ahmad abdelhafeez, profile picture
Uploaded byahmad abdelhafeez
PPTX, PDF22,015 views

Trusted systems

This document discusses trusted systems and the concept of a Trojan horse. It defines trusted systems as systems used to enhance security defenses against intruders and malware. It describes multilevel security as allowing multiple data classification levels, with mandatory access control enforcing that information does not flow to unauthorized users. The document also discusses how Trojan horses can provide unauthorized remote access if installed on a user's computer.

Embed presentation

Downloaded 518 times
111 Trusted Systems and Trojan Horse Done by : Hany Nasser Supervised by : PhD Nabil Hamdy
22 Trusted Systems  Systems used to enhance the ability to defend against intruders and malicious programs.  based on levels of security .
33 Multilevel Security  When multiple categories or levels of data are defined, the requirement is referred to as multilevel security.  Typically use Mandatory Access Control.  Primary Security Goal: Confidentiality (ensures that information do not flow to those not cleared for that level).
4 Security Goal of MLS  There are security classifications or security levels  Subjects have security clearances  Objects have security classifications  Example of security levels  Top Secret  Secret  Confidential  Unclassified  In this case Top Secret > Secret > Confidential > Unclassified
555 Data Access Control  Through the user access control procedure (log on), a user can be identified to the system.  Associated with each user, there can be a profile that specifies permissible operations and file accesses.  The operating system can enforce rules based on the user profile.
666 Data Access Control  General models of access control:  Access matrix  Access control list  Capability list
777 Data Access Control  Access Matrix: Basic elements of the model  Subject  Object  Access right
888 Data Access Control  Access Matrix
999 Data Access Control  Access Control List: Decomposition of the matrix by columns
101010 Data Access Control  Access Control List  For each object, An access control list lists users and their permitted access right.  The list may contain a default or public entry.
111111 Data Access Control  Capability list: Decomposition of the matrix by rows
121212 Data Access Control  Capability list  A capability ticket specifies authorized objects and operations for a user.  Each user have a number of tickets.  Capabilities are not forgeable.
131313 The Concept of Trusted Systems  Multilevel security  Definition of multiple categories or levels of data  A multilevel secure system must enforce:  No read up  No write down
141414 The Concept of Reference Monitor
151515 The Concept of Reference monitor  Reference Monitor  Controlling element in the hardware and operating system of a computer that regulates the access of subjects to objects on basis of security parameters  The monitor has access to a file (security kernel database)  The monitor enforces the security rules (no read up, no write down)
161616 The Concept of Reference Monitor  Properties of the Reference Monitor  Complete mediation  Isolation  Verifiability
1717 Trojan Horse  It is a type of malware (malicious software) designed to provide unauthorized, remote access to a user’s computer.  Trojan horses do not have the ability to replicate themselves like viruses.  With the help of Trojan, an user can get access to the Trojan horse infected computer and would be able to access the data.
1818 Types of Trojans  Command Shell Trojan  Email Trojan  Document Trojan  FTP Trojan
191919 Trojan Horse Defense
2020 Indications of Trojan Attack  Browser redirects to unknown pages.  Anti virus is disabled.  Strange pop ups or chat messages appear on the system.  The computer shuts down automatically.  Ctl+Alt+Del stops working.  Printer prints documents automatically.
2121 Examples of Trojan  Net bus  Sub seven  Y3K remote administration tool  Back Orifice  Beast  Zeus  The Black hole Exploit kit  Flashback Trojan
2222 How to avoid being infected ?  Do not surf or download anything from stranger website.  Do not open the unexpected attachments on emails.  We need an antivirus to protect our computer from being infected.
2323 References  Cryptography And Network Security, 4th Edition by William Stallings.  Computer Security, 2nd edition by Dieter Gollman.  Specifications of multi-level security research by Daryl McCullough.
24 Thank you

More Related Content

PPT
Cryptography and Network Security William Stallings Lawrie Brown
byInformation Security Awareness Group
 
