avinanta tarigan universitas gunadarmaavinanta.staff.gunadarma.ac.id/.../introtosecurity.pdf ·...
TRANSCRIPT
![Page 1: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/1.jpg)
Introduction to Security
Avinanta Tarigan
Universitas Gunadarma
1 Avinanta Tarigan Introduction to Security
![Page 2: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/2.jpg)
Layout
ProblemsGeneral SecurityCryptography & Protocol reviewed
2 Avinanta Tarigan Introduction to Security
![Page 3: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/3.jpg)
Problems
Life was beautiful before computer, getting worse afterInternetDistributed systems: each depends on othersHow can we assure system behaves correctly & securely ?Can we trust systems on the other side ?
3 Avinanta Tarigan Introduction to Security
![Page 4: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/4.jpg)
Problems .. (cont)
How to assure security of the networkHow to quantify riskWhat are the boundaries of the system ?Relationship to political, social, enomical aspects is notwell understoodUncertainty
4 Avinanta Tarigan Introduction to Security
![Page 5: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/5.jpg)
Definition
In General :
Computer Security deals with the method againstunauthorized actions in computer systems
More General :
Dependability to other institution is also insecurity
5 Avinanta Tarigan Introduction to Security
![Page 6: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/6.jpg)
Basic
6 Avinanta Tarigan Introduction to Security
![Page 7: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/7.jpg)
Basic
7 Avinanta Tarigan Introduction to Security
![Page 8: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/8.jpg)
Basic
Vulnerability (Kelemahan)
Security Violation (Pelanggaran)
* Unauthorized Access (Cracked)
* Password Stolen* Unauthenticated Sites
* Sensible Information Sniffed
Attacker who attacks
State(Keadaan)
StateTransition
8 Avinanta Tarigan Introduction to Security
![Page 9: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/9.jpg)
What is secure ?
Computer based system behaves according to1 algorithms (program/software)2 user direction (input)
Given systems & environment:1 secure states (system maintains security properties)2 insecure states (violation of security policy)3 paths lead to insecure states (vulnerability)
Correctness: maintain intended behavior according tocorrect specification while unintended behavior will not bereachableSecurity policy: definition of (1,2,3)Attack : Persistence, Intentional, Outsider vs Insider,Loss vs Gain
9 Avinanta Tarigan Introduction to Security
![Page 10: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/10.jpg)
Threats ... (cont)
Towards vulnerable system [Abadi] :
Interaction with uncertain physical, network, softwareenvironment.Using public network, distributed administration, diverseoperatorsCOTS, business demand is the priority, Monocultures
10 Avinanta Tarigan Introduction to Security
![Page 11: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/11.jpg)
Threats ... (cont)
Attack :
Physical attackex. theft of harddisk/cdroms, bombing, etc.Syntatic attackex. buffer overflow, domain theft, SQL injectionSemantic attackex. Social engineering, site phising
11 Avinanta Tarigan Introduction to Security
![Page 12: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/12.jpg)
Security Policy
We define secure states and insecure statesDefine paths which always bring system in secure states:what is permitedDefine also paths might lead to insecure states: what is notallowedSpecified in formal language for clearness, unambiguity,consistency, and verificabilityWritten in natural language for better understanding
12 Avinanta Tarigan Introduction to Security
![Page 13: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/13.jpg)
Properties
Confidentiality (Secrecy)Unauthorized disclosure of information is not reachable(Acces Control - Cryptography)IntegrityUnauthorized modification of information is not reachable
Data integrity - Origin integrity / authenticationPrevention (access control) - Detection (hash function)
13 Avinanta Tarigan Introduction to Security
![Page 14: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/14.jpg)
Properties ... (cont)
AvailabilityPrevention & detection of denial of serviceAccountabilityThe availablity and completeness of the track of pastsystem statesWho - Whom - What - When - WhereImplementation: should be forensic ready
14 Avinanta Tarigan Introduction to Security
![Page 15: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/15.jpg)
Goals
