CS 5150Software

EngineeringLecture 18

Security & Privacy

2CS 5150

Administrivia

• Quiz 2 grading almost done

• Milestone 3 in less than 2 weeks

3CS 5150

SE in the News

4CS 5150

Modeling Dynamic Aspects of Systems

• Interaction diagrams: set of objects and their relationships including messages that may be dispatched among them

• Sequence diagrams: time ordering of messages

5CS 5150

Interaction: Informal Bouncing Ball Diagrams

6CS 5150

UML Notation for Classes and Objects

7CS 5150

Notation: Active Class

• An active class is a class whose objects own one or more processes or threads and therefore can initiate control activity. When instantiated, the class controls its own execution, rather than being invoked or activated by other objects.

8CS 5150

Sequence Diagram: Painting Mechanism

9CS 5150

Core Security Technologies

• Authentication and authorization

• Firewalls

• Encryption

10

CS 5150

Authentication and Authorization

• Authentication establishes the identity of an agent:

• What does the agent know (e.g., password)?

• What does the agent possess (e.g., smart card)?

• Where does the agent have physical access to (e.g., crt-alt-del)?

• What are the physical properties of the agent (e.g., fingerprint)?

• Authorization establishes what an authenticated agent may do:

• Access control lists

• Group membership

11

CS 5150

Firewalls

12

CS 5150

Encryption

• Allows data to be stored and transmitted securely, even when the bits are viewed by unauthorized agents and the algorithms are known.

• Private key and public key

• Digital signatures

13

CS 5150

Attack Model

• Rigorous security engineering must be based on an attack model

• Who is the expected attacker?

• Why are they interested in attacking the system?

• How do you expect them to attack the system?

• What are the consequences of a successful attack?

• In safety-critical systems, attack models should be part of the earliest phases of the project

14

CS 5150

CWE Top-25

• http://cwe.mitre.org/top25/index.html