Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
0Activity
0 of .
Results for:
No results containing your search query
P. 1
Introduction to Computer Security(2)

Introduction to Computer Security(2)

Ratings: (0)|Views: 6|Likes:
basic introduction
basic introduction

More info:

Published by: Dr. Pradeep Singh Shaktawat on Feb 19, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

02/19/2013

pdf

text

original

 
1
Introduction toComputer Security
Security Terminology, PasswordGuidelines, E-mail and WebSecurity
Topics
Common Security TerminologyPassword SecurityE-mail SecurityWeb SecurityPeer-to-Peer Filesharing
Terminology
Password Cracking
 –Password Cracker
An application that tries to obtain a password byrepeatedly generating and comparing encryptedpasswords or by authenticating multiple times toan authentication source.
 –Common Methods of Password Cracking
Brute Force = attempts all possible charactercombinationsDictionary = attempts pre-determined charactercombinations
 
2
Terminology
Password Cracking (cont’d)
 –Passwords are usually stored in an encryptedform with a one way encryption algorithm
If this data is compromised, password cracking canbe moved to a standalone system for easiercontrol and speed of cracking
Terminology
Biometrics
 –Science and technology of measuring andstatistically analyzing biological data. –When used in Information Technology itusually refers to the use of human traits forauthentication –This can include fingerprints, eye retinas andirises, voice patterns and a host of otherconsistent biological data
Terminology
Public Key Cryptography
 –Two keys, a.k.a. “certificates”, are availablefor each resource, one public and one private –As the names imply, the public key can beshared freely while the private key is keptsecret –Items encrypted using the public key aredecrypted with the private key and converselyanything encrypted with the private key canbe decrypted with the public key
 
3
Terminology
Public Key Cryptography (cont’d)
 –This method of encryption is used to ensuresecure communication is only between avalid, “known”, sender and recipient
Terminology
SSL
 –“Secure Sockets Layer” –Uses Public Key Cryptography –Negotiates a method to encrypt communicationbetween a client and server –Allows other network protocols to connect “over top”of it, such as web browsing and e-mail protocols –“Transport Layer Security”(TLS) is a variant of SSLused to negotiate encryption within the networkprotocol being used
Terminology
Man-in-the-Middle Attack
 –A system between two hosts that eitherpassively watches traffic to gain informationused to “replaya session or activelyinterferes with the connection, potentiallyimitating the remote system

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->