Network Security. Introduction. Security services. Players. Conclusions. Distributed information Distributed processing Remote smart systems access
|
|
- Vivian Bishop
- 8 years ago
- Views:
Transcription
1 Roadmap Introduction Network services X.800 RFC 2828 Players Marco Carli Conclusions 2 Once.. now: Centralized information Centralized processing Remote terminal access Distributed information Distributed processing Remote smart systems access 3 4
2 Network security Network are composed of interconnected hosts Hosts provide services and store information Users access services and exchange/store information 5 6 Vulnerability Each functionality has its own vulnerabilities! Joint functions more threads!!! Increasing complexty, freedom Network security It is important to assure in a distributed setting: privacy/confidentially Integrity/consistency Availability etc. 7 8
3 Roadmap Service Introduction Definition: services X.800 RFC 2828 It enhances the security of the data processing systems and the information transfers of an organization; Players intended to counter security attacks; Conclusions make use of one or more security mechanisms to provide the service 9 10 Service - 2 Services (X.800 and RFC 2828) replicate functions normally associated with physical documents ITU-T Recommendation X.800 ( Architecture for OSI) eg. have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed; defines a systematic way of defining and providing security requirements a useful abstract overview of security concepts X.800 defines Service as: a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers 11 12
4 Services (X.800 and RFC 2828) IETF RFC 2828 (Internet Glossary) defines Service as: a processing or communication service provided by a system to give a specific kind of protection to system resources; Introduction services X.800 RFC 2828 Roadmap security services implement security policies, and are implemented by security mechanisms. Players Conclusions Services (X.800) 1. Authentication - the communicating entity is the one claimed Authentication - simple Hi, I am Jane 2. Access Control - prevention of the unauthorized use of a resource 3. Data Confidentiality protection of data from unauthorized disclosure Prove it 4. Data Integrity - assurance that data received is as sent by an authorized entity 5. Non-Repudiation - protection against denial by one of the parties in a communication 15 Mary 16
5 Authentication - mutual Hi Jane. Trust is speaking! PROOF Hi, I am Jane. Is Trust there? Hi, I am Jane Prove it Authentication - mutual Mary Trust Company Jane 17 authorization Did she authorize you? Give me Alice scar Integrity Data has not been changed, destroyed, or lost in an unauthorized or accidental manner Maintaining demonstrable data integrity is one of the cardinal aims of data security Mary 19 20
6 Privacy, secrecy 'Privacy' and 'secrecy' are easily confused. Secrecy is something you might seek. Privacy is something you should have. You might, for example, wish to keep some communications secret. You should have the right to expect that the communications remain private. However, neither is easily attainable in the modern world. Strong encryption can render data communications secret and private - but only depending on where you live in the world. Non repudiation Attribute of communications that seeks to prevent future false denial of involvement by either party. with proof of originin provides the recipient of data with evidence that proves the origin of the data. with proof of receipt provides the originator of data with evidence that proves the data was received as addressed. Non-repudiation is consequently an essential element of trust in e- business Non repudiation Problems: The signature is a forgery; The signature is not a forgery, but was obtained via: Unconscionable conduct by a party to a transaction; Fraud instigated by a third party; Undue influence exerted by a third party. When did you sign it? Where did you sign it? parameters RFC 2828 Access control Audit Data origin authentication Peer entity authentication Availability Data confidentiality Data integrity i System integrity Non-repudiation 23 24
7 Roadmap Services (RFC 2828) Introduction Access control service services X.800 RFC 2828 protection of system resources against unauthorized access Audit service Players Conclusions records information needed to establish accountability for system events and for the actions of system entities that cause them Services (RFC 2828) Services (RFC 2828) Authentication service: (i) data origin authentication service: a security service that verifies an identity claimed by or for an entity in a network, there are two general forms of authentication service: verifies the identity of an entity that is claimed to be the original source of received data provided to any entity that receives or holds the data i) data origin authentication service, ii) peer entity authentication service 27 28
8 Services (RFC 2828) (ii) peer entity authentication service: verifies an identity claimed by or for a system entity in an association. used to confirm the identity of one entity to another, thus protecting against a masquerade by the first entity. this service requires an association to exist between the two entities Services (RFC 2828) availability service protects a system to ensure its availability denial-of-service attacks data confidentiality service information is not made available or disclosed to unauthorized individuals, entities, or processes (i.e., to any unauthorized system entity) protects data against unauthorized disclosure Services (RFC 2828) data integrity service: data has not been changed, destroyed, or lost in an unauthorized or accidental manner. deals with constancy of and confidence in data values, not with the information n that t the values represent. protects against unauthorized changes to data, (intentional or not), by ensuring that changes to data are detectable. Services (RFC 2828) can only detect a change and report it to an appropriate system entity; changes cannot be prevented unless the system is perfect (error-free) and no malicious user has access however, a system that t offers data integrity it service might also attempt t to correct and recover from changes although data integrity service is defined separately from data origin authentication service and peer entity authentication service, it is closely related to them 31 32
