TAILIEUCHUNG - Computer Security: Chapter 5 - Security Paradigms and Pervasive Trust Paradigm

Computer Security: Chapter 5 - Security Paradigms and Pervasive Trust Paradigm provides about Old security paradigms (OSPs) (Failures of OSPs, Example of enhancing OSP), Defining new security paradigms (NSPs) (Challenges and requirements for NSPs, Review and examples of existing security paradigms, New Paradigm). | 5. Security Paradigms and Pervasive Trust Paradigm Prof. Bharat Bhargava Center for Education and Research in Information Assurance and Security (CERIAS) and Department of Computer Sciences Purdue University bb@ Collaborators in the RAID Lab (): Prof. Leszek Lilien (former Post Doc) Dr. Yuhui Zhong (former . Student) This research is supported by CERIAS and NSF grants from IIS and ANIR. [cf. Csilla Farkas, University of South Carolina] Information hiding Privacy Security Trust Applications Policy making Formal models Negotiation Network security Anonymity Access control Semantic web security Encryption Data mining System monitoring Computer epidemic Data provenance Fraud Biometrics Integrity Vulnerabilities Threats Outline How to use trust for authentication and authorization in open computing systems? Old security paradigms (OSPs) Failures of OSPs Example of enhancing OSP Defining new security paradigms (NSPs) Challenges and requirements for NSPs Review and examples of existing security paradigms New Paradigm: Pervasive Trust Old Computer Security Paradigms Information Fortress [Blakeley, NSPW’96] Walls (security perimeter, firewalls) Guards and gates (access control) Passwords (passwords) Fortress contents (computer system, confidential data) Spies, saboteurs, and Trojan Horses (viruses, worms, Trojan horses) CIA = Confidentiality, Integrity, and Availability Originally misnamed “PIA” to avoid “CIA” [Greenwald, NSPW’98] with “P” for “Privacy” (but really meaning “Confidentiality”) Failures of Old Security Paradigms (1) Opinions of Dr. Bill Wulf Pioneer in computer security President of the National Academy of Engineering (.) Computer security made little progress between mid 70’s and mid 90’s Why? (top 5 reasons) Fatally flawed basic assumption of Perimeter Defense (PD) Misconception that security flaws rise because of s/w bugs (not only!) PD cannot defend against legitimate .

TỪ KHÓA LIÊN QUAN
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.