computer security intro
play

Computer Security: Intro B. Jacobs Institute for Computing and - PowerPoint PPT Presentation

Jun 13, 2023 •116 likes •633 views

Organisation Introduction Radboud University Nijmegen A security protocol example Computer Security: Intro B. Jacobs Institute for Computing and Information Sciences Digital Security Radboud University Nijmegen Version: fall 2015 B.

  1. Organisation Introduction Radboud University Nijmegen A security protocol example Computer Security: Intro B. Jacobs Institute for Computing and Information Sciences – Digital Security Radboud University Nijmegen Version: fall 2015 B. Jacobs Version: fall 2015 Computer Security 1 / 53

  2. Organisation Introduction Radboud University Nijmegen A security protocol example Outline Organisation Introduction A security protocol example B. Jacobs Version: fall 2015 Computer Security 2 / 53

  3. Organisation Introduction Radboud University Nijmegen A security protocol example About this course I Lectures • Weekly, 2 hours, Tuesday morning (8h45) • Lectures are based on own slides • Updated version, slightly different from previous years • Lots of background information available on the web (esp. wikipedia) • Do use such additional sources! • Certainly if you do not fully understand things • Up-to-date info (bookmark; accessible via my webpage) at: ru.nl/ds/education/courses/security_2015 • Slides will appear there B. Jacobs Version: fall 2015 Computer Security 4 / 53

  4. Organisation Introduction Radboud University Nijmegen A security protocol example About this course II Attitude • Presence at the lectures is not compulsory . . . • but active attitude expected, when present • Phones/laptops shut down • Politeness is highly appreciated! • Asking questions: • about the exercises: talk to your course assistant • about the course: best to see me during the break • think/check before you send me email! • The audience is large; chatting is annoying to everyone else • Exception: jokes are OK, but only if they are extremely funny B. Jacobs Version: fall 2015 Computer Security 5 / 53

  5. Organisation Introduction Radboud University Nijmegen A security protocol example About this course III Exercises • Compulsory, make up ten percent of final mark • Also weekly exercise meetings, on Thursdays (15:45) • Answers, for old exercises • Questions, for new ones • 3 staff members: Gergely Alp´ ar, Joost Rijneveld, Brinda Hampiholi , and 2 students: Koen van Ingen, Rick Erkens • You may work in (stable) pairs, and also alone • if this is not the first time you do this course, you have to work alone! • it will be sent by email in which group you are B. Jacobs Version: fall 2015 Computer Security 6 / 53

  6. Organisation Introduction Radboud University Nijmegen A security protocol example About this course IV Exercises • Schedule: • New exercise on the web on Wednesday morning, say in week n • You can try them yourself immediately and ask advice on Thursday afternoon in week n • You can ask final questions, again on Thursday in week n + 1 • You have to hand-in, via Blackboard, before Thursday 24h00 sharp, in week n + 1; late submissions will not be accepted • Exercises URL on lectures page, with further instructions • The first set of exercises appears Wednesday 9 sept. B. Jacobs Version: fall 2015 Computer Security 7 / 53

  7. Organisation Introduction Radboud University Nijmegen A security protocol example About this course V Examination • Final mark is weighted sum of: • average of markings of exercises • written exam (January) • (there is no mid-term exam for security) • Formula : final = 0.9 * exam + 0.1 * exercises • Re-exam of written exam in spring • only written exam can be done once again: mark for exercises remains • If you fail again, you must start all over next year (including re-doing new exercises) B. Jacobs Version: fall 2015 Computer Security 8 / 53

  8. Organisation Introduction Radboud University Nijmegen A security protocol example About this course VI Some special points • You can fail for this course! (I know, it’s extremely unfair) • 6ec means 6 × 28 = 168 hours in total • Let’s say 18 hours for exam • 150 hours for 15 weeks means: 10 hours per week! • Large, mixed audience: computer science, information science, pre-master, artificial intelligence, mathematics, . . . . . . • Requires some flexibility • but computer security is inherently multidisciplinary B. Jacobs Version: fall 2015 Computer Security 9 / 53

  9. Organisation Introduction Radboud University Nijmegen A security protocol example About this course VII How to pass this course . . . • Practice, practice, practice . . . Only in this way the course material can be internalised • You don’t learn to do it by just staring at the slides • or by letting your exercise partner do the work • Exam questions will be in line with (compulsory) exercises B. Jacobs Version: fall 2015 Computer Security 10 / 53

  10. Organisation Introduction Radboud University Nijmegen A security protocol example About this course VIII Experiences from earlier (mathematics) course, with similar marking (average of homework and exam): Study # students Homework Exam Final KI 16 8.1 6.5 7.1 IC 11 7.5 7.6 7.5 IK 5 6.9 7.1 6.8 Why were KI students doing so much worse at the exam? • They exchanged answers in a Facebook group • Who were they fooling? B. Jacobs Version: fall 2015 Computer Security 11 / 53

