Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.

Published byGertrude Peters Modified over 7 years ago

Similar presentations

Presentation on theme: "1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content."— Presentation transcript:

1 1 Network Security

2 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content –Parties involved –Where they are, how they communicate, how often, etc. Authentication: assurance that an entity of concern or the origin of a communication is authentic - it’s what it claims to be or from Integrity: assurance that the information has not been tampered with

3 3 Security Services Non-repudiation: offer of evidence that a party is indeed the sender or a receiver of certain information Access control: facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections Data Availability: Protection against disruption of service Accountability: How an audit trail is kept

4 4 Security Objectives Confidentiality (Secrecy): Prevent/Detect/Deter improper disclosure of information Integrity: Prevent/Detect/Deter improper modification of information Availability: Prevent/Detect/Deter improper denial of access to services provided by the system

5 5 Virus, Worms, and Trojan Horses Trojan horse: instructions hidden inside an otherwise useful program that do bad things Virus: a set of instructions that, when executed, inserts copies of itself into other programs. Worm: a program that replicates itself by installing copies of itself on other machines across a network. Trapdoor: an undocumented entry point, which can be exploited as a security flaw Zombie: malicious instructions installed on a system that can be remotely triggered to carry out some attack with les traceability because the attack comes from another victim. ….

6 6 Encryption/Decryption plaintext encryption ciphertext decryption plaintext Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process for producing ciphertext from plaintext Decryption: the reverse of encryption Key: a secret value used to control encryption/decryption

7 7 Types of Cryptographic functions Secret Key Cryptography –One key Public Key Cryptography –Two keys: public, private

8 8 Secret Key Cryptography plaintext encryption ciphertext decryption plaintext key Same key is used for both encryption and decryption –Symmetric cryptography –Conventional cryptography Ciphertext is about the same length as the plaintext Examples: DES, IDEA, AES… same key

9 9 Public Key Cryptography plaintext encryption ciphertext decryption plaintext public keyprivate key Invented/published in 1975 Each individual has two keys: –Private key is kept secret –Public key is publicly known Much slower than secret key cryptography Also known as –Asymmetric cryptography

10 10 Public Key Cryptography cont’d plaintext signing Signed message verification plaintext private key public key Digital Signature –Only the party with the private key can generate a digital signature –Verification of the signature only requires the knowledge of the public key –The signer cannot deny he/she has done so.

11 11 Applications of Public Key Cryptography Digital Signatures Authorship: Prove who generate the information Integrity: the information has not been modified Non-repudiation: cannot do with secret key cryptography

12 12 Firewalls

13 13 What is a firewall? Device that provides secure connectivity between networks (internal/external; varying levels of trust) Used to implement and enforce a security policy for communication between networks Trusted Networks Untrusted Networks & Servers Firewall Router Internet Intranet DMZ Public Accessible Servers & Networks Trusted Users Untrusted Users

14 14 Firewall

15 15 Firewalls From Webster’s Dictionary: a wall constructed to prevent the spread of fire Internet firewalls are more the moat around a castle than a building firewall Controlled access point

16 16 Firewalls can: Restrict incoming and outgoing traffic by IP address, ports, or users Block invalid packets

17 17 Firewalls Cannot Protect… Traffic that does not cross it –routing around –Internal traffic When misconfigured

18 18 Internet DMZ Net Web Server Pool Corporate Network ALERT!! Security Requirement Control access to network information and resources Protect the network from attacks Access Control

19 19 Filtering Packets checked then passed – typically route packets Inbound & outbound affect when policy is checked Packet filtering –Access Control Lists Session filtering –Dynamic Packet Filtering –Stateful Inspection –Context Based Access Control Fragmentation/reassembly Sequence number checking ICMP

20 20 Packet Filter Embedded in Router

21 21 VPN

22 22 Tunneling

23 23 Security Technologies Intrusion Detection System Pretty Good Privacy Secure Shell Secure Socket Layer IP Security Wired Equivalent Privacy

Download ppt "1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content."

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.

ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information.

1 Encryption and Forensics/Data Hiding. 2 Cryptography Background See: For more information.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Part 5:Security Network Security (Access Control, Encryption, Firewalls)

Part 5:Security Network Security (Access Control, Encryption, Firewalls)
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Chapter 12 Network Security.

Chapter 12 Network Security.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Cryptographic Technologies

Cryptographic Technologies
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

Similar presentations

Ads by Google