Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Lecture 6: CSCI E-1 Spring 2013
Search
Tommy MacWilliam
April 10, 2013
Education
520
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Lecture 6: CSCI E-1 Spring 2013
Tommy MacWilliam
April 10, 2013
More Decks by Tommy MacWilliam
See All by Tommy MacWilliam
Lecture 9: CSCI E-1 Spring 2013
tmacwill
0
370
Lecture 8: CSCI E-1 Spring 2013
tmacwill
0
590
Lecture 7: CSCI E-1 Spring 2013
tmacwill
0
710
Lecture 5: CSCI E-1 Spring 2013
tmacwill
1
800
Incorporating Version Control into Programming Courses
tmacwill
1
130
Lecture 4: CSCI E-1 Spring 2013
tmacwill
0
480
Lecture 3: CSCI E-1 Spring 2013
tmacwill
0
580
Lecture 2: CSCI E-1 Spring 2013
tmacwill
0
920
Lecture 1: CSCI E-1 Spring 2013
tmacwill
0
340
Other Decks in Education
See All in Education
偶然のチャンスを掴みに行けるのは君だ!
kotomin_m
2
130
[2026前期火5] 論理学(京都大学文学部 前期 第2回)「論理的な正しさはどこにあるのか」
yatabe
0
940
Πλουτοκρατία: Η Τυραννία του Μαμμωνά και η Μεταανθρώπινη Δουλεία
amethyst1
0
260
2026年度春学期 統計学 第6回 データの関係を知る(1)ー 相関関係 (2026. 5. 14)
akiraasano
PRO
0
120
「機械学習と因果推論」入門 ② 回帰分析から因果分析へ
masakat0
0
710
SARA Annual Report 2025-26
sara2023
1
360
Case Studies - Lecture 12 - Information Visualisation (4019538FNR)
signer
PRO
0
140
Course Review - Lecture 13 - Next Generation User Interfaces (4018166FNR)
signer
PRO
0
2.3k
Data Management and Analytics Specialisation
signer
PRO
0
1.8k
Human-AI Interaction - Lecture 11 - Next Generation User Interfaces (4018166FNR)
signer
PRO
0
1.1k
Examen de Selectividad. Geografía junio 2026 (Convocatoria Ordinaria). UCLM
juanmartin2026
0
160
BITCOIN : Les fondamentaux !
rlifchitz
0
170
Featured
See All Featured
Building Flexible Design Systems
yeseniaperezcruz
330
40k
The Limits of Empathy - UXLibs8
cassininazir
1
360
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
140
Paper Plane (Part 1)
katiecoart
PRO
0
9k
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
2
1.5k
How to train your dragon (web standard)
notwaldorf
97
6.7k
Paper Plane
katiecoart
PRO
1
51k
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
440
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
rkaga
62
44k
Typedesign – Prime Four
hannesfritz
42
3.1k
Between Models and Reality
mayunak
4
340
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Transcript
Computer Science E-1 Lecture 6: Security
http://youtu.be/H542nLTTbu0
http://bing.com
http://vimeo.com/blog/post:564
Security
Authentication
Cookies
Sessions
GET /home.php HTTP/1.1 Host: www.facebook.com Cookie: PHPSESSID=5153d29ed84c4
GET /home.php HTTP/1.1 Host: www.facebook.com Cookie: PHPSESSID=5153d29ed84c4
Session Hijacking
None
HTTPS
Cryptography
GET /home.php HTTP/1.1 Host: www.facebook.com Encrypt ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@#
GET /home.php HTTP/1.1 Host: www.facebook.com Encrypt ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@# ehosn9745t987gnlkjab 7@5uejfnjasdbfxb98@#
GET /home.php HTTP/1.1 Host: www.facebook.com Decrypt
Wi-Fi Security
WEP, WPA, WPA2
CSRF
https://bank.com/money/transfer? to=67890&amount=100
None
Ka-Boom.
https://bank.com/money/transfer? to=67890&amount=100& token=8549ba93417cdef85
<input type="hidden" name="csrfTokenHidden" value="12345" id="csrfTokenHidden">
http://cse1.net/lecture6
XSS
<h1>Tommy</h1>
None
Ka-Boom.
http://cse1.net/lecture6
Databases
Name DOB Color Preference Shocked Cat 3/17/2010 white indoor Grumpy
Cat 4/4/2012 white indoor Keyboard Cat 1/1/1984 orange outdoor
SQL
SELECT name FROM cats
SELECT * from cats WHERE preference = ‘indoor’
INSERT INTO cats (name, dob, color, preference) VALUES ('Maru', '2008-06-01',
'gray', 'indoor')
UPDATE cats SET name = ‘shocked’ WHERE name = ‘Maru’
DELETE FROM cats WHERE name = ‘Maru’
CRUD
Create Read Update Delete
INSERT SELECT UPDATE DELETE
SELECT * FROM profiles WHERE username = ‘zuck’
I would like __ cheeseburgers cooked ____ and topped with
________.
I would like 2 cheeseburgers cooked medium-well and topped with
lettuce.
I would like 2 cheeseburgers cooked and then thrown at
the nearest customer’s head and topped with lettuce.
Injection
SELECT * FROM profiles WHERE username = ‘______’
‘ OR ‘1’ = ‘1
SELECT * FROM profiles WHERE username = ‘’ OR ‘1’
= ‘1’
Ka-Boom.
Authentication
SELECT * FROM users WHERE username = ‘_____’ AND password
= ‘_____’
SELECT * FROM users WHERE username = ‘rj’ AND password
= ‘’ OR ‘1’ = ‘1’
Ka-Boom.
’; DELETE FROM profiles; --
SELECT * FROM profiles WHERE username = ‘’; DELETE FROM
profiles; --’
None
Sanitizing Input
SELECT * FROM profiles WHERE username = '\' OR \'1\'
= \'1'
Permissions
http://cse1.net/lecture6
Encrypting Text
Caesar Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ NOPQRSTUVWXYZABCDEFGHIJKLM
ROT13
banana
onanan
Brute-Force Attack
ROT26
Vigenère Cipher
banana + 246246
banana + 246246 detcrg
banana + cegceg detcrg
Plaintext: computer Key: benrj
computer + benrjben
computer + benrjben dszgduie
Symmetric-Key Cryptography
None
Asymmetric-Key Cryptography
Public/Private Keys
None
Trapdoor One-Way Function
2459 * 8863 = 21794117
Factor 21794117
RSA
Diffie-Hellman
Computer Science E-1 Lecture 6: Security
tmacwill
.jpg){kind=avatar}
kotomin_m
yatabe
amethyst1
akiraasano
masakat0
sara2023
signer
juanmartin2026
rlifchitz
yeseniaperezcruz
cassininazir
akademiya2063
katiecoart
aleyda
notwaldorf
marktimemedia
rkaga
hannesfritz
mayunak
erikaheidi
