Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University.

Published byMohammed Lone Modified over 10 years ago

Similar presentations

Presentation on theme: "Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University."— Presentation transcript:

1 Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University

2 Course Overview Lesson Objectives Read and understand the course syllabus Summarize the CIA security model Recall some basic security mechanisms Express the fundamental security principles Learn the importance of computer security

3 Read and Understand the Course Syllabus http://www.cs.tamu.edu/faculty/pooch/cours e/CPSC665/Spring2001/index.html

4 Summarize the CIA Security Model

5 Computer Security – Definition What is computer security? –Protection of an organizations assets from accidental or intentional disclosure, modification, destruction, or use –Alternately, it is the combination of administrative procedures, physical security measures, and systems security measures that are intended to protect computer assets

6 CIA Model of Security Computer security consists of maintaining three primary characteristics: –Confidentiality –Integrity –Availability

7 CIA Model Definitions - Confidentiality Confidentiality means that the information in a computer system (or in transit between systems) is accessible only by authorized parties. Authorized access includes printing, displaying, reading, or knowledge that information even exists.

8 CIA Model Definitions - Integrity Integrity means that information can only be modified by authorized parties or in authorized ways. Modification includes writing, changing, deleting, creating, delaying, or replaying information.

9 CIA Model Definitions - Availability Availability means that information is accessible to authorized parties when needed. An authorized party should not be prevented from accessing information to which they have legitimate access. Denial of service is the opposite of availability.

10 CIA Model Illustrated The 3 goals of confidentiality, integrity, and availability often overlap and can also conflict with one another. For example, strong confidentiality can severely limit availability. ConfidentialityIntegrity Availability

11 CIA Illustration 1 Consider the following: –User A transmits a file containing sensitive information to User B. User C, who is not authorized to read this file, is able to monitor the transmission of the file and obtain a copy. This is called an interception and is an attack on confidentiality. User A User B User C

12 CIA Illustration 2 Consider the following: –User B has requested information that he is authorized to have from User A. User C has disabled some component of the network which prevents information flow. This is called an interruption and is an attack on availability. It is also called a denial of service attack. User A User B User C

13 CIA Illustration 3 Consider the following: –User A transmits a file containing sensitive information to User B. User C, who is not authorized to read this file, gains access to the file during transmission, captures it, modifies it, and sends it on the User B. This is called a modification and is an attack on integrity. User A User B User C

14 Recall Some Basic Security Mechanisms

15 Controls Various controls and countermeasures have been developed to strengthen system security –Cryptography –Software controls –Hardware controls –Physical controls –Policies

16 Controls - Cryptography Cryptography is an important tool that can enhance system security by providing: –Confidentiality, in that it prevents unauthorized parties from reading protected information –Integrity, because information that cannot be read cannot be easily altered in a useful way Cryptography will be covered thoroughly in future lessons.

17 Controls – Software Controls Programs themselves must be robust and secure from outside attack. Some examples where program controls are especially important are: –Operating system software –Software development tools –Access control software

18 Controls - Hardware Hardware devices can help support system security. Some examples include: –Smart cards –Secure circuit boards –Removable media

19 Controls - Physical Physical controls used to bolster computer security include many of the same controls used to secure other facilities, such as banks and government buildings: –Door locks –Backups –Sentries –Alarms –Shredders

20 Controls - Policies Policies aim to describe how an organization will posture itself with regard to security: –User awareness & training –What to audit and when –Etc.

21 Express the Fundamental Security Principles

22 Basic Security Principles In order to design effective security mechanisms we will refer to some general security principles. For example: 1.Principle of least privilege : Give a user or process only those privileges needed to perform task at hand -- no more, no less. 2.Minimize the amount of trusted components : Identify what components of the system need to be trusted and aim to keep those small and simple. 3.Do not aim for perfection : Total security is basically impossible. Instead be prepared to detect problems, to design countermeasures and to recover from attacks.

23 Learn the Importance of Computer Security

24 Course Overview Glossary Availability Computer security Confidentiality Denial of service Integrity Interception Interruption Modification

25 References Pfleeger, Charles, Security in Computing, 2 nd Ed., 1997, Prentice-Hall. Stallings, William, Network and Internetwork Security: Principles and Practice, 1995, Prentice-Hall.

Download ppt "Advanced Networks and Computer Security Curt Carver & Jeff Humphries © 1999 Texas A&M University."

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Introduction to network security

Introduction to network security
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.

6/2/2015B.Ramamurthy1 Security B.Ramamurthy. 6/2/2015B.Ramamurthy2 Computer Security Collection of tools designed to thwart hackers Became necessary with.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Blekinge Institute of Technology, Sweden

Blekinge Institute of Technology, Sweden
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
CPE 5002 Network security. Look at the surroundings before you leap.

CPE 5002 Network security. Look at the surroundings before you leap.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Similar presentations

Ads by Google