security potpourri
play

Security Potpourri! CS 161: Computer Security Guest Lecturers: - PowerPoint PPT Presentation

Oct 10, 2023 •48 likes •1.08k views

Security Potpourri! CS 161: Computer Security Guest Lecturers: Frank Li, Rebecca Portnoff, Grant Ho, Rishabh Poddar Instructor: Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant

  1. 4-week case study ● 26 ‘ground truth’ test ads ○ 25 required payment, 1 free ○ Placed from Dec 12th, 2016 to Dec 24th, 2016 ○ Price range from $2 to $20 ○ Posted in 27 distinct US regions ● Scraped all the sex ads in every US location every hour, for 4 weeks ● 741,443 unique ads scraped ○ 151,482 required payment ○ Placed from Dec 10th, 2016 to Jan 9th, 2017 ○ Price range from $1 to >$100 ○ Posted in 60 distinct US regions

  2. 4-week case study: PBI ● 11 ground truth ads paid using a PBI ○ 8 transactions were exact match for correct ad ○ 3 transactions matched two ads, one of which was the correct ad ● 249 PBI’s total ● 90 of those PBI’s had at least one exact match ● Results: ○ Links between hard identifiers ○ Evidence of networks across multiple locations ○ Owners of sex ad clusters spending a lot of money on ads

  3. Conclusion ● Promising! ● First work to try to link specific purchases to specific transactions on the Blockchain ● Lots of work left to be done

  4. Us User r Aut uthe hentication n & & Passwords ds CS 161: Computer Security Guest Lecturer: Grant Ho Instructor: Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161/ April 27, 2017 With content from Raluca Ada Popa & Dan Boneh

  5. Attacks & Defenses on Password Authentication • Often worry about 3 classes of attacks (threat models) 1. Online guessing 2. Server compromise (“offline guessing”) 3. Client password compromise

  6. Attacks & Defenses on Password Authentication • Often worry about 3 classes of attacks (threat models) 1. Online guessing 2. Server compromise (“offline guessing”) 3. Client password compromise • We’ll just focus on the last two threat models b/c of time constraints

  7. Th Threat t Model 1: Se Server r Compr promise Attacker breaks into server and steals password database (also called “offline guessing attacks”)

  8. Threat Model #1: Server Compromised • Attacker breaks into server and steals password database • Happens all the time L

  9. Threat Model #1: Server Compromised • Insecure Defense: Server stores encrypted passwords in its database • But server needs easy access to secret key in order to verify users when they login • So, if Mallory breaks into the server, then she can just steal secret key too! Encrypting passwords is not a secure solution

  10. Secure Password Storage • Server should store salted + hashed passwords (Section 6, Problem #1) • Setup 1. During account registration, server generates random number (salt) 2. Server computes h = hash(salt, password) 3. Server stores (username, salt, h ) and deletes user’s password username salt h = hash(salt, password) Alice 235545235 Hash(Alice’s pwd, 235545235) Bob 678632523 Hash(Alice’s pwd, 678632523) • Authentication • User’s browser sends {username, password} to server • Server computes hash(salt, password) and checks if it matches h

  11. Secure Password Storage • Secure Defense : Server should store salted + hashed passwords username salt h = hash(salt, password) Alice 235545235 Hash(Alice’s pwd, 235545235) Bob 678632523 Hash(Alice’s pwd, 678632523) • Attacker steals password database, but: • Only sees salts & h’s : salt is random & secure hash functions are one-way. • Attacker can still compute big table of guesses for Alice & check for matching h : ‘123456’ Hash(‘123456’, 235545235) But salting forces attacker to ‘password’ Hash(‘password’, 235545235) re-compute table for each user and ‘aaaaaaaa’ Hash(‘aaaaaaa’, 235545235) prevents pre-computation. … …

  12. Secure Password Storage • Secure Defense : Server should store salted + securely hash passwords • The secure hash function should also be slow to compute • Usually we want fast crypto for performance • But here we want attacker to wait… and wait… and wait… for guessing to succeed. • Examples: Argon, bcrypt, scrypt • Conceptually, Slow-Hash(x) = hash(hash(hash(hash(…(hash(x))))) • where hash is a regular secure hash (e.g., SHA-256 or HMAC) • If Slow-Hash is 1,000 times slower, attack that previously took 1 day now takes ~3 years

