Presentation is loading. Please wait.

Presentation is loading. Please wait.

Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY."— Presentation transcript:

1 Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY

2 Saad Haj Bakry, PhD, CEng, FIEE 2 Information & Data. Networks. Security. Security Policy Issues. Objectives / Contents Understanding Network Security: the ISO Principles

3 Saad Haj Bakry, PhD, CEng, FIEE 3 Information / Data (1) ISO Information Processing Vocabulary TermDefinition Data The representation of facts, concepts and instructions in a formalized manner suitable for communication, interpretation, or processing. Information The meaning that is currently assigned to data by means of conventions applied to that data. Understanding Network Security: the ISO Principles

4 Saad Haj Bakry, PhD, CEng, FIEE 4 ISO Information Processing Vocabulary TermDefinition Data Quality The correctness, timeliness, accuracy, completeness, relevance, and accessibility that make data appropriate for use. Information / Data (2) Understanding Network Security: the ISO Principles

5 Saad Haj Bakry, PhD, CEng, FIEE 5 ISO Information Processing Vocabulary TermDefinition Data IntegrityThe data quality that exists as long as accidental or malicious destruction, alteration, or loss of data does not occur Data Corruption / Contamination The violation of data integrity. Information / Data (3) Understanding Network Security: the ISO Principles

6 Saad Haj Bakry, PhD, CEng, FIEE 6 Networks (1) ISO Information Processing Vocabulary TermDefinition Functional Unit The entity of hardware, or software, or both capable of accomplishing a specific purpose. Data SourceThe functional unit that originates data for transmission. Data SourceThe functional unit that accepts transmitted data. Understanding Network Security: the ISO Principles

7 Saad Haj Bakry, PhD, CEng, FIEE 7 Networks (2) ISO Information Processing Vocabulary TermDefinition DTE: Data Terminal Equipment The part of a data station that serves as a data source, data sink, or both. DCE: Data Circuit Terminating (Communication) Equipment In a data station, the equipment that provides the signal conversion and coding between the DTE and the (communication) line. Understanding Network Security: the ISO Principles

8 Saad Haj Bakry, PhD, CEng, FIEE 8 Networks (3) ISO Information Processing Vocabulary TermDefinition NodeIn a data network, a point where one or more functional units interconnects channels or data circuits. Data Network An arrangement of data circuits and switching facilities for establishing connections between DTEs Understanding Network Security: the ISO Principles

9 Saad Haj Bakry, PhD, CEng, FIEE 9 Network (4): Structure H H Host / DTE Nodes Users N N N N N N N N C OMMUNICATIONS S UBNETWORK: H H H H H H H H H H U U U U U U U U U U U U U U A CCESS / S ERVICES S UBNETWORK DTE DCE DTEDCE Nodes Data Network Understanding Network Security: the ISO Principles

10 Saad Haj Bakry, PhD, CEng, FIEE 10 Networks (5) ISO Information Processing Vocabulary TermDefinition Data Transmission The conveying of data from one place for reception elsewhere by telecommunication means. Data Transmission Channel A means of one way transmission Understanding Network Security: the ISO Principles

11 Saad Haj Bakry, PhD, CEng, FIEE 11 Networks (6) ISO Information Processing Vocabulary TermDefinition Data Communications Transfer of information between functional units by means of data transmission according to a protocol. Protocol A set of semantic and syntactic rules that determines the behaviour of functional units in achieving communications Understanding Network Security: the ISO Principles

12 Saad Haj Bakry, PhD, CEng, FIEE 12 Networks (7): ISO-OSI Protocols A PPLICATION P RESENTATION S ESSION T RANSPORT` N ETWORK D ATA L INK P HYSICAL A PPLICATION P RESENTATION S ESSION T RANSPORT` N ETWORK D ATA L INK P HYSICAL COMMUNICATION MEDIUM P HYSICAL D ATA L INK N ETWORK COMMUNICATION SUBNETWORK COMMUNICATION MEDIUM P EER L EVELS Understanding Network Security: the ISO Principles

