Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • 01 Overview

    Cargado por

    Đạt Trần
    8 vistas11 páginas

    Derechos de autor

    © Attribution Non-Commercial (BY-NC)

    Formatos disponibles

    PPT, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como PPT, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    8 vistas11 páginas

    01 Overview

    Cargado por

    Đạt Trần

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como PPT, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 11

    Chng 1: Tng quan

    Cc thnh phn c bn ca An ton BM HTTT Cc mi e da Chnh sch v k thut S tin cy Vn nghip v Vn con ngi
    Slide #1-1

    Cc thnh phn c bn
    Bo mt - Confidentiality
    Keeping data and resources hidden

    Ton vn - Integrity
    Data integrity (integrity) Origin integrity (authentication)

    Kh dng - Availability
    Enabling access to data and resources
    Slide #1-2

    Cc mi e da
    Tit l - Disclosure
    Snooping

    La o - Deception
    Modification, spoofing, repudiation of origin, denial of receipt

    Ph hoi - Disruption
    Modification

    Cp ot - Usurpation
    Modification, spoofing, delay, denial of service
    Slide #1-3

    Chnh sch v k thut


    Chnh sch cho bit ci g c php v khng c php trong h thng
    This defines security for the site/system/etc.

    K thut lm cho cc chnh sch tr nn c hiu lc Tng hp cc chnh sch


    If policies conflict, discrepancies may create security vulnerabilities
    Slide #1-4

    Mc tiu ca An ton BM
    Ngn chn - Prevention
    Prevent attackers from violating security policy

    Pht hin - Detection


    Detect attackers violation of security policy

    Phc hi - Recovery
    Stop attack, assess and repair damage Continue to function correctly even if attack succeeds
    Slide #1-5

    Cc loi k thut An ton BM

    secure

    precise

    broad

    set of reachable states

    set of secure states


    Slide #1-6

    Xy dng h thng tin cy


    c t - Specification
    Requirements analysis Statement of desired functionality

    Thit k - Design
    How system will meet specification

    Thc thi - Implementation


    Programs/systems that carry out design
    Slide #1-7

    Vn tc nghip
    Cost-Benefit Analysis
    Is it cheaper to prevent or recover?

    Risk Analysis
    Should we protect something? How much should we protect this thing?

    Laws and Customs


    Are desired security measures illegal? Will people do them?
    Slide #1-8

    Vn con ngi
    Organizational Problems
    Power and responsibility Financial benefits

    People problems
    Outsiders and insiders Social engineering

    Slide #1-9

    Gn kt cc vn
    Threats Policy Specification Design Implementation Operation
    Slide #1-10

    Key Points
    Policy defines security, and mechanisms enforce security
    Confidentiality Integrity Availability

    Trust and knowing assumptions Importance of assurance The human factor


    Slide #1-11

    También podría gustarte