0% found this document useful (0 votes)

7 views

CH 02

Uploaded by

asdyarash1

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

7 views

CH 02

Uploaded by

asdyarash1

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 25

1

SECURITY IN
COMPUTING,
FIFTH EDITION
Chapter 2: Toolbox: Authentication, Access
Control, and Cryptography

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
2

Objectives for Chapter 2

• Survey authentication mechanisms
• List available access control implementation options
• Explain the problems encryption is designed to solve
• Understand the various categories of encryption tools as
well as the strengths, weaknesses, and applications of
each
• Learn about certificates and certificate authorities

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
3

Authentication
• The act of proving that a user is who he says he is
• Methods:
• Something the user knows
• Something the user is
• Something user has

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
4

Something You Know

• Passwords
• Security questions
• Attacks on “something you know”:
• Dictionary attacks
• Guessing likely passwords/answers
• Defeating concealment
• Exhaustive or brute-force attack
• Rainbow tables

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
5

Distribution of Password Types

One character
0%
Other good Two characters
passwords 2%
14% Three characters
14%

Words in
dictionaries or
lists of names Four characters,
15% all letters
14%

Six letters,
lowercase Five letters,
19% all same case
22%
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
6

Password Storage

Plaintext Concealed

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
7

Biometrics: Something You Are

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
8

Problems with Biometrics

• Intrusive
• Expensive
• Single point of failure
• Sampling error
• False readings
• Speed
• Forgery

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
9

Tokens: Something You Have

Time-Based Token Authentication

Login: mcollings
Passcode: 2468159759
PASSCODE = PIN + TOKENCODE
Token code: Clock
Changes every synchronized to
60 seconds UCT
Unique seed
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
10

Federated Identity Management

Identity Manager
User (performs Authenticated
authentication) Identity

Application Application
(no authentication) (no authentication)
Application
(no authentication)

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
11

Single Sign-On
User Single Sign-On Identification and
Shell Authentication
Credentials

Password Token

Authentication Authentication Authentication

Application Application
Application

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
12

Access Control

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
13

Access Policies
• Goals:
• Check every access
• Enforce least privilege
• Verify acceptable usage
• Track users’ access
• Enforce at appropriate divided
• Use audit logging to track accesses

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
14

Implementing Access Control

• Reference monitor
• Access control directory
• Access control matrix
• Access control list
• Privilege list
• Capability
• Procedure-oriented access control
• Role-based access control

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
15

Reference Monitor

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
16

Access Control Directory

User A Directory Files User B Directory
Access File Access File
File Name Rights Pointer File Name Rights Pointer

PROG1. C ORW BIBLIOG R

PROG1.EXE OX TEST.TMP OX

BIBLIOG ORW PRIVATE ORW

HELP.TXT R HELP.TXT R

TEMP ORW

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
17

Access Control Matrix

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
18

Access Control List

Directory Access Lists Files
Access List Access
File Pointer User Rights
BIBLIOG
BIBLIOG USER_A ORW

TEMP USER_B R

USER_S RW
F TEMP

HELP.TXT USER_A ORW

F
USER_A ORW

USER_S R

USER_A R HELP.TXT

USER_B R

USER_S R

USER_T R

SYSMGR RW

USER_SVCS O

Problems Addressed by Encryption

• Suppose a sender wants to send a message to a
recipient. An attacker may attempt to
• Block the message
• Intercept the message
• Modify the message
• Fabricate an authentic-looking alternate message

Encryption Terminology
• Sender
• Recipient
• Transmission medium
• Interceptor/intruder
• Encrypt, encode, or encipher
• Decrypt, decode, or decipher
• Cryptosystem
• Plaintext
• Ciphertext

Encryption/Decryption Process

Key Key
(Optional) (Optional)

Original
Plaintext Encryption Ciphertext Decryption
Plaintext

Symmetric vs. Asymmetric

Key

Original
Plaintext Encryption Ciphertext Decryption
Plaintext

(a) Symmetric Cryptosystem

Encryption Decryption
Key Key

Original
Plaintext Encryption Ciphertext Decryption
Plaintext

(b) Asymmetric Cryptosystem

Stream Ciphers

Key
(Optional)

