DOC PREVIEW
WSU CSE 6362 - Lecture Notes

This preview shows page 1-2-3-19-20-39-40-41 out of 41 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 41 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Intelligent EnvironmentsSecurity and PrivacyMotivationTechniquesPhysical SecurityLaw Enforcement and PrivacyU.S. ConstitutionComputer Crime LawsPrivacy and Cyber-UtopiaWiretappingEffectiveness of WiretappingDigital Telephony StandardsDigital Telephony Standards: IssuesEncryptionPrivate-Key EncryptionData Encryption Standard (DES)Public-key EncryptionSlide 18Generating Public/Private Key PairsGovernment Encryption PolicyEscrowed Encryption StandardSlide 22ESS WiretappingEES IssuesAdvanced Encryption StandardCurrent IssuesPoints to RememberPrivacy Law ResourcesFirewallsIntrusion DetectionBiometricsFace RecognitionIris and Retinal BiometricsVein IDFingerprint and HandHandwritingVoiceSoftware SafetySlide 39Degree of AutonomySlide 41Intelligent Environments 1Intelligent EnvironmentsComputer Science and EngineeringUniversity of Texas at ArlingtonIntelligent Environments 2Security and PrivacyMotivationTechniquesIssuesIntelligent Environments 3MotivationPhysical securityData securityProtect sensory dataWireless eavesdroppinge-IntrusionLevels within environmentDegree of autonomyIntelligent Environments 4TechniquesPhysical securityLaw enforcementEncryptionFirewallsIntrusion detectionBiometricsSoftware safetyIntelligent Environments 5Physical SecurityIntrusion detectionVideo surveillanceMetal detectors, X-ray scannersMotion detectors, infrared netsGPS trackingAccess control (key, card, RFbadge, biometrics)Intelligent Environments 6Law Enforcement and PrivacyConflict between an individual’s right to privacy and the government’s need to invade privacy to uphold the lawComplicated by digital data, encryption and wireless communicationsIntelligent Environments 7U.S. ConstitutionFourth Amendment (abridged)The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.Fifth Amendment (abridged)No person shall be compelled in any criminal case to be a witness against himself.Intelligent Environments 8Computer Crime LawsTexas computer crimes lawwww.capitol.state.tx.us/statutes/pe/pe0003300toc.htmlIntelligent Environments 9Privacy and Cyber-UtopiaGlobal, seamless and secure e-commerceNew encryption standard requiredIndividual privacy preservedLaw enforcement surveillance possibleU.S. computer industry globally competitiveAbility of national governments to regulate the nation preservedIntelligent Environments 10WiretappingLaw enforcement eavesdropping on communication without informing the people who are communicatingU.S. Supreme Court Olmstead v. U.S. (1928): wiretaps did not require special authorization if no trespassing necessaryU.S. Supreme Court (1967): wiretaps, even of public phone booths, require prior judicial authorizationIntelligent Environments 11Effectiveness of WiretappingActivity since 1968 (EPIC)Each wiretap actually enabled monitoring many conversationsComputerization complicates wiretappingDigital dataComputer switchingOptical fiber transmissionNeed to know data structures, formats and algorithms used in communication systemsIntelligent Environments 12Digital Telephony Standards1994 mandate that communications systems equipment be designed to allow practical wiretapping by law enforcementIsolate the communications stream of an individual$500M allocated for conversionCommunications Assistance for Law Enforcement Act (CALEA)Intelligent Environments 13Digital Telephony Standards: IssuesMost effective way to fight crime?Increase government’s “big brother” power?Security problems?Hindering technological advance?Who pays for the cost?Effect on U.S. industry competitiveness?Mandated capabilities useful?Intelligent Environments 14EncryptionWiretapping encrypted digital communication of no useSolutionsBreak encryption schemeLegislate encryptionIntelligent Environments 15Private-Key EncryptionAlso called secret key or symmetricAlgorithm public; key privateEasy to break if number of possible keys is smallProblemsHow to securely distribute private keyEnsuring authenticity of messagesIntelligent Environments 16Data Encryption Standard (DES)Developed at IBM in 1977Private-key encryption56-bit key (256 = 72 x 1015 keys)Key chosen randomly for each messageApplies 56-bit key to each 64-bit block of dataMultiple passes for stronger encryptionTriple DES still in use (256+56+56 keys)Intelligent Environments 17Public-key EncryptionAlso called asymmetricEach person generates a public and private keyEverybody knows public keysOnly individual A need know their own private keyprivateA(publicA(M)) = MpublicA(privateA(M)) = MIntelligent Environments 18Public-key EncryptionDigital signaturesPerson A encrypts message M with their private key to get M’Person A encrypts M’ with B’s public key to get M’’, which is sent to BPerson B decrypts M’’ with private key to get M’Person B decrypts M’ with A’s public key to get M, but only if from ApublicA(privateB(publicB(privateA(M))) = MIntelligent Environments 19Generating Public/Private Key PairsRSA algorithm (patented)encryptA(M) = Me modulo ndecryptA(M) = Md modulo nPublic key = (e,n)Private key = (d,n)n = p*q, where p and q are large random primese and d chosen based on p and qSecurity rests on difficulty to factor product n of two large primesIntelligent Environments 20Government Encryption PolicyGovernment’s positionPublic-key encryption too difficult to wiretapLimit export of encryptionDesign own tap-able encryption schemeIndustry’s positionUse widely-accepted, strong encryption standardFreely export standardIntelligent Environments 21Escrowed Encryption StandardEES developed by U.S. government in 1993Skipjack algorithm implemented on the Clipper and Capstone chipsPrivate-key encryptionEach chip has an 80-bit unit key U, which is escrowed in two parts to two different agenciesChip also includes a 30-bit serial number and an 80-bit family key F common to all Clipper chipsIntelligent Environments 22Escrowed Encryption StandardTwo devices agree on an 80-bit session key K to communicateMessage is encrypted with key K and sentLaw-Enforcement Access Field (LEAF) appended to message, includingSession key K encrypted with


View Full Document

WSU CSE 6362 - Lecture Notes

Download Lecture Notes
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture Notes and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture Notes 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?