  13. Th Threat t Model 2: Cl Client t Pass ssword Co Comp mpromi mise se Attacker obtains Alice’s password Phishing • Surveillance camera (airport, cafe, etc.) records Alice typing • password … •

  14. Threat Model #2: Password Compromise • Defense: Two-factor authentication (2FA) 1. Something you knows (password) 2. Something you have (smartphone/authentication device) 3. Something you are (fingerprints/iris scanner) • Require 2 methods from above • Most common 2FA: password + authentication device • User enters password at login • If password correct, user then needs to use authentication device • Let’s examine some 2FA designs for the authentication device

  15. Common 2FA Designs 1. Text message: server generates random number & texts it to you • Least secure form of 2FA: • Hijack phone number • Mobile malware or any app w/ text message permissions (e.g. Tinder, Uber, etc.) • …

  16. Common 2FA Designs 1. Text message: server generates random number & texts it to you • Least secure: hijack phone number or hack telephone company (e.g., nation state) 2. Authenticator apps (more secure) • Google Authenticator, Duo, etc. • Protocols: • S/KEY • TOTP • Push notification

  17. The S/Key Protocol: Setup vk = k, n H (n) (k) 1. Server generates n = # of 2FA codes (e.g., 10,000) and a random value k 2. 2FA app (client) obtains n and k (e.g., scanning QR code) Client gets: Server stores: Server computes & stores vk = H (n) (k) and then (1) k 3. Only vk (2) n (total # codes) deletes k & n H (n) (k) = H(H(H(…(H(k)))), hash for n times

  18. The S/Key Protocol: Authenticating to Server k, n, j H(k) H (n-2) (k) H (n) (k) H (n-1) (k) sk #2 sk #1 vk starts here vk after login #1 vk after login #2 Client computes & sends sk = H (n-j) (k) 1. 2. Server checks if H(sk) = vk Client stores: (1) k Server stores: 3. Server updates vk = sk (2) n (total # codes) Only vk 4. Repeat 1-3 (3) j (# total logins) Secure even if attacker breaks into server and steals vk for each user!

  19. Common 2FA Designs 1. Text message: server generates random number & texts it to you • Least secure: hijack phone number or hack telephone company (e.g., nation state) 2. Authenticator apps (more secure) • Common protocols: S/KEY, TOTP, Push notification • Still vulnerable to phishing! 1. Phishing page asks for user’s password 2. Next, phishing page asks user to enter 2FA code 3. Attacker then uses both to login

  20. Common 2FA Designs 1. Text message: server generates random number & texts it to you • Least secure: hijack phone number or hack telephone company (e.g., nation state) 2. Authenticator app (more secure) • Push notification, S/KEY, TOTP • Still vulnerable to phishing! 3. Hardware tokens: challenge-response (most secure) • Hardware device that’s plugged into laptop • Can protect against phishing attacks

  21. Challenge-Response (General) • General protocols for authentication • A “ prover ” wants to authenticate to a “ challenger ” • E.g., a user (prover) wants to login to Gmail (challenger) as Alice Challenger Prover 1) Challenger sends a challenge msg (e.g., username and pwd?) 2) Prover sends response that only real prover can generate (e.g., username: “alice”, password: “RFaIVD@#TSDVI*!!F”)

  22. 2FA Challenge-Response • Hardware 2FA token has a public & private key pair embedded in device A. Setup 1. Alice’s browser gets K = 2FA token’s public key and sends K to server 2. Server stores (username, K ) in its 2FA database B. Authentication 1a) Server sends random N 1b) Browser fwd’s N to token 3b) Browser sends {N} ! "# 2) Token signs {N} ! "# 4) Server checks that N 3) User taps on token, which matches 1a) and verifies then fwd’s {N} ! "# to browser signature on {N} ! "#

