192.019 Introduction to Security

1. Computer Security
   • Concepts
     • Confidentiality (Security)
     • Integrity (Security)
       • Data Integrity
       • System Integrity
     • Availability
       • Data Availability
       • System Availability
     • Authenticity
     • Accountability
     • Non-repudiation
   • Security properties are undecidable
   • Threat
     • Internal Threat
     • External Threat
   • Attack
     • Passive Attack
     • Active Attack
     • Brute-force Attack
   • Ethical Hacking
     • CVE
     • CVSS
   • Principles
     • Keep it simple stupid
     • Open Design
     • Compartmentalisation
     • Minimum Exposure
     • Least Privilege
     • Minimum Trust
     • Maximum Trustworthiness
     • Fail-Safe Defaults
     • Complete Mediation
     • Defense in Depth
     • Traceability
     • Secure Secrets
     • Usability
2. Symmetric Cryptography
   • Cipher
     • Substitution Cipher
       • Monoalphabetic Cipher
       • Polyalphabetic Cipher
       • Example: Caesar’s Cipher
     • Transposition Cipher
       • Columnar Transposition
     • Block Cipher
       • Mode of Operation
         • Electronic Codebook Mode
         • Cipher Block Chaining Mode
         • Counter Mode
     • Stream Cipher
       • RC4
     • Product Cipher
       • AES
   • Symmetric Encryption Scheme
     • Correct Symmetric Encryption Scheme
   • Perfect Secrecy
     • One-Time-Pad
   • Confusion vs. Diffusion
   • Malleable Encryption Algorithm
   • Padding Algorithm
     • [[Knowledge/Public-Key Cryptography Standards Number 7|PKCS#7]]
   • Hash Function
     • Weak Collision Resistance
     • Strong Collision Resistance
     • Near-Collisions Resistance
   • Digital Signature
   • Message Authentication Code:
     • Hash-based Message Authentication Code
     • Block-Cipher-based Message Authentication Code
   • Encrypt-then-MAC
   • MAC-then-Encrypt
   • Authenticated Mode of Operation
3. Asymmetric Cryptography
   • Asymmetric Encryption Scheme
   • RSA
   • Digital Signature
     • Hash-and-Sign
4. Public Key Infrastructures and Cryptographic Protocols:
   • Certificate Chain
     • Public Key Certificate
     • Certificate Authority
     • Root Certificate
     • Self-Signed Certificate
   • TLS Certificate
     • Domain-Validated Certificate
     • Organisation-Validated Certificate
     • Extended-Validation Certificate
   • Components
     • Certificate Authority
     • Registration Authority
     • Certificate Revocation List
     • Validation Service
     • Certificate Policy
   • Certificate Transparency
     • Pre-Certificate
     • SCT
   • Attacks
     • Interleaving Attack
     • Reflection Attack
     • Replay Attack
   • Transport Layer Security
     • Transport Layer Security Handshake
     • Cipher Suite
     • Forward Secrecy
5. Authentication
   • Classes
     • Knowledge-based Authentication
     • Possession-based Authentication
     • Inherence-based Authentication
   • Identification
   • Methods
     • Password-based Authentication
       • Brute-force Attack
       • Dictionary Attack
       • Rainbow Table
       • Salt and Pepper
   • Password-based Key Derivation Function
     • Password-Based Key Derivation Function 2a
   • Password Storage in Unix
   • Attacks
     • Shoulder Surfing
     • Keylogger
     • Phishing
   • Defence
     • Password Rotation
     • Security Question
   • One-Time Password
     • TAN List
     • One-Time Password Generator
     • Mobile TAN
   • Hardware Authentication Token
   • Challenge-Response Authentication
   • Biometric Authentication
     • Active Biometric Authentication
     • Passive Biometric Authentication
   • Multi-factor Authentication
   • Single Sign-On
     • OpenID Connect
6. Access Control
   • Only definition in Access Control
   • Reference Monitor
   • Security Policy
     • Delegation
     • Revocation
   • Access Matrix
     • Access Control List
     • Capability List
       • Capability
   • Mandatory Access Control
   • Discretionary Access Control
   • Role-based Access Control
     • Role
   • Bell-LaPadula
   • Biba Model
   • Conditional Policy
   • Separation of Duty
   • Chinese Wall
   • Unix File System Access Control
     • Real User ID
     • Effective User ID
     • Saved User ID
   • Containerisation
     • Namespace
     • Chroot
     • cgroups
     • Seccomp
     • Capabilities
   • Virtualisation
     • Hypervisor
       • Type 1
       • Type 2
7. Network Security
   • TCP-IP
     • Datalink Layer
       • MAC Address
       • ARP
     • Network Layer
       • Internet Protocol
         • Internet Protocol Version 4
         • Internet Protocol Version 6
       • Routing Table
     • Transport Layer
       • UDP
       • TCP