information systems security
play

Information Systems Security Dr. Ayman Abdel-Hamid College of - PowerPoint PPT Presentation

Dec 12, 2022 •379 likes •510 views

Information Systems Security Dr. Ayman Abdel-Hamid College of Computing and Information Technology Arab Academy for Science & Technology and Maritime Transport Key Distribution in Symmetric Encryption ISS Dr. Ayman Abdel-Hamid 1 Outline

  1. Information Systems Security Dr. Ayman Abdel-Hamid College of Computing and Information Technology Arab Academy for Science & Technology and Maritime Transport Key Distribution in Symmetric Encryption ISS Dr. Ayman Abdel-Hamid 1

  2. Outline •Key Distribution in Symmetric Encryption � Key distribution alternatives � The role of a KDC and a hierarchy of keys � A key distribution scenario � Key distribution issues ISS Dr. Ayman Abdel-Hamid 2

  3. Key Distribution in Symmetric Encryption 1/6 • symmetric schemes require both parties to share a common secret key • issue is how to securely distribute this key • often secure system failure due to a break in the key distribution scheme ISS Dr. Ayman Abdel-Hamid 3

  4. Key Distribution in Symmetric Encryption 2/6 • given parties A and B � various key distribution alternatives: 1.A can select key and physically deliver to B 2.third party can select & deliver key to A & B 3.if A & B have communicated previously can use previous key to encrypt a new key 4.if A & B have secure communications with a third party C, C can relay key between A & B ISS Dr. Ayman Abdel-Hamid 4

  5. Key Distribution in Symmetric Encryption 3/6 • given parties A and B � various key distribution alternatives: 1.A can select key and physically deliver to B 2.third party can select & deliver key to A & B – Manual delivery of a key – awkward for end-to-end encryption – A key is needed for each pair of communicating entities (for N entities � number of required keys is N(N-1)/2. What is an entity?) ISS Dr. Ayman Abdel-Hamid 5

  6. Key Distribution in Symmetric Encryption 4/6 given parties A and B � various key • distribution alternatives: 3. if A & B have communicated previously can use previous key to encrypt a new key – If an attacker ever succeeds in gaining access to one key, all subsequent keys will be revealed – Initial distribution of a large number of keys must still be made ISS Dr. Ayman Abdel-Hamid 6

  7. Key Distribution in Symmetric Encryption 5/6 given parties A and B � various key • distribution alternatives: 4. if A & B have secure communications with a third party C, C can relay key between A & B – A key distribution center (KDC) is responsible for distributing keys to pairs of entities (hosts, processes, or applications) – Each user must share a unique key with the KDC for the purposes of key distribution ISS Dr. Ayman Abdel-Hamid 7

  8. Key Distribution in Symmetric Encryption 6/6 • Use of a KDC is based on use of a hierarchy of keys � At a minimum 2 levels of keys • Session key – Temporary key used to encrypt communication between end systems – Used for duration of logical connection and then discarded – Obtained from KDC • Master key – Shared by KDC and end system or user – Used to encrypt session keys while being transmitted from KDC to end system – Still need to be distributed (How many master keys are needed?) ISS Dr. Ayman Abdel-Hamid 8

  9. Key Distribution Scenario • Request contains identity of A and B • N1 is a nonce ISS Dr. Ayman Abdel-Hamid 9

  10. Key Distribution Issues 1/3 •Hierarchies of KDC’s required for large networks, but must trust each other � Local KDC for communication among entities within the same domain � For entities in different local domains, local KDCs can communicate through a global KDC •Session key lifetimes should be limited for greater security � Connection-oriented protocols (length of time connection is open � if too long?) � Connectionless protocols ISS Dr. Ayman Abdel-Hamid 10

  11. Key Distribution Issues 2/3 •use of automatic key distribution on behalf of users (transparent to the end user), but must trust system FEP performs end-to-end encryption and obtains session keys on behalf of host ISS Dr. Ayman Abdel-Hamid 11

