Xem mẫu
5. Security Paradigms and Pervasive Trust Paradigm
Prof. Bharat Bhargava
Center for Education and Research in Information Assurance and Security (CERIAS) and
Department of Computer Sciences Purdue University
http://www.cs.purdue.edu/people/bb bb@cs.purdue.edu
Collaborators in the RAID Lab (http://raidlab.cs.purdue.edu): Prof. Leszek Lilien (former Post Doc) Dr. Yuhui Zhong (former Ph.D. Student)
This research is supported by CERIAS and NSF grants from IIS and ANIR.
1 --- 12/11/15 11:45 AM
Information hiding
Applications Privacy Negotiation Integrity Data provenance Access control Threats
Biometrics Semantic web security
Policymaking Computer epidemicrust Encryption
Data mining Anonymity Systemmonitoring Formal models
Vulnerabilities
2 --- 12/11/15 11:45 AM
Network security
[cf. Csilla Farkas, University of South Carolina]
Outline
How to use trust for authentication and authorization in open computing systems?
Old security paradigms (OSPs) Failures of OSPs
Example of enhancing OSP
Defining new security paradigms (NSPs) Challenges and requirements for NSPs
Review and examples of existing security paradigms New Paradigm: Pervasive Trust
3 --- 12/11/15 11:45 AM
Old Computer Security Paradigms
Information Fortress [Blakeley, NSPW’96] Walls (security perimeter, firewalls)
Guards and gates (access control) Passwords (passwords)
Fortress contents (computer system, confidential data)
Spies, saboteurs, and Trojan Horses (viruses, worms, Trojan horses)
CIA = Confidentiality, Integrity, and Availability
Originally misnamed “PIA” to avoid “CIA” [Greenwald, NSPW’98] with “P” for “Privacy” (but really meaning “Confidentiality”)
4 --- 12/11/15 11:45 AM
Failures of Old Security Paradigms (1)
Opinions of Dr. Bill Wulf
Pioneer in computer security
President of the National Academy of Engineering (U.S.A.)
Computer security made little progress between mid 70’s and mid 90’s
Why? (top 5 reasons)
Fatally flawed basic assumption of Perimeter Defense (PD)
Misconception that security flaws rise because of s/w bugs (not only!) PD cannot defend against legitimate insiders
PD can’t prevent DoS attacks (which don’t penetrate systems)
PD has never worked (not a single PD-based system that works)
5 --- 12/11/15 11:45 AM
...
- tailieumienphi.vn
nguon tai.lieu . vn