9 Services (RFC 2828) system integrity service: Services (RFC 2828) non-repudiation service: the system integrity is the quality that a system has when it can perform its intended function protects system resources in a verifiable manner against unauthorized or accidental change, loss, or destruction a security service that provide protection against false denial of involvement in a communication; does not prevent ent an entity ty from repudiation; it provides evidence that can be stored and later presented to a third party Services (RFC 2828) there are two basic kinds of non-repudiation service: 1. non-repudiation with proof of origin" - this service can be viewed as a stronger version of an data origin authentication service, in that it proves authenticity to a third party 2. non-repudiation with proof of receipt" - protects the originator i against an attempt by the recipient i to falsely l deny receiving the data Mechanisms (X.800) specific security mechanisms (can be included in appropriate communication layer): encipherment digital signatures access controls data integrity authentication exchange traffic padding routing control notarization (third-party authentication) 35 36
10 Mechanisms (X.800) pervasive security mechanisms (general): Relationship Between Services and Mechanisms trusted functionality security labels l event detection security audit trails security recovery Introduction Roadmap The enemy services X.800 RFC 2828 Players Conclusions 39
11 Imagine.. Where is the enemy? Outside the boundary Defend it! Firewall Inside Protect the LAN/Intranet Among the partners Protect the Extranet (VPN) Everywhere Protect the applications From Effects internal system (33%) Denial of service (40%) remote dial-up (12%) Internet (74%) Computer Institue/FBI 2002 report Virus (85%) Non authorized access (40%) Secrecy steeling (20%) Fraudes (12%) Sabotages (8%) Unauthorized network use (78%) 43 44
12 89% is protected by firewall 2002 CSI/FBI Computer Crime & Survey 60% uses IDS (Intrusion Detection System) 40% of intrusions comes from outside! Attackers Script download malicious software (from hacker web sites) Hackers game to prove to their peers that they can compromise a specific system Insiders access data that they have no rights to access Organizational level attackers use the full resources of the organization to attack 90% is protected by antivirus software 85% affected by viruses, worm, trojan, etc, Roadmap System insecurity Introduction services X.800 RFC 2828 Players Attack technology is developing in a open source environment and is evolving rapidly Thousands - perhaps millions - of system with weak security are connected to the Internet Conclusions 47 48
13 System insecurity System insecurity The explosion in use of the Internet is straining our poor technical talent. The average level of system administrators has decreased dramatically in the last 5 years Increasingly complex sw is being written by programmers who have no training in writing secure code Attacks and attack tools transcend geography and national boundaries The difficulty of criminal investigation of cybercrime coupled with the complexity of international law means that prosecution of computer crime is unlikely Problems Networks have been created with a different purpose. No encryption Problems Networks uncertain boundaries (wlan, tunneling, mobility, UMTS,..) User authentication: weak! Pw No mutual authentication ti ti LAN: broadcast MAN: Shared networks. Third part equipments Software bugs. Viruses More bandwidth, more services (UMTS!!) Increasing complexity Internet Operating systems Windows 3.1 ~ 3 milions code Windows 95 ~ 15 milions Windows 2000 ~ 60 milions 51 52
14 References The protection of resources (including data and programs) from accidental or malicious modification, destruction, or disclosure W. Stallings, "Cryptography and Network : Principles and Practice" 3th Edition, Prentice Hall C. Kaufman, R. Perlman, M. Speciner, "Network : Private Communication in a Public World" 2nd Edition, Prentice Hall 53 54
Cryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements
More informationChap. 1: Introduction
Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed
More informationCryptography and Network Security Chapter 1
Cryptography and Network Security Chapter 1 Acknowledgments Lecture slides are based on the slides created by Lawrie Brown Chapter 1 Introduction The art of war teaches us to rely not on the likelihood
More informationCSCI 4541/6541: NETWORK SECURITY
1 CSCI 4541/6541: NETWORK SECURITY COURSE INFO CSci 4541/6541 Tuesdays 6:10pm 8:40pm Bell Hall 108 Office Hours: Tuesdays 2:30pm 4:30pm Dr. Nan Zhang Office: SEH 4590 Phone: (202) 994-5919 Email: nzhang10
More informationAdvanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech
Advanced Topics in Distributed Systems Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech Security Introduction Based on Ch1, Cryptography and Network Security 4 th Ed Security Dr. Ayman Abdel-Hamid,
More informationInformation System Security
Information System Security Chapter 1:Introduction Dr. Lo ai Tawalbeh Faculty of Information system and Technology, The Arab Academy for Banking and Financial Sciences. Jordan Chapter 1 Introduction The
More information7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.
Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationIntroduction to Security
2 Introduction to Security : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l01, Steve/Courses/2013/s2/its335/lectures/intro.tex,
More informationCryptography and Network Security Overview & Chapter 1. Network Security. Chapter 0 Reader s s Guide. Standards Organizations.
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 0 Reader s s Guide The art of war teaches us to rely
More informationNetwork Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶
Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course
More information544 Computer and Network Security
544 Computer and Network Security Section 1: Introduction Dr. E.C. Kulasekere Sri Lanka Institute of Information Technology - 2005 Background Information Security requirements have changed in recent times
More informationIY2760/CS3760: Part 6. IY2760: Part 6
IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationTable: Security Services (X.800)
SECURIT SERVICES X.800 defines a security service as a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers. Also the
More informationNotes on Network Security - Introduction
Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network
More informationOverview of computer and communications security
Overview of computer and communications security 2 1 Basic security concepts Assets Threats Security services Security mechanisms 2 Assets Logical resources Information Money (electronic) Personal data
More informationCSC 474 Information Systems Security
CSC 474 Information Systems Security Introduction About Instructor Dr. Peng Ning, assistant professor of computer science http://www.csc.ncsu.edu/faculty/ning pning@ncsu.edu (919)513-4457 Office: Room
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationInformation Security
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 vedatcoskun@isikun.edu.tr www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationCryptography and Network Security: Overview
Cryptography and Network Security: Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/
More informationThreat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN
Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process
More information10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
More informationNetwork Security. Network Security Hierarchy. CISCO Security Curriculum
Network Security Network Security Hierarchy Material elaborat dupa: CISCO Security Curriculum Kenny Paterson s Lectures for: M.Sc. in Information Security, Royal Holloway, University of London 1 Objectives
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationNETWORK SECURITY ASPECTS & VULNERABILITIES
NETWORK SECURITY ASPECTS & VULNERABILITIES Luis Sousa Cardoso FIINA President Brdo pri Kranju, 19. in 20. maj 2003 1 Background Importance of Network Explosive growth of computers and network - To protect
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationCSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun
CSCI 454/554 Computer and Network Security Instructor: Dr. Kun Sun About Instructor Dr. Kun Sun, Assistant Professor of Computer Science http://www.cs.wm.edu/~ksun/ Phone: (757) 221-3457 Email: ksun@wm.edu
More informationSecurity Goals Services
1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationCS 203 / NetSys 240. Network Security
CS 203 / NetSys 240 Network Security Winter 2015 http://sconce.ics.uci.edu/203-w15/ 1 Contact Information Instructor: Gene Tsudik Email: gene.tsudik *AT* uci.edu Phone: (949) 824-43410 use only as the
More information資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview. Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系
資 通 安 全 產 品 研 發 與 驗 證 (I) ICT Security Overview Prof.. Albert B. Jeng ( 鄭 博 仁 教 授 ) 景 文 科 技 大 學 資 訊 工 程 系 Outline Infosec, COMPUSEC, COMSEC, and Network Security Why do we need Infosec and COMSEC? Security
More informationNetwork Security. Introduction. Università degli Studi di Brescia Dipartimento di Ingegneria dell Informazione 2014/2015
Network Security Introduction Università degli Studi di Brescia Dipartimento di Ingegneria dell Informazione 2014/2015 Objectives - Syllabus 2 Objectives Introduce the key aspects of applied network security,
More informationE-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.
Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter
More informationCryptography and network security CNET4523
1. Name of Course 2. Course Code 3. Name(s) of academic staff 4. Rationale for the inclusion of the course/module in the programme Cryptography and network security CNET4523 Major The Great use of local
More informationCNT5412/CNT4406 Network Security. Course Introduction. Zhenhai Duan
CNT5412/CNT4406 Network Security Course Introduction Zhenhai Duan 1 Instructor Professor Zhenhai Duan (duan@cs.fsu.edu) Office: 162 LOV Office hours: 1:00PM to 2:00PM, T/Th Or by appointment Email: duan@cs.fsu.edu
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationFundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals
Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
More informationWeighted Total Mark. Weighted Exam Mark
CMP4103 Computer Systems and Network Security Period per Week Contact Hour per Semester Weighted Total Mark Weighted Exam Mark Weighted Continuous Assessment Mark Credit Units LH PH TH CH WTM WEM WCM CU
More informationAchieving Truly Secure Cloud Communications. How to navigate evolving security threats
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
More informationDraft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications
Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that
More informationSTATE OF NEW JERSEY Security Controls Assessment Checklist
STATE OF NEW JERSEY Security Controls Assessment Checklist Appendix D to 09-11-P1-NJOIT P.O. Box 212 www.nj.gov/it/ps/ 300 Riverview Plaza Trenton, NJ 08625-0212 Agency/Business (Extranet) Entity Response
More informationSecurity aspects of e-tailing. Chapter 7
Security aspects of e-tailing Chapter 7 1 Learning Objectives Understand the general concerns of customers concerning security Understand what e-tailers can do to address these concerns 2 Players in e-tailing
More informationINSIDE. Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats
Symantec Enterprise Security WHITE PAPER Securing Network-Attached Storage Protecting NAS from viruses, intrusions, and blended threats INSIDE Executive Summary Challenges to securing NAS An effective
More informationICANWK406A Install, configure and test network security
ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with
More informationUF IT Risk Assessment Standard
UF IT Risk Assessment Standard Authority This standard was enacted by the UF Senior Vice President for Administration and the UF Interim Chief Information Officer on July 10, 2008 [7]. It was approved
More informationNetwork Security Informik Version
Network Security Chapter 1 Prof. Dr.-Ing. Georg Carle Dr. Heiko Niedermayer Cornelius Diekmann, M.Sc. Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Version: June 13, 2015 IN2101,
More informationCIS 6930/4930 Computer and Network Security. Dr. Yao Liu
CIS 6930/4930 Computer and Network Security Dr. Yao Liu About Instructor Dr. Yao Liu, Office: ENB 336 Phone: 813-974-1079 Email: yliu@cse.usf.edu URL: http://www.cse.usf.edu/~yliu/ Office hour: TR 2:00pm
More informationMobile Devices and Malicious Code Attack Prevention
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Malicious Code and Mobile Devices: Best Practices for Securing Mobile Environments Sponsored
More informationTop tips for improved network security
Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationComputer Security Threats
Computer Security Threats Based on the content of Chapter 14 Operating Systems: Internals and Design Principles, 6/E William Stallings Sistemi di Calcolo (II semestre), Roberto Baldoni Sensitive economic
More informationThe Information Security Problem
Chapter 10 Objectives Describe the major concepts and terminology of EC security. Understand phishing and its relationship to financial crimes. Describe the information assurance security principles. Identify
More informationBest Practices For Department Server and Enterprise System Checklist
Best Practices For Department Server and Enterprise System Checklist INSTRUCTIONS Information Best Practices are guidelines used to ensure an adequate level of protection for Information Technology (IT)
More informationHow To Secure Cloud Computing
Next Generation Cloud Computing Issues and Solutions Jeon SeungHwan 1, Yvette E. Gelogo 1 and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeong-dong, Daeduk-gu, Daejeon,
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 1 September 2, 2015 CPSC 467, Lecture 1 1/13 Protecting Information Information security Security principles Crypto as a security
More informationWhat s happening in the area of E-security for the Financial Transactions in China
What s happening in the area of E-security for the Financial Transactions in China Dr. Wang Jun Head of E-banking Division, Bank of China Sep. 26, 2002 A Tremendous Potential E-financing Market is is coming
More informationFirewall Security. Presented by: Daminda Perera
Firewall Security Presented by: Daminda Perera 1 Firewalls Improve network security Cannot completely eliminate threats and a=acks Responsible for screening traffic entering and/or leaving a computer network
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationManaging IT Security with Penetration Testing
Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationCybersecurity for the C-Level
Cybersecurity for the C-Level Director Glossary of Defined Cybersecurity Terms A Active Attack An actual assault perpetrated by an intentional threat source that attempts to alter a system, its resources,
More informationUTMB INFORMATION RESOURCES PRACTICE STANDARD