…ISSOPMI wdhuw…
Plaintext Encryption Ciphertext

Block Ciphers
Key
(Optional)
.. XN OI TP ES

Plaintext IH Ciphertext
Encryption

Stream vs. Block

Stream Block
Advantages • Speed of • High diffusion
transformation • Immunity to
• Low error insertion of
propagation symbol

Disadvantages • Low diffusion • Slowness of

• Susceptibility to encryption
malicious • Padding
insertions and • Error
modifications propagation

Security in Computing: Fifth Edition
0% (3)
Security in Computing: Fifth Edition
13 pages
THEORY FILE - Information Security(6th Sem)!!!
No ratings yet
THEORY FILE - Information Security(6th Sem)!!!
46 pages
Computer Security
100% (1)
Computer Security
519 pages
Pfleeger 9780134093093 Ch01
No ratings yet
Pfleeger 9780134093093 Ch01
32 pages
CFS 105 Digital Security Chapter 2 Toolbox Authentication, Access Control, and Cryptography
No ratings yet
CFS 105 Digital Security Chapter 2 Toolbox Authentication, Access Control, and Cryptography
40 pages
Security in Computing, Fifth Edition: Chapter 1: Introduction
No ratings yet
Security in Computing, Fifth Edition: Chapter 1: Introduction
34 pages
Security in Computing - Chapter 3 - Cryptography
No ratings yet
Security in Computing - Chapter 3 - Cryptography
23 pages
2 Authentication - Access Control & Cryptography
100% (1)
2 Authentication - Access Control & Cryptography
39 pages
Cybersecurity 2
No ratings yet
Cybersecurity 2
59 pages
Pfleeger 9780134093093 Ch02-1
No ratings yet
Pfleeger 9780134093093 Ch02-1
22 pages
Cybersecurity 1
No ratings yet
Cybersecurity 1
25 pages
ch01 (1)
No ratings yet
ch01 (1)
34 pages
CH 01
No ratings yet
CH 01
34 pages
Information Security
No ratings yet
Information Security
247 pages
CFS 105 Digital Security Chapter 1 Introduction
No ratings yet
CFS 105 Digital Security Chapter 1 Introduction
17 pages
Security in Computing, Fifth Edition
No ratings yet
Security in Computing, Fifth Edition
34 pages
CH 01
No ratings yet
CH 01
32 pages
CH 01
No ratings yet
CH 01
268 pages
Pfleeger Ch01 Part1
No ratings yet
Pfleeger Ch01 Part1
18 pages
7 Databases
No ratings yet
7 Databases
19 pages
Computer Secur I It y
No ratings yet
Computer Secur I It y
52 pages
Module 1 - Security Fundamentals New
No ratings yet
Module 1 - Security Fundamentals New
77 pages
Ilovepdf Merged
No ratings yet
Ilovepdf Merged
174 pages
Security Basics: Prof Mark Baker
No ratings yet
Security Basics: Prof Mark Baker
47 pages
Presentationon Operating System Security
No ratings yet
Presentationon Operating System Security
25 pages
CS29 Modules 1 4
No ratings yet
CS29 Modules 1 4
319 pages
Itia01 Lesson 5
No ratings yet
Itia01 Lesson 5
4 pages
Unit 4
No ratings yet
Unit 4
42 pages
Cyber Security: Presented By: Raymunda Recto Moreno (Negros Occidental) Presented To: Dr. Ammon Denis R. Tirol
No ratings yet
Cyber Security: Presented By: Raymunda Recto Moreno (Negros Occidental) Presented To: Dr. Ammon Denis R. Tirol
33 pages
Chapter 02 1st Authentication 2022
No ratings yet
Chapter 02 1st Authentication 2022
45 pages
MarkStamp Ch2 Crypto Basics
No ratings yet
MarkStamp Ch2 Crypto Basics
74 pages
Module 5
No ratings yet
Module 5
29 pages
Access Controls and Authentication
No ratings yet
Access Controls and Authentication
51 pages
Cyber Security PDF
50% (2)
Cyber Security PDF
104 pages
9 Privacy
No ratings yet
9 Privacy
15 pages
Security in Computing, Fifth Edition: Chapter 7: Databases
No ratings yet
Security in Computing, Fifth Edition: Chapter 7: Databases
27 pages
Security Basics: Prof Mark Baker
No ratings yet
Security Basics: Prof Mark Baker
