Upload File

ssd: cryptography. learning outcomes after the scenario has been completed, you are expected to be...

  • Home
  • Documents
  • SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption
17
SSD: Cryptography

Upload: arnold-gordon

Post on 30-Dec-2015

217 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

SSD: Cryptography

Page 2: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Learning OutcomesAfter the scenario has been completed, you are expected to be able to:

Explain the relative strengths of encryption algorithms and the types of attack possibilities

Identify and justify the selection of appropriate encryption methods to secure stored sensitive

data

Explain good practices in relation to key management

Minimise the risk to an asset or product through the use of off-the-shelf encryption software

Explain the requirements for appropriate standards and practices

Page 3: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Global Company

70 Security Consultants

120,000 Employee

s

Page 4: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Regulatory Compliance

BusinessInformation

Systems

Information Technology

Legal

Information Security

FraudMarketing

and Branding

Telecommunication

Engineering

Accounts Finance

Wholesale Digital (Internet)

Retail in store

Telephone Sales

Company Hierarchy

EdgeWise Telecoms

Page 5: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

200 million customers

Current Customers

Page 6: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Lewis

Chief Operating Officer

Mobile Applications

Mobile applications to support…

£50,000,000

Drive the Brand into New MarketsSales of ProductsCustomer

Account Enquiry

Page 7: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Your Role

Identifying Security Tasks

Risk Identification

Providing General Advice and Guidance

Standards Adherence

Page 8: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

ISO/IEC 12207

Information Security Standards

ISO/IEC 27001

https://www.iso.org/obp/ui/#iso:std:iso-iec:12207:ed-2:v1:en
http://www.iso.org/iso/home/standards/management-standards/iso27001.htm
Page 9: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Why am I doing this quiz?

Quiz 1: The following quiz will test your knowledge of encryption and the related standards.

Quiz 1 Introduction

Page 10: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Quiz 1 Quiz

Click the Quiz button to edit this quiz

Page 11: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

CEO Interview

Click here for Video Transcript

Page 12: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Quiz 2: The following quiz will test your continued knowledge on encryption and standards.

Why am I doing this quiz?

Quiz 2 Introduction

Page 13: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Quiz 2 Quiz

Click the Quiz button to edit this quiz

Page 14: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Sensitive Data

CCVPasswords and codes (secrets)

Bank account name

Bank account sort

codeBank

account number

Card number (PAN)

Text messages sent by the customer

5 30

20 6

12 16

160

Page 15: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Task

Your task is to write a 2,500 word paper, providing advice, guidance and alternative solutions for the developer to follow whilst creating their mobile

applications.

The identification of which information should be encrypted and why

The identification of which information must not be stored

An evaluation of the suitability of the chosen encryption algorithm for the task and where applicable, suggest an alternative

An explanation of the attacks that could be leveraged against various cryptographic algorithms

Page 16: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

Task Continued

Your task is to write a paper, providing advice and guidance for the developer to follow while creating their mobile applications. (2500

words)

Identify the tasks required for the secure implementation of cryptography, including:

Key storageKey management (rotation, retirement).

Suggest alternatives to the developer writing the encryption routine (can this be done by an off the shelf product – for example Oracle or MS SQLServer – if so how?).

Page 17: SSD: Cryptography. Learning Outcomes After the scenario has been completed, you are expected to be able to: Explain the relative strengths of encryption

SummaryAfter the scenario has been completed, you are expected to be able to:

Explained the relative strengths of encryption algorithms and the types of attack possibilities

Identified and justified the selection of appropriate encryption methods to secure

stored sensitive data

Explained good practices in relation to key management

Minimised the risk to an asset or product through the use of off-the-shelf encryption

software

Explained the requirements for appropriate standards and practices


Classical Encryption Techniques in cryptography and network security

Applied Cryptography Spring 2015 DVD and CSS encryption

Cryptography and Network Security - Mustansiriyah …...Cryptography and Network Security Sixth Edition by William Stallings Chapter 5 Advanced Encryption Standard Advance Encryption

Cryptography Part IV: Encryption Modesmooney.gatech.edu/Courses/ECE3894/lectures/09CryptoIV.pdf · Cryptography Part IV: Encryption Modes Cryptographic Hardware for Embedded Systems

Cryptography - RSA Encryption Algorithm in a Nut Shell.pdf

Cryptography Basicsjhartog/CourseSecurity/materials/Slides/13-2-Crypto.pdf · 2 Contents Cryptography goals Encryption principles Encryption quality Public key cryptography Next week:

Neural Cryptography: From Symmetric Encryption to

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption

Cryptography Triple Data Encryption Standard (3DES) for

Cryptography and Network Security Lecture 02 …...Cryptography and Network Security Lecture 02 – Symmetric Encryption Ediz ŞAYKOL Symmetric Encryption •or conventional / private-key

Post-Quantum Cryptography: Lattice-based encryption

Cryptography PKI Encryption

TOTURIAL CRYPTOGRAPHY Ver :1. Things to learn about Concepts of encryption Cryptanalysis Symmetric encryption Asymmetric encryption Protocols

Introduction to Modern Cryptography Makeup Class Symmetric Encryption:

Introduction to Practical Cryptography Lecture 9 Searchable Encryption

RSA Encryption & Cryptography

Teaching Basic Cryptography Concepts Using Braille and ... · cryptography, how cryptography is used by everyone, a brief history of encryption, and various methods of encryption

Encryption & Cryptography Encryption & Cryptography (Chapter 11) Practicum: Dell Computer Corporation (Planning Materiality and Tolerable Misstatement)

Modern Cryptography New Directions in Cryptography W.Diffie & M.E.Hellman Probabilistic Encryption S.Goldwasser & S.Micali

CRYPTOGRAPHY SZABIST – Spring 2012. Cryptography This chapter presents the following: Cryptography/Encryption/Ciphers Public / Private Key Cryptosystems

Functional Encryption: Beyond Public Key Cryptography

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik

Biometric Encryption: Technology for Strong Authentication ...3 Biometrics and Cryptography Conventional cryptography uses encryption keys, which are just long bit strings, usually

Applied Cryptography Data Encryption Standard

GS: Chapter 3 Encryption, Authentication and Java Cryptography

Encryption & cryptography

Cryptography Readings Encryption, Decryption, & Digital Certificates

RSA Cryptography Public Key Encryption Algorithm

Encryption Post-Quantum Cryptography Infographic …...Title Encryption Post-Quantum Cryptography Infographic JP Author DigiCert.Inc Subject The history of cryptography is a cycle

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates

Conventional Cryptography Classical Encryption Techniques

802.11i Encryption Key Distribution Using Quantum Cryptography

CS 395T Formal Models of Cryptography: Symmetric Encryption

Cryptography and encryption

Cryptography Gerard Klonarides. What is cryptography? Symmetric Encryption Symmetric Encryption Asymmetric Encryption Asymmetric Encryption Other cryptography