Presentation is loading. Please wait.

Presentation is loading. Please wait.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

Published byMervin Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "Invitation to Computer Science 5 th Edition Chapter 8 Information Security."— Presentation transcript:

1 Invitation to Computer Science 5 th Edition Chapter 8 Information Security

2 Invitation to Computer Science, 5th Edition2 Objectives In this chapter, you will learn about: Threats and defenses Encryption Web transmission security

3 Introduction Information security –Keeping information secure Security –Can be breached at many different points in the “virtual machine” Invitation to Computer Science, 5th Edition33

4 Threats and Defenses Authentication –Verifies who has the right to gain access to the computer Hash function –Takes password the user originally chooses, chops it up, and stirs it around according to a given formula Social engineering –Process of using people to get the information you want Invitation to Computer Science, 5th Edition44

5 5 Authentication Basic physical security principles –Maintain control of your laptop –Be sure no one peers over your shoulder in your office or on the airplane –Lock your office door when you leave

6 Invitation to Computer Science, 5th Edition6 Authorization Governs what an authenticated user is allowed to do User privileges –Read access (can read a particular file) –Write access (can modify a particular file) –Execute access (can run a particular program file) –Delete access (can delete a particular file) System administrator –Has access to everything

7 Invitation to Computer Science, 5th Edition7 Threats from the Network Malware –Malicious software Virus –Computer program that infects a host computer and then spreads Worm –Can send copies of itself to other nodes on a computer network without having to be carried by an infected host file

8 Invitation to Computer Science, 5th Edition8 Threats from the Network (continued) Trojan horse –Computer program that, unbeknownst to the user, contains code that performs malicious attacks Denial-of-service (DOS) attack –Typically directed at a business or government Web site –Automatically directs browsers on many machines to a single URL at roughly the same time

9 Invitation to Computer Science, 5th Edition9 Encryption Cryptography –The science of “secret writing” Encryption and decryption –Inverse operations Symmetric encryption algorithm –Requires the use of a secret key known to both the sender and receiver Asymmetric encryption algorithm –Key for encryption and decryption are quite different, but related

10 Invitation to Computer Science, 5th Edition10 Simple Encryption Algorithms Caesar cipher (shift cipher) –Shifting each character in the message to another character some fixed distance farther along in the alphabet –Encodes one character at a time Block cipher –Group or block of plaintext letters gets encoded into a block of ciphertext

11 Invitation to Computer Science, 5th Edition11 Figure 8.1 Steps in Encoding and Decoding for a Block Cipher

12 Invitation to Computer Science, 5th Edition12 DES DES (Data Encryption Standard) –Encryption algorithm developed by IBM in the 1970s for the U.S. National Bureau of Standards –A block cipher that is 64 bits long DES algorithm –Every substitution, reduction, expansion, and permutation is determined by a well-known set of tables –The same algorithm serves as the decryption algorithm

13 Invitation to Computer Science, 5th Edition13 Figure 8.2 The XOR Gate

14 Invitation to Computer Science, 5th Edition14 Figure 8.3 The DES Encryption Algorithm

15 Invitation to Computer Science, 5th Edition15 DES (continued) Triple DES –Improves the security of DES –Requires two 56-bit keys –Runs the DES algorithm three times AES (Advanced Encryption Standard) –Adopted for use by the U.S. government in 2001 –Based on the Rijndael algorithm

16 Invitation to Computer Science, 5th Edition16 Public Key Systems RSA –Most common public key encryption algorithm –Based on results from the field of mathematics known as number theory Prime number –Integer greater than 1 that can only be written as the product of itself and 1

17 Invitation to Computer Science, 5th Edition17 Web Transmission Security SSL (Secure Sockets Layer) –Method for achieving secure transfer of information on the Web TLS (Transport Layer Security) protocol –First defined in 1999 –Based on SSL and is nearly identical to SSL –Nonproprietary –Supported by the Internet Engineering Task Force

18 Invitation to Computer Science, 5th Edition18 Figure 8.4 A TLS/SSL Session

19 Summary Information security –Keeping information secure Threats from the network –Malware, viruses, worms, denial-of-service attacks Encryption algorithms –Caesar cipher, block cipher RSA –Most common public key encryption algorithm Invitation to Computer Science, 5th Edition19

Download ppt "Invitation to Computer Science 5 th Edition Chapter 8 Information Security."

Similar presentations

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.

Relations, Functions, and Matrices Mathematical Structures for Computer Science Chapter 4 Copyright © 2006 W.H. Freeman & Co.MSCS SlidesThe Mighty Mod.
Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Computer Science 101 Data Encryption And Computer Networks.

Computer Science 101 Data Encryption And Computer Networks.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, Java Version, Third Edition.

Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, Java Version, Third Edition.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Cryptographic Technologies

Cryptographic Technologies
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Chapter 8 Network Security 4/17/2017 www.noteshit.com.

Chapter 8 Network Security 4/17/2017
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

Similar presentations

Ads by Google