Information Security Management

Computer Science
Information Security Management

-- Cryptography
Fall, 2005 CPSC499 Information Security Management

Summary Computer Science
• Symmetric Encryption
• Public Encryption
• Digital Signature
• Key Distribution

Basic Terminology Computer Science
• plaintext - the original message

• ciphertext - the coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles/methods
• cryptanalysis (codebreaking) - the study of principles/
methods of deciphering ciphertext without knowing key
• cryptology - the field of both cryptography and
cryptanalysis

The language of cryptography Computer Science
Alice’s Bob’s
K encryption K decryption
A
key B key
plaintext encryption ciphertext decryption plaintext

algorithm algorithm
symmetric key crypto: sender, receiver keys identical

public-key crypto: encryption key public, decryption key
secret (private)
Symmetric Encryption Computer Science
• or conventional / secret-key / single-key

• sender and recipient share a common key
• all classical encryption algorithms are
private-key
• was only type prior to invention of public-
key in 1970’s

Symmetric Cipher Model Computer Science

Symmetric Key Cryptography Computer Science
KA-B KA-B

message, m algorithm algorithm
K (m) m = K ( KA-B(m) )
A-B A-B
symmetric key crypto: Bob and Alice share know

same (symmetric) key: K A-B
• e.g., key is knowing substitution pattern in mono
alphabetic substitution cipher

Requirements Computer Science
• two requirements for secure use of

symmetric encryption:
– a strong encryption algorithm
– a secret key known only to sender / receiver
Y = EK(X)
X = DK(Y)
• assume encryption algorithm is known
• implies a secure channel to distribute key
Cryptography Computer Science
• can characterize by:

– type of encryption operations used
• substitution / transposition / product
– number of keys used
• single-key or private / two-key or public
– way in which plaintext is processed
• block / stream

More Definitions Computer Science
• unconditional security
– no matter how much computer power is
available, the cipher cannot be broken since
the ciphertext provides insufficient information
to uniquely determine the corresponding
plaintext
• computational security
– given limited computing resources (eg time
needed for calculations is greater than age of
universe), the cipher cannot be broken
Classical Substitution Ciphers Computer Science
• where letters of plaintext are replaced by

other letters or by numbers or symbols
• or if plaintext is viewed as a sequence of
bits, then substitution involves replacing
plaintext bit patterns with ciphertext bit
patterns

Caesar Cipher Computer Science
• earliest known substitution cipher

• by Julius Caesar
• first attested use in military affairs
• replaces each letter by 3rd letter later
• example:
meet me after the toga party
PHHW PH DIWHU WKH WRJD SDUWB

Caesar Cipher Computer Science
• can define transformation as:

a b c d e f g h i j k l m n o p q r s t u v w x y z
D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
• mathematically give each letter a number

a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y Z
13 14 15 16 17 18 19 20 21 22 23 24 25
• then have Caesar cipher as:

C = E(p) = (p + k) mod (26)
p = D(C) = (C – k) mod (26)

Cryptanalysis of Caesar Cipher Computer Science
• only have 26 possible ciphers

– A maps to A,B,..Z
• could simply try each in turn
• a brute force search
• given ciphertext, just try all shifts of letters
• do need to recognize when have plaintext
• eg. break ciphertext “ERE L ORYH BRX
DOLFH"
Symmetric Encryption Example
Computer Science
-- Substitution
KA-B KA-B

message, m algorithm algorithm
K (m)
A-B
• Plaintext
• KA-B
• Ciphertext
• Encryption algorithm
• Decryption algorithm

Monoalphabetic Ciphers Computer Science
• “Cipher” line can be any permutation of the

26 alphabetic char
• Statistical analysis
– Letters “e” and “t” are the most frequent
occurring letters
– Two and three letter occurrences of letters
appear quite often together, like “the”, “in”
– Guess the appearance of the words

Types of Cryptanalytic Attacks
Computer Science
• ciphertext only
– only know algorithm / ciphertext, statistical, can identify plaintext
• known plaintext
– know/suspect plaintext & ciphertext to attack cipher
• chosen plaintext
– select plaintext and obtain ciphertext to attack cipher

Brute Force Search Computer Science
• always possible to simply try every key

• most basic attack, proportional to key size
• assume either know / recognise plaintext

Chosen-Plaintext Attack Computer Science
PIN is encrypted and

transmitted to bank
cipher(key,PIN)
Crook #2 eavesdrops
Crook #1 changes on the wire and learns
his PIN to a number ciphertext corresponding
of his choice to chosen plaintext PIN
… repeat for any PIN value

Polyalphabetic encryption Computer Science
• monoalphabetic ciphers + Caesar cipher.