  12. Key Distribution Issues 3/3 •use of decentralized key distribution Should be ID B ISS Dr. Ayman Abdel-Hamid 12

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security 101 Definition of Information Security Information security is the protection of

Security 101 Definition of Information Security Information security is the protection of

Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The

469 views • 22 slides
Security Fundamentals for Educational Leaders Steve Palmer K-12 Information Systems Security

Security Fundamentals for Educational Leaders Steve Palmer K-12 Information Systems Security

Security Fundamentals for Educational Leaders Steve Palmer K-12 Information Systems Security Analyst EduTech User Awareness Preparing our Digital Citizens for the Future The Numbers State of North Dakota has over 530 schools All connecting

432 views • 22 slides
Introduction to the course Information Security Daniel Bosk Department of Information Systems

Introduction to the course Information Security Daniel Bosk Department of Information Systems

Scope and aims Course structure and content overview Course content Assessment Introduction to the course Information Security Daniel Bosk Department of Information Systems and Technology Mid Sweden University, Sundsvall School of

801 views • 29 slides
Securing Information Systems Barbarians at the Gateway Learning Objectives Security breaches

Securing Information Systems Barbarians at the Gateway Learning Objectives Security breaches

10/16/2013 Securing Information Systems Barbarians at the Gateway Learning Objectives Security breaches are on the rise Understand the potentially damaging impact of security breaches Security must be made a top organizational

610 views • 20 slides
System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn Department of Computer and Information Science Linkping University System Security 2 Security in computer systems Hardware (System)

838 views • 56 slides
Security Security with Distributed Systems Why Security? The need for security mechanisms in

Security Security with Distributed Systems Why Security? The need for security mechanisms in

Security Security with Distributed Systems Why Security? The need for security mechanisms in distributed systems arises from the desire to share resources Resources must be protected against unauthorized access, as enemies (attackers)

1.16k views • 67 slides
Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Advanced Systems Security: Introduction to OS Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Introduction to OS Security Trent

770 views • 28 slides
Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

5/18/2018 Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity of our software and systems 12B. Authentication millions of lines of code, thousands of developers rich and powerful protocols

374 views • 9 slides
Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity

5/24/2017 Security and Privacy Why Security is Difficult 12A. Operating Systems and Security complexity of our software and systems 12B. Authentication millions of lines of code, thousands of developers rich and powerful protocols

533 views • 14 slides
Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Linux Security Modules Trent

872 views • 30 slides
Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Security-Enhanced Linux Trent

474 views • 26 slides
- Systems Security: Part 1 - Prof. Dr. Michael Backes Director, CISPA Center for IT Security,

- Systems Security: Part 1 - Prof. Dr. Michael Backes Director, CISPA Center for IT Security,

Introduction to Cybersecurity - Systems Security: Part 1 - Prof. Dr. Michael Backes Director, CISPA Center for IT Security, Privacy, and Accountability Chair for IT-security & Cryptography General Information Correct formatting

1.05k views • 75 slides
Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Hardware Security Trent Jaeger

703 views • 46 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
Distributed Systems How does the OS ensure security? 13C. Security for Distributed Systems

Distributed Systems How does the OS ensure security? 13C. Security for Distributed Systems

5/27/2017 Distributed Systems How does the OS ensure security? 13C. Security for Distributed Systems all key resources are kept inside of the OS protected by hardware (mode, memory management) 13I. Secure Sessions processes cannot

253 views • 9 slides
Distributed Systems How does the OS ensure security? 13C. Distributed Systems: Security all

Distributed Systems How does the OS ensure security? 13C. Distributed Systems: Security all

5/20/2018 Distributed Systems How does the OS ensure security? 13C. Distributed Systems: Security all key resources are kept inside of the OS protected by hardware (mode, memory management) 13I. Secure sessions processes cannot

129 views • 9 slides
Samba, Quo Vadis? Experimenting with languages the Cool Kids use Kai Blin Samba Team SambaXP

