1 / 27

BASIC SECURITY CONCEPTS

What is System Security?. Protection of assets from unauthorized accessprotection from unauthorized access both from within and externalSecurity is a process of reducing risk or the likelihood of harmSecurity is a weak link problem- total security is no better than the weakest link.It must, ther

catriona
Download Presentation

BASIC SECURITY CONCEPTS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. BASIC SECURITY CONCEPTS What is security? What are we protecting? System security Network security Security awareness The security process Security procedures Security in TCP/IP layers

    2. What is System Security? Protection of assets from unauthorized access protection from unauthorized access both from within and external Security is a process of reducing risk or the likelihood of harm Security is a weak link problem- total security is no better than the weakest link. It must, therefore, be evaluated across the entire enterprise Security is a series of trade-offs: the greater the level of security the worse the ease of use.

    3. There are 10 fundamental aspects of security ( system security): Awareness – make every one understand the critical role security plays in their well-being Access – ability to connect to the system resources Identification – to be able to know the user Authentication – preventing unauthorized interception of information during transmission Authorization – allowing identifiable users access to the resources Availability – preventing unauthorized withholding of information and resources Integrity – preventing unauthorized modification of information Accuracy – an assurance of the integrity of the resources Confidentiality – disclosure of information Accountability – ensuring that if there is unauthorized access to information, the source can be easily found through an audit

    4. To safeguard the value of resources ( security of resources) the following are fundamental: Confidentially- make the resources sharable among only authorized users. Also to make the sender and receiver of the message authenticate each other and make sure that the content of the message is not altered either by accident or maliciously. In addition, proprietary resources like information need confidentiality Accuracy/Message integrity and non-repudiation – the state of information about the resource must be reliable and verifiable – as correct as possible Availability/Access Control – resource must be available at all times when needed by a legitimate user. Authentication – both sender and receiver should be able to confirm identity of each other – to confirm that the other party is who or what they claim to be.

    5. Security phases: Inspection – identifying key security functions needed and the capabilities available to achieve the desired security level Protection – proactive risk reduction – mechanism in place to prevent reduction in desired security level Detection ( in action)– to take measures to detect whether an asset has been damaged, how, and who has caused the damage. Response ( post-action)– to take measures that allow recovery of assets or recovery from damage, and minimize losses (unwanted publicity). Reflection – plans/processes that focus on security improvements.

    6. What are we protecting? We are protecting system resources: Business information Equipment Systems Data (information) Data and Information - the most important resource: Data is a physical phenomena that represents certain aspects of our conceptualization of the world When we process data we give it meaning and we call it information. Data and information are: Stored Moved over communication channels We focus on security of data and information: At source ( source: server/client) At destination (destination: server/client) In the communication channel The security of computer networks means the security of information on that network.

    7. Ensure security in a network by: Access – legal channels of getting resources Identification – to uniquely distinguish a user of a resource Authentication – to prove positively that the user is what he/she claims to be. Authorization – being able to determine and allow the user only those resources the user has ability to utilize.

    8. Enhance security by: Accountability – ability to associate activities with the actors. Awareness – create/cultivate a level of understanding of security issues Administration – ability to manage the security system.

    9. Security awareness Security is a continuous process of making valuable resources secure. First act in securing system resources is awareness Process of making people understand the implications of security in their lives All people in the enterprise must understand the importance of security All people must understand the following: Appropriate use of resources – all people must know why security of resources matter. Relevancy of security Individual’s role Responsibility Repercussions

    10. Awareness programs must be: Continuous because of new people and program updates. Comprehensive to cover all aspects of the enterprise that involve security Coherent to be well understood – no mistakes must be made Cost-effect - to encourage people to be responsive/responsible – this pays handsomely in the long run. Awareness plans must be designed to include: Most effective delivery method Effective message content Awareness implementation Awards/rewards Broad-based Focused individual

    11. Causes of system security lapses - Hardware – many security problems originate from hardware failures and poor designs Software – lots of security problems originate from poor software designs and testing Human/user – humans are very unpredictable and malicious * Resources ( data and information)– because the resources within the computer system themselves may contain loopholes through which, if found, intruders enter the systems. Having established the security framework and need for network security (more next week) let us look at the current security procedures

    12. Security procedures: Good and effective security is a result of a good security policy A policy may have one or more of the following procedures: For servers and Clients: Intrusion Detection Systems (IDS) Firewalls For the communication channel: Encryption Authentication

    13. Firewalls To limit access to the local network through the filtering of signatures: Filtering policy Deny everything (deny-everything-not-specifically allowed)- deny everything then later add those things that are allowed by exception (recommended) Allow everything (allow-everything-not-specifically- denied) – allows everything then denies services considered unacceptable. Signatures are frequently updated

    14. Network-based IDS Network-based IDS is a real-time monitoring system of the network based on external traffic signatures (mostly signatures of known exploits) as they enter a secure private network Unlike firewalls, IDS sensors capture, store, and report on signatures without altering them. It also monitors internal traffic as it tries to move outside the private network. Parameters used to monitor traffic signatures in and out of the private network are base on either TCP or UDP structures. IDS sensors are either based on software or hardware.

More Related