13 Saad Haj Bakry, PhD, CEng, FIEE 13 Networks (8) Internet Vocabulary TermDefinition Internet A global network of computer networks based on TCP/IP protocols. It has the World Wide Web as its foundation Intranet A private (company) network based on Internet technologies, featuring the same client-server architecture. Extranet An Intranet extended to users outside the company (partners, providers, customers) Understanding Network Security: the ISO Principles

14 Saad Haj Bakry, PhD, CEng, FIEE 14 Network (9) The Internet Level Potential World Wide Business Activities The Internet Level Potential World Wide Business Activities The Extranet Level Partners / Suppliers / Customers “Business Activities” The Extranet Level Partners / Suppliers / Customers “Business Activities” The Intranet Level Intra-organization Activities The Intranet Level Intra-organization Activities Security Understanding Network Security: the ISO Principles

15 Saad Haj Bakry, PhD, CEng, FIEE 15 Network (10): Internet Protocols Application User Interface: E-mail / http / ftp /… TCP / UDP Transmission Control Protocol User Datagram Protocol ICMP Internet Control Message Protocol Address Resolution Protocol Internet Protocol: Addressing / Routing / Congestion Control IP ARP Data Link Point-to-Point Control: LAN / WAN Physical Communication Interface: T-R / Links Understanding Network Security: the ISO Principles

16 Saad Haj Bakry, PhD, CEng, FIEE 16 Security (1) ISO Information Processing Vocabulary TermDefinition SecurityThe condition of being secure or the condition of being protected from or exposed danger. PrivacyThe state or quality of being private. Understanding Network Security: the ISO Principles

17 Saad Haj Bakry, PhD, CEng, FIEE 17 ISO Information Processing Vocabulary Computer System Security The technological and the administrative safeguards established and applied to data processing to protect hardware, software, and data from accidental or malicious destruction or disclosure. Security (2) Understanding Network Security: the ISO Principles

18 Saad Haj Bakry, PhD, CEng, FIEE 18 Security (3): Analysis of Definition IssueDescription Object (to be protected) Hardware / Software / Data Challenges (source) Accidental / Malicious Effect (protection from) Destruction / Disclosure Means (of protection) Technological / Administrative Understanding Network Security: the ISO Principles

19 Saad Haj Bakry, PhD, CEng, FIEE 19 Security (4) ISO Information Processing Vocabulary Privacy Protection The implementation of appropriate administrative, technical, and physical safeguards to ensure the security and confidentiality of data records, and to protect both security and confidentiality against any threat or hazard that could result in substantial harm, embarrassment, inconvenience or unfairness to any individual about whom such information is maintained. Understanding Network Security: the ISO Principles

20 Saad Haj Bakry, PhD, CEng, FIEE 20 IssueDescription Object (to be protected) Information / Data: Records (associated with individuals, or organizations: privacy) Challenge (to object) Security / Privacy Effect (protection from) Threat & hazard that could result in harm, embarrassment, inconvenience, or unfairness Means (of protection) Physical / Administrative / Technical Security (5): Analysis of Definition Understanding Network Security: the ISO Principles

21 Saad Haj Bakry, PhD, CEng, FIEE 21 Security (6) ISO Information Processing Vocabulary TermDefinition CryptographyA discipline involving principles, means, and methods for changing data so that it is not readable. CryptanalysisAn attack on one of the principles, means, or methods (to recover readability) Understanding Network Security: the ISO Principles

22 Saad Haj Bakry, PhD, CEng, FIEE 22 Security (7) ISO Information Processing Vocabulary TermDefinition Encryption / Enciphering The process of changing data (plain text) so that it becomes unreadable (cipher text). Decryption / Deciphering The process of transforming cipher text back into plain text. Understanding Network Security: the ISO Principles

