Information Security
•Download as PPT, PDF•
3 likes•1,204 views
It provides all basic concepts of cyber & information security.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (11)
Similar to Information Security
Similar to Information Security (20)
Recently uploaded
Recently uploaded (20)
Information Security
- 1. 1 Information Security DR. HIMANSHU GUPTA, SENIOR FACULTY MEMBER, AMITY UNIVERSITY, NOIDA (INDIA)
- 2. What is a network? A network consists of two or more devices that are linked in order to share resources or allow communications. Can you think of various forms of a network? 2
- 5. Satellite Networks 5 Football game in Europe Dish network Watching the game In Bryan Texas, USA
- 6. What is Security? Security is the act of protecting a person, property or organization from an attack. 6 • Examples of attack on a person? • Examples of attack on a property? • Examples of attack on a organization?
- 7. Why do we need Information Security 7 INTERNET email School Nurse Name: ALICE JACK Address: 1 BALL STR Phone Number: 888-9191 DOB: 01/21/1993 SSN: 999-111-2323 Credit Card No:. 9988 5321 Medical Records, Test scores bad guy listens to the communication sensitive data
- 8. Information Security Issues Can you think of ways a bad guy can use the data he obtains to cause harm or attack? Answer: Security Attacks Can you think of what you can do to prevent a bad guy from having access to your private data or information? Answer: Security Services 8
- 11. 11 Security Attacks Information source Information destination Interruption • Attack on availability
- 12. 12 Security Attacks Information source Information destination Interception • Attack on confidentiality
- 13. 13 Security Attacks Information source Information destination Modification • Attack on integrity
- 14. 14 Security Attacks Information source Information destination Fabrication • Attack on authenticity
- 15. 15 Classify Security Attacks passive attacks - eavesdropping on, or monitoring of, transmissions to: obtain message contents, or monitor traffic flows active attacks – modification of data stream to: masquerade of one entity as some other replay previous messages modify messages in transit denial of service
- 16. 16 Security Attacks Release of message contents Traffic analysis • eavesdropping, monitoring transmissions Passive threats
- 18. 18 Security Attacks Masquerade Denial of service • some modification of the data stream Active threats Replay Modification of message contents
- 20. 20 Security Services Confidentiality – protection from passive attacks Authentication – you are who you say you are Integrity – received as sent, no modifications, insertions, shuffling or replays
- 21. 21 Security Services Nonrepudiation – can’t deny a message was sent or received Access Control – ability to limit and control access to host systems and apps Availability – attacks affecting loss or reduction on availability
- 23. 23 Cryptography Cryptography -- from the Greek for “secret writing” -- is the mathematical “scrambling” of data so that only someone with the necessary key can “unscramble” it. Cryptography allows secure transmission of private information over insecure channels (for example packet-switched networks). Cryptography also allows secure storage of sensitive data on any computer.
- 24. Cryptography The process of converting a message into a secret code called CIPHER TEXT, and changing the encoded message back to regular text called PLAIN TEXT. (1) Encryption The conversion of the original message into a secret code or CIPHER TEXT using a key. (2) Decryption The conversion of the encoded message or PLAIN TEXT back to the original message using the same key. 24 Cryptography
- 25. Its All About Keys !!! 25 My name is Alice Jack. Encryption Plain text Wi xkwo sc kvsmo tkmuWi xkwo sc kvsmo tkmu key My name is Alice Jack. Decryption cypher text Wi xkwo sc kvsmo tkmuWi xkwo sc kvsmo tkmu key
- 26. Cryptography Wheel You are meeting your friend for lunch at a restaurant. Which one? – it’s a secret! 26 X A B C D ZY P G M E R Q O S F N J I H K W V U T L CIPHERTEXT PLAINTEXT ENCRYPTION Key = 4 X A B C D ZY P G M E R Q O S F N J I H K W V U T L Golden Corral
- 27. Cryptography Wheel Golden Corral 27 X A B C D ZY P G M E R Q O S F N J I H K W V U T L CIPHERTEXT PLAINTEXT ENCRYPTION Key = 4 X A B C D Z Y P G M E R Q O S F N J I H K W V U T L Jroghq Fruudo DECRYPTION Golden Corral
- 28. Cryptography Wheel 28 X A B C D ZY P G M E R Q O S F N J I H K W V U T L CIPHERTEXT PLAINTEXT Key = 7X AB C D Z Y P G M E R Q O S F N J I H K W V U T L Lyx Fivmnyl DECRYPTION Red Lobster
- 29. 29 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption key public, decryption key secret (private) plaintext plaintextciphertext K A encryption algorithm decryption algorithm K B
- 32. 32 Secure Communication over Insecure Medium
- 33. 33 RSA Encryption Algorithm For example. make p = 7and q = 13 We then calculate N = 7∗13 = 91 and (p−1)(q−1) = 72 We next select ke relatively prime to 72 and< 72, yielding 5 Finally,we calculate kd such that ke*kd mod 72 = 1, yielding 29 We how have our keys Public key, ke, N = 5, 91 Private key, kd , N = 29, 91 Encrypting the message 69 with the public key results in the cyphertext 62 Cyphertext can be decoded with the private key Public key can be distributed in cleartext to anyone who wants to communicate with holder
- 34. 34 Encryption and Decryption using RSA Asymmetric Cryptography
- 35. 35 What is a Firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions on network services only authorized traffic is allowed auditing and controlling access can implement alarms for abnormal behavior
- 38. Secure Online Transaction Using Digital Signature 38
- 39. 39 Thank You!!!!
- 40. 40 Have A Nice Week!!!
Editor's Notes
- Computers sharing the internet or sharing a printer?
- This is a wireless network
- Can you think of other types of Communication networks? Think about how people communicated before the advent of the internet or cell phone?
- Attack on a person: Physical attacks are efforts to injury or even kill a person. Other types personal attacks can also be attempts to injure or hurt someone emotionally or financially. Sometimes there is even an attack to destroy a person&apos;s reputation. Attack on a property? Someone may try to damage or destroy property, such as a building. Theft is also considered a property attack. Attack on organization Groups or individuals may wish to damage, undermine or destroy an organization, such as a company or even a government. Attacks may involve sabotage, creating unrest among the people, damaging property or even killing leaders. Terrorists try to destroy a government or society through damaging property or randomly killing or injuring people.
- Can you think of sensitive types of data that an attacker or bad guy may like to see? Bank accounts etc
- E.g. Email passwords, bank account information, locking your door with a key, locking your car with a key too, etc.Don’t write your passwords anywhere, lock sensitive data in a safe, Reasons for attacks: Revenge, money, political, thrills, avoid getting caught.
- Talk about car keys, padlock keys, house keys, password keys….. What happens if the bad guy gets your keys?
- Decrypt.
- Decrypt.