terms
SHA-1
(was vulnerable to attacks) Produces a 160-bit hash value and is used in DSS
SAML (Security Assertion Markup Language)
* assertion & authorization (communicates between authentication and service) An XML-based data format used to exchange authentication information between a client and a service. 1. auth statement 2. attribute statement 3. authorization decision statement== subject S allowed to use R based on E (compatible w XACML)
Good Hash Function qualities:
1. Must be deterministic: -> Key must ALWAYS generate the same Hash Index (excluding rehashing). 2. Must achieve uniformity -> Keys should be distributed evenly across hash table. 3. FAST/EASY to compute -> only use parts of the key that DISTINGUISH THE ITEMS FROM EACH OTHER 4. Minimize collisions:
TLS Handshake
1. cryptographic negotiation (be ware of version rollback attack) 2. server shows certificate, check w CA 3. key negotiation--> client sends a nonce, hashes it to get a shared symmetric key
Product Life Cycle (PLC)
1. requirements & design- data requirements and risks 2. Engineering- is dev compliant w design?? 3. Maintenance- data subject requests 4. product phase out- data disposald
Advanced Encryption Standard (AES)
A block cipher created in the late 1990s that uses a 128-bit block size and a 128-, 192-, or 256-bit key size. Practically uncrackable.REPLACE DES
DevSecOps (Development, Security and Operations)
A combination of software development, security operations, and systems operations by integrating each discipline with the others
man-in-the-middle attack
A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
Privacy Policy
A legal document that an app or website must provide and that describes what user information they collect and how they use it (INTERNAL, strict w employees)
Certificate Revocation List (CRL)
A list of certificate serial numbers that have been revoked not expired
dictionary attack
A password attack that creates encrypted versions of common dictionary words and compares them against those in a stolen password file.
Cipher Block Chaining (CBC)
A process in which each block of unencrypted text is XORed with the block of cipher text immediately preceding it before it is encrypted using the DES algorithm.
SSO (Single Sign-On)
A session/user authentication process that permits a user to enter one name and password in order to access multiple applications.
IPSec (Internet Protocol Security)
A set of open, non-proprietary standards that you can use to secure data as it travels across the network or the Internet through data authentication and encryption.
Message Authentication Code (MAC)
A small block of data that is generated using a secret key and then appended to the message.
Message Digest
A small representation of a larger message using HASH. Message digests are used to ensure the authentication and integrity of information, not the confidentiality. (without having to encrypt entire thing)
XACML (Extensible Access Control Markup Language)
A standard that defines a declarative fine-grained, attribute-based access control policy language; an architecture; and a processing model describing how to evaluate access requests according to the rules defined in policies. access for enterprise resource language (xml)
Data Leak Prevention (DLP)
A suite of technologies aimed at stemming the loss of sensitive information that occurs in the enterprise. ALERTS EMPLOYEES!!!
threat modeling
A way of prioritizing threats to an application.
Privacy Notice
A written explanation of how the company handles and shares your personal financial information.
VPN
Allows a secure private connection over a public network, using an encrypted 'tunnel'. For example, a remote computer can securely connect to a LAN, as though it were physically connected.
Data Link Layer
An OSI layer responsible for error-free transfer of data packets between nodes on the network.
pseudorandom number generator (PRNG)
An algorithm for creating a sequence of numbers whose properties approximate those of a random number.
Replay Attack
An attack where the data is captured and replayed. Attackers typically modify data before replaying it A type of network attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network.
stream cipher
An encryption method that encrypts data as a stream of bits or bytes. Compare with block cipher.
Block Cipher
An encryption method that encrypts data in fixed-sized blocks. Compare with stream cipher.
certificate path
An enumeration of the chain of trust from one certificate to another tracing back to a trusted root. (trusted anchor ---> target user). back or forward traverses multiple CAs should be validated
Data Processor
An individual or organization, often a third-party outsourcing service, that processes data on behalf of the data controller.
OpenID
An open standard and decentralized protocol that is used to authenticate users in a federated identity management system
computer Trojan Horse
Any malicious computer program which misleads users of its true intent. The term is derived from the Ancient Greek story of the deceptive wooden horse that led to the fall of the city of Troy. (SEEMS LIKE LEGIT)
CCPA (California Consumer Privacy Act)
Articles outlined are largely inspired by GDPR, and also outline the legal action a consumer can take in the case of a breach of their private data. allows residents to know all their personal info being collected be able to access that info know if it is disclosed and to whom know if it is sold (right to say no), disclosure receive equal prices whether exercising privacy rights or not applies on all sectors takes effect 1/1/20 NOW CALLED CPRA
offline attack
Attacker is using password-cracking tools against a stolen password file; database stolen, bad guys have access to to passwords --> you should hash your passwords!
