Documentos de Académico
Documentos de Profesional
Documentos de Cultura
5/3/2012 ms
SEMINAR
ON NETWORK SECURITY
5/3/2012 ms
Presentation Content
3
Introduction What is Internet? What do we need to protect? Threat Motivation Attack Types Security Objectives Security mechanisms
5/3/2012 ms
INTRODUCTION
Network Security refers to any activities designed to protect your network. Specifically, these activities protect : Usability Reliability Integrity Safety of your network and data.
5/3/2012 ms
What is Internet?
The Internet is a worldwide IP network, that links collection of different networks from various sources, governmental, educational and commercial.
5/3/2012 ms
5/3/2012 ms
Threat Motivation
Spy Joyride Ignorance Revenge Greed Terrorist
5/3/2012 ms
CLIENT-SERVER SECURITY
5/3/2012 ms
9 5/3/2012 ms
10
5/3/2012 ms
11
5/3/2012 ms
&
VIRUSES
HORSES
12
5/3/2012 ms
Types of hackers
Passive
Active
13
5/3/2012 ms
PASSIVE hackers
A passive intruders attempts to learn or make use of information from the system but doesn't effect system resources
ACTIVE hackers
An
active intruders attempts to change system resources which can have effect on their operation.
14 5/3/2012 ms
Security Objectives
Identification Authentication Authorization Access Control Data Integrity Confidentiality Non-repudiation
15
5/3/2012 ms
16
5/3/2012 ms
Identification
Something which uniquely identifies a user and is called UserID. Sometime users can select their ID as long as it is given too another user. UserID can be one or combination of the following:
User Name User Student Number
17
5/3/2012 ms
Authentication
The process of verifying the identity of a user Typically based on
Something user knows
Password
Something user is
fingerprint, voice, or retinal scans
18
5/3/2012 ms
Authentication procedure
Two-Party Authentication
One-Way Authentication Two-Way Authentication
Third-Party Authentication
Kerberos X.509
Single Sign ON
User can access several network resources by logging on once to a security system.
19 5/3/2012 ms
Client
Server
Two-way Authentication
Authenticated
Two-Party Authentications
20
5/3/2012 ms
Security Server
Se
or
er rv
as sw
,P ID
nt ic at ed
ID ,P
sw as
e th Au
Cl ie
nt
Au th e
d or
ed at ic nt
Third-Party Authentications
21
5/3/2012 ms
Authorization
The process of assigning access right to user
22
5/3/2012 ms
Access Control
The process of enforcing access right and is based on following three entities
Subject
is entity that can access an object
Object
is entity to which access can be controlled
Access Right
defines the ways in which a subject can access an object.
23
5/3/2012 ms
24
5/3/2012 ms
Data Integrity.
Assurance that the data that arrives is the same as when it was sent.
25
5/3/2012 ms
Confidentiality
Assurance that sensitive information is not visible to an eavesdropper. This is usually achieved using encryption.
26
5/3/2012 ms
Non-repudiation
Assurance that any transaction that takes place can subsequently be proved to have taken place. Both the sender and the receiver agree that the exchange took place.
27
5/3/2012 ms
28
5/3/2012 ms
Security Mechanisms
Web Security Cryptographic techniques Digital Signature Internet Firewalls
29
5/3/2012 ms
Web Security
Basic Authentication Secure Socket Layer (SSL)
30
5/3/2012 ms
Basic Authentication
A simple user ID and password-based authentication scheme, and provides the following:
To identify which user is accessing the server To limit users to accessing specific pages (identified as Universal Resource Locators, URLs
31
5/3/2012 ms
32
5/3/2012 ms
CRYPTOGRAPHY
Cryptography refers to the science and art of transforming messages to make them secure and immune to attacks.
33
5/3/2012 ms
Digital Signature
Digital Signatures is cryptographic mechanisms that perform a similar function to a written signature. It is used to verify the originator and contents of the message .
34
5/3/2012 ms
Internet Firewall
A firewall is to control traffic flow between networks. Firewall uses the following techniques:
Packet Filters Application Proxy Secure Tunnel Screened Subnet Architecture
35
5/3/2012 ms
Packet Filtering
Most commonly used firewall technique Operates at IP level Checks each IP packet against the filter rules before passing (or not passing) it on to its destination. Very fast than other firewall techniques Hard to configure
36
5/3/2012 ms
Non-Secure Network
Secure Network
37
5/3/2012 ms
Application Proxy
Application Level Gateway The communication steps are as follows
User connects to proxy server From proxy server, user connects to destination server
38
5/3/2012 ms
Non-Secure Network
Telnet
Secure Network
Porxy Server
39
5/3/2012 ms
Secure IP Tunnel
A secure channel between the secure network and an external trusted server through a nonsecure network (e.g., Internet) Encrypts the data between the Firewall and the external trusted host Also identifies of the session partners and the messages authenticity
40
5/3/2012 ms
41
5/3/2012 ms
Firewall Conclusion
Not the complete answer
The fox is inside the henhouse Host security + User education
42
5/3/2012 ms
43
5/3/2012 ms