  11. Organisation Introduction Radboud University Nijmegen A security protocol example About this course IX Here is the deal : • We provide: careful explanations & examples, and individual feedback • You work for this course: regularly and diligently! • The topic is not really difficult, but you may have to get used to it, and work on each exercise yourself • everyone here should be able to pass. If you don’t go for the deal . . . • You create problems that you will have to solve yourself • Don’t forget about the bindend studie advies (BSA): in the first year you need to collect at least 39 ec out of 60! • In 2014/2015 about 63% in IC got a positive BSA! B. Jacobs Version: fall 2015 Computer Security 12 / 53

  12. Organisation Introduction Radboud University Nijmegen A security protocol example About this course X: gender issues (Source: Vox 6-10, nov. 2009) B. Jacobs Version: fall 2015 Computer Security 13 / 53

  13. Organisation Introduction Radboud University Nijmegen A security protocol example About this course XI: intellectual attitude The right intellectual attitude involves both: • intrinsic motivation/drive to understand how things work • assertivity to be able to say: I don’t understand this! B. Jacobs Version: fall 2015 Computer Security 14 / 53

  14. Organisation Introduction Radboud University Nijmegen A security protocol example About this course XII Sensitivity of the topic • Not everything is publicly known (like e.g. in algebra) • Some things are simply illegal: don’t try this at home! • Moral compass/fibre/backbone required in this field • Lectures are deliberately not recorded! • some inside stories & anecdotes will be told • they can be misinterpreted, out of context • Following the daily news is strongly recommended: security is a highly political topic. B. Jacobs Version: fall 2015 Computer Security 15 / 53

  15. Organisation Introduction Radboud University Nijmegen A security protocol example About this course XIII Topics • Basic notions: confidentiality, integrity, availability (jointly known as: CIA of information security) • Basic techniques: encryption, both symmetric (shared secret key) and asymmetric (public key) • Basic protocols for achieving security goals • Basic technologies (PGP, SSL, certificates, etc) • Underlying mathematics (cryptography) is used as tool box, not topic of study in itself • But very basics are included (substitution, transposition, RSA, El Gamal) • Several practical examples: e-passport, voting, Bitcoins, . . . B. Jacobs Version: fall 2015 Computer Security 16 / 53

  16. Organisation Introduction Radboud University Nijmegen A security protocol example Beyond this course More about computer security • There is a lot of interesting reading • Historical • Military/intelligence • Societal (eg. about privacy) • and technical, of course • Reading a bit more is strongly encouraged • Many conncections with legal issues • You can find out about a Minor in law • Or follow the (master)course Law in Cyberspace B. Jacobs Version: fall 2015 Computer Security 17 / 53

  17. Organisation Introduction Radboud University Nijmegen A security protocol example Computer security @Nijmegen Research • Security important research topic at Nijmegen • Focus on smart cards, in various forms • Much theoretical research, eg. on protocol correctness • Also many societal issues: involvement with • e-voting • smart (electricity) • e-passports and metering identity cards • road pricing • bankcards (eg. EMV • electronic patient issues) records • e-ticketing • cyber security Teaching • A special TRUE Security master programme, • Jointly with Eindhoven • Also open to Math. & AI students B. Jacobs Version: fall 2015 Computer Security 18 / 53

  18. Organisation Introduction Radboud University Nijmegen A security protocol example Financial crime in NL in M e (Source: Betaalvereniging) Activity ’92 ’10 ’11 ’12 ’13 ’14 bank robbery 570 26 7 4 ? ? internet banking — 10 35 38 9.6 4.7 bankcard skimming — 20 40 29 6.8 1.3 Remarks : • You’re an old-school loser if you’re still planning a career as bank robber • Bad guys have gone digital , in fraud, blackmail, sabotage, espionage, . . . B. Jacobs Version: fall 2015 Computer Security 20 / 53

Recommend

Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
A Brief Intro to Security December 5th, 2013 What is Computer Security? The protection

A Brief Intro to Security December 5th, 2013 What is Computer Security? The protection

A Brief Intro to Security December 5th, 2013 What is Computer Security? The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and

296 views • 14 slides
Security Metrics, Security Investment Models and Intro to R Tyler Moore CSE 7338 Computer

Security Metrics, Security Investment Models and Intro to R Tyler Moore CSE 7338 Computer

Notes Security Metrics, Security Investment Models and Intro to R Tyler Moore CSE 7338 Computer Science & Engineering Department, SMU, Dallas, TX Lecture 2 Notes Outline Managing security investment 1 Security metrics 2 R 3

605 views • 16 slides
Cryptography Well, a gentle intro to cryptography Fall 2014 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2014 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2014 CS 334: Computer Security 1 Special Thanks: to our friends at the Australian Defense Force Academy for providing the basis for these slides Fall 2014 CS 334: Computer Security 2

730 views • 47 slides
Cryptography Well, a gentle intro to cryptography Fall 2010 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2010 CS 334: Computer Security 1

Cryptography Well, a gentle intro to cryptography Fall 2010 CS 334: Computer Security 1 Special Thanks: to our friends at the Australian Defense Force Academy for providing the basis for these slides Fall 2010 CS 334: Computer Security 2