PPTX
Classical Encryption Techniques
bySou Jana
 
PPT
Ch01
byn C
 
PPT
Authentication Protocols
byTrinity Dwarka
 
PPT
Digital signature schemes
byravik09783
 
PPTX
What is Asymmetric Encryption? Understand with Simple Examples
byCheapSSLsecurity
 
PPTX
Information and network security 13 playfair cipher
byVaibhav Khanna
 
PPT
Classical Encryption Techniques
byuniversity of education,Lahore
 
Cryptography and Network Security William Stallings Lawrie Brown
byInformation Security Awareness Group
 
Classical Encryption Techniques
bySou Jana
 
Ch01
byn C
 
Authentication Protocols
byTrinity Dwarka
 
Digital signature schemes
byravik09783
 
What is Asymmetric Encryption? Understand with Simple Examples
byCheapSSLsecurity
 
Information and network security 13 playfair cipher
byVaibhav Khanna
 
Classical Encryption Techniques
byuniversity of education,Lahore
 

What's hot

PPT
Message authentication
byCAS
 
PPT
Block Cipher and its Design Principles
bySHUBHA CHATURVEDI
 
PPTX
Secure Hash Algorithm (SHA-512)
byDUET
 
PPTX
Keymanagement of ipsec
byPACHIYAPPAN PACHIYAPPAS
 
PPT
X.509 Certificates
bySou Jana
 
PDF
Network security - OSI Security Architecture
byBharathiKrishna6
 
PPTX
MAC-Message Authentication Codes
byDarshanPatil82
 
PPT
key distribution in network security
bybabak danyal
 
PPTX
Database security
byBirju Tank
 
PPTX
Firewall Design and Implementation
byajeet singh
 
PPTX
Block cipher modes of operation
byharshit chavda
 
PDF
Information Security Lecture Notes
byFellowBuddy.com
 
PPTX
Kerberos : An Authentication Application
byVidulatiwari
 
PDF
IP Security
byDr.Florence Dayana
 
PPT
Secure Socket Layer
byNaveen Kumar
 
PPT
Distributed document based system
byChetan Selukar
 
PPT
Email security
byIndrajit Sreemany
 
PPTX
Rc4
byAmjad Rehman
 
PPTX
Public Key Cryptosystem
byDevakumar Kp
 
PPTX
Osi security architecture in network.pptx
byVinzoCenzo
 
Message authentication
byCAS
 
Block Cipher and its Design Principles
bySHUBHA CHATURVEDI
 
Secure Hash Algorithm (SHA-512)
byDUET
 
Keymanagement of ipsec
byPACHIYAPPAN PACHIYAPPAS
 
X.509 Certificates
bySou Jana
 
Network security - OSI Security Architecture
byBharathiKrishna6
 
MAC-Message Authentication Codes
byDarshanPatil82
 
key distribution in network security
bybabak danyal
 
Database security
byBirju Tank
 
Firewall Design and Implementation
byajeet singh
 
Block cipher modes of operation
byharshit chavda
 
Information Security Lecture Notes
byFellowBuddy.com
 
Kerberos : An Authentication Application
byVidulatiwari
 
IP Security
byDr.Florence Dayana
 
Secure Socket Layer
byNaveen Kumar
 
Distributed document based system
byChetan Selukar
 
Email security
byIndrajit Sreemany
 
Rc4
byAmjad Rehman
 
Public Key Cryptosystem
byDevakumar Kp
 
Osi security architecture in network.pptx
byVinzoCenzo
 

Viewers also liked

PPTX
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
byGopal Sakarkar
 
PPT
E-mail Security in Network Security NS5
bykoolkampus
 
PDF
KNIME tutorial
byGeorge Papadatos
 
PPT
Arp and rarp
byMohd Arif
 
PPT
Bootp and dhcp
byMohd Arif
 
PDF
V5I3_IJERTV5IS031157
byahmad abdelhafeez
 
PPTX
Email security - Netwroking
bySalman Memon
 
PPT
Cyber crime and forensic
bySANTANU KUMAR DAS
 
PDF
Smart Card Security
byPrav_Kalyan
 
PPTX
Cybercrime investigation
byProf. (Dr.) Tabrez Ahmad
 
