This is the slide I used to train people about the security concepts, such as digital signature and digital fingerprint.
I tried to use friendly way to explain the topic with animation and many example in real life.
Hope it helps for you.
This document provides an overview of DNS security (DNSSec). It discusses some past attacks on the root DNS servers and issues of trust with top-level domain operators. DNSSec aims to address these security issues by digitally signing DNS records to authenticate the origin and integrity of DNS data.
- Cryptography and Security
- Methods of Encryption and Decryption
- What is an Algorithm?
- Symmetric Algorithm
- Asymmetric Algorithm
- Hybrid Encryption
- Hashing Algorithm
- Securing the Algorithm or the Key
- Hash Value and Rainbow Table
- Digital Signature
- PKI
The document summarizes security issues related to e-commerce and encryption techniques. It discusses concepts like confidentiality, integrity, availability, authenticity, non-repudiation and describes encryption methods like SSL, digital signatures, and message authentication codes. It also covers encryption techniques like symmetric key encryption using DES/3DES and asymmetric key encryption using RSA cryptography. The document is presented by a group consisting of 5 members and contains details of security issues, encryption standards and methods.
This document discusses network security and cryptography. It covers topics such as security requirements including confidentiality, integrity, authentication, and non-repudiation. It also discusses approaches to implementing these security requirements including encryption for confidentiality and digital signatures for authentication and non-repudiation. Additionally, it covers network threats and attacks, classifications of cryptosystems including classical and modern cryptosystems, key management, public key cryptography, and internet security protocols like IPSec and SSL/TLS.
Credera is a full-service management and technology consulting firm that provides expert, objective advice to help solve complex business and technology challenges for clients ranging from Fortune 1000 companies to emerging industry leaders. It has multiple offices across the United States, including in Dallas, Houston, Austin, and Denver.
Public key cryptography uses key pairs - a public key and a private key - to encrypt and decrypt messages. The public key can be shared widely, while the private key is kept secret. This allows users to securely share encrypted messages without having to first share secret keys. Common applications of public key cryptography include public key encryption and digital signatures.
Digital signatures use asymmetric cryptography to authenticate digital messages. They allow a recipient to verify the identity of the sender and confirm the message has not been altered. A digital signature scheme involves key generation, signing, and verification algorithms. Digital signatures provide authentication, integrity, and non-repudiation and are commonly used for software distribution, financial transactions, and other cases requiring detection of forgery or tampering. They offer advantages over traditional ink signatures like inability to forge or erase the signature.
The document discusses digital signatures, which provide authentication of electronic documents and messages. Digital signatures use public key cryptography, with each user having a unique private key and corresponding public key. To generate a digital signature, a document's hash value is encrypted with the sender's private key. Recipients can verify the signature by decrypting the hash with the sender's public key and comparing it to a newly generated hash of the received document. This allows confirmation of the sender's identity and ensures the document has not been altered. The document outlines the basic digital signature process and requirements for using digital signatures to authenticate electronic information.
This document provides an overview of DNS security (DNSSec). It discusses some past attacks on the root DNS servers and issues of trust with top-level domain operators. DNSSec aims to address these security issues by digitally signing DNS records to authenticate the origin and integrity of DNS data.
- Cryptography and Security
- Methods of Encryption and Decryption
- What is an Algorithm?
- Symmetric Algorithm
- Asymmetric Algorithm
- Hybrid Encryption
- Hashing Algorithm
- Securing the Algorithm or the Key
- Hash Value and Rainbow Table
- Digital Signature
- PKI
The document summarizes security issues related to e-commerce and encryption techniques. It discusses concepts like confidentiality, integrity, availability, authenticity, non-repudiation and describes encryption methods like SSL, digital signatures, and message authentication codes. It also covers encryption techniques like symmetric key encryption using DES/3DES and asymmetric key encryption using RSA cryptography. The document is presented by a group consisting of 5 members and contains details of security issues, encryption standards and methods.
This document discusses network security and cryptography. It covers topics such as security requirements including confidentiality, integrity, authentication, and non-repudiation. It also discusses approaches to implementing these security requirements including encryption for confidentiality and digital signatures for authentication and non-repudiation. Additionally, it covers network threats and attacks, classifications of cryptosystems including classical and modern cryptosystems, key management, public key cryptography, and internet security protocols like IPSec and SSL/TLS.
Credera is a full-service management and technology consulting firm that provides expert, objective advice to help solve complex business and technology challenges for clients ranging from Fortune 1000 companies to emerging industry leaders. It has multiple offices across the United States, including in Dallas, Houston, Austin, and Denver.
Public key cryptography uses key pairs - a public key and a private key - to encrypt and decrypt messages. The public key can be shared widely, while the private key is kept secret. This allows users to securely share encrypted messages without having to first share secret keys. Common applications of public key cryptography include public key encryption and digital signatures.
Digital signatures use asymmetric cryptography to authenticate digital messages. They allow a recipient to verify the identity of the sender and confirm the message has not been altered. A digital signature scheme involves key generation, signing, and verification algorithms. Digital signatures provide authentication, integrity, and non-repudiation and are commonly used for software distribution, financial transactions, and other cases requiring detection of forgery or tampering. They offer advantages over traditional ink signatures like inability to forge or erase the signature.
The document discusses digital signatures, which provide authentication of electronic documents and messages. Digital signatures use public key cryptography, with each user having a unique private key and corresponding public key. To generate a digital signature, a document's hash value is encrypted with the sender's private key. Recipients can verify the signature by decrypting the hash with the sender's public key and comparing it to a newly generated hash of the received document. This allows confirmation of the sender's identity and ensures the document has not been altered. The document outlines the basic digital signature process and requirements for using digital signatures to authenticate electronic information.
A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must be unforgettable. There are a number of different encryption techniques to guarantee this level of security.
Presented at Seminar at Bahria University June 2007
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, Certification Authority, Secure Socket Layer (SSL), Secure Electronic Transaction (SET)
Digital signatures provide authentication, integrity, and non-repudiation for digital documents and messages. They work by using public key cryptography where a private key is used to sign a message hash and the corresponding public key can then verify that the signature is valid. Digital signatures are important for electronic transactions and communications where the identity of the sender and the integrity of the message need to be assured. However, digital signatures are only as secure as the private keys used to create them.
Digital signatures provide a way to verify the authenticity and integrity of digital documents and messages. They use public key cryptography where a document or message is hashed, then encrypted with the sender's private key. The recipient can decrypt the signature with the sender's public key and verify that the message has not been altered by comparing the decrypted hash to a newly computed hash of the received message. Digital certificates typically contain the owner's public key, name, expiration date, issuer information, and digital signature to validate the identity of the owner.
The document discusses digital signatures, including how they work using public key cryptography. Digital signatures provide authentication by allowing the signature to be verified using the signer's public key. The document outlines the differences between conventional and digital signatures and describes common digital signature schemes, public key encryption, digital certificates, certifying authorities, and methods for protecting private keys like hardware tokens and smart cards.
Digital signatures provide a way to validate the authenticity and integrity of digital documents, similar to physical signatures. They use cryptographic techniques including hash functions and asymmetric cryptography. A public key infrastructure (PKI) issues digital certificates that map public keys to users' identities. Digital signatures are created by hashing a document and encrypting the hash with a user's private key. Anyone can validate the signature by decrypting it with the user's public key and comparing hashes. India's PKI follows X.509 standards and uses a hierarchical trust model with the Root CA at the top. Digital Signature Certificates contain a user's identity and public key. eSign allows Aadhaar holders to digitally sign documents using their Aad
Digital signatures provide authenticity, integrity, and non-repudiation for electronic documents. They use asymmetric cryptography with a private key for signing and public key for verification. The signer uses their private key to encrypt a hash of the message, creating a digital signature. The recipient can then decrypt the signature with the signer's public key to verify the message has not been altered. Hardware tokens like smart cards and USB tokens store private keys securely. The Controller of Certifying Authorities licenses and monitors Certifying Authorities in India that issue digital signature certificates.