RBAC (decentralized trust)
Bank has to be able to specify who can issue these credentials (trust relationship/delegation) - e.g. HumanResources
Public Key Certificate
Consists of a public key plus a user ID of the key owner, CA, with the whole block signed by CA
PKI complexities (user requests service)
Decentralized Trust Mgmt: Complexity of PKI Steps involved in processing a request to access an application by a certificate holder, when using PKI: 1. Obtain requester certificate, verify signatures on certif and applic request, determine public key of original signer 2. Check that certificates are unrevoked 3. Look for trust path 4. Extract names from certificates 5. Lookup names in DB to check if allowed to perform requested action 6. Determine whether action is legal based on names and chain of policies 7. Execute requested action - if everything is OK Observation: Steps 5 and 6 are application-specific: PKI does not explicitly help with this * lack of interoperability
3D's
Detection (alerts, logs), Deterrence (policies, cameras, access control), Defense(firewalls, asset protect, backup) --> what's missing?
Elliptic Curve Cryptography (ECC)
ECC is considered more secure than RSA, because RSA is based on factoring large numbers, a problem that computers have solved. In contrast, elliptic curve cryptography is based on the discrete logarithm problem, which is much harder to solve. It's been proven that even with today's technology, it would take longer than the universe's age to reverse engineer a key that's been generated using ECC. Elliptic Curve Discrete Logarithm Problem (ECDLP), which states that it is hard to solve for x if we know y = g^x mod p where g is some known integer and p is prime.
Privacy engineering
Encompasses how privacy values and principles are applied in technology systems and programs while recognizing and maintaining security levels to mitigate risk. It brings the complementary perspectives and practices of software engineers and privacy professionals together. works with PM, requires the softwskilss
Decentralized Trust Management
FLEXIBLE (app independent) Use local trust management engines that can evaluate requests based on: Certificates and description of local policy both expressed in the same language Deferring/Delegating trust to third parties 1. Obtain certificates, verify signatures on certif andapplic request, determine public key of original signer 2. Check that certificates are unrevoked 3. Submit request, certificates and description of local policy to local "trust management engine"4. Proceed if approved
Data minimization
In data protection, the principle that only necessary and sufficient personal information can be collected and processed for the stated purpose. 1. featurization 2. sanitzation 3. pseudonympization 4. anonymizaiton 5. aggreagation 6. add noise
PII (Personally Identifiable Information)
Information about an individual that can be used to uniquely identify them (directly or indirectly), locate, or contact
Rainbow tables
Large pregenerated data sets of encrypted passwords used in password attacks.
web-of-trust model
Makes every one an authority. alternative to PKI.
ADFS (active directory federation services)
Manages authentication through a proxy service hosted between ad and the target application using a federated trust to provide an SSO solution. Local token to get access to all modules
RSA Encryption
Named after inventors Rivest, Shamir, and Adelman, RSA is a system for encrypting and decrypting a message using a pair of keys, both of which contain the product of two prime numbers. From Alice to Bob: 1. Looks up Bob's public key 2. Convert the message into an integer: m 3. Compute the ciphertext c as: c = m^e (mod n) 4. Send c to Bob
Data Encryption Standard (DES)
One of the first widely popular symmetric cryptography algorithms. No longer considered secure. A symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks.
Privacy by Design
Privacy by Design is a framework that emphasizes integrating privacy into technology and practices from the start. It comprises seven principles: Proactive, Not Reactive: Prevent privacy issues before they occur. Privacy as the Default Setting: Make privacy the automatic choice, requiring no action from individuals. Privacy Embedded into Design: Incorporate privacy as a core feature in product development. Full Functionality - Positive-Sum: Balance all interests without unnecessary trade-offs. End-to-End Security: Ensure strong security throughout the data lifecycle. Visibility and Transparency: Maintain transparency and verification of practices. User-Centric: Prioritize user interests with strong defaults and user-friendly options.
