Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACCESS CONTROL & INTRUSION DETECTION BY:RAUL FERNANDES 411112.

Published byDarren Randall Modified over 8 years ago

Similar presentations

Presentation on theme: "ACCESS CONTROL & INTRUSION DETECTION BY:RAUL FERNANDES 411112."— Presentation transcript:

1 ACCESS CONTROL & INTRUSION DETECTION BY:RAUL FERNANDES 411112

2 ACCESS CONTROL Resource User process Reference monitor access request policy ?

3 W HAT IS ACCESS CONTOL o Access Controls: The security features that control how users and systems communicate and interact with one another. POLICY DICTATES WHAT TYPES OF ACCESS ARE PERMITTED,UNDER WHAT CIRCUMSTANCES,AND BY WHOM

4 CATEGORIES OF ACCESS CONTROL  DISCRETIONARY ACCESS CONTOL(DAC)  MANDATORY ACCESS CONTROL(MAC)  ROLE-BASED ACCESS CONTROL(RBAC)

5 DISCRETIONARY ACCESS CONTOL(DAC) A system that uses discretionary access control allows the owner of the resource to specify which person can access which resources. Access control is given by the owner.

6 MANDATORY ACCESS CONTROL(MAC) Access control is based on a security labeling (how data is sensitive and critical) system. Users have security clearances(eligibility to access certain resource) and resources have security labels that contain data classifications. Model is used in confidentiality(e.g military)

7 ROLE-BASED ACCESS CONTROL(RBAC) Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles.

8 INTRUSION DETECTION SECURITY INTRUSION:A SECURITY EVENT OR A COMBINATION OF MULTIPLE SECURITY EVENTS THAT CONSTITUTES A SECURITY INCIDENT IN WHICH AN INTRUDER GAINS OR ATTEMPTS TO GAIN, ACCESS TO A SYSTEM WHITHOUT AUTHORIZATION INTRUSION DETECTION:A SECURITY SERVICE THAT MONITORS AND ANALYZES SYSTEM EVENTS FOR THE PURPOSE OF FINDING,AND PROVIDING REAL TIME WARNINGS OF ATTEMPTS TO ACCESS SYSTEM RESOURCES IN AN AUTHORIZED MANNER

9 CLASSIFICATION OF ID`S HOST- BASED IDS NETWORK –BASED IDS

10 HOST-BASED ID`S Analyze the activity within a particular computer system MONITORS THE CHARACTERISTICS OF A SINGLE HOST AND THE EVENTS OCCURING WITHIN THAT HOST FOR SUSPICIOUS ACTIVITY

11 NETWORK BASED ID`S Monitor network communications MONITORS NETWORK TRAFFIC FOR PARTICULAR NETWORK SEGMENTS OR DEVICES AND ANALYZES NETWORK,TRANSPORT,AND APPLICATION PROTOCOLS TO IDENTIFY SUSPICIOUS ACTIVITY

12 LOGICAL COMPONENTS OF IDS SENSORS :- Part of system resposible for collecting evidence of an intrusion. ANALYZERS :- Responsible for determining if an intrusion has occurred. USER INTERFACE :- Enables user to view output from he system or control the behavior of the system.

13 REFERNCE ACCESS CONTROL-(PgNO 675-680 WILLIAM STALLINGS) INTRUSION DETECTION-(PgNO 680-684 WILLIAM STALLINGS)

14 THANK YOU

Download ppt "ACCESS CONTROL & INTRUSION DETECTION BY:RAUL FERNANDES 411112."

Similar presentations

Chapter 15 Computer Security Techniques

Chapter 15 Computer Security Techniques
Formal Methods for Intrusion Detection Presented by Brian Kellogg CSE 914: Formal Methods for Software Development Michigan State University December 11.

Formal Methods for Intrusion Detection Presented by Brian Kellogg CSE 914: Formal Methods for Software Development Michigan State University December 11.
Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.
1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.
Access Control Methodologies

Access Control Methodologies
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.

1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.

Lesson 13-Intrusion Detection. Overview Define the types of Intrusion Detection Systems (IDS). Set up an IDS. Manage an IDS. Understand intrusion prevention.
A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.

A survey of commercial tools for intrusion detection 1. Introduction 2. Systems analyzed 3. Methodology 4. Results 5. Conclusions Cao er Kai. INSA lab.
Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Chapter 15 Computer Security Techniques Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.
By Edith Butler Fall 2008. Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.

By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
Intrusion Detection Systems CS391. Overview  Define the types of Intrusion Detection Systems (IDS).  Set up an IDS.  Manage an IDS.  Understand intrusion.

Intrusion Detection Systems CS391. Overview  Define the types of Intrusion Detection Systems (IDS).  Set up an IDS.  Manage an IDS.  Understand intrusion.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Department Of Computer Engineering

Department Of Computer Engineering

Similar presentations

Ads by Google