• Two Caesar ciphers (k=5, k=19)
• Repeating pattern c1, c2, c2, c1, c2

Transposition Ciphers Computer Science
• now consider classical transposition or

permutation ciphers
• these hide the message by rearranging
the letter order
• without altering the actual letters used
• can recognise these since have the same
frequency distribution as the original text

Rail Fence cipher Computer Science
• write message letters out diagonally over a

number of rows
• then read off cipher row by row
• eg. write message out as:
m e m a t r h t g p r y
e t e f e t e o a a t
• giving ciphertext
MEMATRHTGPRYETEFETEOAAT

Row Transposition Ciphers Computer Science
• a more complex scheme

• write letters of message out in rows over a
specified number of columns
• then reorder the columns according to
some key before reading off the rows
Key: 4 3 1 2 5 6 7
Plaintext: a t t a c k p
o s t p o n e
d u n t i l t
w o a m x y z
Ciphertext: TTNAAPTMTSUOAODWCOIXKNLYPETZ

Product Ciphers Computer Science
• ciphers using substitutions or transpositions are

not secure because of language characteristics
• hence consider using several ciphers in
succession to make harder, but:
– two substitutions make a more complex substitution
– two transpositions make more complex transposition
– but a substitution followed by a transposition makes a
new much harder cipher
• this is bridge from classical to modern ciphers

Simple Idea: One-Time Pad
Computer Science
-----
----- 10111101…
----- = 10111101…
 10001111… 
= 00110010… 00110010…
Key is a never-repeating bit

sequence as long as plaintext Decrypt by bitwise XOR of
ciphertext and key:
ciphertext  key =
Encrypt by bitwise XOR of (plaintext  key)  key =
plaintext and key: plaintext  (key  key) =
ciphertext = plaintext  key plaintext
Cipher achieves perfect secrecy if and only if

there are as many possible keys as possible plaintexts, and
every key is equally likely (Claude Shannon’s result)
Advantages of One-Time Pad Computer Science
• Easy to compute
– Encryption and decryption are the same operation
– Bitwise XOR is very cheap to compute
• As secure as possible
– Given a ciphertext, all plaintexts are equally likely,
regardless of attacker’s computational resources
– …as long as the key sequence is truly random
• True randomness is expensive to obtain in large
quantities
– …as long as each key is same length as plaintext
• But how does the sender communicate the key to
receiver?
Problems with One-Time Pad Computer Science
• Key must be as long as plaintext

– Impractical in most realistic scenarios
– Still used for diplomatic and intelligence traffic
• Does not guarantee integrity
– One-time pad only guarantees confidentiality
– Attacker cannot recover plaintext, but can
easily change it to something else
• Insecure if keys are reused
– Attacker can obtain XOR of plaintexts
Modern Block Ciphers Computer Science
• will now look at modern block ciphers

• one of the most widely used types of
cryptographic algorithms
• provide secrecy and/or authentication
services
• in particular will introduce DES (Data
Encryption Standard)

Block vs Stream Ciphers Computer Science
• block ciphers process messages into

blocks, each of which is then en/decrypted
• like a substitution on very big characters
– 64-bits or more
• stream ciphers process messages a bit or
byte at a time when en/decrypting
• many current ciphers are block ciphers
• hence are focus of course
Block Ciphers
Computer Science
• Operates on a single chunk (“block”) of plaintext

– For example, 64 bits for DES
– Same key is reused for each block (can use short keys)
• Result should look like a random permutation
– As if plaintext bits were randomly shuffled
• Only computational guarantee of secrecy
– Not impossible to break, just very expensive
• If there is no efficient algorithm (unproven
assumption!), then can only break by brute-force,
try-every-possible-key search
– Time/cost of breaking the cipher exceeds the value
and/or useful lifetime of protected information
Permutation
Computer Science
1 1
2 2
3 3
4 4
CODE becomes DCEO
• For N-bit input, N! possible permutations

