Submit Search
Upload
Fundamentals of Information Systems Security Chapter 9
•
Download as PPTX, PDF
•
1 like
•
758 views
Dr. Ahmed Al Zaidy
Follow
Chapter 9: Cryptography
Read less
Read more
Education
Report
Share
Report
Share
1 of 43
Download now
Recommended
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Dr. Ahmed Al Zaidy
Â
Recommended
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 7
Fundamentals of Information Systems Security Chapter 7
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
Dr. Ahmed Al Zaidy
Â
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1
MLG College of Learning, Inc
Â
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
Carl Ceder
Â
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
Â
The need for security
The need for security
Dhani Ahmad
Â
Data Privacy Introduction
Data Privacy Introduction
G Prachi
Â
Privacy and Data Security
Privacy and Data Security
WilmerHale
Â
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
Dr. Ahmed Al Zaidy
Â
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
Eryk Budi Pratama
Â
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Symantec
Â
Security policy
Security policy
Dhani Ahmad
Â
Information security
Information security
razendar79
Â
Implementing security
Implementing security
Dhani Ahmad
Â
Personal privacy and computer technologies
Personal privacy and computer technologies
sidra batool
Â
Data Privacy & Security
Data Privacy & Security
Eryk Budi Pratama
Â
Information Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
Â
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
Â
Chapter 3: Information Security Framework
Chapter 3: Information Security Framework
Nada G.Youssef
Â
Cyber Threat hunting workshop
Cyber Threat hunting workshop
Arpan Raval
Â
cryptography.pptx
cryptography.pptx
MhndHTaani
Â
Funsec3e ppt ch05
Funsec3e ppt ch05
Skillspire LLC
Â
More Related Content
What's hot
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4
Dr. Ahmed Al Zaidy
Â
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
Dr. Ahmed Al Zaidy
Â
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1
MLG College of Learning, Inc
Â
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
Carl Ceder
Â
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
Â
The need for security
The need for security
Dhani Ahmad
Â
Data Privacy Introduction
Data Privacy Introduction
G Prachi
Â
Privacy and Data Security
Privacy and Data Security
WilmerHale
Â
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
Dr. Ahmed Al Zaidy
Â
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
Eryk Budi Pratama
Â
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Symantec
Â
Security policy
Security policy
Dhani Ahmad
Â
Information security
Information security
razendar79
Â
Implementing security
Implementing security
Dhani Ahmad
Â
Personal privacy and computer technologies
Personal privacy and computer technologies
sidra batool
Â
Data Privacy & Security
Data Privacy & Security
Eryk Budi Pratama
Â
Information Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
Â
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
Â
Chapter 3: Information Security Framework
Chapter 3: Information Security Framework
Nada G.Youssef
Â
Cyber Threat hunting workshop
Cyber Threat hunting workshop
Arpan Raval
Â
What's hot
(20)
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4
Â
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6
Â
Information Assurance And Security - Chapter 3 - Lesson 1
Information Assurance And Security - Chapter 3 - Lesson 1
Â
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
Â
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Â
The need for security
The need for security
Â
Data Privacy Introduction
Data Privacy Introduction
Â
Privacy and Data Security
Privacy and Data Security
Â
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12
Â
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
Â
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Â
Security policy
Security policy
Â
Information security
Information security
Â
Implementing security
Implementing security
Â
Personal privacy and computer technologies
Personal privacy and computer technologies
Â
Data Privacy & Security
Data Privacy & Security
Â
Information Security Lecture #1 ppt
Information Security Lecture #1 ppt
Â
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Â
Chapter 3: Information Security Framework
Chapter 3: Information Security Framework
Â
Cyber Threat hunting workshop
Cyber Threat hunting workshop
Â
Similar to Fundamentals of Information Systems Security Chapter 9
cryptography.pptx
cryptography.pptx
MhndHTaani
Â
Funsec3e ppt ch05
Funsec3e ppt ch05
Skillspire LLC
Â
Funsec3e ppt ch06
Funsec3e ppt ch06
Skillspire LLC
Â
Funsec3e ppt ch03
Funsec3e ppt ch03
Skillspire LLC
Â
Funsec3e ppt ch07
Funsec3e ppt ch07
Skillspire LLC
Â
info-sys-security3.pptx
info-sys-security3.pptx
MhndHTaani
Â
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
MhndHTaani
Â
Funsec3e ppt ch11
Funsec3e ppt ch11
Skillspire LLC
Â
2019 09-26 leveraging the power of automated intelligence for privacy management
2019 09-26 leveraging the power of automated intelligence for privacy management
TrustArc
Â
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docx
shericehewat
Â
Funsec3e ppt ch14
Funsec3e ppt ch14
Skillspire LLC
Â
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14
Dr. Ahmed Al Zaidy
Â
2019 08-21 Automating Privacy Management