PPT
Email Security and Awareness
bySanjiv Arora
 
PPTX
Smart card system ppt
byDewanshu Haswani
 
PPTX
Email Security Presentation
byYosef Gamble
 
PDF
Secure electronic transaction (set)
byAgnė Chomentauskaitė
 
PPTX
S/MIME & E-mail Security (Network Security)
byPrafull Johri
 
PPT
Computer +forensics
byRahul Baghla
 
PPT
Smart card
bySantosh Khadsare
 
PPTX
Computer Virus powerpoint presentation
byshohrabkhan
 
PPT
Network management
byMohd Arif
 
PPTX
Computer forensics ppt
byNikhil Mashruwala
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
byGopal Sakarkar
 
E-mail Security in Network Security NS5
bykoolkampus
 
KNIME tutorial
byGeorge Papadatos
 
Arp and rarp
byMohd Arif
 
Bootp and dhcp
byMohd Arif
 
V5I3_IJERTV5IS031157
byahmad abdelhafeez
 
Email security - Netwroking
bySalman Memon
 
Cyber crime and forensic
bySANTANU KUMAR DAS
 
Smart Card Security
byPrav_Kalyan
 
Cybercrime investigation
byProf. (Dr.) Tabrez Ahmad
 
Email Security and Awareness
bySanjiv Arora
 
Smart card system ppt
byDewanshu Haswani
 
Email Security Presentation
byYosef Gamble
 
Secure electronic transaction (set)
byAgnė Chomentauskaitė
 
S/MIME & E-mail Security (Network Security)
byPrafull Johri
 
Computer +forensics
byRahul Baghla
 
Smart card
bySantosh Khadsare
 
Computer Virus powerpoint presentation
byshohrabkhan
 
Network management
byMohd Arif
 
Computer forensics ppt
byNikhil Mashruwala
 

Similar to Trusted systems

PPTX
Security & protection in operating system
byAbou Bakr Ashraf
 
PPT
3 securityarchitectureandmodels-120331064706-phpapp01
bywardell henley
 
PDF
ch15.pdf
bySami Mughal
 
PDF
Dieter_Gollmann_Wiley_Computer_Security.pdf
by238Tanisha
 
PPT
Week 13, Protection and Security.ppt
byPriyadarshiSharma7
 
PPT
Information system securit lecture 1y .ppt
byranjan317165
 
PPT
Security Policies
byphanleson
 
PPTX
Trusted systems1
bySumita Das
 
PPT
ch10.asd adas a asdasdasda asdasd adasdas d
bySajjadRizvi16
 
PPT
Security Architecture
byamiable_indian
 
PPTX
Security Environment, Design Principles Of Security
byankitashah871482
 
PPTX
securityandprotection Design Principles Of Security
byankitashah871482
 
PPTX
Security & threats Presentation => (Presenter: Komal Mehfooz)
byKomal Mehfooz
 
PPT
3. security architecture and models
by7wounders
 
PDF
Ch14 security
byWelly Dian Astika
 
PDF
3. Security Engineering
bySam Bowne
 
PDF
3. Security Engineering
bySam Bowne
 
PPTX
23 network security threats pkg
byUmang Gupta
 
PPTX
Security
byMunazza-Mah-Jabeen
 
PDF
Cybersecurity: Understanding Threats, Attacks, and Protective Measures in the...
byRiwaz Mahat
 
Security & protection in operating system
byAbou Bakr Ashraf
 
3 securityarchitectureandmodels-120331064706-phpapp01
bywardell henley
 
ch15.pdf
bySami Mughal
 
Dieter_Gollmann_Wiley_Computer_Security.pdf
by238Tanisha
 
Week 13, Protection and Security.ppt
byPriyadarshiSharma7
 
Information system securit lecture 1y .ppt
byranjan317165
 
Security Policies
byphanleson
 
Trusted systems1
bySumita Das
 
ch10.asd adas a asdasdasda asdasd adasdas d
bySajjadRizvi16
 
Security Architecture
byamiable_indian
 
Security Environment, Design Principles Of Security
byankitashah871482
 
securityandprotection Design Principles Of Security
byankitashah871482
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
byKomal Mehfooz
 