47 pages
2-Cyber Security-Obiective de Securitate
No ratings yet
2-Cyber Security-Obiective de Securitate
16 pages
Lecture 3
No ratings yet
Lecture 3
28 pages
Network Security Computer Engineering, Univ of Indonesia
No ratings yet
Network Security Computer Engineering, Univ of Indonesia
41 pages
Security
No ratings yet
Security
21 pages
Cryptography: Modifications by Prof. Dong Xuan and Adam C. Champion
No ratings yet
Cryptography: Modifications by Prof. Dong Xuan and Adam C. Champion
22 pages
Chapter 1 Introduction To Information Security
No ratings yet
Chapter 1 Introduction To Information Security
35 pages
Computer Security: Principles and Practice: Chapter 3: User Authentication
No ratings yet
Computer Security: Principles and Practice: Chapter 3: User Authentication
41 pages
ICTNWK503 Install and Maintain Valid Authentication Processes
100% (1)
ICTNWK503 Install and Maintain Valid Authentication Processes
147 pages
امنيه الفصل الاول
No ratings yet
امنيه الفصل الاول
41 pages
Lecture 4 Operating Systems Security
No ratings yet
Lecture 4 Operating Systems Security
29 pages
Full download Invitation to Computer Science 6th Edition Schneider Solutions Manual pdf docx
100% (16)
Full download Invitation to Computer Science 6th Edition Schneider Solutions Manual pdf docx
44 pages
Lecture 1 - Introduction and Basic Crypto Tools: CS Department City University of Hong Kong
No ratings yet
Lecture 1 - Introduction and Basic Crypto Tools: CS Department City University of Hong Kong
74 pages
Basic Computer Security
No ratings yet
Basic Computer Security
20 pages
03 User Authentication
No ratings yet
03 User Authentication
52 pages
Invitation to Computer Science 6th Edition Schneider Solutions Manual instant download
100% (1)
Invitation to Computer Science 6th Edition Schneider Solutions Manual instant download
41 pages
Topic: Network Security CRYPTOGRAPHY (One of Its Possible Solution)
No ratings yet
Topic: Network Security CRYPTOGRAPHY (One of Its Possible Solution)
9 pages
comp security 2023
No ratings yet
comp security 2023
37 pages
Champaneria Dharmin (06) Joshi Chirag (38) Nair Akhil (59) : SUBMITEED TO:Dr. Jaydip Chaudhari
0% (1)
Champaneria Dharmin (06) Joshi Chirag (38) Nair Akhil (59) : SUBMITEED TO:Dr. Jaydip Chaudhari
33 pages
Network Security: Text Book: Publisher: Prentice Hall Pub Date: October 13, 2006 Print ISBN-10: 0-13-239077-9
No ratings yet
Network Security: Text Book: Publisher: Prentice Hall Pub Date: October 13, 2006 Print ISBN-10: 0-13-239077-9
43 pages
Passwords Made Easy+
From Everand
Passwords Made Easy+
Peter J. Amendola
No ratings yet
Natural Language Processing with Java
From Everand
Natural Language Processing with Java
Richard M. Reese
No ratings yet
Ultimate Deepfake Detection Using Python: Master Deep Learning Techniques like CNNs, GANs, and Transformers to Detect Deepfakes in Images, Audio, and Videos Using Python (English Edition)
From Everand
Ultimate Deepfake Detection Using Python: Master Deep Learning Techniques like CNNs, GANs, and Transformers to Detect Deepfakes in Images, Audio, and Videos Using Python (English Edition)
Dr Nimrita Koul
No ratings yet
The Smart Girl's Guide to Privacy: Practical Tips for Staying Safe Online
From Everand
The Smart Girl's Guide to Privacy: Practical Tips for Staying Safe Online
Violet Blue
4/5 (13)
1 Introduction
No ratings yet
1 Introduction
103 pages
Cryptography and Network Security
50% (2)
Cryptography and Network Security
21 pages
CN Lab Manual
100% (1)
CN Lab Manual
46 pages
Methods Toward Enhancing Rsa Algorithm: A Survey
