Mobile and Wireless Security Essentials

lm 2 information security essentials l.w
1 / 18
Embed
Share

"Explore the fundamentals of information security, wireless security, cryptography, and security principles in this comprehensive guide. Learn about key concepts such as CIA triad, symmetric and public key cryptography, threats to mobile and wireless networks, and more."

  • Security
  • Information
  • Wireless
  • Cryptography
  • Mobile
rayaanacharya
erued Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. LM 2. Information Security Essentials Dr. Lei Li

  2. Road Map Mobile Security Security Auditing & Risk Analysis WLAN Security Introduction Mobile Network Overview WLAN Overview Evolution of Wireless Network Cellular Network Security Infor. Security Essentials WLAN Threats & Vulnerabilities Mobile Security Threats WLAN Security WLAN Mobile Devices Security Security Tools 2

  3. Learning Outcomes After this module, a student will be able to: Define Information Security and Wireless Security Describe the five pillars of information security. Discuss defense in depth in information security Define the AAA of information security Describe the five principles Information security: CIA triad, Non- repudiation and Accountability. Explain the difference between symmetric key cryptography (SKC) and public key cryptography (PKC). Describe how integrity is achieved through hash function. Describe how digital signature works Discuss the threats category to wireless network/device Discuss inf0rmation security standards and regulatory compliances 3

  4. Information Security Preservation of confidentiality, integrity and availability of information. Note: In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved." (ISO/IEC 27000:2009) Wireless Security Specific to wireless networks and mobile devices Balanced approach among security, implementation efficiency, & employee productivity. 4

  5. 5 Security Principles Confidentiality Integrity Availability Non-repudiation Authentication 5

  6. Cryptography For confidentiality Symmetric-key cryptography Same key for encryption and decryption Simple and fast Two parties must exchange the key in a secure way beforehand 6

  7. Public Key Cryptography A pair of keys Public key available for public and other user may use it for encryption Private key only known to owner. Decrypt the message encoded using public key Solved the key exchange problem of SKC Strong security More computationally intensive 7

  8. Hybrid Cryptosystem Combine the benefit of SKC and PKC Use PKC for the key exchange Use SKC for the communication afterward 8

  9. Digital Signature Using PKC Private key for signing Public key for verification Applications Authentication Integrity Non-repudiation 9

  10. Integrity Threats to integrity Passive and active Hash function Mathematical function that converts a numerical input value into another compressed numerical value Minor changes in hash input will cause significant change in hash value 10

  11. 5 Pillars of Information Security Protection Detection Reaction Documentation Prevention 11

  12. Access Control - AAA Authentication Authorization Accounting 12

  13. Defense in Depth Physical controls Technical controls Administrative controls 13

  14. Defense in Depth https://www.slideshare.net/OTNArchbeat/rationalization-and-defense-in-depth-two-steps-closer-to-the-clouds 14

  15. Threats to Wireless Network System access Device control Data theft 15

  16. Information Security Standards ISO 27001, 27002 NIST ETSI CISQ 16

  17. Regulatory Compliance Sarbanes-Oxley Act GLBA HIPPA PCI-DSS. 17

  18. Reference Praphul Chandra, Bulletproof Wireless Security: GSM, UMTS, 802.11, and Ad Hoc Security, ELSEVIER, 2005. Jim Doherty, Wireless and Mobile Device Security, Jones & Bartlett Learning, 2016. https://en.wikipedia.org/wiki/Information_security https://en.wikipedia.org/wiki/Wireless_security http://cf.rims.org/Magazine/PrintTemplate.cfm?AID=2409 https://en.wikipedia.org/wiki/Defense_in_depth_(computing) http://searchsecurity.techtarget.com/definition/authentication-authorization-and-accounting https://www.usna.edu/CyberDept/sy110/lec/pillarsCybSec/lec.html SKC:http://www.webopedia.com/TERM/S/symmetric_key_cryptography.html AKC: https://en.wikipedia.org/wiki/Public-key_cryptography Hybrid cryptograph: https://en.wikipedia.org/wiki/Hybrid_cryptosystem https://www.tutorialspoint.com/cryptography/data_integrity_in_cryptography.htm https://en.wikipedia.org/wiki/Digital_signature https://en.wikipedia.org/wiki/Cyber_security_standards https://www.tcdi.com/information-security-compliance-which-regulations/ 18

Related


No related presentations.

More Related Content