Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Information security

It's about Information Security, It's Definitions, Basic principles, controls, Access Control and Cryptography.

  • Be the first to comment

  • Be the first to like this

Information security

  1. 1. Information Security SINA BAGHERINEZHAD 1 University of Tehran Faculty of Management
  2. 2. Some Statistics 2
  3. 3. Agenda  History  Definitions  Basic principles  Controls  Access Control  Cryptography 3
  4. 4. History  ATBASH (600 BC)  Scytale (486 BC)  Caesar cipher (50 BC)  Alberti cipher (1466) 4
  5. 5. Definitions of Information Security  Preservation of confidentiality, integrity and availability of information. (ISO/IEC 27000:2009)  The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. (CNSS, 2010)  Ensures that only authorized users (confidentiality) have access to accurate and complete information (integrity) when required (availability). (ISACA, 2008) 5
  6. 6. Basic Principles  Confidentiality  Integrity  Availability  Authenticity  Non-repudiation 6
  7. 7. Controls  Administrative  Logical  Physical 7
  8. 8. Access Control  Identification  Authentication  Something you know: things such as a PIN, a password, or your mother's maiden name.  Something you have: a driver's license or a magnetic swipe card.  Something you are: biometrics, including palm prints, fingerprints, voice prints and retina (eye) scans.  Authorization (run, view, create, delete, or change) 8
  9. 9. Cryptography 9
  10. 10. Symmetric-key Cryptography 10
  11. 11. Man-in-the-middle attack (MITM) 11
  12. 12. Diffie-Hellman key exchange 12
  13. 13. Public-key (Asymmetric) Cryptography 13
  14. 14. RSA (cryptosystem)  Key generation: 1. Choose two distinct prime numbers p and q. 2. Compute n = pq. 3. Compute φ(n) = φ(p)φ(q) = (p − 1)(q − 1) 4. Choose an integer e such that 1 < e < φ(n) and gcd(e, φ(n)) = 1 5. Determine d as d.e ≡ 1 (mod φ(n)) Public key: (n, e) Private key: (n, d) 14
  15. 15. RSA (cryptosystem)  Encryption 1. Bob wishes to send message M to Alice. 2. He first turns M into an integer m, such that 0 ≤ m < n 3. He then computes the ciphertext c corresponding to 𝐶 ≡ 𝑚 𝑒 (mod n) 4. Bob then transmits c to Alice.  Decryption 1. Alice can recover m from c via computing 𝑚 ≡ 𝑐 𝑑 (mod n) 2. Given m, she can recover the original message M. 15
  16. 16. Digital signature 16
  17. 17. 17
  18. 18. References:  www.wikiperdia.com  www.scmagazine.com  www.comodo.com  www.billatnapier.com  www.noweco.com  www.ibm.com  www.iso.org  www.27000.org  ‫ها‬ ‫داده‬ ‫امنیت‬/‫ملکیان‬ ‫احسان‬ ‫دکتر‬ ،‫ذاکرالحسینی‬ ‫علی‬ ‫دکتر‬/‫نص‬ ‫نشر‬ 18

    Be the first to comment

    Login to see the comments

It's about Information Security, It's Definitions, Basic principles, controls, Access Control and Cryptography.

Views

Total views

270

On Slideshare

0

From embeds

0

Number of embeds

5

Actions

Downloads

6

Shares

0

Comments

0

Likes

0

×