This document discusses data security and authentication using steganography and the STS protocol. It proposes a new approach that uses steganography to hide encrypted messages within images by generating a stego-key through the STS key exchange protocol. The STS protocol provides authentication by requiring signatures, while steganography further protects the data by concealing the encrypted messages within cover files like images. The document analyzes how combining steganography with cryptography and key exchange protocols like STS can enhance data security.
Cryptography is the art of converting text into another form for secret transmission and reception. It works by converting plain text into cipher text using some encryption algorithm at the sender’s side and converting ciphertext into plain text at the receiver’s. Cryptography is used to provide confidentiality, integrity, authenticity and non-repudiation.
CGI White Paper - Key Incryption MechanismAmit Singh
This white paper discusses public key encryption and digital signatures. It begins by defining public key cryptography and explaining how it works using asymmetric key pairs for encryption/decryption and digital signatures. It then discusses how certificates are used to validate identities and keys. Certificates contain a user's public key and identity information, signed by a certificate authority, allowing identities to be verified. The paper also explains how digital signatures, encryption, and certificates are implemented in practice when sending signed and encrypted messages.
This document provides an overview of network security and cryptography. It discusses the history and basic concepts of networking and security. The document covers risk management, network threats like viruses and denial of service attacks. It also explains different network security methods like virtual private networks (VPNs), firewalls, and IPSec. Cryptography techniques like secret key cryptography, public key cryptography, hash functions, and authentication methods are summarized. Popular cryptographic algorithms and protocols like PGP, SHA, and AAA servers are also mentioned.
The document provides an overview of a course on PKI (Public Key Infrastructure) technology. It outlines the topics that will be covered over two days, including secret key cryptography algorithms like AES and RSA, digital certificates, certificate authorities, and practical PKI applications like S/MIME, SSL, and IPSEC. The objectives of the course are to understand cryptographic fundamentals, public key infrastructure elements and how they interact, and why PKI is useful for enabling e-commerce and enhancing security.
This document summarizes a seminar presentation on public key infrastructure (PKI). It discusses key concepts of PKI including digital signatures, certificates, validation, revocation, and the roles of certification authorities. The presentation covers how asymmetric encryption, hashing, and digital signatures enable secure authentication and authorization in a PKI. It also examines the entities, operations, and technologies involved in implementing and managing a PKI, such as certificate authorities, registration authorities, key generation and storage, and certification revocation lists.
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
This document discusses and analyzes various cryptographic algorithms used for network security. It begins with definitions of key cryptographic terms like plain text, cipher text, encryption, decryption, and keys. It then describes different types of cryptographic schemes, including symmetric, asymmetric, and hash functions. Specific algorithms are analyzed like DES, AES, RSA, and Diffie-Hellman. Factors to consider when selecting a cryptographic algorithm like speed, memory requirements, security needs, and data type are also discussed. Overall the document provides a comprehensive overview and comparison of cryptographic algorithms and their applications for network security.
Cryptography is a technique used today hiding any confidential information from the attack of an intruder. Today data communication mainly depends upon digital data communication, where prior requirement is data security, so that data should reach to the intended user. The protection of multimedia data, sensitive information like credit cards, banking transactions and social security numbers is becoming very important. The protection of these confidential data from unauthorized access can be done with many encryption techniques. So for providing data security many cryptography techniques are employed, such as symmetric and asymmetric techniques. In this review paper different asymmetric cryptography techniques, such as RSA (Rivest Shamir and Adleman), Diffie-Hellman, DSA (Digital Signature Algorithm), ECC (Elliptic curve cryptography) are analyzed. Also in this paper, a survey on existing work which uses different techniques for image encryption is done and a general introduction about cryptography is also given. This study extends the performance parameters used in encryption processes and analyzing on their security issues.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document discusses the importance of cryptography and PKI for ensuring security, privacy, and authentication in digital communications. It addresses the three main goals of cryptography - confidentiality, integrity, and availability. The document then provides an overview of cryptographic algorithms, including symmetric and asymmetric encryption as well as hash functions. It also discusses common cryptanalytic attacks and how the strength of encryption increases exponentially with longer key sizes, making brute-force attacks infeasible for sufficiently long keys.
This document discusses user authentication and cryptographic key infrastructure. It describes various techniques for entity authentication including something you have (e.g. smart cards), something you are (e.g. biometrics), and something you know (e.g. passwords, one-time passwords, challenge-response authentication). It also discusses cryptographic key infrastructure and the use of certificates signed by certificate authorities to bind identities to public keys.
Chord is a distributed lookup service for peer-to-peer applications. It uses consistent hashing to assign keys to nodes, enabling efficient lookups in O(log N) time. Each node maintains a finger table with pointers to other nodes, allowing it to quickly route lookup requests. Nodes periodically stabilize by checking their successor pointers and notifying successors, ensuring correctness as the network changes.
Web query expansion based on association rules mining with e hownet and googl...Paul Yang
This document outlines a presentation on web query expansion based on association rules mining with eHownet and a Google Chrome extension. It introduces the background and purpose, which is to improve misuse of Chinese synonyms in queries by providing suggested keywords. The related works section discusses eHownet and the Apriori algorithm. The system architecture and experimental results are also outlined.
Just make a quick slide to show how you apply a angel fund in Taiwan (行政院國家發展基金創業天使). Share to whom are interested in this topic. This is written in Chinese but if you request English version, ping me and i'll make it by request.
A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must be unforgettable. There are a number of different encryption techniques to guarantee this level of security.
Presented at Seminar at Bahria University June 2007
Cryptography Simplified - Symmetric Key, Public Key, PKI, Digital Signature, Certification Authority, Secure Socket Layer (SSL), Secure Electronic Transaction (SET)
Digital signatures provide authentication, integrity, and non-repudiation for digital documents and messages. They work by using public key cryptography where a private key is used to sign a message hash and the corresponding public key can then verify that the signature is valid. Digital signatures are important for electronic transactions and communications where the identity of the sender and the integrity of the message need to be assured. However, digital signatures are only as secure as the private keys used to create them.
Digital signatures provide a way to verify the authenticity and integrity of digital documents and messages. They use public key cryptography where a document or message is hashed, then encrypted with the sender's private key. The recipient can decrypt the signature with the sender's public key and verify that the message has not been altered by comparing the decrypted hash to a newly computed hash of the received message. Digital certificates typically contain the owner's public key, name, expiration date, issuer information, and digital signature to validate the identity of the owner.
The document discusses digital signatures, including how they work using public key cryptography. Digital signatures provide authentication by allowing the signature to be verified using the signer's public key. The document outlines the differences between conventional and digital signatures and describes common digital signature schemes, public key encryption, digital certificates, certifying authorities, and methods for protecting private keys like hardware tokens and smart cards.
