Presentation is loading. Please wait.

Presentation is loading. Please wait.

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used."— Presentation transcript:

1 MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management course at Universitas Bina Nusantara

2 MJ10/07042 Security Management Security threats Policies and Procedures Resources to prevent security breaches Firewalls Cryptography Authentication and Authorization Client/Server authentication system Message transfer security Network protection security

3 MJ10/07043 Security Threats SNMPv3 addressed security threats using USM (user-based security model) USM has two modules: Authentication module Data integrity Data origin Privacy module Data confidentiality Message timeliness Message protection

4 MJ10/07044 References: Formal statement of rules for protecting organization’s technology and assets (RFC 2196) Introduction to Firewalls (NIST) Orange Book by National Computer Security Center (NCSC) rates computers based on security design features

5 MJ10/07045 Secured Communication Network Secured Network A Server A Client A Firewall Gateway Router Network B Client B Firewall secures traffic in and out of Network A Security breach could occur by intercepting the message going from B to A, even if B has permission to access Network A Most systems implement authentication with user id and password Authorization is by establishment of accounts

6 MJ10/07046 Firewalls Protects a network from external attacks Controls traffic in and out of a secure network Could be implemented in a router, gateway, or a special host Benefits Reduces risks of access to hosts Controlled access Eliminates annoyance to the users Protects privacy (e.g. finger) Hierarchical implementation of policy and and technology (e.g. finger)

7 MJ10/07047 Cryptography Secure communication requires Integrity protection: ensuring that the message is not tampered with Authentication validation: ensures the originator identification Security threats Modification of information Masquerade Message stream modification Disclosure Hardware and software solutions Most secure communication is software based

8 MJ10/07048 Authentication and Authorization Authentication verifies user identification Client/server environment Ticket-granting system Authentication server system Cryptographic authentication Messaging environment e-mail e-commerce Authorization grants access to information Read, read-write, no-access Indefinite period, finite period, one-time use

9 MJ10/07049 SNMPv3 Security Privacy Module USM authKey USM Authentication Module wholeMsg password authoritativeSnmpEngineId scopedPDU Encryption Key Encrypted scopedPDU authenticated wholeMsg HMAC Gen. Authentication key equivalent to DEK in PEM or private key in PGP Authentication key generated using user password and SNMP engine id Authentication key may be used to encrypt message USM prepares the whole message including scoped PDU HMAC, equivalent of signature in PEM and PGP, generated using authentication key and the whole message Authentication module provided with authentication key and HMAC to process incoming message

10 MJ10/070410 Service Level Management SLA management of service equivalent to QoS of network SLA defines Identification of services and characteristics Negotiation of SLA Deployment of agents to monitor and control Generation of reports SLA characteristics Service parameters Service levels Component parameters Component-to-service mappings

Download ppt "MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used."

Similar presentations

Network Management Applications

Network Management Applications
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Security Controls – What Works

Security Controls – What Works
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Chapter 12 Network Security.

Chapter 12 Network Security.
MJ08-A/07041 Session 08 SNMP V3 Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management.

MJ08-A/07041 Session 08 SNMP V3 Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
1 Pertemuan 09 Model Fungsional Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.

1 Pertemuan 09 Model Fungsional Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
SNMPv3 Yen-Cheng Chen Department of Information Management National Chi Nan University

SNMPv3 Yen-Cheng Chen Department of Information Management National Chi Nan University
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Similar presentations

Ads by Google