  23. Adding Phishing Resistance 1b) Browser fwd’s N to token 1a) Server sends random number N AND it includes D = domain of actual webpage in browser 3b) Browser sends {N, D } ! "# 2) Token signs {N, D } ! "# 4) Server checks: • D matches its domain 3) User taps on token, which • N matches what it sent then fwd’s {N, D } ! "# to browser • Valid signature on {N, D } ! "#

  24. Phishing Attack Now Fails! • During phishing attack, browser will be at website w/ domain D’ = gmai1.com, instead of real domain D = gmail.com

  25. Phishing Attack Now Fails! • During phishing attack, browser will be at website w/ domain D’ = gmai1.com, instead of real domain D = gmail.com 1b) Browser fwd’s N to token 1a) Gmail sends random number N AND it includes D’ = domain of actual webpage in browser 3b) Browser sends {N, D’ } ! "# 2) Token signs {N, D’ } ! "# 4) Gmail checks: N matches what it sent • 3) User taps on token, which • Valid signature on {N, D’ } ! "# then fwd’s {N, D’ } ! "# to browser But D’ doesn’t match its domain! •

  26. Pr Practical Advice for Future Security Engineers Applicable to your users and your employees: 1. Use HTTPS (prevent MITM from seeing passwords) 2. Securely store passwords (Threat Model #1) 3. Enable 2FA, ideally hardware tokens (Threat Model #2) 4. Securely check passwords & rate limit (not covered b/c of time) 5. Incorporate detection systems if you can (not covered b/c of time) 1. Access logging 2. Spearphishing detection 3. Honey accounts/Tripwire

  27. Computing on private data CS 161: Computer Security Instructor: Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff, Nate Wang http://inst.eecs.berkeley.edu/~cs161/ April 27, 2017 Guest Lecturer: Rishabh Poddar With content from Raluca Ada Popa, Dan Boneh, and Taesoo Kim

  28. Many decisions are made on private data • User data (e.g. email, social) • Medical data • Financial data • Location data Data stored unencrypted in order to allow applications to compute queries / make decisions Defense : try to build walls around the data (e.g. access control, firewalls, IDS, etc.)

  29. Attackers eventually break into systems • Sometimes, they even obtain root access or have admin privilege

  30. How can we prevent attackers from obtaining the data even if they gain access to the system? The data should be encrypted at all times! – Not just sometimes when the data is at rest (i.e. when no computations are being performed) Problem: How does the server carry out its service (i.e. perform computations on the data) if the data is encrypted?

  31. Two main approaches 1. Compute directly on encrypted data (uses specialized cryptography) 2. Shielded computation on data (uses specialized hardware) Which approach to use? – Security: confidentiality / integrity guarantees – Functionality: what computations can be supported – Performance: how efficient is it to compute

  32. Approach #1: Computation on encrypted data

  33. Computation on encrypted data server client Secret Secret Result Secret Result Server performs computations on the encrypted data without ever decrypting it

  34. Computation on encrypted data • Option #1: Property preserving encryption

  35. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: If x = y then Enc(x) = Enc(y)

  36. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: If x = y then Enc(x) = Enc(y) Can compute queries such as: SELECT * FROM table WHERE name = ‘Alice’

  37. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: If x = y then Enc(x) = Enc(y) Can compute queries such as: SELECT * FROM table WHERE name = 0xfadc…

  38. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: If x = y then Enc(x) = Enc(y) Can compute queries such as: SELECT * FROM table WHERE name = 0xfadc… – Order preserving encryption: If x > y then Enc(x) > Enc(y)

  39. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: If x = y then Enc(x) = Enc(y) Can compute queries such as: SELECT * FROM table WHERE name = 0xfadc… – Order preserving encryption: If x > y then Enc(x) > Enc(y) Can compute queries such as: SELECT * FROM table WHERE age > 10

  40. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: If x = y then Enc(x) = Enc(y) Can compute queries such as: SELECT * FROM table WHERE name = 0xfadc… – Order preserving encryption: If x > y then Enc(x) > Enc(y) Can compute queries such as: SELECT * FROM table WHERE age > 0x1d3e…