Digital signatures provide a way to validate the authenticity and integrity of digital documents, similar to physical signatures. They use cryptographic techniques including hash functions and asymmetric cryptography. A public key infrastructure (PKI) issues digital certificates that map public keys to users' identities. Digital signatures are created by hashing a document and encrypting the hash with a user's private key. Anyone can validate the signature by decrypting it with the user's public key and comparing hashes. India's PKI follows X.509 standards and uses a hierarchical trust model with the Root CA at the top. Digital Signature Certificates contain a user's identity and public key. eSign allows Aadhaar holders to digitally sign documents using their Aad
Digital signatures provide authenticity, integrity, and non-repudiation for electronic documents. They use asymmetric cryptography with a private key for signing and public key for verification. The signer uses their private key to encrypt a hash of the message, creating a digital signature. The recipient can then decrypt the signature with the signer's public key to verify the message has not been altered. Hardware tokens like smart cards and USB tokens store private keys securely. The Controller of Certifying Authorities licenses and monitors Certifying Authorities in India that issue digital signature certificates.
This document discusses data security and authentication using steganography and the STS protocol. It proposes a new approach that uses steganography to hide encrypted messages within images by generating a stego-key through the STS key exchange protocol. The STS protocol provides authentication by requiring signatures, while steganography further protects the data by concealing the encrypted messages within cover files like images. The document analyzes how combining steganography with cryptography and key exchange protocols like STS can enhance data security.
Cryptography is the art of converting text into another form for secret transmission and reception. It works by converting plain text into cipher text using some encryption algorithm at the sender’s side and converting ciphertext into plain text at the receiver’s. Cryptography is used to provide confidentiality, integrity, authenticity and non-repudiation.
CGI White Paper - Key Incryption MechanismAmit Singh
This white paper discusses public key encryption and digital signatures. It begins by defining public key cryptography and explaining how it works using asymmetric key pairs for encryption/decryption and digital signatures. It then discusses how certificates are used to validate identities and keys. Certificates contain a user's public key and identity information, signed by a certificate authority, allowing identities to be verified. The paper also explains how digital signatures, encryption, and certificates are implemented in practice when sending signed and encrypted messages.
This document provides an overview of network security and cryptography. It discusses the history and basic concepts of networking and security. The document covers risk management, network threats like viruses and denial of service attacks. It also explains different network security methods like virtual private networks (VPNs), firewalls, and IPSec. Cryptography techniques like secret key cryptography, public key cryptography, hash functions, and authentication methods are summarized. Popular cryptographic algorithms and protocols like PGP, SHA, and AAA servers are also mentioned.
The document provides an overview of a course on PKI (Public Key Infrastructure) technology. It outlines the topics that will be covered over two days, including secret key cryptography algorithms like AES and RSA, digital certificates, certificate authorities, and practical PKI applications like S/MIME, SSL, and IPSEC. The objectives of the course are to understand cryptographic fundamentals, public key infrastructure elements and how they interact, and why PKI is useful for enabling e-commerce and enhancing security.
This document summarizes a seminar presentation on public key infrastructure (PKI). It discusses key concepts of PKI including digital signatures, certificates, validation, revocation, and the roles of certification authorities. The presentation covers how asymmetric encryption, hashing, and digital signatures enable secure authentication and authorization in a PKI. It also examines the entities, operations, and technologies involved in implementing and managing a PKI, such as certificate authorities, registration authorities, key generation and storage, and certification revocation lists.
Analysis of Cryptographic Algorithms for Network SecurityEditor IJCATR
This document discusses and analyzes various cryptographic algorithms used for network security. It begins with definitions of key cryptographic terms like plain text, cipher text, encryption, decryption, and keys. It then describes different types of cryptographic schemes, including symmetric, asymmetric, and hash functions. Specific algorithms are analyzed like DES, AES, RSA, and Diffie-Hellman. Factors to consider when selecting a cryptographic algorithm like speed, memory requirements, security needs, and data type are also discussed. Overall the document provides a comprehensive overview and comparison of cryptographic algorithms and their applications for network security.
Cryptography is a technique used today hiding any confidential information from the attack of an intruder. Today data communication mainly depends upon digital data communication, where prior requirement is data security, so that data should reach to the intended user. The protection of multimedia data, sensitive information like credit cards, banking transactions and social security numbers is becoming very important. The protection of these confidential data from unauthorized access can be done with many encryption techniques. So for providing data security many cryptography techniques are employed, such as symmetric and asymmetric techniques. In this review paper different asymmetric cryptography techniques, such as RSA (Rivest Shamir and Adleman), Diffie-Hellman, DSA (Digital Signature Algorithm), ECC (Elliptic curve cryptography) are analyzed. Also in this paper, a survey on existing work which uses different techniques for image encryption is done and a general introduction about cryptography is also given. This study extends the performance parameters used in encryption processes and analyzing on their security issues.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document discusses the importance of cryptography and PKI for ensuring security, privacy, and authentication in digital communications. It addresses the three main goals of cryptography - confidentiality, integrity, and availability. The document then provides an overview of cryptographic algorithms, including symmetric and asymmetric encryption as well as hash functions. It also discusses common cryptanalytic attacks and how the strength of encryption increases exponentially with longer key sizes, making brute-force attacks infeasible for sufficiently long keys.
This document discusses user authentication and cryptographic key infrastructure. It describes various techniques for entity authentication including something you have (e.g. smart cards), something you are (e.g. biometrics), and something you know (e.g. passwords, one-time passwords, challenge-response authentication). It also discusses cryptographic key infrastructure and the use of certificates signed by certificate authorities to bind identities to public keys.
Chord is a distributed lookup service for peer-to-peer applications. It uses consistent hashing to assign keys to nodes, enabling efficient lookups in O(log N) time. Each node maintains a finger table with pointers to other nodes, allowing it to quickly route lookup requests. Nodes periodically stabilize by checking their successor pointers and notifying successors, ensuring correctness as the network changes.
Web query expansion based on association rules mining with e hownet and googl...Paul Yang
This document outlines a presentation on web query expansion based on association rules mining with eHownet and a Google Chrome extension. It introduces the background and purpose, which is to improve misuse of Chinese synonyms in queries by providing suggested keywords. The related works section discusses eHownet and the Apriori algorithm. The system architecture and experimental results are also outlined.
Just make a quick slide to show how you apply a angel fund in Taiwan (行政院國家發展基金創業天使). Share to whom are interested in this topic. This is written in Chinese but if you request English version, ping me and i'll make it by request.
Mitigating routing misbehavior in mobile ad hoc networks Paul Yang
Mitigating Routing Misbehavior in Mobile Ad Hoc Networks”, Sergio Marti,T.J. Giuli, Kevin Lai, and Mary Baker,MobiCom 2000
Introduces two techniques that improve throughput in an ad hoc network in the presence of “misbehaving” nodes.
Our staff is fully trained in all aspect of school cleaning and we are ranked highly in the list of cleaning contractor in Sydney by our clients. We train our staff to maintain the security level of the things because security is our first priority.
This document compares and contrasts the processes for selecting the Pope and the President of the Philippines. It notes that the Pope is chosen by Cardinals in a papal conclave, while the Philippine president is democratically elected by the people. However, Philippine elections are often marred by fraud, unlike the sacred selection of the Pope. The document prescribes that Philippine voters guard their votes and make the electoral process more credible and sacred, like the process for selecting the Pope.
Este documento presenta un nuevo modelo de acreditación complementaria para programas de estudios universitarios en Perú. El modelo se basa en lecciones aprendidas de la implementación del modelo anterior y está alineado con tendencias internacionales. El nuevo modelo concibe la acreditación como un proceso de mejora continua centrado en resultados. Incluye cuatro dimensiones, doce factores y treinta y cuatro estándares agrupados en una matriz. El modelo busca fortalecer la autoevaluación, la mejora continua y la autorregulación de las instituciones educativas.
