SlideShare ist ein Scribd-Unternehmen logo

Security

Als PPT, PDF herunterladen
Ganesh Vadulekar
Ganesh Vadulekar

Security Based

Software
1 von 19
SECURITY
Overview 1. Introduction to Security 2. Cryptography 3. Potential Attack 4. Authentication 5. Access Control 6. Authentication & Access Control 7. Digital Signature 8. DCE Security Services 9. Services by DCE 10. Summary
Introduction • Security is one of the most important issues in distributed systems. • When data is distributed across multiple networks or information is transferred via public networks, it becomes vulnerable to attacks by mischievous elements. • Similarly other computing resources like processors, storage devices , networks etc., can also be attacked by hackers.
Cryptography  Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit.  However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext into cipher text (a process called encryption), then back again (known as decryption).  Individuals who practice this field are known as cryptographers.
Cryptography concerns itself with the following four objectives:  Confidentiality the information cannot be understood by anyone for whom it was unintended.  Integrity the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected.  Non-repudiation the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information.
Potential Attacks • There are many Potential Attack to the security of your directory. The most typical threats to directory security fall into the following broad categories: 1. Unauthorized Access 2. Unauthorized Tampering 3. Denial of Service
Potential Threats • Unauthorized Access 1. Unauthorized access to data via data-fetching operations 2 . Unauthorized access to reusable client authentication information by monitoring the access of others 3. Unauthorized access to data by monitoring the access of others • Unauthorized Tampering 1.Unauthorized modification of data 2.Unauthorized modification of configuration information • Denial of Service 1. With a denial of service attack, the attacker's goal is to prevent the directory from providing service to its clients.
Authentication  The process of identifying an individual, usually based on a username and password.  In security systems, authentication is distinct from authorization ,which is the process of giving individuals access to system objects based on their identity.  Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.
There are three methods we can use to authenticate someone: 1.Use something you have, for example, a key or a card. 2.Use something you know. Passwords and PINs (personal ID numbers) 3.Use something you are. This involves biometrics. (a user’s fingerprint or iris pattern).
Access Control  The purpose of access control is to limit the actions or operations that a legitimate user of a computer system can perform.  Access control constrains what a user can do directly, as well as what programs executing on behalf of the users are allowed to do.  In this way access control seeks to prevent activity that could lead to a breach of security.
Authentication & Access Control  It is important to make a clear distinction between authentication and access control.  Correctly establishing the identity of the user is the responsibility of the authentication service.  Access control assumes that the authentication of the user has been successfully verified prior to enforcement of access control via a reference monitor
Digital Signature  A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or documents.  A valid digital signature gives a recipient reason to believe that the message was created by a known sender.  The sender cannot deny having sent the message and that the message was not altered in transit .
 Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature , but not all electronic signatures use digital signatures.  In some countries, including the United States, India, Brazil, Saudi Arabi, European Union and Switzerland has electronic signatures as legal significance.
DCE Security Service  The DCE supplies a framework and toolkit for developing client/server applications.  The framework includes a remote procedure call (RPC) mechanism known as DCE/RPC.  Naming (directory) service, a time service, an authentication service and a distributed file system (DFS) known as DCE/DFS.
Distributed Computing Environment
DCE Services • DCE Security Service provides the mechanisms for writing applications that support secure communications between clients and servers. • Enables processes on different machines to be certain of one another’s identities (authentication). • Allows a server to determine whether a given user is authorized to access a particular resource (authorization).
THANK YOU

Empfohlen

Security Basics
Security BasicsSecurity Basics
Security BasicsArchitecTerra Ltd.
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Securityjp tj
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGInternational Journal of Technical Research & Application
 
Data and Message Security
Data and Message SecurityData and Message Security
Data and Message SecurityNrapesh Shah
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Data Security
Data SecurityData Security
Data SecurityMark Waltzer
 
Security services
Security servicesSecurity services
Security servicesGayan Geethanjana
 

Empfohlen

Security Basics
Security BasicsSecurity Basics
Security BasicsArchitecTerra Ltd.
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Securityjp tj
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGInternational Journal of Technical Research & Application
 
Data and Message Security
Data and Message SecurityData and Message Security
Data and Message SecurityNrapesh Shah
 
Types of attacks
Types of attacksTypes of attacks
Types of attacksVivek Gandhi
 
Security Mechanisms
Security MechanismsSecurity Mechanisms
Security Mechanismspriya_trehan
 
Data Security
Data SecurityData Security
Data SecurityMark Waltzer
 
Security services
Security servicesSecurity services
Security servicesGayan Geethanjana
 
Chapter 01
Chapter 01Chapter 01
Chapter 01nathanurag
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 
Ppt
PptPpt
PptNidhi Bansal
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
E-commerce- Security & Encryption
E-commerce- Security & EncryptionE-commerce- Security & Encryption
E-commerce- Security & EncryptionBiroja
 
Unit 5
Unit 5Unit 5
Unit 5KRAMANJANEYULU1
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
survey project-1
survey project-1survey project-1
survey project-1NAVIT GAUR
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1JeevananthamArumugam
 