  41. Computation on encrypted data • Option #1: Property preserving encryption – Deterministic encryption: Performance If x = y then Enc(x) = Enc(y) • Nearly as fast as computing on plaintext Security Can compute queries such as: • Leaks some information about the plaintexts SELECT * FROM table WHERE name = 0xfadc… (e.g. frequency distribution of values, or order of ciphertexts) – Order preserving encryption: Functionality If x > y then Enc(x) > Enc(y) • Very limited: e.g. only equality for deterministic encryption, range comparison for order Can compute queries such as: preserving encryption SELECT * FROM table WHERE age > 0x1d3e…

  42. Computation on encrypted data • Option #2: Partially homomorphic encryption

  43. Computation on encrypted data • Option #2: Partially homomorphic encryption • ElGamal cryptosystem (enables multiplication over ciphertexts) Enc(x) . Enc(y) = Enc(x . y)

  44. Computation on encrypted data • Option #2: Partially homomorphic encryption • ElGamal cryptosystem (enables multiplication over ciphertexts) Enc(x) . Enc(y) = Enc(x . y) • Paillier cryptosystem (enables addition over ciphertexts) Enc(x) + Enc(y) = Enc(x + y)

  45. Computation on encrypted data • Option #2: Partially homomorphic encryption Performance • Reasonably efficient, but not as fast as computing on plaintext Security • Similar level of confidentiality guarantees as standard AES-based encryption Functionality • Very limited: only specific operations can be computed (i.e. can only add, or can only multiply; can’t do both)

  46. Computation on encrypted data • Option #3: Fully homomorphic encryption – Enables arbitrary functions F (Enc(x), Enc(y)) = Enc( F (x, y))

  47. Computation on encrypted data • Option #3: Fully homomorphic encryption – Enables arbitrary functions F (Enc(x), Enc(y)) = Enc( F (x, y)) Performance • Prohibitively slow (currently 6 orders of magnitude slower) Security • Similar level of confidentiality guarantees as standard AES-based encryption Functionality • Allows arbitrary computations

  48. Approach #2: Shielded computation on data using Intel Software Guard Extensions (SGX) (Extensions to Intel processors)

  49. Intel SGX • Feature #1 : Can run code in hardware- protected containers (called enclaves )

  50. Intel SGX • Feature #1 : Can run code in hardware- protected containers (called enclaves ) server client Secret Secret Result Secret Result enclave

  51. Intel SGX • Feature #1 : Can run code in hardware- protected containers (called enclaves ) – Secure region of address space , protected by the processor from all external software access (even from the operating system)

  52. Intel SGX • Feature #1 : Can run code in hardware- protected containers (called enclaves ) – Secure region of address space , protected by the processor from all external software access (even from the operating system) – Code and data in enclave region of main memory always encrypted using processor specific keys – Decrypted only within the CPU package (i.e. when loaded into registers / cache)

  53. Intel SGX • Feature #1 : Can run code in hardware- protected containers (called enclaves ) – Secure region of address space , protected by the processor from all external software access (even from the operating system) – Code and data in enclave region of main memory always encrypted using processor specific keys – Decrypted only within the CPU package (i.e. when loaded into registers / cache) Code and data loaded into an enclave is isolated from the rest of the system

  54. SGX: How enclaves work System Memory CPU Package Enclave Access from OS Memory Encrypted Snooping Encryption code/data Engine (MEE) Problem : How to verify correct code has been loaded? • Enclave code allowed to access unencrypted data • Malicious / tampered code in enclave could exfiltrate data (i.e. leak it to the attacker)

  55. Intel SGX Extensions to Intel processors that support: • Feature #2: Attestation

  56. Intel SGX • Feature #2: Attestation – Prove to local / remote system that the correct code has been loaded into the enclave (i.e. verify the integrity of the enclave using a hash measurement of the loaded code/data)

  57. Intel SGX • Feature #2: Attestation – Prove to local / remote system that the correct code has been loaded into the enclave (i.e. verify the integrity of the enclave using a hash measurement of the loaded code/data) – Verify that measurement was generated by an enclave running on the same platform (using a MAC )

  58. Intel SGX • Feature #2: Attestation – Prove to local / remote system that the correct code has been loaded into the enclave (i.e. verify the integrity of the enclave using a hash measurement of the loaded code/data) – Verify that measurement generated by an enclave running on the same platform (using a MAC ) – Uses a special quoting enclave for this purpose that signs the measurement and sends it to the client for verification