This document discusses planning and goal setting for personal improvement projects. It covers how self-esteem and achieving goals are connected, defines goal setting, describes types of goals and measurements, discusses the goal setting process, and provides examples of SMART goals and motivation for 30 day challenges. It also includes interactive activities like Kahoot quizzes.
Modulo v actividad 3 materiales didacticos copiaReyni Rallp
El documento discute cómo la tecnología digital está transformando la educación y los materiales educativos. Señala que si bien la tecnología puede ser una herramienta útil, su mal uso puede ser perjudicial. Explica que los materiales educativos han evolucionado a lo largo de la historia y ahora están cambiando a formatos digitales debido al avance de la tecnología. Finalmente, concluye que los maestros deben actualizarse continuamente para integrar efectivamente la tecnología en la enseñanza y aprovechar sus beneficios m
The document provides an overview and update on the development of the Insurance Capital Standard (ICS) by the International Association of Insurance Supervisors (IAIS). The ICS aims to establish a global consolidated risk-based capital standard for internationally active insurance groups. It is still under development with field testing ongoing. The ICS uses a 99.5% Value at Risk over a 1-year time horizon to calculate the Prescribed Capital Requirement, and allows for a tiered approach to capital resources. It evaluates risks such as insurance, market, credit and operational risk using factors and stress-based modeling.
Este documento presenta el proyecto de vida de Jocelyn Morales. Ella describe sus valores fundamentales como el respeto, amor y humildad. Sus metas principales son completar su carrera universitaria y ayudar a sus padres. Su misión es superarse a sí misma cada día y ayudar a otros. Su visión es obtener su título y encontrar un empleo que le permita crecer. Ha creado un plan de metas para los próximos 5 años que la ayudarán a lograr sus objetivos.
Jhun Montero is applying for open safety positions at Weatherford Drilling International. He has over 10 years of experience in safety roles such as Safety Training Coordinator, HSE Officer, and Rig Safety Officer for various drilling companies in Kuwait and Saudi Arabia. His responsibilities have included safety training, audits, incident investigations, and ensuring compliance with safety policies and procedures. He holds several safety certifications and has received extensive safety training.
Warehouse scale computing - Dive into the detail Paul Yang
This slide is to use the way of zoom-in effect to let people understand Google Warehouse-Scale Computing and the details of computer architecture.
For WSC, you can refer to my previous blog - http://paulyang0125.blogspot.co.uk/2015/09/my-thought-on-warehouse-scale-computer.html
to know about the detail.
Hope you like it ~
El Parque de las Leyendas en Lima, Perú fue fundado en 1964 como el primer zoológico del país. Además del zoológico, el parque también contiene un jardín botánico, museos y ruinas precolombinas. Alberga una gran diversidad de especies animales y vegetales peruanas, así como especies de otros países en su Zona Internacional. Actualmente es administrado por la Municipalidad Metropolitana de Lima.
La teoría celular propone que todos los organismos están compuestos por células. Las células son la unidad básica estructural y funcional de los seres vivos. Todas las células contienen material genético en forma de ADN y están rodeadas por una membrana, y pueden crecer y dividirse. Existen dos tipos principales de células, las procariotas y las eucariotas, que difieren principalmente en la presencia o ausencia de un núcleo bien definido.
Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Networks
From Birds to Network Nodes
Components in Each Node
Information Flow in Each Node
Information Flow Between Nodes
1) Symmetric-key cryptography uses the same key to encrypt and decrypt data but requires a secure way to share the secret key between parties.
2) Public-key cryptography addresses this issue by using different but mathematically linked public and private keys, allowing secure communication without pre-shared keys.
3) Digital signatures use public-key cryptography to authenticate senders, working by encrypting a digest of the message with the sender's private key that can be decrypted and verified using their public key.
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
The document provides an overview of PKI (Public Key Infrastructure) and how it relates to securing electronic communications with digital certificates. It discusses how PKI manages the lifecycle of digital certificates, including generating, distributing, storing, renewing, and revoking certificates. It also explains how digital certificates and public/private key encryption can be used to securely sign and encrypt email, helping to authenticate senders and ensure message integrity and privacy. Overall, the document outlines the basic concepts of PKI and how it enables trusted electronic communications through the use of digital certificates.
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
The document provides an overview of PKI (Public Key Infrastructure) and digital certificates. It discusses how PKI manages the lifecycle of digital certificates, including credentialing individuals, generating and distributing certificates, renewing and revoking certificates. It explains how digital certificates use public/private key pairs to provide authentication, data integrity and encryption. The document also discusses how digital certificates can be used to securely encrypt and digitally sign email to prove the identity of the sender and that the message has not been altered.
This document provides an overview of public key infrastructure (PKI) and X.509 PKI. It discusses how PKI addresses issues of confidence and trust in digital communications through the use of cryptography, digital signatures, digital certificates, and a certification authority. It describes the basic components of an X.509 PKI, including certificate authorities, registration authorities, and certificate distribution systems.
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
Digital certificates and PKI provide authentication, digital signing of documents, and encryption. Digital certificates can authenticate individuals and machines, digitally sign emails and documents to verify authenticity and integrity, and encrypt information for privacy and security both in transit and at rest. At UW-Madison, many departments and offices use digital certificates including DoIT, UW Police, the Registrar's Office, and the Medical School. Other organizations that use them include the US Department of Defense, Western European countries, and large companies like Johnson & Johnson. Digital certificates require an initial investment but make electronic communications more secure.
Pki & personal digital certificates, securing sensitive electronic communicat...Nicholas Davis
Digital certificates and PKI provide authentication, digital signing of documents, and encryption. Digital certificates can authenticate individuals and machines, digitally sign emails and documents to verify authenticity and integrity, and encrypt information for privacy and security both in transit and at rest. At UW-Madison, many departments and offices use digital certificates including DoIT, UW Police, the Registrar's Office, and the Medical School. Other organizations that use them include the US Department of Defense, Western European countries, and large companies like Johnson & Johnson. Digital certificates need to reach critical mass to provide security benefits, but provide assurances and keep private information private.
Cryptography and digital certificates can be used to securely encrypt electronic communications and authenticate digital identities. A public key infrastructure (PKI) manages the lifecycle of digital certificates, including credentialing, generating certificates, distributing public keys, revoking certificates, and more. Secure email protocols like S/MIME use public/private key encryption and digital signatures to authenticate senders and ensure message integrity.
Cryptography and digital certificates can be used to securely encrypt electronic communications and authenticate digital identities. A public key infrastructure (PKI) manages the lifecycle of digital certificates, including credentialing, generating certificates, distributing public keys, revoking certificates, and more. Secure email protocols like S/MIME use public/private key encryption and digital signatures to authenticate senders and ensure message integrity.
This document discusses different types of encryption. It describes symmetric encryption which uses a single secret key for encryption and decryption. It also describes asymmetric encryption which uses a public key and private key. The document outlines some encryption algorithms like stream ciphers and block ciphers. It discusses how public key infrastructure works using certificate authorities and digital certificates. Finally, it provides examples of how encryption is used and some best practices for effective encryption.
This document discusses email security and the Pretty Good Privacy (PGP) encryption software. It provides an overview of why email security is important given common threats like loss of confidentiality and integrity. It then describes how PGP works to encrypt emails using symmetric and asymmetric encryption. PGP uses a "web of trust" model where users can sign each other's public keys to establish trusted relationships. Key challenges to PGP adoption are also summarized, such as usability issues and the difficulty of properly managing encryption keys.
