Computer Security - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

Computer Security

Description:

More mail access protocols SMTP: delivery/storage to receiver s server Mail access protocol: retrieval from server POP: Post Office Protocol [RFC 1939] – PowerPoint PPT presentation

Number of Views:121
Avg rating:3.0/5.0
Slides: 21
Provided by: 123se5
Category:

less

Transcript and Presenter's Notes

Title: Computer Security


1
Computer Security
  • Email Hacking

2
what exactly HACKING is ?
  • -gtHacking is a process to bypass the security
    mechanisms of an information system or network.
    These are two types-
  • Local hacking
  • Local hacking is done in local area where we
    physical access ,like through printer etc.
  • Remote hacking
  • Remote hacking is done remotely by taking
    advantages of the vulnerability of the target
    system.

3
Internet Protocol Stack
BitTorrent
SMTP
HTTP
Application Layer
RTSP
UDP
TCP
Transport Layer
IP
Network Layer
Ethernet
802.11(b, a, g) / WiFi
Link Layer
Physical Layer
Cables
Fiber Optics
Radio
4
SMTP
  • -gtSMTP used to send email from sender to
  • recipients mail server
  • -gtThen use POP3, IMAP or HTTP (Web mail)
  • to get messages from server
  • -gtAs with many application protocols, SMTP
  • commands are human readable
    recipient sender
  • SMTP SMTP

  • POP3


5
Electronic Mail
  • Three major components
  • user agents
  • mail servers
  • simple mail transfer protocol
  • SMTP
  • User Agent
  • a.k.a. mail reader
  • composing, editing, reading
  • mail messages
  • e.g., pine, Outlook, elm,
  • Thunderbird
  • outgoing, incoming messages
  • stored on server


  • SMTP
  • SMTP
  • SMTP

user agent
Mail server
user agent
Mail server
user agent
user agent
Mail server
user agent
user agent
6
Electronic Mail mail servers
  • Mail Servers
  • mailbox contains incoming
  • messages for user
  • message queue of outgoing (to be sent) mail
    messages
  • SMTP protocol between mail
  • servers to send email messages
  • client sending mail server
  • server receiving mail
  • server


  • SMTP
  • SMTP
  • SMTP

Mail server
Mail server
Mail server
7
Sending Server to Receiving Server
  • three phases of transfer
  • handshaking (greeting)
  • transfer of messages
  • closure
  • command/response interaction
  • commands ASCII text HELO, MAIL, RCPT, DATA,
  • QUIT, etc.
  • response status code and phrase
  • messages must be in 7-bit ASCII

8
Mail message format
  • RFC 822 standard for text
  • message format
  • header lines, e.g.,
  • To
  • From
  • Subject
  • body
  • the message, ASCII
  • characters only

  • blank line

header
body
9
More mail access protocols
  • SMTP delivery/storage to receivers server
  • Mail access protocol retrieval from server
  • POP Post Office Protocol RFC 1939
  • authorization (agent lt--gtserver) and download
  • IMAP Internet Mail Access Protocol RFC 1730
  • more features (more complex)
  • manipulation of stored messages on server
  • HTTP Hotmail , Yahoo! Mail, etc.

10
What is Security?
  • Security is the protection of assets. The three
    main aspects are
  • prevention
  • detection
  • re-action

11
Some differences between traditional security and
information security
  • Information can be stolen - but you still have it
  • Confidential information may be copied and sold -
    but the theft might not be detected
  • The criminals may be on the other side of the
    world

12
  • Computer Security deals with the prevention and
    detection of unauthorised actions by users of a
    computer system.

13
  • There is no single definition of security
  • What features should a computer security system
    provide?

14
Confidentiality
  • The prevention of unauthorized disclosure of
    information.
  • Confidentiality is keeping information secret or
    private.
  • Confidentiality might be important for military,
    business or personal reasons.

15
Security systems
  • A security system is not just a computer package.
    It also requires security conscious personnel who
    respect the procedures and their role in the
    system.
  • Conversely, a good security system should not
    rely on personnel having security expertise.

16
Risk Analysis
  • The disadvantages of a security system are that
    they are time-consuming, costly, and impede
    management and smooth running of the
    organization.
  • Risk analysis is the study of the cost of a
    particular system against the benefits of the
    system.

17
Designing a Security System
  • There are a number of design considerations
  • Does the system focus on the data, operations or
    the users of the system?
  • What level should the security system operate
    from? Should it be at the level of hardware,
    operating system or applications package?
  • Should it be simple or sophisticated?
  • In a distributed system, should the security be
    centralised or spread?
  • How do you secure the levels below the level of
    the security system?

18
Summary
  • By now you should have some idea about
  • Why we need computer security (prevention,
    detection and re-action)
  • What a computer security system does
    (confidentiality, integrity, availability,
    non-repudiation, authentication, access control,
    accountability)
  • What computer security exerts do (design,
    implement and evaluate security systems)

19
Thank You
20
Dibyajit Dash
Write a Comment
User Comments (0)
About PowerShow.com