  59. SGX: How attestation works Server Client 1. Request Target Enclave SGX CPU Quoting Enclave 33

  60. SGX: How attestation works Server Client 1. Request Hash 2. Compute Target Enclave measurement MAC SGX CPU Quoting Enclave 34

  61. SGX: How attestation works Server Client 1. Request 2. Compute Target Enclave measurement SGX Hash 3. Send measurement CPU Quoting MAC Enclave • Can also establish a secure channel between client and the enclave by exchanging Diffie-Hellman keys as part of the attestation process 35

  62. SGX: How attestation works Server Client 1. Request 2. Compute Target Enclave measurement SGX Hash 3. Send measurement CPU Quoting MAC Enclave 4. Verify MAC • Can also establish a secure channel between client and the enclave by exchanging Diffie-Hellman keys as part of the attestation process 36

  63. SGX: How attestation works Server Client 1. Request 2. Compute Target Enclave measurement SGX Hash 3. Send measurement CPU Quoting MAC Enclave 4. Verify MAC 5. Sign with Intel’s key • Can also establish a secure channel between client and the enclave by exchanging Diffie-Hellman keys as part of the attestation process 37

  64. SGX: How attestation works Server Client 1. Request 2. Compute Target Enclave measurement SGX Hash 3. Send measurement CPU Quoting MAC Enclave 6. Send signature 4. Verify MAC 5. Sign with Intel’s key • Can also establish a secure channel between client and the enclave by exchanging Diffie-Hellman keys as part of the attestation process 38

  65. Intel SGX • Minimal TCB (trusted computing base) : – Only the processor + the code loaded into the enclave need to be trusted – Nothing else (DRAM, peripherals, operating system, etc.) needs to be trusted

  66. Intel SGX • Minimal TCB (trusted computing base) : – Only the processor + the code loaded into the enclave need to be trusted – Nothing else (DRAM, peripherals, operating system, etc.) needs to be trusted So even if an attacker manages to gain root access on the server, won’t be able to learn the data

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Presented by the Internet Security Alliance

Presented by the Internet Security Alliance

Presented by the Internet Security Alliance Problems and Whos in Howard True and False Potpourri Charge Schmidt Solu9ons

868 views • 31 slides
Professionalism Potpourri Aquil Ahmed, ASA, EA, MAAA, FCA President - Actuarial Retirement

Professionalism Potpourri Aquil Ahmed, ASA, EA, MAAA, FCA President - Actuarial Retirement

1 Professionalism Potpourri Aquil Ahmed, ASA, EA, MAAA, FCA President - Actuarial Retirement Services, LLC. Thomas Le, Director, PricewaterhouseCoopers October 3, 2011 Agenda 2 Record Retention Code of Professional Conduct/ASOPs

1.18k views • 93 slides
Antipsychotic Potpourri Monica Ott, MD Assistant professor of clinical medicine Department of

Antipsychotic Potpourri Monica Ott, MD Assistant professor of clinical medicine Department of

Antipsychotic Potpourri Monica Ott, MD Assistant professor of clinical medicine Department of Internal Medicine and Geriatrics, Indiana University Fourth Annual Bi-State Conference on Post-Acute & Long Term Care April 27, 2019 Disclosures

915 views • 36 slides
Advances in Internal Medicine What a Let it Bugs & Pain & Jeopardy Rules Potpourri

Advances in Internal Medicine What a Let it Bugs & Pain & Jeopardy Rules Potpourri

6/21/2019 Advances in Internal Medicine What a Let it Bugs & Pain & Jeopardy Rules Potpourri Drag Bleed Drugs Suffering Team captain selects question for their $100 $100 $100 $100 $100 team to answer by ARS voting

375 views • 15 slides
Commercial Lines A Potpourri of Reserving Issues September, 2010 Presented By: Kim Piersol,

Commercial Lines A Potpourri of Reserving Issues September, 2010 Presented By: Kim Piersol,