Second presentation of Mike Dance's Cryptography series, it aims to provide an overview of digital signature and define the terminology used for digital signatures.
Mike Dance is a web developer and Bitcoin advocate.
----------
Presented at the BitcoinSYD Meetup on 18 February 2015
This document provides an overview of cryptography. It begins with background information, defining cryptography as using mathematics to encrypt and decrypt data to enable secure transmission. The main purposes of cryptography are then outlined as authentication, privacy/confidentiality, integrity, and non-repudiation. The methodology section describes symmetric and asymmetric encryption methods. Symmetric encryption uses the same key for encryption and decryption while asymmetric uses mathematically related public/private key pairs. Specific symmetric algorithms like block and stream ciphers are then defined along with concepts like padding schemes. The document concludes with sections on key exchange and digital signatures, which enable practical uses of cryptography.
Interested in protecting your information, but don’t really know where to start?
In this workshop we will give a brief explanation of how encryption works followed by a practical tutorial on how to communicate securely. Subjects of discussion will include:
- Irreversible functions and how they can hide data
- Creating a Cryptographic identity
- Sending a secure message with PGP
- Overview of applications and plugins with built-in encryption
- Getting your machine set up to use these tools seamlessly
- Common security problems
Workshop participants should have Thunderbird or Apple Mail.app setup and configured with their email accounts prior to this workshop.
Participants should also download the following ahead of time:
Windows:
gpg4win
Enigmail Plugin
Mac:
gpgtools
The document discusses digital signatures and public key infrastructure (PKI) for building trust in online transactions. It explains symmetric and asymmetric encryption techniques, including how public key encryption works using key pairs to ensure authentication, confidentiality, integrity and non-repudiation. Digital signatures encrypt a hash of a message with the sender's private key to verify authenticity and integrity without revealing the original message. A PKI uses digital certificates issued by a certificate authority to associate users with their public keys.
This document discusses the importance of using more encryption on the Internet to increase privacy and security. It makes the following key points:
1) The Internet has become too easy to monitor as we have built it without sufficient security protections by default. More encryption needs to be implemented across Internet services and protocols to make eavesdropping more difficult.
2) Developers should enable encryption by default for all new Internet protocols. Opportunistic encryption techniques can provide some protections even without full authentication.
3) Individuals can help push for more encryption by requiring encrypted connections when using services and enabling tools like HTTPS Everywhere on their browsers. Transitioning to encrypted connections wherever possible raises the bar for surveillance.
This document outlines a 4-day Python programming class covering basic Python, advanced Python, web scraping with Python, and building a web application with Python. On the fourth day, students will learn about CRUD operations, databases, and the ORM pattern. They will also learn to build an HTTP server, develop web applications with the Flask framework, access GPIO pins on the Raspberry Pi, and control an LCD display on the Raspberry Pi. As a final project, students will build a simple control center web application for the Raspberry Pi that accesses I/O using Flask and Python.
This document provides information about accessing and parsing web data using Python and BeautifulSoup. It discusses setting up a development environment on a Raspberry Pi with Python, Flask, and BeautifulSoup installed. It covers retrieving HTML data using urllib and parsing it using BeautifulSoup to extract tags and attributes. Common issues like HTTP errors and missing tags are addressed. Exercises demonstrate getting title data from a URL and extracting tags by class attribute.
This document outlines a 4-day Python Programming class taught by Paul Yang in 2016. The agenda covers basic Python on day 1, advanced Python on day 2, web scraping with Python on day 3, and web application development with Python on day 4. Day 1 of the class focuses on introducing Python, setting up the development environment, and covering basic Python concepts like data types, control flow, functions, and I/O. The class is intended to help students understand the history and features of Python, install Anaconda for package management, and get familiar with common data types, functions, and programming constructs in Python.
The document discusses various Python programming concepts including generator functions, list comprehensions, list processing features, and performance analysis using tools like timeit and memory_profiler. It provides examples of generator functions that produce sequences iteratively using yield instead of returning a list, and explores list comprehensions as a more concise way to create lists from expressions compared to traditional for loops. The document also demonstrates measuring the time and memory usage of functions to analyze performance differences between approaches.
The document provides an agenda for a hands-on training on RHEL5 Xen virtualization technology. It discusses key concepts of virtualization including types of Xen virtualization, performance, and supporting status in RHEL5. Labs cover installing guest systems via paravirtualization and full virtualization, configuring networks, and known issues workarounds. The training aims to introduce virtualization technology, the RHEL5 implementation, and provide hands-on experience through guided labs.
This document provides an overview and instructions for validating the Intel AT-d platform on Intel vPro systems. It describes the hardware and firmware prerequisites, how to enable AT-d in the BIOS and Management Engine, and how to perform validation tests. The validation process includes checking AT-d hardware and software straps, enabling AT-d, and verifying BIOS compliance. It also outlines the steps for assigning an administrator, managing users, and configuring devices for encryption with AT-d.
HP Performance Tracking is a set of tools used by HP to measure the performance of PCs against HP set limits. The tools are based on the Microsoft Windows Assessment Kit and concentrate on power up/down measurements. HP Performance Tracking includes a customized HP client, a SharePoint site for uploading results, a SQL database to store results, and a viewer to view and analyze the results. The client collects additional HP-specific data and measures performance against HP limits to identify failures. Results are uploaded to SharePoint and transferred nightly to the SQL database for analysis in the viewer.
The custom HP Perftrack client allows HP to:
- Include custom color coded HP performance limits to control when a service incident should be written.
- Zip up results for consistent reporting instead of screen captures, and capture additional system information.
- Add additional tests beyond what the Microsoft Assessment Kit includes, such as first logon command time.
- HP Perftrack uses the same underlying tests as the ADK but with a smaller footprint and customized tests and limits.
The document provides instructions for analyzing performance issues using the Windows Assessment and Deployment Kit (ADK). It outlines the process for setting up and running ADK tests, managing results, and debugging issues. Key steps include installing the Windows Assessment Console (WAC) to view XML results files and launch the Windows Performance Analyzer (WPA) to analyze detail trace files to identify causes of performance problems like prolonged fast boot shutdown times.
A Special-Purpose Peer-to-Peer File Sharing System for Mobile ad Hoc Networks...Paul Yang
1) The document describes ORION, a peer-to-peer file sharing system designed for mobile ad hoc networks. ORION uses an overlay network constructed on-demand to efficiently route search queries and file transfers.
2) ORION maintains routing tables to track responses to queries and paths for file transfers. It uses link layer feedback to detect and route around failures during transfers.
3) Simulation results show ORION significantly outperforms off-the-shelf P2P systems in search accuracy and reliability of file transfers in mobile ad hoc networks.
A brief study on bottlenecks to Intel vs. Acer v0.1.pdfPaul Yang
This document discusses potential bottlenecks in the relationship between Intel and Acer from both companies' perspectives. It outlines identifying problems, determining causes, potential options for mitigating issues, verifying effectiveness of options, and developing an action plan. Specifically, it examines messy distribution channels, endless price bargaining, and declining support from Intel partners. More data is needed to fully understand organizational changes, strategies, requirements, and value propositions from both sides.
This document discusses opportunities for Arm in data center and edge computing infrastructure. It outlines Arm's growing footprint in servers through partners like AWS, Ampere, Marvell, and provides an overview of the Neoverse roadmap. It also discusses how Arm can address markets like smartNICs and uCPE through integrated solutions with better performance and cost than x86.