• Idea: split plaintext into blocks, for each block use secret
key to pick a permutation, rinse and repeat
– Without the key, permutation should “look random”

Block Cipher Operation (Simplified) Computer Science
Block of plaintext Key
Add some secret key bits

S S S S to provide confusion
S S S S Each S-box permutes

its input bits in a
“random-looking” way
repeat for several rounds
to provide diffusion
(spread plaintext bits
S S S S throughout ciphertext)
Procedure must be reversible

Block of ciphertext
Fall, 2005 (for decryption)
CPSC499 Information Security Management
Block Cipher Principles Computer Science
• needed since must be able to decrypt ciphertext

to recover messages efficiently
• block ciphers look like an extremely large
substitution
• instead create from smaller building blocks
• using idea of a product cipher

Claude Shannon and Substitution-
Computer Science
Permutation Ciphers
• in 1949 Claude Shannon introduced idea of

substitution-permutation (S-P) networks
– modern substitution-transposition product cipher
• these form the basis of modern block ciphers
• S-P networks are based on the two primitive
cryptographic operations we have seen before:
– substitution (S-box)
– permutation (P-box)
• provide confusion and diffusion of message

Confusion and Diffusion Computer Science
• cipher needs to completely obscure

statistical properties of original message
• a one-time pad does this
• more practically Shannon suggested
combining elements to obtain:
• diffusion – dissipates statistical structure
of plaintext over bulk of ciphertext
• confusion – makes relationship between
ciphertext and key as complex as possible
Data Encryption Standard (DES) Computer Science
• most widely used block cipher in world

• adopted in 1977 by NBS (now NIST
http://www.itl.nist.gov/fipspubs/fip46-2.htm )
• encrypts 64-bit data using 56-bit key
• has widespread use
• has been considerable controversy over
its security

DES History Computer Science
• IBM developed Lucifer cipher

– by team led by Feistel
– used 64-bit data blocks with 128-bit key
• then redeveloped as a commercial cipher
with input from NSA and others
• in 1973 NBS issued request for proposals
for a national cipher standard
• IBM submitted their revised Lucifer which
was eventually accepted as the DES
DES Encryption
Computer Science

Strength of DES – Key Size Computer Science
• 56-bit keys have 256 = 7.2 x 1016 values

• brute force search looks hard
• recent advances have shown is possible
– in 1997 on Internet in a few months
– in 1998 on dedicated h/w (EFF) in a few days
– in 1999 above combined in 22hrs!
• still must be able to recognize plaintext

Design Principles
Computer Science
• block size
– increasing size improves security, but slows cipher
• key size
– increasing size improves security, makes exhaustive key
searching harder, but may slow cipher
• number of rounds
– increasing number improves security, but slows cipher
• subkey generation
– greater complexity can make analysis harder, but slows
cipher
• round function
– greater complexity can make analysis harder, but slows
cipher
• fast software en/decryption & ease of analysis
– are more recent concerns for practical use and testing
Confidentiality using Symmetric
Computer Science
Encryption
• have two major placement alternatives

• link encryption
– encryption occurs independently on every link
– implies must decrypt traffic between links
• end-to-end encryption
– encryption occurs between original source
and final destination
– need devices at each end with shared keys

Placement of Encryption Computer Science
• can place encryption function at various

layers in OSI Reference Model
– link encryption occurs at layers 1 or 2
– end-to-end can occur at layers 3, 4, 6, 7
– as move higher less information is encrypted
but it is more secure though more complex
with more entities and keys

• Symmetric encryption
• Public encryption
• Key distribution

Private-Key Cryptography Computer Science
• traditional private/secret/single key

cryptography uses one key
• shared by both sender and receiver
• if this key is disclosed communications are
compromised
• also is symmetric, parties are equal
• hence does not protect sender from
receiver forging a message & claiming is
sent by sender
Public-Key Cryptography Computer Science
• probably most significant advance in the

