Lecture 11 Reliability and Security in IT infrastructure.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
1 MODULE 10 : Assuring Reliable and Secure IT Services Matakuliah: J0422 / Manajemen E-Corporation Tahun: 2005 Versi: 1 / 2.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Chapter 12 Network Security.
Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Lecture 11 Reliability and Security in IT infrastructure.
Introduction to Network Defense
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Securing Information Systems
Storage Security and Management: Security Framework
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
1 IS 8950 Managing Network Infrastructure and Operations.
Assuring Reliable and Secure IT Services Chapter 6.
“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
BUSINESS B1 Information Security.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
C8- Securing Information Systems
The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Topic 5: Basic Security.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
Chap1: Is there a Security Problem in Computing?.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Computer Security By Duncan Hall.
Assuring Reliable and Secure IT Services Chapter 6.
INTERNET & ONLINE COMMUNITY Week 14. RECAP Remember “Analysing the Social Web”? Why would we want to do that? Propagation – what is it and how.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
Onsite CRM Security
Securing Information Systems
Information Systems Security
Chapter 40 Internet Security.
BUSINESS DRIVEN TECHNOLOGY
Risk management.
CHAPTER FOUR OVERVIEW SECTION ETHICS
Managing Secure Network Systems
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Securing Information Systems
Security in Networking
– Communication Technology in a Changing World
ISNE101 Dr. Ken Cosh Week 13.
INFORMATION SYSTEMS SECURITY and CONTROL
Faculty of Science IT Department By Raz Dara MA.
– Communication Technology in a Changing World
CHAPTER FOUR OVERVIEW SECTION ETHICS
Computer Security By: Muhammed Anwar.
Network Security Mark Creighton GBA 576 6/4/2019.
Presentation transcript:

Lecture 11 Reliability and Security in IT infrastructure

2 Business analysis paper feedback Interesting topics Be specific in what questions you want to cover –You cannot do it all –Some resources will be harder to find Be clear where information is coming from Look for good references now

3 Reliability Basics Redundancy –Multiple paths through a network make the network robust to failing links Individual components are not so reliable –Buying backup equipment is possible, but sometimes expensive Redundancy can make more complex management challenges

4 Math of Availability Difference between 2% down in one business vs another –When might it go down? –Who is affected

5 Fig 6.1 Five Components in Series Total availability of components in series requires all components to be available

6 Fig 6.2 Combining components in series decreases overall availability exponentially Increased number of components increases the likelihood that one of them is out

7 Redundancy through parallel components All components have to fail in order for the link to fail

8 Fig 6.4 Redundancy increases overall availability

9 More general networks How do we calculate probability of failure in network? How do we recognize the critical vulnerabilities?

10 High Availability Facilities Redundant power supply Physical security Climate Control Fire suppression Network connectivity

11 N+1 vs. N+N redundancy N+1 means one backup per type N+N means one backup per component

12 Fig 6.5 Typical E-commerce Infrastructure Most components have redundancy Why not all?

13 Reliability vs. Security What is the difference? What different scenarios need to be considered?

14 Security against malicious threats Multiple different types of threats

15 Fig 6.7 distributed Denial of service attack

16 Fig 6.8 Spoofing Packets look like they came from another source

17 Intrusion Attacker gains access to internal IT structure –Usernames/passwords –Hacking using sniffer software Once inside, intruder can –Steal information –Alter data –Delete data –Deface programs/websites Detecting what someone has actually done is difficult

18 Viruses and worms Malicious software programs that replicate and spread to other computers Large range of potential damage Usually, viruses require user execution, whereas worms move automatically Recent examples target vulnerabilities, trigger cascade of events

19 Defensive Measures Access and security policies –Who can read what? –Who can have an account? –Who is allowed to change what? –How is policy enforced? Firewalls –Collection of hardware, software to prevent unauthorized access o internal computer resources –Act like a security gate to check legitimate employees trying to use network –Filtering vs. relaying

20 Defensive Measures Authentication –Various levels (host, network etc.) –Any granularity possible (files, directories etc.) –Strong authentication requires complex passwords, often changing –Digital certificates –Biometric data Encryption –Uses a key to decode and decode message –Public/private combination –Only person with private key can decrypt

21 Defensive Measures Patching –Exploiting weaknesses in system is a primary strategy for attack –Knowing what has been patched is critical Intrusion detection and network monitoring –Automatically filtering out attacks is best –Logging and diagnostic systems help improve and detect what has actually happened

22 Security Management Framework Make Deliberate Security Decisions Consider Security a Moving Target Practice Disciplined Change Management Educate Users Deploy Multilevel Technical Measures, as many as can afford

23 Risk Management of Availability and Security Cannot afford to stop every possibility Expected loss is one measure (prob. x cost)

24 Incident Management (Recall last week’s case) Before –Sound infrastructure –Disciplined execution of operating procedures –Careful Documentation –Established Crisis Management procedures –Scenario testing During –Follow the plan! –Avoid emotional, over-optimistic or political influences After –Detect what has happened –Rebuild carefully –Document –Public Announcement Decisions

25 Case this week: Ford and Dell Read both the Ford Case and the Dell reading

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.