2019 08-21 Automating Privacy Management
TrustArc
Â
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
TrustArc
Â
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15
Dr. Ahmed Al Zaidy
Â
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
TrustArc
Â
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
Dr. Ahmed Al Zaidy
Â
PDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdf
HajeJanKamps
Â
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
Splunk
Â
Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
Â
Similar to Fundamentals of Information Systems Security Chapter 9
(20)
cryptography.pptx
cryptography.pptx
Â
Funsec3e ppt ch05
Funsec3e ppt ch05
Â
Funsec3e ppt ch06
Funsec3e ppt ch06
Â
Funsec3e ppt ch03
Funsec3e ppt ch03
Â
Funsec3e ppt ch07
Funsec3e ppt ch07
Â
info-sys-security3.pptx
info-sys-security3.pptx
Â
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
Â
Funsec3e ppt ch11
Funsec3e ppt ch11
Â
2019 09-26 leveraging the power of automated intelligence for privacy management
2019 09-26 leveraging the power of automated intelligence for privacy management
Â
Fundamentals of Information Systems Security Lesson 3Malic.docx
Fundamentals of Information Systems Security Lesson 3Malic.docx
Â
Funsec3e ppt ch14
Funsec3e ppt ch14
Â
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14
Â
2019 08-21 Automating Privacy Management
2019 08-21 Automating Privacy Management
Â
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
Â
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15
Â
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Â
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
Â
PDT 88 - 4 million seed - Seed - Protecto.pdf
PDT 88 - 4 million seed - Seed - Protecto.pdf
Â
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
Â
Seattle Tech4Good meetup: Data Security and Privacy
Seattle Tech4Good meetup: Data Security and Privacy
Â
More from Dr. Ahmed Al Zaidy
Chapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based Programming
Dr. Ahmed Al Zaidy
Â
Chapter 13 Programming for web forms
Chapter 13 Programming for web forms
Dr. Ahmed Al Zaidy
Â
Chapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheets
Dr. Ahmed Al Zaidy
Â
Chapter 11 Working with Events and Styles
Chapter 11 Working with Events and Styles
Dr. Ahmed Al Zaidy
Â
Chapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statements
Dr. Ahmed Al Zaidy
Â
Chapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScript
Dr. Ahmed Al Zaidy
Â
Chapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimedia
Dr. Ahmed Al Zaidy
Â
Chapter 7 Designing a web form
Chapter 7 Designing a web form
Dr. Ahmed Al Zaidy
Â
Chapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and Columns
Dr. Ahmed Al Zaidy
Â
Chapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile web
Dr. Ahmed Al Zaidy
Â
Chapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSS
Dr. Ahmed Al Zaidy
Â
Chapter 3 Designing a Page Layout
Chapter 3 Designing a Page Layout
Dr. Ahmed Al Zaidy
Â
Chapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSS
Dr. Ahmed Al Zaidy
Â
Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5
Dr. Ahmed Al Zaidy
Â
Integer overflows
Integer overflows
Dr. Ahmed Al Zaidy
Â
testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2
Dr. Ahmed Al Zaidy
Â
Fundamental of testing
Fundamental of testing
Dr. Ahmed Al Zaidy
Â
Chapter 15 Risk Mitigation
Chapter 15 Risk Mitigation
Dr. Ahmed Al Zaidy
Â
Chapter 14 Business Continuity
Chapter 14 Business Continuity
Dr. Ahmed Al Zaidy
Â
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data Security
Dr. Ahmed Al Zaidy
Â
More from Dr. Ahmed Al Zaidy
(20)
Chapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based Programming
Â
Chapter 13 Programming for web forms
Chapter 13 Programming for web forms
Â
Chapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheets
Â
Chapter 11 Working with Events and Styles
Chapter 11 Working with Events and Styles
Â
Chapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statements
Â
Chapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScript
Â
Chapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimedia
Â
Chapter 7 Designing a web form
Chapter 7 Designing a web form
Â
Chapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and Columns
Â
Chapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile web
Â
Chapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSS
Â
Chapter 3 Designing a Page Layout
Chapter 3 Designing a Page Layout
Â
Chapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSS
Â
Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5
Â
Integer overflows
Integer overflows
Â
testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2
Â
Fundamental of testing
Fundamental of testing
Â
Chapter 15 Risk Mitigation
Chapter 15 Risk Mitigation
Â
Chapter 14 Business Continuity
Chapter 14 Business Continuity
Â
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data Security
Â
Recently uploaded
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
GaneshChakor2
Â
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
Celine George
Â
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
dawncurless
Â
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
pboyjonauth
Â
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
Â
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
InMediaRes1
Â
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
ssuser54595a
Â
