SlideShare ist ein Scribd-Unternehmen logo

IS Sumup

Hoang Nguyen
Hoang Nguyen
Technologie
1 von 9
Downloaden Sie, um offline zu lesen
INFORMATION SAFE SUMUP Hoang V.Nguyen
Agenda  What’s information safe.  Major problems and solutions.  Why must care.  Security ...  Q&A Hoang V.Nguyen 5/1/2010 2
What’s information safe  In some cases, some properties of information must be protected  Our tasks ?What properties ?How to protect Hoang V.Nguyen 5/1/2010 3
Major problems and solutions  Confidentiality • E: PxK C such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) • D: CxK P  Integrity • You cannot protect • But you can detect  Trust • Make a belief to Alice and Bob  Others …. • …. Hoang V.Nguyen 5/1/2010 4
Major problems and solutions R R C4  Confidentiality • E: PxK C DES S Elliptic Curve such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) blowfish IDEA A • D: CxK P  Integrity CMAC • You cannot protect Skien hash Family • But you can detect HMAC Digital signature  Trust • Make a belief to Alice and Bob Certificate Authority  Others …. • …. Hoang V.Nguyen 5/1/2010 5
Why must care? User Developer Project manager Our jobs? Designer Tester Make security Consultant Coder Solution Consultant Maintainer Business analyst Hoang V.Nguyen 5/1/2010 6
Security….  What • Theory • Solution/pattern • Design • System  How • Understand • Try to attack, and discover vulnerability • Fix Hoang V.Nguyen 5/1/2010 7
Security…. Michael Howard & others Andy Oram & John Viega Michael Howard & others The Security Development Lifecycle by Michael Howard & Steve Lipner 2006 Hoang V.Nguyen 5/1/2010 8
Q&A Hoang V.Nguyen 5/1/2010 9

Empfohlen

Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0Erin Knight
 
LCS Problem
LCS ProblemLCS Problem
LCS ProblemHoang Nguyen
 
Processing XML
Processing XMLProcessing XML
Processing XMLHoang Nguyen
 
XPath
XPathXPath
XPathHoang Nguyen
 
Testing in the lifecycle
Testing in the lifecycleTesting in the lifecycle
Testing in the lifecycleHoang Nguyen
 
XML Information set
XML Information setXML Information set
XML Information setHoang Nguyen
 
Introduction to XML Foundations Course
Introduction to XML Foundations CourseIntroduction to XML Foundations Course
Introduction to XML Foundations CourseHoang Nguyen
 
Schema languages
Schema languagesSchema languages
Schema languagesHoang Nguyen
 

Empfohlen

Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0Erin Knight
 
LCS Problem
LCS ProblemLCS Problem
LCS ProblemHoang Nguyen
 
Processing XML
Processing XMLProcessing XML
Processing XMLHoang Nguyen
 
XPath
XPathXPath
XPathHoang Nguyen
 
Testing in the lifecycle
Testing in the lifecycleTesting in the lifecycle
Testing in the lifecycleHoang Nguyen
 
XML Information set
XML Information setXML Information set
XML Information setHoang Nguyen
 
Introduction to XML Foundations Course
Introduction to XML Foundations CourseIntroduction to XML Foundations Course
Introduction to XML Foundations CourseHoang Nguyen
 
Schema languages
Schema languagesSchema languages
Schema languagesHoang Nguyen
 
GANs and Applications
GANs and ApplicationsGANs and Applications
GANs and ApplicationsHoang Nguyen
 
Scrum - An introduction
Scrum - An introductionScrum - An introduction
Scrum - An introductionHoang Nguyen
 
ORM in Django
ORM in DjangoORM in Django
ORM in DjangoHoang Nguyen
 
Introduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentIntroduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentHoang Nguyen
 
Conistency of random forests
Conistency of random forestsConistency of random forests
Conistency of random forestsHoang Nguyen
 
Trust - Digital Signature
Trust - Digital SignatureTrust - Digital Signature
Trust - Digital SignatureHoang Nguyen
 
Key Exchange
Key ExchangeKey Exchange
Key ExchangeHoang Nguyen
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGHoang Nguyen
 
Stream ciphers
Stream ciphersStream ciphers
Stream ciphersHoang Nguyen
 
Classical ciphers
Classical ciphersClassical ciphers
Classical ciphersHoang Nguyen
 
Confidentiality
ConfidentialityConfidentiality
ConfidentialityHoang Nguyen
 
Information, Data and Decision Making
Information, Data and Decision MakingInformation, Data and Decision Making
Information, Data and Decision MakingHoang Nguyen
 
Multiple processor systems
Multiple processor systemsMultiple processor systems
Multiple processor systemsHoang Nguyen
 
Multiprocessor Systems
Multiprocessor SystemsMultiprocessor Systems
Multiprocessor SystemsHoang Nguyen
 
Introduction to AOS course
Introduction to AOS courseIntroduction to AOS course
Introduction to AOS courseHoang Nguyen
 
Background Knowledge
Background KnowledgeBackground Knowledge
Background KnowledgeHoang Nguyen
 
Introduction to Information Security Course
Introduction to Information Security CourseIntroduction to Information Security Course
Introduction to Information Security CourseHoang Nguyen
 