Key Replacement
Process of issuing new keys to valid users; if key expires; might be needed later so better to ARCHIVE
computer Worms
Programs that attack computer networks (or the Internet) by self-replicating and sending themselves to other users, generally via email without the aid of the operator.
Information Security
Protecting an organization's information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
GDPR (General Data Protection Regulation)
Provisions and requirements protecting the personal data of European Union (EU) citizens. Transfers of personal data outside the EU Single Market are restricted unless protected by like-for-like regulations, such as the US's Privacy Shield requirements. -always requires consent -not sectoral - SINGLE MARKET= any of 27 countries it works, helps do business - privacy by design= protect first, consent, informed
sim based authentication
SIM Card: Each mobile device is associated with a SIM card, which contains a unique International Mobile Subscriber Identity (IMSI) and a secret key (Ki). The SIM card stores this information securely. Authentication Request: When a mobile device attempts to connect to a mobile network, it sends an authentication request to the network. Challenge-Response: The network responds with a random challenge, often called RAND, and the mobile device uses its secret key (Ki) to compute a response (SRES). Authentication: The mobile device sends the computed SRES back to the network. Network Verification: The network, which also has access to the secret key (Ki) associated with the SIM card, computes its own SRES using the RAND and Ki. It compares its calculated SRES with the SRES received from the mobile device. Authentication Success or Failure: If the SRES values match, the network considers the mobile device authenticated and allows it to connect to the network. If there is a mismatch, the authentication fails, and network access is denied.
STRIDE Model
STRIDE is a threat model while DREAD is a risk assessment model. STRIDE stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of service, Elevation of privilege.
3DES (Triple DES)
Symmetric Key Algorithm, Applies DES three times, 168-bit key (+24 for parity)
Public Key Infrastructure (PKI)
System ,tools, policy for creating public and private keys using a certificate authority (CA) and digital certificates for authentication.
Network Layer
The OSI layer that addresses data packets, routes the packets from a source to a destination through the network, and ensures the delivery of those packets.
Key Management
The generation, storage, distribution, deletion, archiving, and application of keys in accordance with a security policy.
Data Controller
The person in charge of the data in an organisation.
certificate management
The practice of issuing, updating, and revoking digital certificates.
Cryptoanalysis
The process of obtaining the plaintext message from a ciphertext message without knowing the keys used to perform the encryption. CAN LOOK AT A LOT OF CIPHERTEXT AND ANALYZE
De-identification
The process of removing identifying information from data sets in order to assure the anonymity of individuals. (identifiable ---> complete anonymous)
Needham-Schroeder Protocol
The protocol is a shared-key authentication protocol designed to generate and propagate a session key, i.e., a shared key for subsequent symmetrically encrypted communication. The protocol also uses nonces. If a nonce is generated and sent by A in one step and returned by B in a later step, A knows that B's message is fresh and not a replay from an earlier exchange. know steps! how is it susceptible to MiM how can it be fixed
Dark Patterns
Website design features intended to trick users into consenting things they might not want to do, but which benefit the business in question
differential privacy
a method of protecting data that adds enough statistical noise to a published table or statistic so that no individual can be recognized in the data, thus protecting the privacy of every respondent
Electronic Codebook (ECB) mode
a mode of operation that divides plaintext into blocks and then encrypt each block using the same key. SIMPLISTIC!!!!