3. security architecture and models
by7wounders
 
Ch14 security
byWelly Dian Astika
 
3. Security Engineering
bySam Bowne
 
3. Security Engineering
bySam Bowne
 
23 network security threats pkg
byUmang Gupta
 
Security
byMunazza-Mah-Jabeen
 
Cybersecurity: Understanding Threats, Attacks, and Protective Measures in the...
byRiwaz Mahat
 

More from ahmad abdelhafeez

PPTX
Surveying cross layer protocols in ws ns
byahmad abdelhafeez
 
PDF
Service level management
byahmad abdelhafeez
 
PDF
Energy harvesting sensor nodes
byahmad abdelhafeez
 
DOC
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
byahmad abdelhafeez
 
PDF
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
byahmad abdelhafeez
 
PPTX
Energy conservation in wireless sensor networks
byahmad abdelhafeez
 
PPT
Localization in wsn
byahmad abdelhafeez
 
PPTX
Routing
byahmad abdelhafeez
 
PPTX
Wsn security issues
byahmad abdelhafeez
 
PPTX
opnet
byahmad abdelhafeez
 
PPTX
Wsn security issues
byahmad abdelhafeez
 
PPTX
Sdn pres v2-Software-defined networks
byahmad abdelhafeez
 
PPSX
Intrusion prevension
byahmad abdelhafeez
 
PPTX
Digital forensics ahmed emam
byahmad abdelhafeez
 
PDF
Digital forensics.abdallah
byahmad abdelhafeez
 
PPT
Cloud computing final show
byahmad abdelhafeez
 
PPT
Incident handling.final
byahmad abdelhafeez
 
PPTX
Malewareanalysis presentation
byahmad abdelhafeez
 
PPTX
pentration testing
byahmad abdelhafeez
 
PPTX
Automatic left ventricle segmentation
byahmad abdelhafeez
 
Surveying cross layer protocols in ws ns
byahmad abdelhafeez
 
Service level management
byahmad abdelhafeez
 
Energy harvesting sensor nodes
byahmad abdelhafeez
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
byahmad abdelhafeez
 
Robust Breast Cancer Diagnosis on Four Different Datasets Using Multi-Classif...
byahmad abdelhafeez
 
Energy conservation in wireless sensor networks
byahmad abdelhafeez
 
Localization in wsn
byahmad abdelhafeez
 
Routing
byahmad abdelhafeez
 
Wsn security issues
byahmad abdelhafeez
 
opnet
byahmad abdelhafeez
 
Wsn security issues
byahmad abdelhafeez
 
Sdn pres v2-Software-defined networks
byahmad abdelhafeez
 
Intrusion prevension
byahmad abdelhafeez
 
Digital forensics ahmed emam
byahmad abdelhafeez
 
Digital forensics.abdallah
byahmad abdelhafeez
 
Cloud computing final show
byahmad abdelhafeez
 
Incident handling.final
byahmad abdelhafeez
 
Malewareanalysis presentation
byahmad abdelhafeez
 
pentration testing
byahmad abdelhafeez
 
Automatic left ventricle segmentation
byahmad abdelhafeez
 

Recently uploaded

PPTX
Blockchain and cryptography Lecture Notes
bysanjanakumar34
 
PDF
ANPARA THERMAL POWER STATION[1] sangam.pdf
bysangamkumar993613
 
PPTX
Computer engineering for collage studen. pptx
byestradageric
 
PPTX
DevFest Seattle 2025 - AI Native Design Patterns.pptx
bySujata Sridharan
 
PPTX
Control Structures and Looping Basics Understanding Control Flow and Loops Co...
bySiamSharifAmi
 
