Presentation is loading. Please wait.

Presentation is loading. Please wait.

COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.

Published byAshlie Ramsey Modified over 8 years ago

Similar presentations

Presentation on theme: "COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003."— Presentation transcript:

1 COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003

2 Introduction to Internet Security It is a challenge to assure security in information systems – networked, embedded, and plain computation systems. There are a variety of security policies in the world; they come in many flavors ( for example, authentication before access, integrity of information, and confidentiality of information)

3 Web connections. The browser,. The server,. The connection between the two. The user, via his browser, connects to a remote Web server and requests a document. The server returns the document, and the browser displays it.

4 From the user’s point of view. The remote server is owned and operated by the organization that it seems to be owned by.. The documents that the server returns are free from dangerous viruses and malicious intent.. The remote server will not record or distribute information that the user considers private, such as his Internet browsing habits.

5 From the Webmaster’s point of view. The user will not attempt to break into the Web server computer system or alter the contents of the Web site.. The user will not try to gain access to documents that she is not privy to.. The user will not try to crash the server, making it unavailable for others to use. If the user has identified herself, she is who she claims to be.

6 From both parties’ views. The network connection is free from third-party eavesdroppers listening in on the communications line.. The information sent between browser and server is delivered intact, free from tampering by third parties.

7 Document Confidentiality To protect private information from being disclosed to third parties. Cryptography enables confidential information to be transmitted from location to location across insecure networks

8 Cryptographic Systems 1. Plaintext - human-readable or in a format that anyone with the proper software can use. 2. Ciphertext - human-unreadable, encrypted message 3. Cyphtographic algorithm - mathematical operation used to convert plaintext into cipertext 4. Key - to encrypt and/or decrypt the message, only people who know the correct key can decrypt a piece of ciphertext. Algorithm Plaintext Ciphertext

9 CLIENT-SIDE SECURITY. These are security measures that protect the user’s privacy and the integrity of her computer.. Technological solutions include safeguards to protect users against computer viruses and other malicious software, as well as measures that limit the amount of personal information that browsers can transmit without the user’s consent.. Organizations can prevent employees’ Web browsing activities from compromising the secrecy of the company’s confidential information or the integrity of its local area network.

10 SSL. Secure Sockets Layer (SSL),. a flexible and general-purpose encryption system,. dramatically reduces the risk by emptying the browser-server data stream.. reliably identifying the party at the other end of the network link.

11 How SSL protects an online transaction

12 SERVER-SIDE SECURITY. To protect the Web server and the machine it runs on from break-ins, site vandalism, and denial–of- service attacks. denial–of-service attacks : attacks that make the Web site unavailable from normal use.. Technological solutions : firewall systems, operating system security measures.

13 Windows NT Web Servers. Windows NT Server - coordinate the activities of other machines, - provide remote access services, - run Windows name resolution, - host the Internet Information Server. Windows NT Workstation - most of the server functions disabled - Microsoft Internet Information Server can’t run on NT Workstation

14 Steps for securing a Window NT Web server 1. Apply all service patches. 2. Fix the file system permissions. 3. Fix the registry access permissions 4. Remove or disable all extraneous network services. 5. Add the minimum number of user accounts necessary to maintain the server. 6. Install the server software and adjust file and directory permissions to restrict unnecessary access. 7. Remove or disable unnecessary Web server features, CGI scripts, and extensions. 8. Monitor system and server log files.

15 UNIX Web Servers UNIX is a multi-user system : A single machine supports several or hundreds of users. Each has a unique home directory and environment. Each is protected against interference from the others by a system of access permissions. Files, programs, devices, and other system resources are all protected by access control.

16 UNIX Web Servers User and group access rights are the basis for UNIX system, including those that provide Internet services, runs with the permission of some user or another.

17 Steps for setting up a UNIX Web server secure 1. Apply vendor operating system patches. 2. Turn off unessential services. 3. Add the minimum number of user accounts 4. Get the file and directory permissions right. Ideally you should take these steps off-line before you physically plug the system into the network.

18 CONCLUSION. Internet security is the practice of protecting and preserving private resources and information on the Internet,. It is a challenging topic among executives and managers of computer corporations.. Together, network security and a well-implemented security policy can provide a highly secure solution.

Download ppt "COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.

Web Servers Security: What You Should Know. The World Wide Web (WWW) is one of the best ways to develop an e-commerce business presence and interact with.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.

Similar presentations

Ads by Google