Network Security - PowerPoint PPT Presentation

About This Presentation
Title:

Network Security

Description:

Network Security – PowerPoint PPT presentation

Number of Views:72
Avg rating:3.0/5.0
Slides: 24
Provided by: BoS147
Category:

less

Transcript and Presenter's Notes

Title: Network Security


1
Network Security
2
Security Services
  • Confidentiality protection of any information
    from being exposed to unintended entities.
  • Information content
  • Parties involved
  • Where they are, how they communicate, how often,
    etc.
  • Authentication assurance that an entity of
    concern or the origin of a communication is
    authentic - its what it claims to be or from
  • Integrity assurance that the information has not
    been tampered with

3
Security Services
  • Non-repudiation offer of evidence that a party
    is indeed the sender or a receiver of certain
    information
  • Access control facilities to determine and
    enforce who is allowed access to what resources,
    hosts, software, network connections
  • Data Availability Protection against disruption
    of service
  • Accountability How an audit trail is kept

4
Security Objectives
Confidentiality (Secrecy) Prevent/Detect/Deter
improper disclosure of information
AvailabilityPrevent/Detect/Deter improper
denial of access to services provided by the
system
IntegrityPrevent/Detect/Deter improper
modification of information
5
Virus, Worms, and Trojan Horses
  • Trojan horse instructions hidden inside an
    otherwise useful program that do bad things
  • Virus a set of instructions that, when executed,
    inserts copies of itself into other programs.
  • Worm a program that replicates itself by
    installing copies of itself on other machines
    across a network.
  • Trapdoor an undocumented entry point, which can
    be exploited as a security flaw
  • Zombie malicious instructions installed on a
    system that can be remotely triggered to carry
    out some attack with les traceability because the
    attack comes from another victim.
  • .

6
Encryption/Decryption
encryption
decryption
  • plaintext

ciphertext
plaintext
  • Plaintext a message in its original form
  • Ciphertext a message in the transformed,
    unrecognized form
  • Encryption the process for producing ciphertext
    from plaintext
  • Decryption the reverse of encryption
  • Key a secret value used to control
    encryption/decryption

7
Types of Cryptographic functions
  • Secret Key Cryptography
  • One key
  • Public Key Cryptography
  • Two keys public, private

8
Secret Key Cryptography
encryption
decryption
  • plaintext

ciphertext
plaintext
key
key
same key
  • Same key is used for both encryption and
    decryption
  • Symmetric cryptography
  • Conventional cryptography
  • Ciphertext is about the same length as the
    plaintext
  • Examples DES, IDEA, AES

9
Public Key Cryptography
encryption
decryption
  • plaintext

ciphertext
plaintext
public key
private key
  • Invented/published in 1975
  • Each individual has two keys
  • Private key is kept secret
  • Public key is publicly known
  • Much slower than secret key cryptography
  • Also known as
  • Asymmetric cryptography

10
Public Key Cryptography contd
signing
verification
Signed message
  • plaintext

plaintext
private key
public key
  • Digital Signature
  • Only the party with the private key can generate
    a digital signature
  • Verification of the signature only requires the
    knowledge of the public key
  • The signer cannot deny he/she has done so.

11
Applications of Public Key Cryptography
  • Digital Signatures
  • Authorship Prove who generate the information
  • Integrity the information has not been modified
  • Non-repudiation cannot do with secret key
    cryptography

12
Firewalls
13
What is a firewall?
  • Device that provides secure connectivity between
    networks (internal/external varying levels of
    trust)
  • Used to implement and enforce a security policy
    for communication between networks

14
Firewall
15
Firewalls
  • From Websters Dictionary a wall constructed to
    prevent the spread of fire
  • Internet firewalls are more the moat around a
    castle than a building firewall
  • Controlled access point

16
Firewalls can
  • Restrict incoming and outgoing traffic by IP
    address, ports, or users
  • Block invalid packets

17
Firewalls Cannot Protect
  • Traffic that does not cross it
  • routing around
  • Internal traffic
  • When misconfigured

18
Access Control
Corporate Network
  • Security Requirement
  • Control access to network information and
    resources
  • Protect the network from attacks

DMZ Net Web Server Pool
19
Filtering
  • Packets checked then passed typically route
    packets
  • Inbound outbound affect when policy is checked
  • Packet filtering
  • Access Control Lists
  • Session filtering
  • Dynamic Packet Filtering
  • Stateful Inspection
  • Context Based Access Control
  • Fragmentation/reassembly
  • Sequence number checking
  • ICMP

20
Packet Filter Embedded in Router
21
VPN
22
Tunneling
23
Security Technologies
  • Intrusion Detection System
  • Pretty Good Privacy
  • Secure Shell
  • Secure Socket Layer
  • IP Security
  • Wired Equivalent Privacy
Write a Comment
User Comments (0)
About PowerShow.com