PDF
k-means algorithm with numerical solution.pdf
bydeepalishinkar1
 
PPTX
TRANSPORTATION ENGINEERING Unit-5.2.pptx
byMood Naik
 
PPTX
2-Photoelectric effect, phenomena and its related concept.pptx
byadhidwih
 
PDF
Small Space Big Design - Amar DeXign Scape
byAmar Dexign scape
 
PPTX
Waste to Energy - G2 Ethanol.pptx to process
byGegaGrandeza1
 
PDF
IPE 105 - Engineering Materials Constitution of Alloys
byMominulIslam67
 
PDF
Grade 11 Quarter 3 Gravitational Potentional Energy
bybuannnbeatrice
 
PPTX
Generative AI Deep Dive: Architectures, Mechanics, and Future Applications
bygenz9514
 
PDF
Introduction to MySQL Spatial Features and Real-World Use Cases
byVissarion Fisikopoulos
 
PDF
Reinforced Earth Walls Notes .pdf
byPrasad Prabhu
 
PDF
Welcome to ISPR 2026 - 12th International Conference on Image and Signal Pro...
byieijjournal
 
PPTX
31.03.24 - 7.CURRICULUM & TEACHING - LEARNING PROCESS IMPLEMENTATION DETAILS....
byssuserb3d3fc
 
PPTX
Supercapacitor.pptx...............................
byTarikBouchala
 
PPTX
waste to energy deck v.3.pptx changing garbage to electricity
byGegaGrandeza1
 
PDF
PRIZ Academy - Thinking The Skill Everyone Forgot
byPRIZ Guru
 
Blockchain and cryptography Lecture Notes
bysanjanakumar34
 
ANPARA THERMAL POWER STATION[1] sangam.pdf
bysangamkumar993613
 
Computer engineering for collage studen. pptx
byestradageric
 
DevFest Seattle 2025 - AI Native Design Patterns.pptx
bySujata Sridharan
 
Control Structures and Looping Basics Understanding Control Flow and Loops Co...
bySiamSharifAmi
 
k-means algorithm with numerical solution.pdf
bydeepalishinkar1
 
TRANSPORTATION ENGINEERING Unit-5.2.pptx
byMood Naik
 
2-Photoelectric effect, phenomena and its related concept.pptx
byadhidwih
 
Small Space Big Design - Amar DeXign Scape
byAmar Dexign scape
 
Waste to Energy - G2 Ethanol.pptx to process
byGegaGrandeza1
 
IPE 105 - Engineering Materials Constitution of Alloys
byMominulIslam67
 
Grade 11 Quarter 3 Gravitational Potentional Energy
bybuannnbeatrice
 
Generative AI Deep Dive: Architectures, Mechanics, and Future Applications
bygenz9514
 
Introduction to MySQL Spatial Features and Real-World Use Cases
byVissarion Fisikopoulos
 
Reinforced Earth Walls Notes .pdf
byPrasad Prabhu
 
Welcome to ISPR 2026 - 12th International Conference on Image and Signal Pro...
byieijjournal
 
31.03.24 - 7.CURRICULUM & TEACHING - LEARNING PROCESS IMPLEMENTATION DETAILS....
byssuserb3d3fc
 
Supercapacitor.pptx...............................
byTarikBouchala
 
waste to energy deck v.3.pptx changing garbage to electricity
byGegaGrandeza1
 
PRIZ Academy - Thinking The Skill Everyone Forgot
byPRIZ Guru
 
In this document
Powered by AI

Introduction by Hany Nasser supervised by PhD Nabil Hamdy on trusted systems and Trojan horses.

Trusted systems enhance defense against intruders, based on security levels.

Describes multilevel security with Mandatory Access Control, focusing on data confidentiality and security classification (Top Secret, Secret, Confidential, Unclassified).

User identification via access control, with models including access matrix, access control list, and capability list, to specify user permissions and enforce security.