3000 year history of cryptography
• uses two keys – a public & a private key
• asymmetric since parties are not equal
• uses clever application of number
theoretic concepts to function
• complements rather than replaces private
key crypto
• public-key/two-key/asymmetric cryptography
involves the use of two keys:
– a public-key, which may be known by anybody, and
can be used to encrypt messages, and verify
signatures
– a private-key, known only to the recipient, used to
decrypt messages, and sign (create) signatures
• is asymmetric because
– those who encrypt messages or verify signatures
cannot decrypt messages or create signatures


Public-Key Characteristics Computer Science
• Public-Key algorithms rely on two keys

with the characteristics that it is:
– computationally infeasible to find decryption
key knowing only algorithm & encryption key
– computationally easy to en/decrypt messages
when the relevant (en/decrypt) key is known
– either of the two related keys can be used for
encryption, with the other used for decryption
(in some schemes)
Public-Key Cryptosystems Computer Science

Public-Key Applications Computer Science
• can classify uses into 3 categories:

– encryption/decryption (provide secrecy)
– digital signatures (provide authentication)
– key exchange (of session keys)
• some algorithms are suitable for all uses,
others are specific to one

Security of Public Key Schemes Computer Science
• like private key schemes brute force exhaustive

search attack is always theoretically possible
• but keys used are too large (>512bits)
• security relies on a large enough difference in
difficulty between easy (en/decrypt) and hard
(cryptanalysis) problems
• more generally the hard problem is known, its
just made too hard to do in practise
• requires the use of very large numbers
• hence is slow compared to secret key schemes

Public key encryption algorithms Computer Science
Requirements:
+ . - .
1 need KB ( ) and KB ( ) such that
- +
K (K (m)) = m
B B
2 given public key KB+ , it should

be impossible to compute
-
private key KB
RSA: Rivest, Shamir, Adelson algorithm
RSA: Choosing keys Computer Science
1. Choose two large prime numbers p, q.

(e.g., 1024 bits each)
2. Compute n = pq, z = (p-1)(q-1)
3. Choose e (with e<n) that has no common factors

with z. (e, z are “relatively prime”).
4. Choose d such that ed-1 is exactly divisible by z.

(in other words: ed mod z = 1 ).
5. Public key is (n,e). Private key is (n,d).

+ -
KB KB
RSA: Encryption, decryption Computer Science
0. Given (n,e) and (n,d) as computed above
1. To encrypt bit pattern, m, compute

e e
c = m mod n (i.e., remainder when m is divided by n)
2. To decrypt received bit pattern, c, compute

d
m = c d mod n (i.e., remainder when c is divided by n)
Magic d
m = (m e mod n) mod n
happens!
c
RSA example: Computer Science
Bob chooses p=5, q=7. Then n=35, z=24.

e=5 (so e, z relatively prime).
d=29 (so ed-1 exactly divisible by z.
letter m me c = me mod n
encrypt:
l 12 1524832 17
d
decrypt:
c c m = cd mod n letter
17 481968572106750915091411825223071697 12 l

d
RSA: Why is that m = (m e mod n) mod n
Computer Science
Useful number theory result: If p,q prime and

n = pq, then: y y mod (p-1)(q-1)
x mod n = x mod n
e
(m mod n) d mod n = medmod n
ed mod (p-1)(q-1)
= m mod n
(using number theory result above)
1
= m mod n
(since we chose ed to be divisible by
(p-1)(q-1) with remainder 1 )
= m
RSA: another important property Computer Science
The following property will be very useful later:
- + + -
K (K (m)) = m = K (K (m))
B B B B
use public key use private key

first, followed first, followed
by private key by public key
Result is the same!


Digital Signatures Computer Science
Cryptographic technique analogous to

hand-written signatures.
• sender (Bob) digitally signs document,
establishing he is document owner/creator.
• verifiable, nonforgeable: recipient (Alice) can
prove to someone that Bob, and no one else
(including Alice), must have signed document

Digital Signatures Computer Science
Simple digital signature for message m:

• Bob
- signs m by encrypting with
- his private
key KB, creating “signed” message, KB(m)
-
Bob’s message, m K B Bob’s private -
K B(m)
key
Dear Alice
Bob’s message, m,
Oh, how I have missed Public key signed (encrypted)
you. I think of you all the
time! …(blah blah blah) encryption with his private key
algorithm
Bob

