

Authentication Authentication refers to the process of obtaining credentials from a user and verifying his or her identity. The process of authentication validates the user’s credentials against some authority. When using Windows authentication the WindowsPrincipal object represents the security context and WindowsIdentity object has authentication information for a user. Tip: Add your own speaker notes here.

Using Windows Authentication Tip: Add your own speaker notes here.

Authorization Authorization is the process of determining whether an authenticated identity is allowed to perform a requested action. Authentication and authorization often work together. Applications will first use authentication to verify the user’s identity and then use the identity information to determine the actions that a user is authorized to perform. Tip: Add your own speaker notes here.

The WindowsPrincipal.IsInRole Method The IsInRole method of the WindowsPrincipal object can be used to determine whether the current user is in a specific windows group. Tip: Add your own speaker notes here.

Cryptography helps protects data by: Encrypting the data so that it cannot be viewed by unauthorized users Detecting whether the data has been modified. Establishing the identity of the sender so you can trust that a message is actually coming from the claimed sender. Tip: Add your own speaker notes here.

Encryption and Decryption One of the major goals of cryptography is to protect data by encrypting it. Encrypted data can be decrypted only by someone with a key. The .NET Framework provides two types of encryption algorithms: Secret-key encryption Public-key encryption Tip: Add your own speaker notes here.

Secret-Key Encryption The sender encrypts the message before sending it across and the receiver uses the same key to decrypt the message. Also known as symmetric encryption because the same key is used for both encryption and decryption. The secret key must be protected from unauthorized use. Tip: Add your own speaker notes here.

Secret-Key Algorithms The .NET Framework’s classes for secret key encryption and decryption: AesManaged DESCryptoServiceProvider HMACSHA1 RC2CryptoServiceProvider RijndaelManaged TripleDESCryptoServiceProvider AesManaged and RijndaelManaged provide the highest-level of encryption. Tip: Add your own speaker notes here.

Public-Key Encryption Public-key encryption protects data by using a set of two cryptographically paired keys. One key is called a private key and it is known only to its owner. The other key is called a public key and as the name suggests, it can be made public to anyone. The private key can also be used for digital signatures. Tip: Add your own speaker notes here.

Public-Key Algorithms The .NET Framework provides the following classes to implement the public-key encryption algorithms: DSACryptoServiceProvider RSACryptoServiceProvider ECDiffieHellmanCng ECDsaCng Tip: Add your own speaker notes here.

Code Access Security Code access security (CAS) defines what the code running on a computer system is allowed to do. CAS enforces that the code originating from unknown or untrusted source runs with added protection. CAS helps reduce the chances that your code is misused by malicious code to perform unintended operations. Tip: Add your own speaker notes here.

.NET Framework 4.0 Security Transparency Transparency is a security enforcement mechanism that separates code that can do privileged things (critical code), such as calling native code, and code that cannot (transparent code). Transparent code can execute commands within the bounds of the permission set it is operating in, but cannot execute, derive from, or contain critical code. Tip: Add your own speaker notes here.

Transparency Level-2 Categories Tip: Add your own speaker notes here.

Managing Permissions Permissions refer to the actions that a code is allowed to or not allowed to perform. Permission sets are a predefined collection of permissions that are applied together. The System.Security.Permissions namespace defines the classes that specify the permissions you can apply to an assembly declaratively or programmatically. Tip: Add your own speaker notes here.

Access Control Access control refers to security features that control who can access resources such as files or directories in the operating system. Applications call access control functions to check or set who can access specific resources. There are two parts to the acess control model: access tokens and security descriptors. Tip: Add your own speaker notes here.

Access Tokens and Security Descriptors An access token contains security identifiers that identify the user’s account. The system uses this information to identify the user when a process perform a task that requires secure privileges. A security descriptor identifies the object’s owner and the object’s access control list (ACL). The ACL contain information about the users allowed or denied access to the object. Tip: Add your own speaker notes here.

Recap Authentication Authorization Cryptography Encryption and Decryption Secret-Key Encryption Public-Key Encryption Code Access Security Permissions Access Control