Chapter 3 security principals
Chapter 3 security principalsChapter 3 security principals
Chapter 3 security principalsnewbie2019
 
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...IJNSA Journal
 
Mis jaiswal-chapter-11
Mis jaiswal-chapter-11Mis jaiswal-chapter-11
Mis jaiswal-chapter-11Amit Fogla
 
Unit 1
Unit 1Unit 1
Unit 1KRAMANJANEYULU1
 
IRJET- A Survey on Cryptography, Encryption and Compression Techniques
IRJET- A Survey on Cryptography, Encryption and Compression TechniquesIRJET- A Survey on Cryptography, Encryption and Compression Techniques
IRJET- A Survey on Cryptography, Encryption and Compression TechniquesIRJET Journal
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network SecuritySHUBHA CHATURVEDI
 
Document security & firewall
Document security & firewallDocument security & firewall
Document security & firewallSanjay Singh
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 
security IDS
security IDSsecurity IDS
security IDSGregory Hanis
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptxBisharSuleiman
 

Weitere ähnliche Inhalte

Was ist angesagt?

Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-CommerceHem Pokhrel
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commercem8817
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full pptShahbaz Khan
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationPeter Choi
 
E-commerce- Security & Encryption
E-commerce- Security & EncryptionE-commerce- Security & Encryption
E-commerce- Security & EncryptionBiroja
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1osama elfar
 
survey project-1
survey project-1survey project-1
survey project-1NAVIT GAUR
 
Chapter 3 security principals
Chapter 3 security principalsChapter 3 security principals
Chapter 3 security principalsnewbie2019
 
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...IJNSA Journal
 
Mis jaiswal-chapter-11
Mis jaiswal-chapter-11Mis jaiswal-chapter-11
Mis jaiswal-chapter-11Amit Fogla
 
IRJET- A Survey on Cryptography, Encryption and Compression Techniques
IRJET- A Survey on Cryptography, Encryption and Compression TechniquesIRJET- A Survey on Cryptography, Encryption and Compression Techniques
IRJET- A Survey on Cryptography, Encryption and Compression TechniquesIRJET Journal
 
Document security & firewall
Document security & firewallDocument security & firewall
Document security & firewallSanjay Singh
 
Security and management
Security and managementSecurity and management
Security and managementArtiSolanki5
 

Was ist angesagt? (20)

Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Network security for E-Commerce
Network security for E-CommerceNetwork security for E-Commerce
Network security for E-Commerce
 
Ppt
PptPpt
Ppt
 
Security in E-commerce
Security in E-commerceSecurity in E-commerce
Security in E-commerce
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
 
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor AuthenticationAddressing Insider Threat using "Where You Are" as Fourth Factor Authentication
Addressing Insider Threat using "Where You Are" as Fourth Factor Authentication
 
E-commerce- Security & Encryption
E-commerce- Security & EncryptionE-commerce- Security & Encryption
E-commerce- Security & Encryption
 
Unit 5
Unit 5Unit 5
Unit 5
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Network security chapter 1
Network security chapter 1Network security chapter 1
Network security chapter 1
 
survey project-1
survey project-1survey project-1
survey project-1
 
CNS - Chapter1
CNS - Chapter1CNS - Chapter1
CNS - Chapter1
 
Chapter 3 security principals
Chapter 3 security principalsChapter 3 security principals
Chapter 3 security principals
 
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
AUTHENTICATION MECHANISM ENHANCEMENT UTILISING SECURE REPOSITORY FOR PASSWORD...
 
Mis jaiswal-chapter-11
Mis jaiswal-chapter-11Mis jaiswal-chapter-11
Mis jaiswal-chapter-11
 
Unit 1
Unit 1Unit 1
Unit 1
 
IRJET- A Survey on Cryptography, Encryption and Compression Techniques
IRJET- A Survey on Cryptography, Encryption and Compression TechniquesIRJET- A Survey on Cryptography, Encryption and Compression Techniques
IRJET- A Survey on Cryptography, Encryption and Compression Techniques
 
Aspects of Network Security
Aspects of Network SecurityAspects of Network Security
Aspects of Network Security
 
Document security & firewall
Document security & firewallDocument security & firewall
Document security & firewall
 
Security and management
Security and managementSecurity and management
Security and management
 

Ähnlich wie Security

cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptxBisharSuleiman
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptxKnownId
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYDEEPAK948083
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3 WE-IT TUTORIALS
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network securitysneha padhiar
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerceMohsin Ahmad
 
cyber secuirty.pptx
cyber secuirty.pptxcyber secuirty.pptx
cyber secuirty.pptxGodwin585235
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Brianna Johnson
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVEric Vanderburg
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...IJCSIS Research Publications
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdfDr. Shivashankar
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
 
CIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdfCIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdfannaielectronicsvill
 

Ähnlich wie Security (20)

security IDS
security IDSsecurity IDS
security IDS
 
cryptography introduction.pptx
cryptography introduction.pptxcryptography introduction.pptx
cryptography introduction.pptx
 
