Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (1) Information Security.

Published byClement Holt Modified over 8 years ago

Similar presentations

Presentation on theme: "CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (1) Information Security."— Presentation transcript:

1 CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (1) Information Security

2 Syllabus Textbook:  “Information Security-Principles and Practice” by Mark Stamp Grading:  Projects: 1. Classic Cipher: 10% 2. Symmetric Cipher: 15% 3. Asymmetric Cipher: 15% 4. New Cipher: 10%  Exams (Open book):  OS Services: 5%  Midterm: 15%  Final: 30%

3 Definition Information Security is the process of protecting data from unauthorized access, use, disclosure, destruction, modification, or disruption. Other names:  Computer security  Information assurance  Data security  IT security  Computer security

4 Basic Principles of Information Security Confidentiality  No one can see it Integrity  Remove / Insert some pages Availability  see it anytime

5 Where to Start? Risk Management We need to start the Risk Management’s process:  To identify the vulnerabilities  To identify the threat Why do we need Risk Management?  a threat may use a vulnerability to cause harm to valuable information The objective of the Risk Management’s :  To reduce risk to an acceptable level

6 1. DEFINITION 2. PROCESS 3. EXECUTIVE Risk Management

7 Definition “Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization.” CISA Review Manual 2006

8 Process 1. Identification of assets and estimating their value. 2. Conduct a threat assessment. 3. Conduct a vulnerability assessment. 4. Calculate the impact that each threat would have on each asset. 5. Identify, select and implement appropriate controls. 6. Evaluate the effectiveness of the control measures.

9 Executive Management Executive Management can choose to:  accept the risk  mitigate the risk  deny the risk

10 Executive Management 1. “Accept the risk”?  do nothing ! 2. “Mitigate the risk”?  Administrative Control  Logical Control  Physical Control 3. “Deny the risk”?  Confidentiality  Integrity  Authenticity

11 1. TERMINOLOGY 2. CRYPTOGRAPHY 3. CIPHERS 1. Substitution Ciphers 2. Transposition Ciphers 3. Symmetric Ciphers 4. Asymmetric Ciphers Cryptology

12 Basic Terminology of Crypto Cryptology: is the art and science of making and breaking “secret codes.” Cryptography: is the making of “secret codes.” Cryptanalysis: is the breaking of “secret codes.” Crypto: is a synonym for any or all of the above (and more).

13 Cryptography Cipher ( صفر ) is an algorithm for performing encryption and decryption — a series of well-defined steps that can be followed as a procedure. Plaintext Ciphertext Encrypt Decrypt

14 Cryptography The operation of a cipher usually depends on a piece of auxiliary information, called a key. Key Authentication Problem Plaintext Ciphertext Encrypt Decrypt

15 Cryptography Ciphers 1. Classic Substitution e.g., Caesar Cipher Transposition e.g., Route Cipher Hybrid 2. Modern Symmetric (Private Key) Stream Cipher e.g., RC4, A5/1 Block Cipher e.g., DES, AES Asymmetric (Public Key) e.g., RSA Hybrid

Download ppt "CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (1) Information Security."

Similar presentations

Cryptography Ch-1 prepared by: Diwan.

Cryptography Ch-1 prepared by: Diwan.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Making “Good” Encryption Algorithms

Making “Good” Encryption Algorithms
Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”

Intro 1 Introduction Intro 2 Good Guys and Bad Guys  Alice and Bob are the good guys  Trudy is the bad guy  Trudy is our generic “intruder”
Cryptography Introduction Last Updated: Aug 20, 2013.

Cryptography Introduction Last Updated: Aug 20, 2013.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
1 資訊安全 Network Security Instructor: 孫宏民 Room: EECS 6402, Tel:03-5742968, Fax : 886-3-572-3694.

1 資訊安全 Network Security Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.

Introduction to Symmetric Block Cipher Jing Deng Based on Prof. Rick Han’s Lecture Slides Dr. Andreas Steffen’s Security Tutorial.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.

CS426Fall 2010/Lecture 21 Computer Security CS 426 Lecture 2 Cryptography: Terminology & Classic Ciphers.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.

1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Chapter 2 – Elementary Cryptography  Concepts of encryption  Cryptanalysis  Symmetric (secret key) Encryption (DES & AES)(DES & AES)  Asymmetric (public.

Similar presentations

Ads by Google