SlideShare una empresa de Scribd logo

IS Sumup

Hoang Nguyen
Hoang Nguyen
Tecnología
1 de 9
Descargar para leer sin conexión
INFORMATION SAFE SUMUP Hoang V.Nguyen
Agenda  What’s information safe.  Major problems and solutions.  Why must care.  Security ...  Q&A Hoang V.Nguyen 5/1/2010 2
What’s information safe  In some cases, some properties of information must be protected  Our tasks ?What properties ?How to protect Hoang V.Nguyen 5/1/2010 3
Major problems and solutions  Confidentiality • E: PxK C such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) • D: CxK P  Integrity • You cannot protect • But you can detect  Trust • Make a belief to Alice and Bob  Others …. • …. Hoang V.Nguyen 5/1/2010 4
Major problems and solutions R R C4  Confidentiality • E: PxK C DES S Elliptic Curve such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) blowfish IDEA A • D: CxK P  Integrity CMAC • You cannot protect Skien hash Family • But you can detect HMAC Digital signature  Trust • Make a belief to Alice and Bob Certificate Authority  Others …. • …. Hoang V.Nguyen 5/1/2010 5
Why must care? User Developer Project manager Our jobs? Designer Tester Make security Consultant Coder Solution Consultant Maintainer Business analyst Hoang V.Nguyen 5/1/2010 6
Security….  What • Theory • Solution/pattern • Design • System  How • Understand • Try to attack, and discover vulnerability • Fix Hoang V.Nguyen 5/1/2010 7
Security…. Michael Howard & others Andy Oram & John Viega Michael Howard & others The Security Development Lifecycle by Michael Howard & Steve Lipner 2006 Hoang V.Nguyen 5/1/2010 8
Q&A Hoang V.Nguyen 5/1/2010 9

Recomendados

Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0
Erin Knight
 
LCS Problem
LCS ProblemLCS Problem
LCS Problem
Hoang Nguyen
 
Processing XML
Processing XMLProcessing XML
Processing XML
Hoang Nguyen
 
XPath
XPathXPath
XPath
Hoang Nguyen
 
Testing in the lifecycle
Testing in the lifecycleTesting in the lifecycle
Testing in the lifecycle
Hoang Nguyen
 
XML Information set
XML Information setXML Information set
XML Information set
Hoang Nguyen
 
Introduction to XML Foundations Course
Introduction to XML Foundations CourseIntroduction to XML Foundations Course
Introduction to XML Foundations Course
Hoang Nguyen
 
Schema languages
Schema languagesSchema languages
Schema languages
Hoang Nguyen
 

Recomendados

Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0Badges101webinar mozilla slides_v1.0
Badges101webinar mozilla slides_v1.0
Erin Knight
 
LCS Problem
LCS ProblemLCS Problem
LCS Problem
Hoang Nguyen
 
Processing XML
Processing XMLProcessing XML
Processing XML
Hoang Nguyen
 
XPath
XPathXPath
XPath
Hoang Nguyen
 
Testing in the lifecycle
Testing in the lifecycleTesting in the lifecycle
Testing in the lifecycle
Hoang Nguyen
 
XML Information set
XML Information setXML Information set
XML Information set
Hoang Nguyen
 
Introduction to XML Foundations Course
Introduction to XML Foundations CourseIntroduction to XML Foundations Course
Introduction to XML Foundations Course
Hoang Nguyen
 
Schema languages
Schema languagesSchema languages
Schema languages
Hoang Nguyen
 
GANs and Applications
GANs and ApplicationsGANs and Applications
GANs and Applications
Hoang Nguyen
 
Scrum - An introduction
Scrum - An introductionScrum - An introduction
Scrum - An introduction
Hoang Nguyen
 
ORM in Django
ORM in DjangoORM in Django
ORM in Django
Hoang Nguyen
 
Introduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentIntroduction to Cross-platform App Development
Introduction to Cross-platform App Development
Hoang Nguyen
 
Conistency of random forests
Conistency of random forestsConistency of random forests
Conistency of random forests
Hoang Nguyen
 
Trust - Digital Signature
Trust - Digital SignatureTrust - Digital Signature
Trust - Digital Signature
Hoang Nguyen
 
Key Exchange
Key ExchangeKey Exchange
Key Exchange
Hoang Nguyen
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
Hoang Nguyen
 
Stream ciphers
Stream ciphersStream ciphers
Stream ciphers
Hoang Nguyen
 
Classical ciphers
Classical ciphersClassical ciphers
Classical ciphers
Hoang Nguyen
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
Hoang Nguyen
 
Information, Data and Decision Making
Information, Data and Decision MakingInformation, Data and Decision Making
Information, Data and Decision Making
Hoang Nguyen
 
Multiple processor systems
Multiple processor systemsMultiple processor systems
Multiple processor systems
Hoang Nguyen
 
