博文

[SEC] Cryptography II

图片
Cryptography II Content Symmetric Encryption Block Ciphers SP-Networks The advanced Encryption Standard Modes of Operation Hash Functions The Birthday Paradox Message Authentication Codes Symmetric Ciphers Symmetric ciphers are divided into two categories: Stream cipher: each plaintext corresponds to one ciphertext Block cipher Block Ciphers Block ciphers use a key to encrypt a fixed-size block of plaintext into a fixed-size block of ciphertext If you’re careful, you can convert between block and stream ciphers using modes of operation SP-Networks Claude Shannon suggested that all that was required for a strong cipher was repeated substitution and permutation SP-Networks combine a substitution process with a permutation into a single round Rounds are then repeated enough times to ensure the algorithm is secure What does it mean by “permutation”? It means that the ciphertext can be translated back to plaintext Substitution Boxes - Add confusion by re

[SEC] Cryptography I

图片
Cryptography I Content What is encryption? Primitive types Historic ciphers The One Time Pad Stream Ciphers Cryptanalysis(密码分析学,密码翻译法) Encryption Encryption: We encode a message such that only authorised users may read it Cipher: takes a string of plaintext, and converts it into a string of ciphertext Encryption can provide: Confidentiality Integrity Authenticity Notation A cipher converts a plaintext message M into a ciphertext C under the control of a key K C is not a secret, but without knowledge of the key, it should be impossible to reconstruct M Comes in two forms: Symmetric- same key for encryption/decryption Asymmetric- separate keys The Caesar Cipher An early substitution cipher , we replace each letter of plaintext with a shifted letter further down the alphabet Vulnerable to frequency analysis Frequency Analysis The frequency of occurrences of each character are very consistent across the same language The longer the ciphertext, the e

[SEC] Foundations of Security

图片
Computer Security - Foundations of Security Content What is Computer Security Managing security Security vs Ease of use Data vs Information Principles of Computer Security Design What is Computer Security Security is about the protection of assets Prevention: Preventing access and damage to assets Detection: Steps to detect the access or damage of assets Recovery: Measures allowing us to recover from asset damage Assets could be physical or simply information Historic Computer Security Historically systems have been built to serve single users Often only a few highly trusted users were permitted to access a system Mistakes still a concern Current multi-user systems have totally different security concerns Modern Computer Security Possibly thousands of users Distributed over wide networks Not all users are inherently trustworthy More and more things are moving electronic Require protocols to manage them Managing Security Within organisations, manage

[PEC] Accountability in Computing

图片
Accountability in Computing Content Importance of Accountability To define accountability and explain its importance for morality, ethics and professionalism Barriers for and maintenance of accountability To explain some of the perceived barriers for accountability in software development To reflect and take a stance about maintaining accountability in software development Moral Responsibility in Computing To explain proposed criteria and rules for moral responsibility in computing To reflect on the perceptions(by other disciplines)of moral responsibility in computing What is accountability? Accountability is answerability, i.e., a state of being compelled to or called to account for one’s action. A is accountable to B when A is obliged to inform B about A’s (past or future) actions and decisions, to justify them, and to suffer punishment in the case of eventual misconduct. Why is accountability important? Issue: We have improved standards of reliability for comp

[PEC] Ethics for Safety and Reliability

图片
Ethics for Safety and Reliability Content Failure of Computing Systems To reflect on the effect of computer systems failure on people To compare various causes of software failure in the past To identify potential causes of software system failure Ethics and Software Vulnerability To define fundamental concepts about software safety and reliability To determine attributes of dependable software To explain role of software development practice in producing dependable software To explain the concept of machine ethics To reflect on ethics and moral responsibility in respect of software development How and why do computer systems fail? Computers are only as good as we humans make them. Computing system errors stem from(起源于) human errors Errors are typically traceable but moral and legal responsibility is not always easy to establish Causes of Failure in Computing Systems Hardware errors Software errors Solving the wrong problem Misuse of the system Human communi

[PEC] Cyber-behaviour and Ethics

图片
Cyber-behaviour and Ethics Content Some forms of Cyber-crime To discuss the assumptions of legitimate and illegitimate use of computers systems. To describe some forms of cyber-crime and cyber behaviour Hackers and Online Deception(骗局) To reflect on the contentious(有异议的) issues arising in some forms of cyber-behaviour To reflect on the moral and ethical implications of some forms of cyber-behaviour Cyber-behaviour, Self-concept and Crowdwork To describe the role of the self-concept in relation to cyber-behaviour To describe some of the concerns in relation to cyber-behaviour What online activities are considered criminal activities? Cyber-crime and cyber-assisted crime are done or facilitated by individuals skilled in IT and computing. Such individuals do not follow the code of ethics conduct. Cyber-crime vs. Cyber-related Crime Cyber-crime: Cyber-piracy Cyber-trespass(网络侵权) Cyber-vandalism(故意破坏) True Cyber-crime can be carried out only through the use of

[PEC] Intellectual and Intangible Property

Intellectual and Intangible Property(知识产权与无形财产) Content Protecting Intellectual and Intangible Property To explain aim and value of intellectual property protection Trademarks, Copyright, Patents To explain the scope of trademarks, copyright and patents for intellectual property protection To explain key concepts such as limitation on rights, fair use and infringement IP Protection of Software To discuss the applicability of various intellectual property protection mechanisms for computer software What is intellectual and intangible property? Products of creativity and invention Intellectual property is any unique product of the human intellect that has commercial value Issue: Computing technologies and the Internet Give rise to new types of intellectual properties Affect the use and protection of intellectual properties Intellectual property(IP) protection The purpose of intellectual property law is to ensure that people profit from ideas after the idea is kn