Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >"— Presentation transcript:

1 1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

2 2 Learning Objectives Estimate the technical security requirements for a network. Evaluate the business impact of security decisions. Conduct a security audit of a small network. Control access to the computing resources. Establish acceptable security solutions.

3 3 Internet Security Requirements Secrecy –Deals with the protection of information due to unauthorized disclosure and the authentication of the data source. Integrity –Addresses the validity of data and the guarantee that the data have not been tampered during transfer. Availability –Insurance that the site will be reachable in a timely manner when the user is a legitimate stakeholder. “Faulty Security has a impact on Business”

4 4 Security Threats Loss, Damage, or Distortion of Data via Hackers Risks from Viruses Unauthorized Access to the System Financial Loss to Company or Customers Breaches of Personal Privacy

5 5 Security Policy Development Administrative Security Network Security

6 6 Security Policy Development Administrative Security What services are required by the business and how can they be met securely? How much do employees depend on the Internet and the use of e-mail? Do users rely on remote access to the internal network? Is access to the Web required? Are customers supported through the Web?

7 7 Security Policy Development Administrative Security Root policies must include –Security architecture guide. –Incident-response procedures. –Acceptable use procedures. –System administration procedures. –Other management procedures.

8 8 Security Policy Development Network Security All systems and servers have their own weaknesses. –Establish steps to harden the system Limit exposed services/processes –Follow update/patching warning From software publisher From security community –Monitor security listserv –Apply timely patches or use third party utility

9 9 Network Security Systems documentation –Software provider security documentation –Book Publisher title specific to security, OS, NOS, web server, applications –Subscription to security services –Apply advice explained in documentation E.g. do not run unnecessary services –Obtain documentation for update (pros & cons) Security patches New security issues

10 10 Network Security User access lists –Users should have limited access to resources –Access control list is compilation of access control entries –Access control entries contains following A SID, that identifies the trustee. A trustee can be a user account, group account, or a logon account for a program such as a Windows NT service. An access mask specifying access rights controlled by the ACE. Flags that indicates the type of ACE and flags that determine whether other objects or containers can inherit the ACE from the primary object to which the ACL is attached.

11 11 Network Security Assets access control Assets list with who, when, how access is provided

Download ppt "1 Pertemuan 9 Network Security and E-Commerce Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >"

Similar presentations

Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.

Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
1 Pertemuan 13 eBusiness, AIS, Financial Statement and Accounting Professionals Matakuliah: F0662/ Web Based Accounting Tahun: 2005 Versi: 1/0.

1 Pertemuan 13 eBusiness, AIS, Financial Statement and Accounting Professionals Matakuliah: F0662/ Web Based Accounting Tahun: 2005 Versi: 1/0.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Using Your Knowledge – Security Threats

Using Your Knowledge – Security Threats
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Auditing Computer Systems

Auditing Computer Systems
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
Security Controls – What Works

Security Controls – What Works
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Principles of Information Security Kris Rosenberg, Chief Technology Officer Oregon State University College of Business Kris Rosenberg, Chief Technology.

Principles of Information Security Kris Rosenberg, Chief Technology Officer Oregon State University College of Business Kris Rosenberg, Chief Technology.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 17 Organisational Back Up Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Essentials of Security Steve Lamb Technical Security Advisor

Essentials of Security Steve Lamb Technical Security Advisor
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

Similar presentations

Ads by Google