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
EduSkills OECD
Â
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
GeoBlogs
Â
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
Chameera Dedduwage
Â
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Celine George
Â
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
David Douglas School District
Â
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
UnboundStockton
Â
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
pboyjonauth
Â
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Â
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
NirmalaLoungPoorunde1
Â
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
Marc Dusseiller Dusjagr
Â
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
Sayali Powar
Â
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
M56BOOKSTORE PRODUCT/SERVICE
Â
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Sumit Tiwari
Â
Recently uploaded
(20)
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
Â
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
Â
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
Â
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
Â
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
Â
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
Â
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
Â
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Â
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
Â
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
Â
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Â
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
Â
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
Â
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
Â
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Â
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
Â
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
Â
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
Â
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
Â
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Â
Fundamentals of Information Systems Security Chapter 9
1.
© 2018 Jones
and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 9 Cryptography
2.
Page 2Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Explain how businesses apply cryptography in maintaining information security.
3.
Page 3Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  Basics of cryptography  Business applications of cryptography  Symmetric and asymmetric key cryptography  Encryption mechanisms and techniques  Certificate and key management
4.
Page 4Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. What Is Cryptography?  Unencrypted information—Information in understandable form (plaintext or cleartext)  Encrypted information—Information in scrambled form (ciphertext)  Encryption—The process of scrambling plaintext into ciphertext  Decryption—The process of unscrambling ciphertext into plaintext  Algorithm—A repeatable process that produces the same result when it receives the same input  Cipher—An algorithm to encrypt or decrypt information
5.
Page 5Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A Cryptosystem at Work  Those that use the same key to encrypt and decrypt are private (symmetric) key ciphers  Those that use different keys to encrypt and decrypt are public (asymmetric) key ciphers Encryption Cipher Categories
6.
Page 6Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Basic Cryptographic Principles Keyspace—The number of possible keys to a cipher Open ciphers—Make it possible for experts around the world to examine the ciphers for weaknesses Data Encryption Standard (DES)—The most scrutinized cipher in history
7.
Page 7Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A Brief History of Cryptography People have used cryptography to protect information for at least 4,000 years Steganography is the act of hiding information Cryptanalysis is breaking code Cryptography was used in WWI and WWII Symmetric and asymmetric key cryptography introduced in 1976
8.
Page 8Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptography’s Role in Information Security • Keeps information secret from unauthorized users Confidentiality • Ensures that no one, even the sender, changes information after transmitting it Integrity • Confirms the identity of an entity Authentication • Enables you to prevent a party from denying a previous statement or action Nonrepudiation
9.
Page 9Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Business and Security Requirements for Cryptography Internal security • Confidentiality, privacy, integrity, and authorization Security in business relationships • Message authentication, signature, receipt and confirmation, and nonrepudiation Security measures that benefit everyone • Anonymity, timestamping, revocation, and ownership
10.
Page 10Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Information Security Objectives Objective Steps to Take Privacy or confidentiality Keep information secret from all unauthorized users. Integrity Ensure that unauthorized users or unknown processes have not altered information. Entity authentication or identification Corroborate the identity of an entity (that is, a person, a computer terminal, a credit card, etc.). Message authentication Corroborate the source of information; authenticate the data’s origin. Signature Bind information to an entity.
11.