No ratings yet
Methods Toward Enhancing Rsa Algorithm: A Survey
18 pages
Enabling Bizhub HDD Security Features: Bizhub C652/C552/C452 Bizhub C360/C280/C220 Bizhub 423/363/283/223
No ratings yet
Enabling Bizhub HDD Security Features: Bizhub C652/C552/C452 Bizhub C360/C280/C220 Bizhub 423/363/283/223
28 pages
Aws Security by Design 180510183800
100% (1)
Aws Security by Design 180510183800
61 pages
Systems Analysis and Design in A Changing World, 7th Edition - Chapter 6 ©2016. Cengage Learning. All Rights Reserved. 1
No ratings yet
Systems Analysis and Design in A Changing World, 7th Edition - Chapter 6 ©2016. Cengage Learning. All Rights Reserved. 1
40 pages
(Secure Web Services - Interoperability) Ws-Secint PDF
No ratings yet
(Secure Web Services - Interoperability) Ws-Secint PDF
35 pages
Computer Security Question Paper of Exam
No ratings yet
Computer Security Question Paper of Exam
32 pages
Cryptography and Message Authentication
No ratings yet
Cryptography and Message Authentication
96 pages
Programming Module (A Secure Client-Server Chat Application) .
No ratings yet
Programming Module (A Secure Client-Server Chat Application) .
53 pages
Mini Project
No ratings yet
Mini Project
40 pages
Security (1-4 4aes 5 6 6 - 1 7
No ratings yet
Security (1-4 4aes 5 6 6 - 1 7
273 pages
Digital Signatures: Homework 6
No ratings yet
Digital Signatures: Homework 6
10 pages
DNSC605 - Cybersecurity and Cryptography in Fintech
No ratings yet
DNSC605 - Cybersecurity and Cryptography in Fintech
6 pages
4 PKC Example - Rsa
No ratings yet
4 PKC Example - Rsa
7 pages
Unit I
No ratings yet
Unit I
24 pages
Information Security 3
No ratings yet
Information Security 3
17 pages
Training Manual-V12-20211025 - 114024
No ratings yet
Training Manual-V12-20211025 - 114024
197 pages
4-30106C2P LP51021 CRYPT2Pay CRYPT2Protect Security Policy V2.2-1554489077.52112-DN PDF
No ratings yet
4-30106C2P LP51021 CRYPT2Pay CRYPT2Protect Security Policy V2.2-1554489077.52112-DN PDF
87 pages
Bulletproof Tls Guide 20240531 b127
No ratings yet
Bulletproof Tls Guide 20240531 b127
26 pages
CSCU Module 04 Data Encryption PDF
100% (1)
CSCU Module 04 Data Encryption PDF
23 pages
Chapter 1: (Network Security) : Preamble
No ratings yet
Chapter 1: (Network Security) : Preamble
21 pages
Network Security: CS 6823 - Lecture 5 Cryptography
No ratings yet
Network Security: CS 6823 - Lecture 5 Cryptography
66 pages
Computer Security Assignment
No ratings yet
Computer Security Assignment
2 pages
Guide To Network Defense and Countermeasures 3rd Edition PDF
No ratings yet
Guide To Network Defense and Countermeasures 3rd Edition PDF
49 pages
Android Mobile OS Snooping by Samsung, Xiaomi, Huawei and Realme Handsets
No ratings yet
Android Mobile OS Snooping by Samsung, Xiaomi, Huawei and Realme Handsets
12 pages
Ioi DP Problem
No ratings yet
Ioi DP Problem
123 pages
Cipher
No ratings yet
Cipher
6 pages

CH 02

Uploaded by

CH 02

Uploaded by

1

Objectives for Chapter 2

Something You Know

Distribution of Password Types

Biometrics: Something You Are

Problems with Biometrics

Tokens: Something You Have

Federated Identity Management

Authentication Authentication Authentication

Implementing Access Control

Access Control Directory

PROG1. C ORW BIBLIOG R

BIBLIOG ORW PRIVATE ORW

Access Control Matrix

Access Control List

HELP.TXT USER_A ORW

Problems Addressed by Encryption

Symmetric vs. Asymmetric

(a) Symmetric Cryptosystem

(b) Asymmetric Cryptosystem

Stream vs. Block

Disadvantages • Low diffusion • Slowness of

You might also like