Multilevel secure systems must implement no read up and no write down, with the reference monitor enforcing security rules ensuring complete mediation and verifiability.

Trojan horses are malware for unauthorized access. Discusses types of Trojans, indications of attacks, and prevention measures to avoid infections.

References for further reading and concluding remarks.

Trusted systems

  • 1.
    111 Trusted Systems andTrojan Horse Done by : Hany Nasser Supervised by : PhD Nabil Hamdy
  • 2.
    22 Trusted Systems  Systemsused to enhance the ability to defend against intruders and malicious programs.  based on levels of security .
  • 3.
    33 Multilevel Security  Whenmultiple categories or levels of data are defined, the requirement is referred to as multilevel security.  Typically use Mandatory Access Control.  Primary Security Goal: Confidentiality (ensures that information do not flow to those not cleared for that level).
  • 4.
    4 Security Goal ofMLS  There are security classifications or security levels  Subjects have security clearances  Objects have security classifications  Example of security levels  Top Secret  Secret  Confidential  Unclassified  In this case Top Secret > Secret > Confidential > Unclassified
  • 5.
    555 Data Access Control Through the user access control procedure (log on), a user can be identified to the system.  Associated with each user, there can be a profile that specifies permissible operations and file accesses.  The operating system can enforce rules based on the user profile.
  • 6.
    666 Data Access Control General models of access control:  Access matrix  Access control list  Capability list
  • 7.
    777 Data Access Control Access Matrix: Basic elements of the model  Subject  Object  Access right
  • 8.
  • 9.
    999 Data Access Control Access Control List: Decomposition of the matrix by columns
  • 10.
    101010 Data Access Control Access Control List  For each object, An access control list lists users and their permitted access right.  The list may contain a default or public entry.
  • 11.
    111111 Data Access Control Capability list: Decomposition of the matrix by rows
  • 12.
    121212 Data Access Control Capability list  A capability ticket specifies authorized objects and operations for a user.  Each user have a number of tickets.  Capabilities are not forgeable.
  • 13.
    131313 The Concept of TrustedSystems  Multilevel security  Definition of multiple categories or levels of data  A multilevel secure system must enforce:  No read up  No write down
  • 14.
  • 15.
    151515 The Concept of Referencemonitor  Reference Monitor  Controlling element in the hardware and operating system of a computer that regulates the access of subjects to objects on basis of security parameters  The monitor has access to a file (security kernel database)  The monitor enforces the security rules (no read up, no write down)
  • 16.
    161616 The Concept of ReferenceMonitor  Properties of the Reference Monitor  Complete mediation  Isolation  Verifiability
  • 17.
    1717 Trojan Horse  Itis a type of malware (malicious software) designed to provide unauthorized, remote access to a user’s computer.  Trojan horses do not have the ability to replicate themselves like viruses.  With the help of Trojan, an user can get access to the Trojan horse infected computer and would be able to access the data.
  • 18.
    1818 Types of Trojans Command Shell Trojan  Email Trojan  Document Trojan  FTP Trojan
  • 19.
  • 20.
    2020 Indications of TrojanAttack  Browser redirects to unknown pages.  Anti virus is disabled.  Strange pop ups or chat messages appear on the system.  The computer shuts down automatically.  Ctl+Alt+Del stops working.  Printer prints documents automatically.
  • 21.
    2121 Examples of Trojan Net bus  Sub seven  Y3K remote administration tool  Back Orifice  Beast  Zeus  The Black hole Exploit kit  Flashback Trojan
  • 22.
    2222 How to avoidbeing infected ?  Do not surf or download anything from stranger website.  Do not open the unexpected attachments on emails.  We need an antivirus to protect our computer from being infected.
  • 23.
    2323 References  Cryptography AndNetwork Security, 4th Edition by William Stallings.  Computer Security, 2nd edition by Dieter Gollman.  Specifications of multi-level security research by Daryl McCullough.
  • 24.

Editor's Notes

  • #5  Goal is to be able to check computer systems so that they can securely process classified information.