Samba, Quo Vadis? Experimenting with languages the Cool Kids use Kai Blin Samba Team SambaXP

Samba, Quo Vadis? Experimenting with languages the Cool Kids use Kai Blin Samba Team SambaXP 2017 2017-05-03 Intro M.Sc. in Computational Biology Ph.D. in Microbiology Samba Team member 2/45 Overview Programming

776 views • 45 slides
Problem statements on cross-realm authentication Shoichi Sakane Shouichi.Sakane@jp.yokogawa.com

Problem statements on cross-realm authentication Shoichi Sakane Shouichi.Sakane@jp.yokogawa.com

Problem statements on cross-realm authentication Shoichi Sakane Shouichi.Sakane@jp.yokogawa.com The 66 th IETF meeting 07/06/06 Yokogawa Electric Corporation 1 Purpose of this presentation Not presentation of our extension.

253 views • 12 slides
University KnowledgeBase Pushing the KnowledgeBase Limits Without Getting a Faceplant John

University KnowledgeBase Pushing the KnowledgeBase Limits Without Getting a Faceplant John

University KnowledgeBase Pushing the KnowledgeBase Limits Without Getting a Faceplant John Cowsert (AITS) Agenda Introductions KnowledgeBase Overview Features Testimonials Lessons Learned Introductions John Cowsert

544 views • 43 slides
Detecting and Resolving Type Flaws in Security Protocols Michael Banks Department of Computer

Detecting and Resolving Type Flaws in Security Protocols Michael Banks Department of Computer

Detecting and Resolving Type Flaws in Security Protocols Michael Banks Department of Computer Science, University of York 26th February 2009 Outline 1 Security Protocols 2 Type Flaws: Attacks and Defences 3 Detecting and Resolving Potential

391 views • 25 slides
Distributed Systems Principles and Paradigms Chapter 09 (version April 7, 2008 ) Maarten van

Distributed Systems Principles and Paradigms Chapter 09 (version April 7, 2008 ) Maarten van

Distributed Systems Principles and Paradigms Chapter 09 (version April 7, 2008 ) Maarten van Steen Vrije Universiteit Amsterdam, Faculty of Science Dept. Mathematics and Computer Science Room R4.20. Tel: (020) 598 7784 E-mail:steen@cs.vu.nl,

582 views • 47 slides
Introduction . Zhang embed U q ( sl 2 ) into Assume q is not a root of unity, X. W. Chen and P the

Introduction . Zhang embed U q ( sl 2 ) into Assume q is not a root of unity, X. W. Chen and P the

Two Dimensional YD-modules over U q ( sl 2 ) are trivial Emine Yildirim University of New Brunswick June 27th, 2014 Emine Yildirim (University of New Brunswick) Hopf Algebras in (co)action June 27th, 2014 1 / 21 Introduction Introduction .

383 views • 21 slides
SigniTrend: Scalable Detection of Emerging Topics in Textual Streams by Hashed Significance

SigniTrend: Scalable Detection of Emerging Topics in Textual Streams by Hashed Significance

SigniTrend: Scalable Detection of Emerging Topics in Textual Streams by Hashed Significance Thresholds Erich Schubert, Michael Weiler, Hans-Peter Kriegel Institute of Informatics Database Systems Group Ludwig-Maximilians-Universitt

573 views • 23 slides
Graphing Crumbling Cookies AdKDD 2019 Matt Malloy, Jon Koller and Aaron Cahn What is a device

Graphing Crumbling Cookies AdKDD 2019 Matt Malloy, Jon Koller and Aaron Cahn What is a device

Graphing Crumbling Cookies AdKDD 2019 Matt Malloy, Jon Koller and Aaron Cahn What is a device graph? a dataset that organizes digital identifiers that we create as we use the internet identifiers (IDs): browser cookies or advertising

284 views • 11 slides

More recommend