TAILIEUCHUNG - Lecture Information systems security - Chapter 5 (part 2): Public key infrastructure

The content chapter 5 (part 1) include: Preparing for cryptographic attacks, cryptography standards and protocols, key management and key life cycle, introduction of PKI, trust models, PKI management. | Public Key Infrastructure Contents Preparing for Cryptographic Attacks Cryptography Standards and Protocols Key management and Key life cycle Introduction of PKI Trust models PKI management Cryptographic Attacks Specific attacks on cryptographic systems can be divided into three types: Attacking the key Attacking the algorithm Intercepting the transmission Cryptographic Attacks: Birthday attack A birthday attack is an example of an attack targeted at the key. It isn’t an attack on the algorithm itself, just on the results. If 25 people are in a room, there is some probability that two of those people will have the same birthday. The probability increases as additional people enter the room. It’s important to remember that probability doesn’t mean that something will occur, only that it’s more likely to occur. Cryptographic Attacks: Weak key attack Based on the premise that many common passwords are used by lots of people. If the key length is short, the resulting hash value will be easier to guess. Make sure your users use passwords and encryption keys that are hard to guess. You may even want to consider a random-password generating system. Cryptographic Attacks: Mathematical attack Mathematical attacks can be focused on the encryption algorithm itself, the key mechanism, or any potential area of weakness in the algorithm. These attacks use mathematical modeling and statistical analysis to determine how the system operates. These types of attacks depend on intercepting large amounts of data and methodically attempting to decrypt the messages using one of the methods previously described. Contents Preparing for Cryptographic Attacks Cryptography Standards and Protocols Key management and Key life cycle Introduction of PKI Trust models PKI management Public Domain Cryptography Public domain cryptography refers to the standards and protocols that emerge from individual or corporate efforts and are released to the general public for use PGP and RSA are two common .

• An ninh - Bảo mật
• Information systems security
• Lecture Information systems security
• Information security
• Public key infrastructure
• Cryptographic attacks
• Public domain cryptography
• Lecture On safety and security of information systems
• On safety and security of information systems
• Introduction to information systems security
• History of information security
• Bài giảng Bảo mật hệ thống thông tin
• Goals of information security
• Security process
• Security topologies
• Wireless network security
• Wireless security protections
• IEEE 802
• 11 security
• Protecting systems
• Harden operating systems
• Communications based attack
• Conducting security audits
• Privilege audits
• Privilege management
• Controls for information security
• Accounting information systems
• Lecture Accounting information systems
• Hệ thống thông tin kế toán
• Trust services framework
• Potential risks
• Privilege escalation
• Các phần mềm có hại
• Cryptography basics
• Cryptographic terminology
• Transposition cipher
• Access control
• Access control models
• Authentication models
• Virtual Private Network
• Authentication credentials
• Risk management
• Attributes of assets
• Determining relative value
• Cryptographic hash funtionns
• Simple hash functions
• Requirements and security
• Accounting information systems
• Lecture Accounting information systems
• Information systems controls
• System reliability
• Management information systems
• Information systems
• Lecture Management information systems
• Computer based information systems
• Managing information resources
• Monitoring activity
• Intrusion detection
• Secure network
• Malicious attacks
• Malicious Attack
• The common types of malicious attacks
• Basic terminology of cryptography
• History of cryptography
• Symmetric cipher
• Symmetric ciphers
• Block cipher principles
• Data encryption standard
• Advanced encryption standard
• Asymmetric ciphers
• Principles of public Key cryptosystems
• Four parts of access control
• Types of access control
• Firewall concept
• Commercial firewalls
• Network Security Fundamentals
• Guide to Network Security Fundamentals
• Security Baselines
• Disable nonessential systems
• Introduction to management information systems
• Business information technology
• Information security management
• Data safeguards are available