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdfPaul Yang
The purpose of this technical talk with the demo is to show ODMs, OEMs, and ISVs how to leverage SystemReady Lab, showcase the use-case based on the virtualization platform for the edge, and deploy open-source tools that set up ODMs to develop their Arm platforms.
Routing Security and Authentication Mechanism for Mobile Ad Hoc NetworksPaul Yang
The document proposes a two-tier authentication mechanism for routing security in mobile ad hoc networks (MANETs). The first tier, called cluster authentication, uses message authentication codes and hash functions to verify if a node belongs to the same group and prevent external attacks. The second tier, called individual authentication, applies secret sharing to authenticate the identity of specific nodes and prevent internal attacks. Together, the two-tier mechanism provides security against both external and internal threats with reasonable computational complexity and bandwidth usage for MANETs.
English teaching in icebreaker and grammar analysisPaul Yang
The document discusses grammar analysis and ice breaker series. It provides an overview of the ice breaker series which aims to help students practice spoken English through scenario-based conversations. It also compares the present simple tense and present perfect tense through examples and explanations of when to use each. The differences between the past simple tense, past progressive tense, and past perfect tense are also outlined through examples to help understand them logically rather than through memorization.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
Project Management Semester Long Project - Acuityjpupo2018
Acuity is an innovative learning app designed to transform the way you engage with knowledge. Powered by AI technology, Acuity takes complex topics and distills them into concise, interactive summaries that are easy to read & understand. Whether you're exploring the depths of quantum mechanics or seeking insight into historical events, Acuity provides the key information you need without the burden of lengthy texts.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxSitimaJohn
Ocean Lotus cyber threat actors represent a sophisticated, persistent, and politically motivated group that poses a significant risk to organizations and individuals in the Southeast Asian region. Their continuous evolution and adaptability underscore the need for robust cybersecurity measures and international cooperation to identify and mitigate the threats posed by such advanced persistent threat groups.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Webinar: Designing a schema for a Data WarehouseFederico Razzoli
Are you new to data warehouses (DWH)? Do you need to check whether your data warehouse follows the best practices for a good design? In both cases, this webinar is for you.
A data warehouse is a central relational database that contains all measurements about a business or an organisation. This data comes from a variety of heterogeneous data sources, which includes databases of any type that back the applications used by the company, data files exported by some applications, or APIs provided by internal or external services.
But designing a data warehouse correctly is a hard task, which requires gathering information about the business processes that need to be analysed in the first place. These processes must be translated into so-called star schemas, which means, denormalised databases where each table represents a dimension or facts.
We will discuss these topics:
- How to gather information about a business;
- Understanding dictionaries and how to identify business entities;
- Dimensions and facts;
- Setting a table granularity;
- Types of facts;
- Types of dimensions;
- Snowflakes and how to avoid them;
- Expanding existing dimensions and facts.
2. Course Objectives:
• Bring up your awareness of security
• Give you an idea to secure your electronic
life
3. Agenda
• Security Everywhere
• How to secure our E-life
• Digital Fingerprint (Hash, Digest, Measure)
• Digital Signature
• Digital Certificate with PKI
5. 4 Factors of Security
Authentication
Integrity
Non-
repudiation
Privacy Nobody Can Know
Who I Am
It’s Unmodifiable
It’s Undeniable
6. Security Everywhere
Real life: Sealing wax in Middle Ages
Q1. How to prevent someone from tamperingQ1. How to prevent someone from tampering
your letteryour letter ??
Q1. How to prevent someone from tamperingQ1. How to prevent someone from tampering
your letteryour letter ??
10. Security Everywhere
Challenges
• How to prove the card is forged or not?
How does bank authenticate your identity?
How to protect my data won’t be intercepted by bad
guy during data transmission?
How can merchant prevent customer from denying
his/her order?
How can I trust the merchant is not bad guy?
11. Are They Still the Original Data ?
• When you receive files from your friend
– Picture files
– MP3 files
– Video files
– Many others type of files….
• When you download Files from Web
– Utility
– Driver
– Patch
– Picture/music/video.. filesHow Do you Know They Are Original
- No lost, Not Been Hacked, No Virus…..
12. Fingerprint for Any Digital Data
• What is Human Fingerprint ?
– a unique identification to a
person
– Small but can represent a
person, like a digest
• Is it a way for any digital data?
• a program, a letter, or…
• one byte…. one gigabyte, or …..
Is It Possible ?
Digital Data Just Like Human ?
13. Yes, We Can !
Message Digest
Variable-length input message to aVariable-length input message to a
fixed-lengthfixed-length
Human Fingerprint
Virtual uniqueness
Measurement
Detection ofDetection of genuinenessgenuineness
Digital fingerprint
a logic process which will
result in a fixed length
unique data value
If there is any single bit
change in the original
data, the result will
change dramatically, so
you’ll notice the change
easily
For example: using MD5
Hash algorithm will always
result in xxx bit data value
15. Fingerprint HOWTOInput Fingerprint
I love you
Fingerprint
MD5
e4f58a805a6e1fd0f6bef58c86f9ceb3
Demo: PsPad editor
MD5
I love yoU
Fingerprint
MD5
8bbe24876210671597572bf075412311
Photo1.jpg
Fingerprint
MD5
8cd5c5a2ab5eea7c649fa0994885fb44
Modified Photo1.jpg
Fingerprint
MD5
dfaa08438c77f924717f6dcac756530f
17. Hash Function
Ex: Downloading the file (Integrity)
Demo – 1 , 2
Problem: The SW I download can’t be opened! Any way to know
if the file is not modified during network transmission?
Problem: The SW I download can’t be opened! Any way to know
if the file is not modified during network transmission?
18. Hash Function
Ex: User authentication in OS or ATM
machineProblem:
can I protect my password during user authentication?
can I shadow my password in OS to prevent someone from stealing it
Problem:
can I protect my password during user authentication?
can I shadow my password in OS to prevent someone from stealing it
Client
Server
Fingerprint Function
ID: PaulID: Paul
Password: ILoveYouPassword: ILoveYou
Login requestLogin request
Account: PaulAccount: Paul
Password:Password: +!3420$
User DB
ID Password
Paul +!3420$
Stephen ss-3&6#
Jack l*^$23w
Account: PaulAccount: Paul
Password:Password: +!3420$
User
Authentication
User
Authentication
Login
successful
Login
successful
Login
successful
Login
successful
19. Are you sure where they come
from?• When you receive files from your friend
– Picture files
– MP3 files
– Video files
– Many others type of files….
• When you download Files from Web
– Utility
– Driver
– Patch
– Picture/music/video.. files
How can you know where they come
from?
20. Context (Plaint Text)
Digital signature
Sign
Yes, We Can ! Digital Signatures
A Electronic document to provide Authentication, Integrity
and Non-repudiation but NOT Privacy
Verify
Sender ReceiverSender
21. How Signature Works?
You must understand “What is key?” first
Encryption DecryptionPlaintext Plaintext
Cipher text
Key Key
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
22. Quiz?
Problem:
I’ve got to remember many passwords for
•My Computer Login
•My ATM PIN
•My Internet Bank
•My Mobile Phone SIM
•My mailbox and MSN
•More…….
Question:
Do you know someplace or someway in which you can secure your
passwords and can check them out easily?