Digital Signatures (more)
Computer Science
-
• Suppose Alice receives msg m, digital signature KB(m)
• Alice verifies m signed by Bob by applying Bob’s public
+ - + -
key KB to KB(m) then checks KB(KB(m) ) = m.
+
• If KB(KB-(m) ) = m, whoever signed m must have used
Bob’s private key.
Alice thus verifies that:
 Bob signed m.
 No one else signed m.
 Bob signed m and not m’.
Non-repudiation:
-
 Alice can take m, and signature KB(m) to court
and prove that Bob signed m.
Internet checksum: poor crypto hash function
Computer Science
Internet checksum has some properties of hash
function:
 produces fixed length digest (16-bit sum) of
message
 is many-to-one
But given message with given hash value, it is easy
to find another message with same hash value:
message ASCII format message ASCII format
I O U 1 49 4F 55 31 I O U 9 49 4F 55 39
0 0 . 9 30 30 2E 39 0 0 . 1 30 30 2E 31
9 B O B 39 42 D2 42 9 B O B 39 42 D2 42
B2 C1 D2 AC different messages B2 C1 D2 AC
but identical checksums!
Message Digests
Computer Science
large
H: Hash
message
Function
Computationally expensive m
to public-key-encrypt long
messages H(m)
Goal: fixed-length, easy- to-
compute digital
Hash function
“fingerprint” properties:
• many-to-1
• apply hash function H to
• produces fixed-size msg digest
m, get fixed size message (fingerprint)
digest, H(m). • given message digest x,
computationally infeasible to
find m such that x = H(m)

Digital signature = signed message digest
Computer Science
Alice verifies signature and

Bob sends digitally signed integrity of digitally
message: signed message:
large
message H: Hash encrypted
m function H(m)
msg digest
-
KB(H(m))
Bob’s digital large
private signature message
- Bob’s
key KB (encrypt) m digital
public
+ signature
key KB
encrypted H: Hash (decrypt)
msg digest function
-
+ KB(H(m))
H(m) H(m)
equal
?
Digital Envelopes
Computer Science
-- Symmetric + Asymmetric
• Generate a secret key (session key) at random.
• Encrypt the message using the session key and
symmetric algorithm.
• Encrypt the session key with the recipient’s
public key. This becomes the “digital envelope”.
• Send the encrypted message and the digital
envelope to the recipient.
• Figure …


Key Distribution Computer Science
• symmetric schemes require both parties to

share a common secret key
• issue is how to securely distribute this key
• often secure system failure due to a break
in the key distribution scheme

Key Distribution Computer Science
• given parties A and B have various key

distribution alternatives:
1. A can select key and physically deliver to B
2. third party can select & deliver key to A & B
3. if A & B have communicated previously can
use previous key to encrypt a new key
4. if A & B have secure communications with a
third party C, C can relay key between A & B

Trusted Intermediaries Computer Science
Symmetric key problem: Public key problem:

• How do two entities • When Alice obtains
establish shared secret key Bob’s public key (from
over network? web site, e-mail,
Solution: diskette), how does she
• trusted key distribution know it is Bob’s public
center (KDC) acting as key, not Trudy’s?
intermediary between Solution:
entities • trusted certification
authority (CA)

Key Distribution Center (KDC) Computer Science
• Alice, Bob need shared symmetric key.

• KDC: server shares different secret key with
each registered user (many users)
• Alice, Bob know own symmetric keys, KA-KDC KB-KDC ,
for communicating with KDC. KDC
KA-KDC KP-KDC
KX-KDC
KP-KDC KB-KDC
KY-KDC
KZ-KDC
KA-KDC KB-KDC

Key Distribution Center (KDC) Computer Science
Q: How does KDC allow Bob, Alice to determine shared

symmetric secret key to communicate with each other?
KDC
generates
KA-KDC(A,B) R1
Alice KA-KDC(R1, KB-KDC(A,R1) )

Bob knows to
knows use R1 to
R1 KB-KDC(A,R1) communicate
with Alice
Alice and Bob communicate: using R1 as

session key for shared symmetric encryption
Key Management (public) Computer Science
• public-key encryption helps address key

distribution problems
• have two aspects of this:
– distribution of public keys
– use of public-key encryption to distribute
secret keys

