Download presentation
Presentation is loading. Please wait.
Published byRandolf Weaver Modified over 8 years ago
1
MD703 Class 9 Agenda Computer Security SSL encryption and Internet security Network Security Chapter 3 Review Chapter 8 Review
2
Computer Security Basics Identification/Authentication/Access Audit logs and traces Directory Services –LDAP, AD –Groups and attributes Access Control –Function vs “row-level” –Roles: groups of people –ACL: groups of permissions Virus and Intrusion Detection –Castles and Roads
3
Computer Security Threats Viruses Spoofing/Phishing Zombies Relaying Spyware Snooping Ransom-ware
4
Encryption “Encrypt” vs “encode” Asymmetric keys Public / private keys Digital Certificates SSL / HTTPS Secured Transactions
5
PKI Process PKI Service PKI Client Send Public key Return encoded symmetric key Send login req using sym key Conduct work Time’s up! Send new sym key info
6
Network Security Basics Single sign-on –Directory services –Trusted machines Firewalls –Routers as firewalls –True firewalls Multicast Routing Virtual Private Network DMZ –2-router model
7
Single Sign-on Security Server Application Server User/Client 1 2 3 4 5 1: Login to SS 2: Get token 3: login to AS (pass token) 4: AS chk’s token 5: SS ok’s token
8
Router / Firewall Firewall Router Accept List / Exclude list From: 12.3.4.68 To: 136.167.2.34 Type: Telnet From: 136.167.2.34 To: 12.3.4.68 Type: Telnet
9
Routed Network Design Router 136.167.2 I-net router 136.167 Client LAN Router 136.167.10 Campus Backbone
10
Multicast Router 136.167.2 I-net router 136.167 PC Campus Backbone PC Subscribe? YN Y
11
VPN / Remote Access Goals VPN Mechanism VPN Problems Proxy Server
12
VPN Model Router 136.167.2 VPN Server PC Campus Backbone PC Rmt PC Subscribe? YN Y Encrypted link
13
DMZ Model Internet router (to/from DMZ only) Internal ServicesExternal Services DMZ Intranet router (to/from DMZ only)
14
Chapter 3: Review British Railways Case –Where is value add Commoditizing IT –Impact on strategy Working in/out/across
15
Chapter 8: Review Operations Issues: sustainable advantage Outsourcing Transaction Costing Information Security
16
Discussion Questions Which aspects of IT/IS are of strategic concern and which are not? What IT/IS factors weight a decision toward outsourcing? Is it commodity-status only?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.