Beruflich Dokumente
Kultur Dokumente
1. Announcements
Announcements
HW 3 due today
1. 2. 3. 4. John the Ripper Recuva Eraser Secunia
Announcements
Reading assignment: To Track or Do Not Track by Tene and Polonetsky, Aug 2011
Read pages 1-14 Article is posted in Week 7 folder on D2L This article will be helpful for:
1. Extra credit assignment 2. Quiz #3 3. Group project
The browser security assignment that was listed in the course schedule will be a group assignment
There is one remaining individual assignment (HW 5) that will be assigned next week
4
Announcements
Announcements
Extra credit assignment will be emailed later this week Quiz #2 review.
Identifiable data
Non-PII, but when aggregated or combined with other data could lead to the identification of an individual In other words, Non-PII can be transformed into PII
7
Data Re-Identification
De-identification of data occurs when personally identifiable information is stripped from a dataset in order to make the data anonymous Re-identification = linking de-identified data to identified data Re-identification of data occurs when a third party joins anonymized data with a small amount of auxiliary data from another database and de-anonymizes the data (Porter
2008)
Data Aggregation
Facebook data set: Name: Billy Doe Age: 13 Location: I live in Washington, DC Narrative: I love to build things with Legos. I love Snickers bars. I recently saw the Batman movie and thought it was the coolest movie ever!
87%
of the population:
1. Birth date
Data typically considered non-PII Generally not considered embarrassing or sensitive Available via census data
11
Latanya Sweeney (2000)
2. Zip code
3. Gender
In the 1970s, the US Census Bureau began selling census data The data only contained addresses, not names How were marketing companies able to identify individuals?
1. Telephone lists
12
http://www.youtube.com/watch?v=sqjTyN8-q2w
http://www.cnn.com/2009/US/07/10/social.security.number s/index.html?iref=allsearch
Data Aggregation
14
Anonymity Myth (1 of 2)
The anonymity myth refers to the incorrect assumption that a person remains anonymous (i.e., is not identifiable) while on the web, as long as he/she does not use his/her name The anonymity myth stems from a mistaken conflation between momentary anonymity and actual untraceability
15
Anonymity Myth (2 of 2)
What is the key piece of information that enables traceability of ones actions once connected to the internet? The IP address is a unique identifier that is assigned to every computer connected to the Internet. Due to the shift from dynamic IP addresses for dial-up connections to static IP addresses for broadband connections, ISPs now have logs (that could span years) that link IP addresses with particular computers and, in many cases, eventually to specific users.
Only 5% of Americans still use dial-up (Pew Research Center 2010)
16
IP Address
Host name
Geographic location A map
17
18
Data Encryption
19
Data Encryption
Data Encryption
Encryption is the process of converting an original message into a form that is unreadable (aka ciphertext). Decryption is the process of converting the ciphertext message back into plaintext so that it is readable.
21
Data Encryption
b) Folder/file encryption
c) Database encryption
22
23
If user has logged in and leaves computer unattended (e.g., in a coffee shop), an unauthorized user can access data
26
Recovery methods:
1. Local self-recovery (users customizable pre-defined questions) 2. Recovery Token (one-time use) 3. Administrator key stored on a token or smart card
If someone reports a lost or stolen PC, what are some questions that need to be asked?
Was the user logged on to the system? If so, was user logged on to network? If so, what data does user have access to?
Layered Security
An example of layered security (aka defense-indepth) for protecting data stored on hard disks:
If data on an encrypted hard disk is vulnerable after user logs on, what additional layer of security can be added to encrypt sensitive data on a hard disk?
29
From HW 3:
what is an example of a file encryption tool?
30
5. TrueCrypt
Free open-source encryption for Windows, Mac, Linux
http://www.truecrypt.org/
6. IronKey
Demo for flash drive encryption (also note key mgmt app):
https://www.ironkey.com/demo-enterprise
31
SWF Encrypt
Encrypt Adobe Flash SWF files: http://www.amayeta.com/software/swfencrypt/
32
Database Encryption
35
Source: NetLib Encryptionizer, http://www.netlib.com/how-it-works.asp
36
Source: NetLib Encryptionizer, http://www.netlib.com/how-it-works.asp
37
Source: NetLib Encryptionizer, http://www.netlib.com/how-it-works.asp
Enables more granular encryption by allowing a group of users to only access part of table, while encrypting other parts (e.g., employee table containing
address book info + personal info)
API enables customized programs to be written that control who, when, where, how data is accessed
39
Source: NetLib, http://www.netlib.com/column-vs-database.asp
Performance may be significantly degraded for complex database queries on encrypted columns
(e.g., LastName begins with S, Salary between $50,000 and $60,000)
Cannot protect the intellectual property of the database (e.g., schema, views)
40 Source: NetLib, http://www.netlib.com/column-vs-database.asp
Data Encryption
2. Key
Is the parameter used in the algorithm that determines how data will be transformed from plaintext to cyphertext Is kept secret Is a very large number that should be impossible to 42 guess
Key management is becoming increasingly challenging as more encryption software is added to the storage infrastructure due to increase in # of keys
43
Encryption key management involves the creation, secure storage, handling, and deletion of encryption keys
i.e., managing the key lifecycle
45
These systems are typically unable to manage keys from disparate storage systems
Key mgmt standards are currently being developed
1) Key Management Interoperability Protocol (KMIP) 2) IEEE P1619.3 (for stored data)
46
Cath Everett 2010
Policies and procedures come first, and then automated tools are used to enforce them. Some key management policies:
1. 2. 3. 4. Which group(s) should manage keys? How often should keys be changed? Level of key granularity (i.e., different key per ___) Segregation of duties
47
48
Where to manage and store keys Hardware-based solutions store encryption keys on an appliance, offering a centralized location. Software-based encryption products store encryption keys on the servers where the encrypted data is locateda distributed approach to key storage although some software vendors offer an optional appliance for key storage.
Centralized storage offers an easy target for attack, but distributed storage is only as good as the most recent security patch on your server. 49
http://www.sqlmag.com/article/encryption2/database-encryption-solutions.aspx
How should keys be managed? (where stored, how many, accessible by whom)
What trade-offs are users willing to make for performance vs. protection?
50
Data Encryption
51
Most B2C transactions are only secure from the consumer to the merchant, since the consumer likely does not have a private key
53
54
Source: http://www.networksorcery.com/enp/data/encryption.htm
55
Source: http://www.networksorcery.com/enp/data/encryption.htm
57
58
Digital signature
Since a private key is only known by the one party, it can be used as a digital signature RSA method used for private (secret) key A certification agency must issue the keys in the form of a digital certificate containing:
a) Users name b) Users public key c) Digital signature of the certificate issuer
The digital certificate can be attached to a message to verify the identity of the sender
59
Researchers demonstrated a concise and efficient procedure for learning the secret keys given just this crude information about the memory access patterns.
60