Distribution of Public Keys Computer Science
• can be considered as using one of:

– Public announcement
– Publicly available directory
– Public-key authority
– Public-key certificates

Public Announcement
Computer Science
• users distribute public keys to recipients or

broadcast to community at large
– eg. append PGP keys to email messages or
post to news groups or email list
• major weakness is forgery
– anyone can create a key claiming to be
someone else and broadcast it
– until forgery is discovered can masquerade as
claimed user

Certification Authorities
Computer Science
• Certification authority (CA): binds public key to

particular entity, E.
• E (person, router) registers its public key with CA.
– E provides “proof of identity” to CA.
– CA creates certificate binding E to its public key.
– certificate containing E’s public key digitally signed by
CA – CA says “this is E’s public key”
Bob’s digital
+
public +
signature KB
key KB (encrypt)
CA
certificate for
K-
Bob’s private
identifying key CA Bob’s public key,
information signed by CA
Certification Authorities
Computer Science
• When Alice wants Bob’s public key:

– gets Bob’s certificate (Bob or elsewhere).
– apply CA’s public key to Bob’s certificate,
get Bob’s public key
+ digital Bob’s
KB signature public
+
(decrypt) KB key
CA
public +
K CA
key

A certificate contains:
Computer Science
• Serial number (unique to issuer)

• info about certificate owner, including
algorithm and key value itself (not shown)
• info about
certificate
issuer
• valid dates
• digital
signature
by issuer


Information Security Management - Cryptography: Computer Science

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Information Security Management - Cryptography: Computer Science

Uploaded by

Copyright:

Available Formats

Computer Science

Fall, 2005 CPSC499 Information Security Management

Fall, 2005 CPSC499 Information Security Management

• plaintext - the original message

Fall, 2005 CPSC499 Information Security Management

plaintext encryption ciphertext decryption plaintext

symmetric key crypto: sender, receiver keys identical

• or conventional / secret-key / single-key

Fall, 2005 CPSC499 Information Security Management

Fall, 2005 CPSC499 Information Security Management

plaintext encryption ciphertext decryption plaintext

symmetric key crypto: Bob and Alice share know

Fall, 2005 CPSC499 Information Security Management

• two requirements for secure use of

• can characterize by:

Fall, 2005 CPSC499 Information Security Management

• where letters of plaintext are replaced by

Fall, 2005 CPSC499 Information Security Management

• earliest known substitution cipher

Fall, 2005 CPSC499 Information Security Management

• can define transformation as:

• mathematically give each letter a number

• then have Caesar cipher as:

Fall, 2005 CPSC499 Information Security Management

• only have 26 possible ciphers

plaintext encryption ciphertext decryption plaintext

Fall, 2005 CPSC499 Information Security Management

• “Cipher” line can be any permutation of the

Fall, 2005 CPSC499 Information Security Management

Fall, 2005 CPSC499 Information Security Management

• always possible to simply try every key

Fall, 2005 CPSC499 Information Security Management

PIN is encrypted and

… repeat for any PIN value

• monoalphabetic ciphers + Caesar cipher.

Fall, 2005 CPSC499 Information Security Management

• now consider classical transposition or

Fall, 2005 CPSC499 Information Security Management

• write message letters out diagonally over a

Fall, 2005 CPSC499 Information Security Management

• a more complex scheme

Fall, 2005 CPSC499 Information Security Management

• ciphers using substitutions or transpositions are

Fall, 2005 CPSC499 Information Security Management

Key is a never-repeating bit

Cipher achieves perfect secrecy if and only if

• Key must be as long as plaintext

• will now look at modern block ciphers

Fall, 2005 CPSC499 Information Security Management

• block ciphers process messages into

• Operates on a single chunk (“block”) of plaintext

• For N-bit input, N! possible permutations

Fall, 2005 CPSC499 Information Security Management

Block of plaintext Key

Add some secret key bits

S S S S Each S-box permutes

Procedure must be reversible

• needed since must be able to decrypt ciphertext

Fall, 2005 CPSC499 Information Security Management

• in 1949 Claude Shannon introduced idea of

Fall, 2005 CPSC499 Information Security Management