Transcript .ppt
CS 5150 Software Engineering Lecture 18 Security & Privacy Administrivia CS 5150 • Quiz 2 grading almost done • Milestone 3 in less than 2 weeks 2 SE in the News CS 5150 3 • Modeling Dynamic Aspects of Systems Interaction diagrams: set of objects and their relationships including messages that may be dispatched among them • CS 5150 Sequence diagrams: time ordering of messages 4 Interaction: Informal Bouncing Ball Diagrams CS 5150 5 UML Notation for Classes and Objects CS 5150 6 Notation: Active Class • CS 5150 An active class is a class whose objects own one or more processes or threads and therefore can initiate control activity. When instantiated, the class controls its own execution, rather than being invoked or activated by other objects. 7 Sequence Diagram: Painting Mechanism CS 5150 8 Core Security Technologies CS 5150 • Authentication and authorization • Firewalls • Encryption 9 Authentication and Authorization • Authentication establishes the identity of an agent: • • • • • What does the agent possess (e.g., smart card)? Where does the agent have physical access to (e.g., crt-alt-del)? What are the physical properties of the agent (e.g., fingerprint)? Authorization establishes what an authenticated agent may do: • • CS 5150 What does the agent know (e.g., password)? Access control lists Group membership 10 Firewalls CS 5150 11 Encryption • • • CS 5150 Allows data to be stored and transmitted securely, even when the bits are viewed by unauthorized agents and the algorithms are known. Private key and public key Digital signatures 12 Attack Model • • • • • • CS 5150 Rigorous security engineering must be based on an attack model Who is the expected attacker? Why are they interested in attacking the system? How do you expect them to attack the system? What are the consequences of a successful attack? In safety-critical systems, attack models should be part of the earliest phases of the 13 CWE Top-25 • CS 5150 http://cwe.mitre.org/top25/index.html 14