Information Systems.pptx
Information Systems.pptxInformation Systems.pptx
Information Systems.pptx
 
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITYMOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
MOBILE & WIRELESS SECURITY And MOBILE & WIRELESS SECURITY
 
Network security unit 1,2,3
Network security unit 1,2,3 Network security unit 1,2,3
Network security unit 1,2,3
 
Introduction of network security
Introduction of network securityIntroduction of network security
Introduction of network security
 
CNS - Unit - 1 - Introduction
CNS - Unit - 1 - IntroductionCNS - Unit - 1 - Introduction
CNS - Unit - 1 - Introduction
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerce
 
cyber secuirty.pptx
cyber secuirty.pptxcyber secuirty.pptx
cyber secuirty.pptx
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
 
Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...Information Technology Security Is Vital For The Success...
Information Technology Security Is Vital For The Success...
 
Computer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOVComputer Security Primer - Eric Vanderburg - JURINNOV
Computer Security Primer - Eric Vanderburg - JURINNOV
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Network Security-Module_1.pdf
Network Security-Module_1.pdfNetwork Security-Module_1.pdf
Network Security-Module_1.pdf
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile System
 
CIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdfCIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdf
 
Goals of security
Goals of securityGoals of security
Goals of security
 
IT.pptx
IT.pptxIT.pptx
IT.pptx
 

Kürzlich hochgeladen

Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 

Kürzlich hochgeladen (20)

Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 

Security

  • 2.
  • 3. Overview 1. Introduction to Security 2. Cryptography 3. Potential Attack 4. Authentication 5. Access Control 6. Authentication & Access Control 7. Digital Signature 8. DCE Security Services 9. Services by DCE 10. Summary
  • 4. Introduction • Security is one of the most important issues in distributed systems. • When data is distributed across multiple networks or information is transferred via public networks, it becomes vulnerable to attacks by mischievous elements. • Similarly other computing resources like processors, storage devices , networks etc., can also be attacked by hackers.
  • 5. Cryptography  Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit.  However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext into cipher text (a process called encryption), then back again (known as decryption).  Individuals who practice this field are known as cryptographers.
  • 6. Cryptography concerns itself with the following four objectives:  Confidentiality the information cannot be understood by anyone for whom it was unintended.  Integrity the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected.  Non-repudiation the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information.
  • 7. Potential Attacks • There are many Potential Attack to the security of your directory. The most typical threats to directory security fall into the following broad categories: 1. Unauthorized Access 2. Unauthorized Tampering 3. Denial of Service
  • 8. Potential Threats • Unauthorized Access 1. Unauthorized access to data via data-fetching operations 2 . Unauthorized access to reusable client authentication information by monitoring the access of others 3. Unauthorized access to data by monitoring the access of others • Unauthorized Tampering 1.Unauthorized modification of data 2.Unauthorized modification of configuration information • Denial of Service 1. With a denial of service attack, the attacker's goal is to prevent the directory from providing service to its clients.
  • 9. Authentication  The process of identifying an individual, usually based on a username and password.  In security systems, authentication is distinct from authorization ,which is the process of giving individuals access to system objects based on their identity.  Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.
  • 10. There are three methods we can use to authenticate someone: 1.Use something you have, for example, a key or a card. 2.Use something you know. Passwords and PINs (personal ID numbers) 3.Use something you are. This involves biometrics. (a user’s fingerprint or iris pattern).
  • 11. Access Control  The purpose of access control is to limit the actions or operations that a legitimate user of a computer system can perform.  Access control constrains what a user can do directly, as well as what programs executing on behalf of the users are allowed to do.  In this way access control seeks to prevent activity that could lead to a breach of security.
  • 12. Authentication & Access Control  It is important to make a clear distinction between authentication and access control.  Correctly establishing the identity of the user is the responsibility of the authentication service.  Access control assumes that the authentication of the user has been successfully verified prior to enforcement of access control via a reference monitor
  • 13. Digital Signature  A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or documents.  A valid digital signature gives a recipient reason to believe that the message was created by a known sender.  The sender cannot deny having sent the message and that the message was not altered in transit .
  • 14.  Digital signatures are often used to implement electronic signatures, a broader term that refers to any electronic data that carries the intent of a signature , but not all electronic signatures use digital signatures.  In some countries, including the United States, India, Brazil, Saudi Arabi, European Union and Switzerland has electronic signatures as legal significance.
  • 15. DCE Security Service  The DCE supplies a framework and toolkit for developing client/server applications.  The framework includes a remote procedure call (RPC) mechanism known as DCE/RPC.  Naming (directory) service, a time service, an authentication service and a distributed file system (DFS) known as DCE/DFS.
  • 17. DCE Services • DCE Security Service provides the mechanisms for writing applications that support secure communications between clients and servers. • Enables processes on different machines to be certain of one another’s identities (authentication). • Allows a server to determine whether a given user is authorized to access a particular resource (authorization).
  • 18.