Commercial Lines A Potpourri of Reserving Issues September, 2010 Presented By: Kim Piersol, FCAS, MAAA Consulting Actuary, Huggins Actuarial Services, Inc. Antitrust Notice The Casualty Actuarial Society is committed to adhering strictly to

273 views • 6 slides
Commercial Lines A Potpourri of Reserving Issues September, 2011 Presented By: Kim Piersol,

Commercial Lines A Potpourri of Reserving Issues September, 2011 Presented By: Kim Piersol,

Commercial Lines A Potpourri of Reserving Issues September, 2011 Presented By: Kim Piersol, FCAS, MAAA Consulting Actuary, Huggins Actuarial Services, Inc. Antitrust Notice The Casualty Actuarial Society is committed to adhering strictly to

427 views • 6 slides
The Municipal Law Update OMAA Spring Meeting Jody E. Johnson May 9, 2019 A Potpourri of Topics

The Municipal Law Update OMAA Spring Meeting Jody E. Johnson May 9, 2019 A Potpourri of Topics

The Municipal Law Update OMAA Spring Meeting Jody E. Johnson May 9, 2019 A Potpourri of Topics Expropriation - costs Normal Farm Practices MFIPPA Freedom of Expression Procurement Elections the 2014 one 2

566 views • 29 slides
2015 Dam Owner Workshop Session 1 Emergency Action Plans for Dams in Texas Potpourri

2015 Dam Owner Workshop Session 1 Emergency Action Plans for Dams in Texas Potpourri

2015 Dam Owner Workshop Session 1 Emergency Action Plans for Dams in Texas Potpourri Presented By: Megan Dutton, P.E. Agenda Introduction to the Dam Safety Program Overview of an EAP What, Why, Who, When, Where, How

1.22k views • 84 slides
Potpourri Doug Woos Logistics notes Piazza!!! https://piazza.com/washington/spring2017/cse452

Potpourri Doug Woos Logistics notes Piazza!!! https://piazza.com/washington/spring2017/cse452

Potpourri Doug Woos Logistics notes Piazza!!! https://piazza.com/washington/spring2017/cse452 In-class questions Outline - More Go - Remote procedure calls - MapReduce discussion More Go Hopefully you got the basics from section Today:

523 views • 21 slides
Title to be announced Vadim Olshevsky University of Connecticut www.math.uconn.edu/ olshevsky

Title to be announced Vadim Olshevsky University of Connecticut www.math.uconn.edu/ olshevsky

Potpourri Vadim Olshevsky Title to be announced Vadim Olshevsky University of Connecticut www.math.uconn.edu/ olshevsky Cortona, Italy, September 2004 This work was supported by the NSF grants CCR 0098222 and 0242518. Potpourri Vadim

841 views • 55 slides
A Potpourri of Nonlinear Algebra Chris Hillar 2 Det 2 , 2 , 2 ( A ) = 1

A Potpourri of Nonlinear Algebra Chris Hillar 2 Det 2 , 2 , 2 ( A ) = 1

1 a 1 a 2 a 3 + c 1 c 2 c 3 = 2 , a 1 a 3 b 2 + c 1 c 3 d 2 = 0 , a 2 a 3 b 1 + c 2 c 3 d 1 = 0 , X d i = a 3 b 1 b 2 + c 3 d 1 d 2 = 4 , a 1 a 2 b 3 + c 1 c 2 d 3 = 0 , a 1 b 2 b 3 + c 1 d 2 d 3 = 4 , i + j a 2 b 1 b 3 + c 2 d 3 d 1

646 views • 42 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Security Security as term, Possible Security violations Authentication Criteria for

Security Security as term, Possible Security violations Authentication Criteria for

BS1 WS19/20 topic-based slides Security Security as term, Possible Security violations Authentication Criteria for Trust in Computer Systems Three hearts of Windows Security DACLs A Look at Security System is secure if

988 views • 20 slides
CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC 410 / 611 : Operating Systems CPSC410/611: Security Security Security Attacks Security Threats Crypto Authentication Examples SSL Security Threats Breach of confidentiality unauthorized access to

458 views • 18 slides
Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security WS 06/07 Seminar Prof. Dr.-Ing. Jana Dittmann & Dr.-Ing. Claus Vielhauer with support from Tobias Scheidat

