Information security
advertisement
Invitation to Computer Science th 5 Edition Chapter 8 Information Security Objectives In this chapter, you will learn about: • Threats and defenses • Encryption • Web transmission security Introduction • Information security – Keeping information secure • Security – Can be breached at many different points in the “virtual machine” Threats and Defenses • Authentication – Verifies who has the right to gain access to the computer • Hash function – Takes password the user originally chooses, chops it up, and stirs it around according to a given formula • Social engineering – Process of using people to get the information you want Authentication • Basic physical security principles – Maintain control of your laptop – Be sure no one peers over your shoulder in your office or on the airplane – Lock your office door when you leave Authorization • Governs what an authenticated user is allowed to do • User privileges – Read access (can read a particular file) – Write access (can modify a particular file) – Execute access (can run a particular program file) – Delete access (can delete a particular file) • System administrator – Has access to everything Threats from the Network • Malware – Malicious software • Virus – Computer program that infects a host computer and then spreads • Worm – Can send copies of itself to other nodes on a computer network without having to be carried by an infected host file Threats from the Network (continued) • Trojan horse – Computer program that, unbeknownst to the user, contains code that performs malicious attacks • Denial-of-service (DOS) attack – Typically directed at a business or government Web site – Automatically directs browsers on many machines to a single URL at roughly the same time Encryption • Cryptography – The science of “secret writing” • Encryption and decryption – Inverse operations • Symmetric encryption algorithm – Requires the use of a secret key known to both the sender and receiver • Asymmetric encryption algorithm – Key for encryption and decryption are quite different, but related Simple Encryption Algorithms • Caesar cipher (shift cipher) – Shifting each character in the message to another character some fixed distance farther along in the alphabet – Encodes one character at a time • Block cipher – Group or block of plaintext letters gets encoded into a block of ciphertext DES • DES (Data Encryption Standard) – Encryption algorithm developed by IBM in the 1970s for the U.S. National Bureau of Standards – A block cipher that is 64 bits long • DES algorithm – Every substitution, reduction, expansion, and permutation is determined by a well-known set of tables – The same algorithm serves as the decryption algorithm DES (continued) • Triple DES – Improves the security of DES – Requires two 56-bit keys – Runs the DES algorithm three times • AES (Advanced Encryption Standard) – Adopted for use by the U.S. government in 2001 – Based on the Rijndael algorithm Public Key Systems • RSA – Most common public key encryption algorithm – Based on results from the field of mathematics known as number theory • Prime number – Integer greater than 1 that can only be written as the product of itself and 1 Web Transmission Security • SSL (Secure Sockets Layer) – Method for achieving secure transfer of information on the Web • TLS (Transport Layer Security) protocol – First defined in 1999 – Based on SSL and is nearly identical to SSL – Nonproprietary – Supported by the Internet Engineering Task Force Summary • Information security – Keeping information secure • Threats from the network – Malware, viruses, worms, denialof-service attacks • Encryption algorithms – Caesar cipher, block cipher • RSA – Most common public key encryption algorithm
