I recently started taking a course (CS 265 Cryptography & Computer Security) at SJSU as part of my part time masters. I intend to summarise what I learn each class at this tech blog.
Class 1:
1. CIA
Confidentiality - unauthorized access to data
Integrity - unauthorized data changes
Availability - as the name suggests (Denial of Service or DoS attacks)
2. Cryptography - authorization on a stand alone system
Cryptanalysis - breaking of secure systems
Access control - includes authentication and authorization
Protocols - authorization over a network
Software - buggy, complex => security concerns
3. ATM - Automatic Teller Machines
4. Two factor authentication => requires 2 out the 3 authentication methods
5. 3 authentication methods & examples:
what you know - passwords
what you have - smart cards
what you are - biometric authentication
6. war dialing - dialing many numbers serially to contact someone or to verify if your number exists
Class 1:
1. CIA
Confidentiality - unauthorized access to data
Integrity - unauthorized data changes
Availability - as the name suggests (Denial of Service or DoS attacks)
2. Cryptography - authorization on a stand alone system
Cryptanalysis - breaking of secure systems
Access control - includes authentication and authorization
Protocols - authorization over a network
Software - buggy, complex => security concerns
3. ATM - Automatic Teller Machines
4. Two factor authentication => requires 2 out the 3 authentication methods
5. 3 authentication methods & examples:
what you know - passwords
what you have - smart cards
what you are - biometric authentication
6. war dialing - dialing many numbers serially to contact someone or to verify if your number exists
No comments:
Post a Comment