419 views • 16 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday & Friday, 9:00 10:30 William Stallings

670 views • 19 slides
cer Serv vices Particip pation A Agenda Backgrou und to up a and coming g Participati on

cer Serv vices Particip pation A Agenda Backgrou und to up a and coming g Participati on

Teena age & Y oung Ad dult (TY YA) Canc cer Serv vices Particip pation A Agenda Backgrou und to up a and coming g Participati on work: The Tee enage and Y Young Adult t Cancer Se ervice has b been succes ssful in gain ning a place e on

185 views • 5 slides
THE CASE OF VSTERNORRLANDS COUNTY NORBA/NS-RSA-Conference, Oslo, March 14-15 20102 Mats

THE CASE OF VSTERNORRLANDS COUNTY NORBA/NS-RSA-Conference, Oslo, March 14-15 20102 Mats

YOUNG WOMEN ON THE RUN A SNAPSHOT FROM RURAL SWEDEN THE CASE OF VSTERNORRLANDS COUNTY NORBA/NS-RSA-Conference, Oslo, March 14-15 20102 Mats Johansson & Daniel Rauhut Royal Institute of Technology (KTH), Division of Urban and

528 views • 18 slides
Getting to Know grid Graphics Paul Murrell, The University of Auckland, June 2015 An overview of

Getting to Know grid Graphics Paul Murrell, The University of Auckland, June 2015 An overview of

Getting to Know grid Graphics Paul Murrell, The University of Auckland, June 2015 An overview of the short course Introduction Getting to Know grid Graphic For the book "London: The Information Capital", each infographic was begun in

551 views • 42 slides
management. Managing risk or risk factors? Igor Sergienko, PhD, MD Russian Cardiology Research

management. Managing risk or risk factors? Igor Sergienko, PhD, MD Russian Cardiology Research

Practical challenges in CV risk management. Managing risk or risk factors? Igor Sergienko, PhD, MD Russian Cardiology Research Complex, Russian National Atherosclerosis Society DYSIS study. Real clinical practice Very high and

596 views • 26 slides
Optimal Inference After Model Selection Will Fithian Joint work with Dennis Sun & Jonathan

Optimal Inference After Model Selection Will Fithian Joint work with Dennis Sun & Jonathan

Optimal Inference After Model Selection Will Fithian Joint work with Dennis Sun & Jonathan Taylor December 11, 2015 Outline 1 Introduction 2 Inference After Selection 3 Linear Regression 4 Other Examples Two Stages Two stages of a

824 views • 69 slides
Intro to NSF-LDC Satellite Th Three ee Co Coding ding Fo Foci ci Todays main foci

Intro to NSF-LDC Satellite Th Three ee Co Coding ding Fo Foci ci Todays main foci

Evol volving ving Qu Ques estions tions fo for Data Da ta-Coding Coding Co Convention nventions Christopher Cieri & Malcah Yaeger-Dror ccieri@ldc.upenn.edu & malcah@email.arizona.edu Intro to NSF-LDC Satellite Th Three ee Co

165 views • 13 slides
An IT framework for a quick evaluation of accuracy of Italian LFS. Cinzia Graziani, Silvia

An IT framework for a quick evaluation of accuracy of Italian LFS. Cinzia Graziani, Silvia

An IT framework for a quick evaluation of accuracy of Italian LFS. Cinzia Graziani, Silvia Loriga, Alessandro Martini e Andrea Spizzichino 7th Workshop on Labour Force Survey Methodology Madrid, May 10-11th 2012 Overview 7th Workshop on LFS

420 views • 16 slides
Trees Applied Multivariate Statistics Spring 2012 Overview Intuition for Trees

Trees Applied Multivariate Statistics Spring 2012 Overview Intuition for Trees

Trees Applied Multivariate Statistics Spring 2012 Overview Intuition for Trees Regression Trees Classification Trees 1 Idea of Trees: Regression Trees Continuous response Binary Tree y Y=1.2 X 1 X>1 Y=1.4 Y=0.7 2 X

767 views • 17 slides

More recommend