Salt passwords
a random piece of data is added to the password before it runs through the hashing algorithm, making it unique and harder to crack. When using both hashing and salting, even if two users choose the same password, salting adds random characters to each password when the users enter them. diff salts per user
Diffie-Hellman key exchange
a security algorithm with only one private key that is used by both client and server i.e the key is shared by both client and user. Diffie- Hellman uses exponential methods for the generation of keys. x, y chosen private a^xmodp, a^ymodp NOW we get: a^xymodp as secret
computer Virus
a software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer (user)
PGP (Pretty Good Privacy)
an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications
OAuth
an open-standard authorization protocol or framework that provides applications the ability for "secure designated access." For example, you can tell Facebook that it's OK for ESPN.com to access your profile or post updates to your timeline without having to give ESPN your Facebook password. Users hand out tokens for their data on their services (constraints are imposed)- can have some potential abuse with data mining
good crypto system
cannot get plaintext from ciphertext without decryption key
8 FIPP for GDPR
collection limitation, data quality, purpose specification, use limitation, security safeguard, oppenness, individual participation (challenge it), accountability
Security Layers
data link, network, transport, application
Anonymous information
demographic and behavioral information that does not include any personal identifiers
Digital signature requirement
different messages have different signatures
protect against replays
hash your passwords, generate OTP with a Nonce, use timestamp, OTP use it n times, digital signature (WITH time stamp/nonce)
augmented password login
identify picture after u get your id to validate that u are on the right sight, but not usable because ppl forget what if cookies get intercepted
Data Flow Diagram (DFD)
illustrates the movement of information between external entities and the processes and data stores within the system (entity, data store, data flow, process)
Perfect Cryptosystem
knowing protocol but cannot break system
LINDDUN
linkability, identifiability, non-repudiation, detectability (detect that u are part of some other system), disclosure of information (adversary), unawareness, non-compliance (not following lawS) USES DATA FLOW DIAGRAMS (DFD) , THEN CREATE LINDDUN TABLE FOR EACH COMPONENT IN DFD, then CREATE LINDDUN TREE non-repudiation--> subject not able to deny a claim ab a request (BUT THEY SHOULD BE ABLE TO !!)-- opposite than security
Ransomware
malware that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid // malware designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a ransom payment for the decryption key, cyberattackers place organizations in a position where paying the ransom is the easiest and cheapest way to regain access to their files.
Crypto Hash Function
map large messages to smaller # bits
Types of threats
masquerade, system penetration, ransomware, planting (trojan horse, virus, worms)
Fair Information Practice Principles (FIPP)
notice/awareness, choice/consent, access/participation, security, enforcement/redress
Limits of notice and consent
ppl dont read it, understand it, underspecified, dark patterns
zero knowledge proof
prove knowledge of a fact to a third party without revealing the fact itself; ask you to prove it MANY times to ensure reliability eg: using graph isomorphism-- one to one mapping between graphs in practice: have G1 & G2, ALICE permute G1 as H, ask BOB to prove H is isomorphic to G1 or G2 , repeat n times
Application Layer
provides a wide variety of applications with the ability to access the services of the lower layers
two-factor authentication
requires the user to provide two means of authentication, what the user knows (password) and what the user has (security /personal token)
Chief Privacy Officer (CPO) / data protection officer
responsible for ensuring that the company complies with existing data privacy laws; governance, data inventory, privacy policies, trainings, security, contracts, breaches
Transport Layer
responsible for providing communication with the application by acknowledging and sequencing the packets to and from the application
TLS/SSL (Transport Layer Security and Secure Sockets Layer)
secure channel that aims to authenticate the SERVER primarily, record=how data transmits handshake=crypto parameters, algorithms, MAC alert=manage exception
RSA Symmetric Key Transport
sender chose symmetric key and encrypts w receivers priv, encrypts message w symmetric, sends both now, receiver decrypts symmetric key first then the message
TCP/IP (Transmission Control Protocol/Internet Protocol)
suite of communication protocols used to interconnect network devices on the internet. how data is exchanged over the internet by providing end-to-end communications that identify how it should be broken into packets, addressed, transmitted, routed and received at the destination. TCP/IP requires little central management and is designed to make networks reliable with the ability to recover automatically from the failure of any device on the network. originally not designed for security; Now standard is IPSec
Authenticated Key Exchange
the exchange of session key in a key exchange protocol which also authenticates the identities of parties involved in key exchange. Transport Layer Security integral to securing HTTP connections is perhaps the most widely deployed AKE protocol
Biometrics
the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting very usable, ppl dont like setting it up tho, but some downsides is that it is compromisable?, not entirely unique
Kerberos
uses symmetric key encryption to validate an individual user to various network resources. a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client-server model, and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
public key cryptography
uses two keys: A public key the sender uses to create encrypted messages, and a mathematically-related private key that the receiver can use to decrypt messages encrypted by that public key.
assymetric vs symmetric
•Asymmetric Cryptography is slower than Symmetric BUT MORE SCALABLE • Asymmetric crypto often isn't suitable for encrypting large amounts of data or even multiple blocks • Asymmetric crypto is often used together with Symmetric crypto as a way of exchanging a joint secret key Secret key SK • CipherText := Encrypt(SK, message) • message := Decrypt(SK, CipherText ) • PublicKey, PrivateKey • CipherText := Encrypt(PublicKey, message) • message := Decrypt(PrivateKey, CipherText )