23 Saad Haj Bakry, PhD, CEng, FIEE 23 Policy (1): Security Levels ISO Security Perimeters / Levels Around the Network Perimeter of trust : Trusted users (no hackers) Trusted system (reliability / testing) Around the Process Passport rules Vaccination for processes programs & applications Layered Perimeters On each layer (ISO layered protocols ): Peer entity (same level) services Understanding Network Security: the ISO Principles

24 Saad Haj Bakry, PhD, CEng, FIEE 24 Policy (2): Information Security Goals ISO-OSI Special Interest Group on Security Information Security Goals Protection of data against: undetected loss and repetition unauthorized modification unauthorized disclosure Data is Sequenced Sealed Private Ensuring correct identity of sender & receiver Signed by Sender Stamped by Receiver Understanding Network Security: the ISO Principles

25 Saad Haj Bakry, PhD, CEng, FIEE 25 Intranet-Extranet-Internet Flow / Flooding Security of Information Flow Protection from undesired data streams entering the Intranet (Private / National Networks) Firewalls Protection of private data streams from leaking out of the Intranet Protection from denial of service : Flooding “undesired generation of data”. Anti-Virus Policy (3): Goals Information Flow Understanding Network Security: the ISO Principles

26 Saad Haj Bakry, PhD, CEng, FIEE 26 Challenges on: HW / SW / Information Security / Privacy ISO Network Security Scope  Technology (Systems)  Administration / Management (Organization)  People (Users / Hackers)  Accidental / Malicious. Policy Recommendations: ISO / Internet Remarks / Understanding Understanding Network Security: the ISO Principles

27 Saad Haj Bakry, PhD, CEng, FIEE 27 References M.D. Abrams and A.B. Jeng, “Network security protocol reference model, and the trusted system evaluation criteria”, IEEE Network Magazine, Vol.1, No.2, pp 34-39, April 1987. D.K. Branstad, “Considerations for security in the OSI architecture”, IEEE Network Magazine, Vol.1, No.2, pp 34-39, April 1987. S.H. Bakry, “Security issues in computer networks”, Middle East Communications, Vol. 5, No. 12, pp. 13-16, December 1990. D.Minoli, Telecommunications Technology Handbook, Artech House(US), 1991. ISO Dictionary of Computer Science: The Standardized Vocabulary (23882), ISO, 1997. F. Botto, Dictionary of e-Business, Wiley (UK), 2000. H.M. Deitel, P.J. Deitel, K. Steinbuhler, e-Business and e-Commerce for Managers, Prentice-Hall (USA), 2001 Understanding Network Security: the ISO Principles

Download ppt "Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY."

Similar presentations

Saad Haj Bakry, PhD, CEng, FIEE 1 TMN: Telecommunications Management Networks Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

Saad Haj Bakry, PhD, CEng, FIEE 1 TMN: Telecommunications Management Networks Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
Network Management Functions

Network Management Functions
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
ISO Information Security Management

ISO Information Security Management
Network Security Policy

Network Security Policy
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
EE 4272Spring, 2003 EE4272: Computer Networks Instructor: Tricia Chigan Dept.: Elec. & Comp. Eng. Spring, 2003.

EE 4272Spring, 2003 EE4272: Computer Networks Instructor: Tricia Chigan Dept.: Elec. & Comp. Eng. Spring, 2003.
Computer Network Architecture and Programming

Computer Network Architecture and Programming
Introduction To Networking

Introduction To Networking
Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
OSI Model 7 Layers 7. Application Layer 6. Presentation Layer

OSI Model 7 Layers 7. Application Layer 6. Presentation Layer
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.

COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Saad Haj Bakry, PhD, CEng, FIEE 1 Introduction to Network Management Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

Saad Haj Bakry, PhD, CEng, FIEE 1 Introduction to Network Management Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

Similar presentations

Ads by Google