Page 11Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Information Security Objectives (cont.) Objective Steps to Take Authorization Convey an official sanction to do or be something to another entity. Validation Provide timely authorization to use or manipulate information or resources. Access control Restrict access to resources to privileged entities. Certification Endorse information by a trusted entity. Timestamping Record the time a user created or accessed information. Witnessing Verify the action to create an object or verify an object’s existence by an entity other than the creator.
12.
Page 12Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Information Security Objectives (cont.) Objective Steps to Take Receipt Acknowledge that the recipient received information. Confirmation Acknowledge that the provider has provided services. Ownership Grant an entity the legal right to use or transfer a resource to others. Anonymity Conceal the identity of an entity involved in some process. Nonrepudiation Prevent an entity from denying previous commitments or actions. Revocation Retract certification or authorization.
13.
Page 13Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptographic Functions and Ciphers  Each cipher has specific characteristics that make it desirable or undesirable  When evaluating a cipher, consider its intended use • Are you trying to secure data in transit or data at rest? • Different ciphers solve different problems better than others  After selecting a cipher, you must make additional decisions about key size, operational mode, etc.  Many symmetric ciphers operate as either a stream cipher or a block cipher
14.
Page 14Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Business-Security Implementations General Classifications • Authentication (non-PKI) • Access control/authorization • Assessment and audit • Security management products • Perimeter/network security/availability • Content filtering • Encryption • Administration/education • Outsource services/consultants
15.
Page 15Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptography Capabilities Privacy or confidentiality Integrity Entity authentication or identification Message authentication Signature Access control Certification Timestamping Witnessing Ownership Anonymity Nonrepudiation
16.
Page 16Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Ciphers • Rearranges characters or bits of data Transposition ciphers • Replaces bits, characters, or blocks of information with other bits, characters, or blocks Substitution ciphers
17.
Page 17Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Transposition Ciphers Message—ATTACK AT DAWN Ciphertext—ACDTKATAWATN Key— {1,2,3,4}
18.
Page 18Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Substitution Ciphers  Caesar cipher—Each letter in the English alphabet a fixed number of positions, with Z wrapping back to A  Keyword mixed alphabet cipher—Uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet  Vigenère (vee-zhen-AIR) cipher—Encrypts every letter with its own substitution scheme  Simple substitution cipher—Allows any letter to uniquely map to any other letter
19.
Page 19Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Symmetric and Asymmetric Key Cryptography  Symmetric key ciphers use the same key to encrypt and decrypt  Asymmetric key ciphers have four key properties: • Two associated algorithms that are inverses of each other exist • Each of these two algorithms is easy to compute • It is computationally infeasible to derive the second algorithm if you know the first algorithm • Given some random input, you can generate associated key pairs that are inverses of each other
20.
Page 20Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptanalysis and Public Versus Private Keys  You can break a cipher in two ways: • Analyzing the ciphertext to find the plaintext or key • Analyzing the ciphertext and its associated plaintext to find the key  Four basic forms of cryptographic attack • Ciphertext-only attack (COA) • Known-plaintext attack (KPA) • Chosen-plaintext attack • Chosen-ciphertext attack
21.
Page 21Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A Ciphertext-only Attack (COA)
22.
Page 22Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A Known-Plaintext Attack (KPA)
23.
Page 23Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Keys, Keyspace, and Key Management Key • A value that is an input to a cryptosystem Keyspace • The set of all possible keys Key management • One of the most difficult and critical parts of a cryptosystem
24.
Page 24Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Distribution Techniques Paper Digital media Hardware
25.
Page 25Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Distribution Centers  Rather than each organization creating the infrastructure to manage its own keys, a number of hosts could agree to trust a common key- distribution center (KDC)  All parties must trust the KDC  With a KDC, each entity requires only one secret key pair—between itself and the KDC  Kerberos and ANSI X9.17 use the concept of a KDC
26.
Page 26Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Hash Functions Checksum • Summary information appended to a message to ensure that the values of the message have not changed Hash • Like a checksum but operates so that a forged message will not result in the same hash as a legitimate message • Is usually a fixed size • Acts as a fingerprint for data
27.
Page 27Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Digital Signatures Bind the identity of an entity to a particular message or piece of information Ensure the integrity of a message and verify who wrote it Require asymmetric key cryptography
28.
Page 28Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. How a Digital Signature Works
29.
Page 29Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptographic Applications and Uses in Information System Security Security product and service categories: • Anti-malware • Forensics • ID management • Messaging safeguards • Patch management • Perimeter defenses • Transaction security (digital certificates, secure file transfer) • Wireless security
30.
