INFORMATION SAFESUMUP

Hoang V.Nguyen

Agenda

What’s information safe.

Major problems and solutions.

Why must care.

Security ...

Q&A

2Hoang V.Nguyen 5/1/2010

What’s information safe

In some cases, some properties of information

must be protected

Our tasks

?What properties

?How to protect

3Hoang V.Nguyen 5/1/2010

Major problems and solutions

Confidentiality

• E: PxK C

• D: CxK P

Integrity

• You cannot protect

• But you can detect

Trust

• Make a belief to Alice and Bob

Others ….

• ….

4Hoang V.Nguyen 5/1/2010

such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k)

Major problems and solutions

Confidentiality

• E: PxK C

• D: CxK P

Integrity

• You cannot protect

• But you can detect

Trust

• Make a belief to Alice and Bob

Others ….

• ….

5Hoang V.Nguyen 5/1/2010

DES

blowfish

such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k)

IDEA

RC4RSA

Elliptic Curve

Skien hash Family

CMAC

HMAC

Digital signatureCertificate Authority

Why must care?

6Hoang V.Nguyen 5/1/2010

Our jobs?Developer

Coder

User

Maintainer

Project manager

TesterDesigner

Solution Consultant

Consultant

Business analyst

Make security

Security….

What• Theory

• Solution/pattern

• Design

• System

How• Understand

• Try to attack, and discover vulnerability

• Fix

7Hoang V.Nguyen 5/1/2010

Security….

8Hoang V.Nguyen 5/1/2010

Andy Oram & John ViegaMichael Howard & others Michael Howard & others

The Security Development Lifecycle by Michael Howard & Steve Lipner 2006

Q&A

9Hoang V.Nguyen 5/1/2010