626 views • 43 slides
Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A

Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A

Fundamentals of Computer Security Spring 2015 Radu Sion Intro Encryption Hash Functions A Message From Our Sponsors Computer Security Fundamentals Fundamentals System/Network Security, crypto How do things work Why How to

824 views • 26 slides
Intro to Web Security What is the Internet? global system of interconnected computer

Intro to Web Security What is the Internet? global system of interconnected computer

Intro to Web Security What is the Internet? global system of interconnected computer networks that use the Internet protocol suite (TCP/ IP) to link devices worldwide - Wikipedia and why do we care? The interconnectedness of

485 views • 37 slides
Intro to Computer Security Lujo Bauer lbauer@cmu.edu http://www.ece.cmu.edu/~lbauer Fall 2011

Intro to Computer Security Lujo Bauer lbauer@cmu.edu http://www.ece.cmu.edu/~lbauer Fall 2011

Carnegie Mellon Intro to Computer Security Lujo Bauer lbauer@cmu.edu http://www.ece.cmu.edu/~lbauer Fall 2011 Carnegie Mellon Plan for Today What is computer security and why is it important? Types of computer misuse

647 views • 37 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

608 views • 8 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

395 views • 7 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Cryptography Well, a gentle intro to cryptography. Actually, a fairly hand-wavy intro to

Cryptography Well, a gentle intro to cryptography. Actually, a fairly hand-wavy intro to

Cryptography Well, a gentle intro to cryptography. Actually, a fairly hand-wavy intro to crypto (well discuss why) Fall 2018 CS 334: Computer Security 1 Special Thanks: to our friends at the Australian Defense Force Academy for

1.2k views • 51 slides
Software$Security$ (finish) $ & $ Cryptography $(brief$intro) $ Spring'2016' '

Software$Security$ (finish) $ & $ Cryptography $(brief$intro) $ Spring'2016' '

CSE$484$/$CSE$M$584:$$Computer$Security$and$Privacy$ $ Software$Security$ (finish) $ & $ Cryptography $(brief$intro) $ Spring'2016' ' Franziska'(Franzi)'Roesner'' franzi@cs.washington.edu'

419 views • 29 slides
Course Overview, Introduction to Economics and Security Tyler Moore CSE 7338 Computer Science

Course Overview, Introduction to Economics and Security Tyler Moore CSE 7338 Computer Science

Notes Course Overview, Introduction to Economics and Security Tyler Moore CSE 7338 Computer Science & Engineering Department, SMU, Dallas, TX Lecture 1 Notes Outline Logistics 1 Motivation 2 Intro to Economics: Key notions 3 Intro

769 views • 32 slides
Software Security Continued + Cryptography Intro Autumn 2018 Tadayoshi (Yoshi) Kohno

Software Security Continued + Cryptography Intro Autumn 2018 Tadayoshi (Yoshi) Kohno

CSE 484 / CSE M 584: Computer Security and Privacy Software Security Continued + Cryptography Intro Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.Washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,

445 views • 22 slides
Cryptography Intro CS642: Computer Security Professor Ristenpart

Cryptography Intro CS642: Computer Security Professor Ristenpart

Cryptography Intro CS642: Computer Security Professor Ristenpart h9p://www.cs.wisc.edu/~rist/ rist at cs dot wisc dot edu University of Wisconsin CS 642

820 views • 35 slides
Cryptography Intro CS642: Computer Security Professor Ristenpart

Cryptography Intro CS642: Computer Security Professor Ristenpart

Cryptography Intro CS642: Computer Security Professor Ristenpart h9p://www.cs.wisc.edu/~rist/ rist at cs dot wisc dot edu University of Wisconsin CS 642

519 views • 36 slides
Outline Computer Security: Intro Organisation B. Jacobs Introduction Institute for Computing

Outline Computer Security: Intro Organisation B. Jacobs Introduction Institute for Computing

Organisation Organisation Introduction Introduction Radboud University Nijmegen Radboud University Nijmegen A security protocol example A security protocol example Outline Computer Security: Intro Organisation B. Jacobs Introduction

267 views • 8 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Bart Jacobs

Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Bart Jacobs

Crypto intro Crypto intro Symmetric crypto Symmetric crypto Achieving security goals with symmetric crypto Radboud University Nijmegen Achieving security goals with symmetric crypto Radboud University Nijmegen e-Passport example

269 views • 7 slides
Outline Computer Security: Intro Organisation Bart Jacobs Introduction Institute for Computing

Outline Computer Security: Intro Organisation Bart Jacobs Introduction Institute for Computing

Organisation Organisation Introduction Introduction Radboud University Nijmegen Radboud University Nijmegen A security protocol example A security protocol example Outline Computer Security: Intro Organisation Bart Jacobs Introduction

538 views • 6 slides
Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Achieving security

Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Achieving security

Crypto intro Crypto intro Symmetric crypto Symmetric crypto Achieving security goals with symmetric crypto Achieving security goals with symmetric crypto Radboud University Nijmegen Radboud University Nijmegen e-Passport example

1.11k views • 12 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides

More recommend