IR Security Glossary Introduction Purpose Applicability Sensitive Digital Data Management Privacy Implications This abbreviated list provides explanations for typically used Information Resources (IR)
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationCurrent and Future Research into Network Security Prof. Madjid Merabti
Current and Future Research into Network Security Prof. Madjid Merabti School of Computing & Mathematical Sciences Liverpool John Moores University UK Overview Introduction Secure component composition
More informationABB s approach concerning IS Security for Automation Systems
ABB s approach concerning IS Security for Automation Systems Copyright 2006 ABB. All rights reserved. Stefan Kubik stefan.kubik@de.abb.com The problem Most manufacturing facilities are more connected (and
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationOffice of Inspector General
DEPARTMENT OF HOMELAND SECURITY Office of Inspector General Improved Security Required for DHS Networks (Redacted) Notice: The Department of Homeland Security, Office of Inspector General, has redacted
More information159.334 Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology
Network Security 1 Professor Richard Harris School of Engineering and Advanced Technology Presentation Outline Overview of Identification and Authentication The importance of identification and Authentication
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationCOB 302 Management Information System (Lesson 8)
COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationGuidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
More informationCNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:
1. Do you implement virus controls and filtering on all systems? Anti-Virus anti-virus software packages look for patterns in files or memory that indicate the possible presence of a known virus. Anti-virus
More informationNetwork Security Guidelines. e-governance
Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type
More informationUnderstanding and evaluating risk to information assets in your software projects
Understanding and evaluating risk to information assets in your software projects ugh.. what a mouthful Dana Epp Windows Security MVP Who am I? Microsoft Windows Security MVP Information Security Professional
More informationHow NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements
How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationTHE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI
THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI Introduction. I. VULNERABILITIES AND TECHNOLOGIES. 1. Hackers and Threats. Contending with Vulnerability Realizing Value in Security
More informationGovt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester
Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering Sixth Semester Subject: Network Security & Management Contact Hrs / week: 4 Total hrs: 64 Table of Contents
More informationREGULATIONS FOR THE SECURITY OF INTERNET BANKING
REGULATIONS FOR THE SECURITY OF INTERNET BANKING PAYMENT SYSTEMS DEPARTMENT STATE BANK OF PAKISTAN Table of Contents PREFACE... 3 DEFINITIONS... 4 1. SCOPE OF THE REGULATIONS... 6 2. INTERNET BANKING SECURITY
More informationSecurity and Privacy in Cloud Computing
Security and Privacy in Cloud Computing Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 2 02/01/2010 Threats, vulnerabilities, and enemies Goal Learn the cloud computing threat model
More informationDeveloping the Corporate Security Architecture. www.avient.ca Alex Woda July 22, 2009
Developing the Corporate Security Architecture www.avient.ca Alex Woda July 22, 2009 Avient Solutions Group Avient Solutions Group is based in Markham and is a professional services firm specializing in
More informationBBM 461: SECURE PROGRAMMING INTRODUCTION. Ahmet Burak Can
BBM 461: SECURE PROGRAMMING INTRODUCTION 1 Ahmet Burak Can COURSE MATERIAL Counter Hack Reloaded:A Step-by- Step Guide to Computer Attacks and Effective Defenses, Edward Skoudis, Tom Liston, Prentice Hall
More informationNetwork Security 101 Multiple Tactics for Multi-layered Security
Security and Resilience for Utility Network Communications White Paper Communications networks represent a partial paradox. The very openness and ubiquity that make them powerful can also present a weakness.
More informationPCI Data Security Standards (DSS)
ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants
More informationINTERNATIONAL TELECOMMUNICATION UNION DATA COMMUNICATION NETWORKS: OPEN SYSTEMS INTERCONNECTION (OSI); SECURITY, STRUCTURE AND APPLICATIONS
INTERNATIONAL TELECOMMUNICATION UNION CCITT X.800 THE INTERNATIONAL TELEGRAPH AND TELEPHONE CONSULTATIVE COMMITTEE DATA COMMUNICATION NETWORKS: OPEN SYSTEMS INTERCONNECTION (OSI); SECURITY, STRUCTURE AND
More informationRajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np
Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np Meaning Why is Security Audit Important Framework Audit Process Auditing Application Security
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationInnovative Defense Strategies for Securing SCADA & Control Systems
1201 Louisiana Street Suite 400 Houston, Texas 77002 Phone: 877.302.DATA Fax: 800.864.6249 Email: info@plantdata.com Innovative Defense Strategies for Securing SCADA & Control Systems By: Jonathan Pollet
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationWhat is Firewall? A system designed to prevent unauthorized access to or from a private network.
What is Firewall? A system designed to prevent unauthorized access to or from a private network. What is Firewall? (cont d) Firewall is a set of related programs, located at a network gateway server. Firewalls
More information