Preventionto fail the attackDetectionto detect unprevented attackRecoveryto stop the attack & repair attacked system
15 Avinanta Tarigan Introduction to Security
![Page 16: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/16.jpg)
Security Mechanism
Way to enforce security policiesHow to limit system behavior according to policiesSpecification - Design - Implementation - Operation &Maintenance - Audit (Forensic)Access Control & Cryptography
16 Avinanta Tarigan Introduction to Security
![Page 17: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/17.jpg)
Access Control
Reference MonitorSet of precise rules according to security policy, applied asa filter to the transition states of the system, which preventssystem in entering insecure stateAuthentication is mandatorySubjects, Objects, Actions, Time, Location, and otherattributes
17 Avinanta Tarigan Introduction to Security
![Page 18: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/18.jpg)
Model of Acces Control
Subj 1 Subj 2 Subj N
Obj 1 Obj 2 Obj N Obj 1 Obj 2 Obj N
DiscretionaryAccess Control
(DAC)Access Control
(MAC)
Mandatory Safe Dealing(SD)
Role BasedAccess Control
(RBAC)
Obj 1 Obj 2 Obj N
Subj 1 Subj NSubj 2 Subj 1 Subj NSubj 2Subj 1 Subj NSubj 2
���������������
���������������
���������������
���������������
���������������
���������������
������������
������������
Confident AttributeControl
Ticket K−1 Ticket K
Ticket K+1
Enrollment
Secret
Top Secret
Obj 2
Obj N
Obj 1
18 Avinanta Tarigan Introduction to Security
![Page 19: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/19.jpg)
Implementation: Cryptography
Algorithm to protect secrecy of dataAlso used to gain :
authenticationintegritynon repudiation
Includes : algorithm and key(s)
19 Avinanta Tarigan Introduction to Security
![Page 20: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/20.jpg)
Cryptography ... (cont)
Chipertext = Encrypt(Message,Key)
Message = Decrypt(Chipertext ,Key)
Decrypt(Chipertext) hard without KeyResearch questions :Is there any algorithm which is hard to compute originalmessage but easy to verify itIn implementation requires a protocol (CryptographicProtocol)
20 Avinanta Tarigan Introduction to Security
![Page 21: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/21.jpg)
Symmetric Crypt.
A 7→B : {M }Kab
Principal A sends B message Mencrypted with shared-key Kab
Key is shared between 2 principalsNeeds N2 keys for N principalsFast but key management is not easyExample of Chiper: DES, 3DES, Blowfish, AES
21 Avinanta Tarigan Introduction to Security
![Page 22: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/22.jpg)
Asymmetric/Public Key Crypt.
A 7→B : {M }Kb
Principal A sends B message Mencrypted with B’s public-key Kb
Only with private-key K −1b , B can decrypt M
Principal has its own K which is published and K −1
which must be keeped secretKey management is less difficult, usualy managed byCertification AuthorityExample of Chiper: RSA (Rivest-Shamir-Addleman),Elliptic-Curve
22 Avinanta Tarigan Introduction to Security
![Page 23: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/23.jpg)
One-Way-Hash
Algorithm to compute large data into small integer,producing fingerprint of the message
Used for maintaining integrity of message beingtransferredExample: MD5, SHA1, SHA-256, Ripemd, Haval
23 Avinanta Tarigan Introduction to Security
![Page 24: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/24.jpg)
Digital Signature (Sign)
24 Avinanta Tarigan Introduction to Security
![Page 25: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/25.jpg)
Digital Signature (Verify)
25 Avinanta Tarigan Introduction to Security
![Page 26: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/26.jpg)
Digital Signature
A 7→B : {M ,{Hash(M )}Ka}Kb
A’s digital signature on a message is the hash of messageencrypted with A’s private-keyAuthentication: only with A’s public-key, the hash can bedecryptedIntegrity: Hash functionConfidentiality: message can be decrypted only with B’sprivate-keyNon-Repudiation: explain for your self
26 Avinanta Tarigan Introduction to Security
![Page 27: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/27.jpg)
Pictures of Cryptographer
27 Avinanta Tarigan Introduction to Security
![Page 28: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/28.jpg)
Cryptographic Protocol
Implementation of Cryptography AlgorithmAchieving security properties (authentication,secrecy, etc.)Example :
Needham-Schroeder (authentication)Kerberos (authentication)SSL/TLS (auth - secrecy )
28 Avinanta Tarigan Introduction to Security
![Page 29: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/29.jpg)