23. Let’s Practice!Answer:
• Assuming they are four digit numbers (xxxx)
• Write them down in a paper
• Pick up a set of 4 digital number and keep it in your mind, ex. 1234
• Make simple mathematics (Addition +)
Ex. Computer Login: 7622 + 1234 = 8856
ATM PIN: 1285 + 1234 = 2519
Internet Bank: 2247 + 1234 = 3481
• Put them in somewhere you like, (laptop or wallet)
• When you need them, just make simple subtraction (-)
Ex. Computer Login: 8856 - 1234 = 7622
ATM PIN: 2519 - 1234 = 1285
• Even if someone steals your wallet, no one can use those number to
unlock your account.
• Which is the plaint text?
• Which is the cipher text?
• Which is the encryption?
• Which is the decryption?
• Which is the KEY?
• Which is the plaint text?
• Which is the cipher text?
• Which is the encryption?
• Which is the decryption?
• Which is the KEY?
Encryption DecryptionPlaintext Plaintext
Cipher text
Key Key
Encryption is still difficult?
7622 (Login)
8856
(+) addition
(-) Subtraction
1234
24. Public-Private Key Encryption
• Involves 2 distinct keys – Public, Private.
• The private key is kept secret and never be divulged
• The public key is not secret and can be freely distributed,
shared with anyone.
• It is also called “asymmetric cryptography”.
• Two keys are mathematically related, it is infeasible to derive
the private key from the public key.
Encryption DecryptionPlaintext Plaintext
Ciphertext
Public Key Private Key
Use Public key to encrypt and Private
Key to decrypt!
25. Hello, Mary
Wanna go out for dinner?
PaulPaul MaryMary
encrypt using Mpublic decrypt using Mprivate
OK, Paul
Fridays or Ruby Tuesday ?
PaulPaul MaryMary
decrypt using Pprivate encrypt using Ppublic
26. Each individual generates his own key pair
[Public key known to everyone & Private key only to the owner]
Private Key – Used for Signing the document
Public Key – Used for Verifying the signed document
Digital Signatures HOWTO
Use Private key to encrypt (sign) Public
Key to decrypt (verify) !!!
28. Agenda
• Security Everywhere
• How to secure our E-life
• Hash function (Digest, Figure print)
• Digital Signature
• Digital Certificate with PKI
• VPro Security World
29. Digital Certificates
• Why we use driver license and ID card?
• Digital Certificate much likes a physical
passport
• A data with digital signature from one trusted
Certification Authority (CA).
• This data contains:
– Who owns this certificate
– Who signed this certificate
– The expired date
– User name & email address
CERTIFICATE
IssuerIssuer
SubjectSubject
IssuerIssuer
DigitalDigital
SignatureSignature
Subject Public KeySubject Public Key
30. Elements of Digital Cert.• A Digital ID typically contains the following information:
– Your public key, Your name and email address
– Expiration date of the public key, Name of the CA who issued
your Digital ID
31. Public Key Infrastructure (PKI)
• A Public Key Infrastructure is an
Infrastructure to support and manage Public
Key-based Digital Certificates
• There are 4 major parts in PKI.
– Certification Authority (CA)
– A directory Service
– Services, Banks, Web servers
– Business Users
32. Certification Authority (CA)
• A trusted agent who certifies public keys (certificate) for
general use (Corporation or Bank).
– User has to decide which CAs can be trusted.
• CA provider:
• Comodo
• DigiCert
• Trustwave
• TURKTRUST
• VeriSign
More ….
34. Demonstration…
• Digital Signature & Certificate
– Generate Message Digest [SHA1] OpenSSL [Option]
– Encrypting Digest using Private Key [Signatures] OpenSSL [Option]
– Verification of Signatures OpenSSL [Option]
– Apply your email certificate
– Outlook 2003 case [Multipurpose Internet Mail Extensions MIME]
35. Security Everywhere
Recap: Challenges
• How to prove the card is forged or not?
How Server authenticate your identity?How Server authenticate your identity?
How you transmit your sensitive data ?How you transmit your sensitive data ?
How to protect my data won’t be intercepted byHow to protect my data won’t be intercepted by
bad guy?bad guy?
How can merchant avoid customer repudiateHow can merchant avoid customer repudiate
his/her order?his/her order?
How can I trust the merchant is not bad guy?How can I trust the merchant is not bad guy?
What’s SSL 128? Is it able to protect my data?What’s SSL 128? Is it able to protect my data?
Digital Fingerprint (Digest, Hash, & Measure)Digital Fingerprint (Digest, Hash, & Measure)
Digital signature (SignDigital signature (Signinging))
Encryption (Public Key, Secret Key)Encryption (Public Key, Secret Key)
Digital Certificate (PKI)Digital Certificate (PKI)
HOWTO Solve ?HOWTO Solve ?
39. Security Everywhere
E-life: E-commerce
Q1. How to protect my data won’t be interceptedQ1. How to protect my data won’t be intercepted
by Bad guy?by Bad guy?
Q1. How to protect my data won’t be interceptedQ1. How to protect my data won’t be intercepted
by Bad guy?by Bad guy?
Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?Q2. How can I trust merchant is not bad guy?
Q3. How can merchant avoid customer repudiateQ3. How can merchant avoid customer repudiate
his/her order?his/her order?
Q3. How can merchant avoid customer repudiateQ3. How can merchant avoid customer repudiate
his/her order?his/her order?
40. Security Everywhere
E-life: E-commerce
httpshttps
SSL 128SSL 128
Credit card infoCredit card info
Q1. What’s SSL 128bit ?Q1. What’s SSL 128bit ?
Q2. Why / How can it protect my credit info?Q2. Why / How can it protect my credit info?
Q1. What’s SSL 128bit ?Q1. What’s SSL 128bit ?
Q2. Why / How can it protect my credit info?Q2. Why / How can it protect my credit info?
41. Security Everywhere
Storing the password in OS, ATM machine
Problem:
can I shadow my password in OS to prevent someone from stealing it
can I protect my password during user authentication?
roblem:
can I shadow my password in OS to prevent someone from stealing it
can I protect my password during user authentication?
Plaintext
42. Key length
• It is the number of bits (bytes) in the key.
• A 2-bit key has four values
– 00, 01, 10, 11 in its key space
• A key of length “n” has a key space of 2^n distinct values.
• E.g. the key is 128 bits
– 101010101010….10010101111111
– There are 2^128 combinations
– 340 282 366 920 938 463 463 374 607 431 768 211 456
43. How difficult to crack a key?
Key
Length
Individual
Attacker
Small
Group
Academic
Network
Large Company Military Inteligence
Agency
40 Weeks Days Hours Milliseconds Microseconds
56 Centuries Decades Years Hours Seconds
64 Millennia Centuries Decades Days Minutes
80 Infeasible Infeasible Infeasible Centuries Centuries
128 Infeasible Infeasible Infeasible Infeasible Millennia
Attacker Computer Resources Keys /
Second
Individual attacker One high-performance desktop machine & Software 2^17 – 2^24
Small group 16 high-end machines & Software 2^21 – 2^24
Academic Network 256 high-end machines & Software 2^25 – 2^28
Large company $1,000,000 hardware budget 2^43
Military Intelligence
agency
$1,000,000 hardware budget + advanced technology 2^55
44. Secret-key Encryption
• Use a secret key to encrypt a message into
ciphertext.
• In AMT provision, we call it Pre-Shared Key (PSK)
• Use the same key to decrypt the ciphertext to the
original message.
• Also called “Symmetric cryptography”.