Page 30Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptographic Applications and Uses in Information System Security  Authentication tools include tokens, smart cards, biometrics, passwords, and password recovery  Access control and authorization includes firewalls, timestamping, single sign-on, identity management, and mobile device security  Assessment and auditing tools include vulnerability-assessment scanners, penetration testing tools, forensic software, and log analyzers
31.
Page 31Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Cryptographic Applications and Uses in Information System Security  Security management products include tools for enterprise security management, configuration and patch management, and security policy development  Wireless security tools encrypt data to protect them in transit and to limit access to authorized people  Encryption tools include line encryption, database security products, virtual private networks (VPNs), public key infrastructure (PKI), and crypto accelerators
32.
Page 32Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Symmetric Key Standards Data Encryption Standard (DES) Triple DES (3DES) International Data Encryption Algorithm (IDEA) CAST Blowfish Advanced Encryption Standard (AES) RC2 RC4
33.
Page 33Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Wireless Security  Wireless products have built-in security, the default configuration generally doesn’t enable it; they expect customers to enable it  802.11 wireless security (Wi-Fi) provides wireless communications at transmission speeds from 11 Mbps for 802.11b, to over 780 Mbps for 802.11ac, and 100 Gbps for 802.11ay  802.11 wireless protocols allow encryption through Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) • WEP has limitations and shouldn’t be used
34.
Page 34Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Asymmetric Key Solutions An asymmetric key solution doesn’t require each party to first share a secret key The key directory is a trusted repository of all public keys A key escrow is a key storage method that allows some authorized third party access to a key under certain circumstances
35.
Page 35Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Asymmetric Key Solutions  The SSL Handshake Protocol consists of two phases: server authentication and an optional client authentication  Digital signatures verify a person’s identity or that person’s association with a message  A certificate authority (CA) vouches for the validity of a credential, and maintains a list of invalid, or revoked, certificates in either a certificate revocations list (CRL) or by maintaining the data to support the newer online certificate status protocol (OCSP)
36.
Page 36Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 36Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Hash Function and Integrity  Hash functions: • Help detect forgeries • Compute a checksum of a message • Combine the checksum with a cryptographic function so that the result is tamperproof  A hash is: • A checksum designed so that no one can forge a message in a way that will result in the same hash as a legitimate message • Usually a fixed size, resulting in a hash value, which is larger than checksum values
37.
Page 37Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 37Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Hashing Algorithms  MD5 message digest algorithm—Takes an input of any arbitrary length and generates a 128-bit message digest that is computationally infeasible to match by finding another input  Secure Hash Algorithm (SHA-1)—Produces a 160-bit hash from a message of any arbitrary length  Hash message authentication code (HMAC)—A hash function that uses a key to create the hash, or message digest  RACE Integrity Primitives Evaluation Message Digest (RIPEMD)—A collection of functions that provide hash values for a wide range of applications
38.
Page 38Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 38Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Relationship Between Hash and Digital Signature Algorithms
39.
Page 39Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 39Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Digital Signatures and Nonrepudiation A digitized signature is an image of a physical signature stored in digital format A digital signature is a combination of a strong hash of a message, which acts as a fingerprint
40.
Page 40Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 40Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Conditions for Proving Nonrepudiation  An effective asymmetric key algorithm  A strong hash function  A means to apply the private encryption key to the hash value to produce a digital signature  A tamperproof or trusted third-party timing device  An agreed-upon protocol for validating digital signatures  A secure key management and distribution system  A public key repository with an assured level of integrity  Key escrow to be able to produce public keys from reluctant parties  Procedures to handle disputes
41.
Page 41Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 41Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Principles of Certificates and Key Management The best key management system in the world does not protect against a brilliant cryptanalyst if the encryption algorithm itself has any weaknesses
42.
Page 42Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 42Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Modern Key Management Techniques Advanced Encryption Standard (AES) Internet Protocol Security (IPSec) The Internet Security Association and Key Management Protocol (ISAKMP) Extensible Markup Language (XML) key management specification (XKMS) Managed public key infrastructure (PKI) American National Standards Institute (ANSI) X9.17
43.
Page 43Fundamentals of
Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 43Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary Basics of cryptography Business applications of cryptography Symmetric and asymmetric key cryptography Encryption mechanisms and techniques Certificate and key management
Download now