Cryptographic Protocol
Example : Needham-Schroeder Protocol
M1 A 7→S : A, B, Na
M2 S 7→A : {Na, B, Kab, {Kab, A}Kbs}Kas
M3 A 7→B : {Kab, A}Kbs
M4 B 7→A : {Nb}Kab
M5 A 7→B : {Nb−1}Kab
Intoducing Nonce (N)
29 Avinanta Tarigan Introduction to Security
![Page 30: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/30.jpg)
Cryptographic Protocol
More example : Kerberos Protocol
M1 A 7→S : A, B
M2 S 7→A : {Ts, L, B, Kab, {Ts, L, Kab, A}Kbs}Kas
M3 A 7→B : {Ts, L, Kab, A}Kbs, {A, Ta}Kab
M4 B 7→A : {Ta + 1}Kab
Introducing TimeStamp (T ) and Lifetime (L)
Used in many system, including Windows
30 Avinanta Tarigan Introduction to Security
![Page 31: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/31.jpg)
Cryptographic Protocol
Problem :
Wrong design could lead to flaw
Needham-Schroeder ProtocolSSLv1.0
Wrong implementation could lead to vulnerability
Padding problem in SSL, SSH, and WTLSUser Interface design in Browser
Vulnerability arise between two protection technologies(Anderson, Ross)
31 Avinanta Tarigan Introduction to Security
![Page 32: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/32.jpg)
Assurance : Formal Method
To prove correctness in achieving security properties whichprotocol carry outThere are two development approach :
Extention from method used in communicationNewly developed method
Four classifications :
1. General purpose tools 3. Expert System2. Logic based 4. Algebraic approach
32 Avinanta Tarigan Introduction to Security
![Page 33: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/33.jpg)
Formal MethodUsing General Purpose Tools
Treated as ordinary comm. protocolAdversary is explicit, capable in read, intercept, and modifymessagesMethod : FSM, CSP, FDR, Petri NetsExample : Lotos, Ina Jo, Murphy
A BINTRUDER
System State
33 Avinanta Tarigan Introduction to Security
![Page 34: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/34.jpg)
Formal MethodUsing Expert System
Investigate every possible scenario of Attack - Flaw -DefenceNeeds to define insecure states and search paths to themMore successful than General Purpose ToolsExample : Interrogator by Millen, NRL Protocol Analyzer byMeadows, Longley and Rigby
34 Avinanta Tarigan Introduction to Security
![Page 35: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/35.jpg)
Formal MethodAlgebraic Approach
Capabilties in modeling knowledge which representscomponent in cryptographic operation (Nonce, Key(s), andold messages)Example :
Dolev - Yao (term re-writing systems)Sphi - Calculus by Abadi and Gordon (to prove secrecy)
35 Avinanta Tarigan Introduction to Security
![Page 36: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/36.jpg)
Formal MethodLogic Based
One sees crypt. protocol as distributed algorithmDevelop logics from modal logicThere are inference rulesGoal is to derived statements which represents correctconditionExample : BAN Logic and GNY Logic
36 Avinanta Tarigan Introduction to Security
![Page 37: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/37.jpg)
Towards Secure System
Specification : Security PolicyImplementation : Security MechanismCorrectness : AssuranceMan - Machine - Management
37 Avinanta Tarigan Introduction to Security
![Page 38: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/38.jpg)
Towards ... (cont)
Preventivemeasures
General Users
Detectivemeasures
Desktop
Servers
Perimeter
Managers
Security Team
Responsivemeasures
38 Avinanta Tarigan Introduction to Security
![Page 39: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/39.jpg)
Towards .. (cont)
− Government Agent− Financial Institutions− Organizations− Local − etc
− Availability− Integrity− Confidentiality− Non Repudiation− etc
− User Education− Secure OS, Application, Perimeter− etc
Constituent Systems
ConstituentOrganizationalUnitsSecurity Goals
− Policy
39 Avinanta Tarigan Introduction to Security
![Page 40: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/40.jpg)
Books, Papers, and Links
Ross Anderson, “Security Engineering”Matt Bishop, “Computer Security”Schneider et. al. “Modelling and Analysis of SecurityProtocols”Martin Abadi’s homepage athttp://www.cse.ucsc.edu/˜abadi
40 Avinanta Tarigan Introduction to Security
![Page 41: Avinanta Tarigan Universitas Gunadarmaavinanta.staff.gunadarma.ac.id/.../IntroToSecurity.pdf · Asymmetric/Public Key Crypt. A 7!B: fMg K b Principal A sends B message M encrypted](https://reader034.vdocument.in/reader034/viewer/2022050509/5f9a770d1368733c585b3079/html5/thumbnails/41.jpg)
The End
End of this presentation
41 Avinanta Tarigan Introduction to Security