Encryption DecryptionPlaintext Plaintext
Ciphertext
Secret Key Secret Key
45. Secret-Key algorithms
Algorithm Name Key Length
(bits)
Blowfish Up to 448
DES 56
IDEA 128
RC2 Up to 2048
RC4 Up to 2048
RC5 Up to 2048
Triple DES 192
References:
Blowfish
DES
IDEA
RC2
RC4
RC5
DES-3
46. Digital CertificateDigital Certificate
• How are Digital Certificates Issued?How are Digital Certificates Issued?
• Who is issuing them?Who is issuing them?
• Why should I Trust the Certificate Issuer?Why should I Trust the Certificate Issuer?
• How can I check if a Certificate is valid?How can I check if a Certificate is valid?
• How can I revoke a Certificate?How can I revoke a Certificate?
• Who is revoking Certificates?Who is revoking Certificates?
ProblemsProblems
Moving towards PKI …Moving towards PKI …
47. Public Key Algorithms
Algorithm Name Key Length (bits)
DSA Up to 448
El Gamal 56
RSA 128
Diffie-Hellman Up to 2048
References:
DSA
El Gamal
RSA
Diffie-Hellman
50. OK, Paul
Fridays or Ruby Tuesday ?
PaulPaul MaryMary
decrypt using Pprivate encrypt using Ppublic
51. Security Everywhere
Our life: Passport
Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?Q1. How to know it’s a official passport?
Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?Q2. How to prove the passport belongs to you?
53. Hash Function
Ex: Storing the password in OS, ATM machine
Client
Server
Hash Function
ID: PaulID: Paul
Password: ILoveYouPassword: ILoveYou
Login requestLogin request
Account: PaulAccount: Paul
Password:Password: +!3420$
User DB
ID Password
Paul +!3420$
Stephen ss-3&6#
Wang l*^$23w
Account: PaulAccount: Paul
Password:Password: +!3420$
User
Authentication
User
Authentication
Login
successful
Login
successful
Login
successful
Login
successful
54. How Signature Works?
You must understand “What is key?” first
Encryption DecryptionPlaintext Plaintext
Cipher text
Key Key
The length of the key reflects the difficulty to
decrypt from the encrypted message
The length of the key reflects the difficulty to
decrypt from the encrypted message
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
Variable value used by cryptographic to produce
encrypted text, or decrypt encrypted text
Why I said Security is everywhere … . We firstly check our physical realm out …
講到 security , 必然一定要提到 其 4 大特性 還有程度的差異 The transmitted message must make sense to only the intended receiver -- Privacy Receiver needs to be sure of the sender’s identity – Authentication Data must arrive at the receiver exactly as they were sent – Integrity Receiver must prove that a received message came from a specific sender -- Non-repudiation
小組成員調查神秘與不尋常的死因,以判定是誰以及如何殺了他們。成員們也會解決一些其他的重罪,例如強姦罪的採證,但這個系列影集的主題仍以謀殺案件為主。 Criminalistics is the application of various sciences to answer questions relating to examination and comparison of biological evidence , trace evidence , impression evidence (such as fingerprints , footwear impressions, and tire tracks), controlled substances , ballistics , firearm and toolmark examination, and other evidence in criminal investigations. Typically, evidence is processed in a crime lab . Digital forensics is the application of proven scientific methods and techniques in order to recover data from electronic / digital media. DF specialists work in the field as well as in the lab. Forensic anthropology is the application of physical anthropology in a legal setting, usually for the recovery and identification of skeletonized human remains. Forensic archaeology is the application of a combination of archaeological techniques and forensic science, typically in law enforcement. Forensic DNA analysis takes advantage of the uniqueness of an individual's DNA to answer forensic questions such as determining paternity/maternity or placing a suspect at a crime scene. Forensic entomology deals with the examination of insects in, on, and around human remains to assist in determination of time or location of death. It is also possible to determine if the body was moved after death. Forensic geology deals with trace evidence in the form of soils, minerals and petroleums. Forensic interviewing is a method of communicating designed to elicit information and evidence. Forensic meteorology is a site specific analysis of past weather conditions for a point of loss. Forensic odontology is the study of the uniqueness of dentition better known as the study of teeth. Forensic pathology is a field in which the principles of medicine and pathology are applied to determine a cause of death or injury in the context of a legal inquiry. Forensic psychology is the study of the mind of an individual, using forensic methods. Usually it determines the circumstances behind a criminal's behavior. Forensic toxicology is the study of the effect of drugs and poisons on/in the human body. Forensic document examination or questioned document examination answers questions about a disputed document using a variety of scientific processes and methods. Many examinations involve a comparison of the questioned document, or components of the document, to a set of known standards. The most common type of examination involves handwriting wherein the examiner tries to address concerns about potential authorship. Veterinary Forensics is forensics applied to crimes involving animals. Association of Firearm and Tool Mark Examiners Ballistic fingerprinting Computer forensics Crime Diplomatics (Forensic paleography) Forensic accounting Forensic animation Forensic anthropology Forensic chemistry Forensic engineering Forensic facial reconstruction Forensic identification Forensic materials engineering Forensic polymer engineering Forensic profiling Forensic psychology Questioned document examination Retrospective diagnosis Skid mark Trace evidence Profiling practices Testimony · Documentary Physical / Real · Digital Exculpatory · Scientific Demonstrative Eyewitness identification Genetic (DNA) · Lies
Digital signing ensures that data originates from a specific party by creating a digital signature that is unique to that party. This process also uses hash functions. Put simply, digital signatures combine hashing (for the validation of the signature data) with asymmetric encryption for encoding that signature data. The following occurs when data is signed with a digital signature: A hash algorithm is applied to the data to create a hash value. The hash value is encrypted with User A’s private key, thereby creating the digital signature. The digital signature and the data are sent to User B. The following occurs when digitally signed data is decrypted: User B decrypts the signature by using User A’s public key and then recovers the hash value. If the signature can be decrypted, User B knows that the data came from User A (or the owner of the private key). The hash algorithm is applied to the data to create a second hash value. The two hash values are compared. If the hash values match, User B knows that the data has not been modified.
In a public key environment, it is vital that you are assured that the public key to which you are encrypting data is in fact the public key of the intended recipient and not a forgery. You could simply encrypt only to those keys which have been physically handed to you. But suppose you need to exchange information with people you have never met; how can you tell that you have the correct key? Digital certificates, or certs, simplify the task of establishing whether a public key truly belongs to the purported owner. A certificate is a form of credential. Examples might be your driver's license, your social security card, or your birth certificate. Each of these has some information on it identifying you and some authorization stating that someone else has confirmed your identity. Some certificates, such as your passport, are important enough confirmation of your identity that you would not want to lose them, lest someone use them to impersonate you. A digital certificate is data that functions much like a physical certificate. A digital certificate is information included with a person's public key that helps others verify that a key is genuine or valid. Digital certificates are used to thwart attempts to substitute one person's key for another. A digital certificate consists of three things: A public key. Certificate information. ("Identity" information about the user, such as name, user ID, and so on.) One or more digital signatures. The purpose of the digital signature on a certificate is to state that the certificate information has been attested to by some other person or entity. The digital signature does not attest to the authenticity of the certificate as a whole; it vouches only that the signed identity information goes along with, or is bound to, the public key. Thus, a certificate is basically a public key with one or two forms of ID attached, plus a hearty stamp of approval from some other trusted individual.
VeriSign introduced the concept of classes of digital certificates: Class 1 for individuals, intended for email Class 2 for organizations, for which proof of identity is required Class 3 for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing certificate authority Class 4 for online business transactions between companies Class 5 for private organizations or governmental security