Multiprocessor Systems
Multiprocessor SystemsMultiprocessor Systems
Multiprocessor Systems
Hoang Nguyen
 
Introduction to AOS course
Introduction to AOS courseIntroduction to AOS course
Introduction to AOS course
Hoang Nguyen
 
Background Knowledge
Background KnowledgeBackground Knowledge
Background Knowledge
Hoang Nguyen
 
Introduction to Information Security Course
Introduction to Information Security CourseIntroduction to Information Security Course
Introduction to Information Security Course
Hoang Nguyen
 
Introduction to CNS Course
Introduction to CNS CourseIntroduction to CNS Course
Introduction to CNS Course
Hoang Nguyen
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic Testing
Hoang Nguyen
 
Nosql intro
Nosql introNosql intro
Nosql intro
Hoang Nguyen
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Zilliz
 

Más contenido relacionado

Más de Hoang Nguyen

SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
Hoang Nguyen
 
Multiple processor systems
Multiple processor systemsMultiple processor systems
Multiple processor systems
Hoang Nguyen
 
Multiprocessor Systems
Multiprocessor SystemsMultiprocessor Systems
Multiprocessor Systems
Hoang Nguyen
 

Más de Hoang Nguyen (20)

GANs and Applications
GANs and ApplicationsGANs and Applications
GANs and Applications
 
Scrum - An introduction
Scrum - An introductionScrum - An introduction
Scrum - An introduction
 
ORM in Django
ORM in DjangoORM in Django
ORM in Django
 
Introduction to Cross-platform App Development
Introduction to Cross-platform App DevelopmentIntroduction to Cross-platform App Development
Introduction to Cross-platform App Development
 
Conistency of random forests
Conistency of random forestsConistency of random forests
Conistency of random forests
 
Trust - Digital Signature
Trust - Digital SignatureTrust - Digital Signature
Trust - Digital Signature
 
Key Exchange
Key ExchangeKey Exchange
Key Exchange
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
 
Stream ciphers
Stream ciphersStream ciphers
Stream ciphers
 
Classical ciphers
Classical ciphersClassical ciphers
Classical ciphers
 
Confidentiality
ConfidentialityConfidentiality
Confidentiality
 
Information, Data and Decision Making
Information, Data and Decision MakingInformation, Data and Decision Making
Information, Data and Decision Making
 
Multiple processor systems
Multiple processor systemsMultiple processor systems
Multiple processor systems
 
Multiprocessor Systems
Multiprocessor SystemsMultiprocessor Systems
Multiprocessor Systems
 
Introduction to AOS course
Introduction to AOS courseIntroduction to AOS course
Introduction to AOS course
 
Background Knowledge
Background KnowledgeBackground Knowledge
Background Knowledge
 
Introduction to Information Security Course
Introduction to Information Security CourseIntroduction to Information Security Course
Introduction to Information Security Course
 
Introduction to CNS Course
Introduction to CNS CourseIntroduction to CNS Course
Introduction to CNS Course
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic Testing
 
Nosql intro
Nosql introNosql intro
Nosql intro
 

Último

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 

IS Sumup

  • 1. INFORMATION SAFE SUMUP Hoang V.Nguyen
  • 2. Agenda  What’s information safe.  Major problems and solutions.  Why must care.  Security ...  Q&A Hoang V.Nguyen 5/1/2010 2
  • 3. What’s information safe  In some cases, some properties of information must be protected  Our tasks ?What properties ?How to protect Hoang V.Nguyen 5/1/2010 3
  • 4. Major problems and solutions  Confidentiality • E: PxK C such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) • D: CxK P  Integrity • You cannot protect • But you can detect  Trust • Make a belief to Alice and Bob  Others …. • …. Hoang V.Nguyen 5/1/2010 4
  • 5. Major problems and solutions R R C4  Confidentiality • E: PxK C DES S Elliptic Curve such that: if y=E(k,x) then: H(y)≥H(x) and maximize H(k) blowfish IDEA A • D: CxK P  Integrity CMAC • You cannot protect Skien hash Family • But you can detect HMAC Digital signature  Trust • Make a belief to Alice and Bob Certificate Authority  Others …. • …. Hoang V.Nguyen 5/1/2010 5
  • 6. Why must care? User Developer Project manager Our jobs? Designer Tester Make security Consultant Coder Solution Consultant Maintainer Business analyst Hoang V.Nguyen 5/1/2010 6
  • 7. Security….  What • Theory • Solution/pattern • Design • System  How • Understand • Try to attack, and discover vulnerability • Fix Hoang V.Nguyen 5/1/2010 7
  • 8. Security…. Michael Howard & others Andy Oram & John Viega Michael Howard & others The Security Development Lifecycle by Michael Howard & Steve Lipner 2006 Hoang V.Nguyen 5/1/2010 8
  • 9. Q&A Hoang V.Nguyen 5/1/2010 9