Introduction to CNS Course
Introduction to CNS CourseIntroduction to CNS Course
Introduction to CNS CourseHoang Nguyen
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic TestingHoang Nguyen
 
Nosql intro
Nosql introNosql intro
Nosql introHoang Nguyen
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

Weitere ähnliche Inhalte

Mehr von Hoang Nguyen

GANs and Applications
GANs and ApplicationsGANs and Applications
GANs and ApplicationsHoang Nguyen
 
Scrum - An introduction
Scrum - An introductionScrum - An introduction
Scrum - An introductionHoang Nguyen
 
Introduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentIntroduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentHoang Nguyen
 
Conistency of random forests
Conistency of random forestsConistency of random forests
Conistency of random forestsHoang Nguyen
 
Trust - Digital Signature
Trust - Digital SignatureTrust - Digital Signature
Trust - Digital SignatureHoang Nguyen
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGHoang Nguyen
 
Information, Data and Decision Making
Information, Data and Decision MakingInformation, Data and Decision Making
Information, Data and Decision MakingHoang Nguyen
 
Multiple processor systems
Multiple processor systemsMultiple processor systems
Multiple processor systemsHoang Nguyen
 
Multiprocessor Systems
Multiprocessor SystemsMultiprocessor Systems
Multiprocessor SystemsHoang Nguyen
 
Introduction to AOS course
Introduction to AOS courseIntroduction to AOS course
Introduction to AOS courseHoang Nguyen
 
Background Knowledge
Background KnowledgeBackground Knowledge
Background KnowledgeHoang Nguyen
 
Introduction to Information Security Course
Introduction to Information Security CourseIntroduction to Information Security Course
Introduction to Information Security CourseHoang Nguyen
 
Introduction to CNS Course
Introduction to CNS CourseIntroduction to CNS Course
Introduction to CNS CourseHoang Nguyen
 

Mehr von Hoang Nguyen (20)

GANs and Applications
GANs and ApplicationsGANs and Applications
GANs and Applications
 
Scrum - An introduction
Scrum - An introductionScrum - An introduction
Scrum - An introduction
 
ORM in Django
ORM in DjangoORM in Django
ORM in Django
 
Introduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentIntroduction to Cross-platform App Development
Introduction to Cross-platform App Development
 
Conistency of random forests
Conistency of random forestsConistency of random forests
Conistency of random forests
 
Trust - Digital Signature
Trust - Digital SignatureTrust - Digital Signature
Trust - Digital Signature
 
Key Exchange
Key ExchangeKey Exchange
Key Exchange
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
 
Stream ciphers
Stream ciphersStream ciphers
Stream ciphers
 
Classical ciphers
Classical ciphersClassical ciphers
Classical ciphers
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
Information, Data and Decision Making
Information, Data and Decision MakingInformation, Data and Decision Making
Information, Data and Decision Making
 
Multiple processor systems
Multiple processor systemsMultiple processor systems
Multiple processor systems
 
Multiprocessor Systems
Multiprocessor SystemsMultiprocessor Systems
Multiprocessor Systems
 
Introduction to AOS course
Introduction to AOS courseIntroduction to AOS course
Introduction to AOS course
 
Background Knowledge
Background KnowledgeBackground Knowledge
Background Knowledge
 
Introduction to Information Security Course
Introduction to Information Security CourseIntroduction to Information Security Course
Introduction to Information Security Course
 
Introduction to CNS Course
Introduction to CNS CourseIntroduction to CNS Course
Introduction to CNS Course
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic Testing
 
Nosql intro
Nosql introNosql intro
Nosql intro
 

Kürzlich hochgeladen

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Kürzlich hochgeladen (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

IS Sumup

  • 1. INFORMATION SAFE SUMUP Hoang V.Nguyen
  • 2. Agenda  What’s information safe.  Major problems and solutions.  Why must care.  Security ...  Q&A Hoang V.Nguyen 5/1/2010 2
  • 3. What’s information safe  In some cases, some properties of information must be protected  Our tasks ?What properties ?How to protect Hoang V.Nguyen 5/1/2010 3
  • 4. Major problems and solutions  Confidentiality • E: PxK C such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) • D: CxK P  Integrity • You cannot protect • But you can detect  Trust • Make a belief to Alice and Bob  Others …. • …. Hoang V.Nguyen 5/1/2010 4
  • 5. Major problems and solutions R R C4  Confidentiality • E: PxK C DES S Elliptic Curve such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) blowfish IDEA A • D: CxK P  Integrity CMAC • You cannot protect Skien hash Family • But you can detect HMAC Digital signature  Trust • Make a belief to Alice and Bob Certificate Authority  Others …. • …. Hoang V.Nguyen 5/1/2010 5
  • 6. Why must care? User Developer Project manager Our jobs? Designer Tester Make security Consultant Coder Solution Consultant Maintainer Business analyst Hoang V.Nguyen 5/1/2010 6
  • 7. Security….  What • Theory • Solution/pattern • Design • System  How • Understand • Try to attack, and discover vulnerability • Fix Hoang V.Nguyen 5/1/2010 7
  • 8. Security…. Michael Howard & others Andy Oram & John Viega Michael Howard & others The Security Development Lifecycle by Michael Howard & Steve Lipner 2006 Hoang V.Nguyen 5/1/2010 8
  • 9. Q&A Hoang V.Nguyen 5/1/2010 9