1 / 38

Network security

Network security. The increased use of networks and the Internet helps users finish many tasks quickly and efficiently and adds convenience to many people's lives. However, there is a downside, as well.

lynsey
Download Presentation

Network security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network security

  2. The increased use of networks and the Internet helps users finish many tasks quickly and efficiently and adds convenience to many people's lives. • However, there is a downside, as well. • As more and more personal and business data is stored on computer networks, the risks and consequences of unauthorized computer access, theft, fraud, and other types of computer crime increase; • So do the chances of data loss due to crime or employee misconduct. • Some online activities can even put your personal safety at risk, if you are not careful.

  3. Hacking • Hacking refers to the act of breaking into another computer system. • The person doing the hacking is called a hacker.

  4. Where does a hacker come from? • Insiders commit computer crimes about as often as outsiders.

  5. WikiLeaks is a non-profit media organization dedicated to bringing important news and information to the public. • Julian Paul Assange founded the WikiLeaks website in 2006.

  6. Kinds of Threat

  7. Malware • Malware is a generic term that refers to any type of malicious software. Malware programs are intentionally written to perform destructive acts.

  8. Computer Virus • A software program that is installed without the permission or knowledge of the computer user, is designed to alter the way a computer operates, and can replicate itself to infect any new media it accesses.

  9. Phishing • Sending emails that appear to come from a trusted source, which direct you to a website where you’re asked to reveal personal information.

  10. Trojan Horse • A Trojan horse is a malicious program that masquerades as something else—usually as some type of application program. http://1.bp.blogspot.com/_Fsx-5T1qjOk/TRgtQolB3fI/AAAAAAAABnA/gE3uVwgW0-4/s1600/trojan-horse.jpg

  11. Denial of Service (DoS) • A denial of service(DoS) attack is an act of sabotage that attempts to flood a network server of Web server with so many requests for action that is shuts down or simply cannot handle legitimate requests any longer, causing legitimate users to be denied service.

  12. Web Site Defacement • Defacing or otherwise changing Web sites without permission.

  13. Security Measure

  14. Security http://www.cert.ge/images/network-security-lock.jpg http://brooknovak.files.wordpress.com/2009/07/network-security.jpg • Security is a system of safeguards for protecting information technology against disasters, system failures, and unauthorized access that can result in damage or loss.

  15. Access Control Systems

  16. Access control systems are used to control access to facilities, computer networks, and other assets. • Identification systems can be used to verify that the person trying to access the system is listed as an authorized user. • Authentication systems can be used to determine whether or not the person attempting access is actually who he or she claim to be.

  17. Common Types of Access Control The three most common types of access systems • Passwords • Possessed object • Biometric

  18. Password • Passwords – are secret words or character combinations associated with an individual. • Disadvantages • One of the biggest disadvantages of password-only systems is that passwords can be forgotten • Another is that passwords can be guessed or deciphered by a hacker’s PC easily if good password selection strategies are not applied.

  19. Possessed Object Access Systems • Use physical objects for identification purposes. • Common types of possessed objects are smart cards, magnetic cards; that are swiped through or placed close to a reader to be read. • USB security tokens or e-tokens – are flash memory drives that are inserted into a PC to grant access to a network, supply Web site passwords, and provide other security features – are being used.

  20. Disadvantage of Possessed Objects • The object can be lost, or used by an unauthorized individual. This latter disadvantage can be overcome by requiring the user to supply a password in order to use the possessed object. • This type of two-factor authentication is much more secure than security procedures involving only one factor.

  21. Biometric • Biometric access systems identify users by a particular unique biological characteristic such as • Fingerprint • Hand geometry • Face • Iristhe colored portion of the eye • Voice • Signature

  22. Fingerprint http://science.howstuffworks.com/fingerprinting1.htm http://www.popsci.com/files/imagecache/article_image_large/articles/800px-Fingerprint_scanner_identification.jpg

  23. Hand Geometry http://www.safesecurevital.org/images/photogallery/security/4-HandGeometry_Closeup3.jpg

  24. Face Recognition http://biometricuae.com/digi-iface-biometric-face-recognition-system-for-time-attendance-door-access-control-system-with-software/face-recognition-image-4/

  25. Iris http://images.businessweek.com/ss/05/07/surveillance/image/irisscan.jpg

  26. Biometric

  27. Disadvantages of Biometric System • Finger may be faded away or cut. • Individual’s voice might be affected by a cold. • Written signature might be affected by a broken wrist.

  28. Firewall

  29. Firewall • A system of hardware and software that provides a protective boundary between a computer or network and the outside world in order to protect against unauthorized access. • The firewall monitors all internet and other network activity, looking for suspicious data and preventing unauthorized access.

  30. Firewall is a fence to protect intruder to come in or things to go out. • But once data leave the boundary of firewall, a firewall is useless. Analogy to a car carries things outside your home, a firewall can’t protect your car from stealing.

  31. Encryption

  32. Encryption • Encryption is a process of altering readable data into unreadable form to prevent unauthorized person to read it.

  33. Terminology • – unencrypted data • – encrypted data • – method to encrypt • – method to decrypt • – method for solving a problem expressed as a finite sequence of steps.

  34. Ancient Ciphers • cipher • Every occurrence of a given letter is replaced by a different letter • cipher • Shifts the ordering of letters

  35. Modern Ciphers • An encryption algorithm is revealed to any but key is kept secret to authorized parites.

  36. Encrypt and decrypt by the same key • Key is a code composed of a very large collection of letters, symbols, and numbers.

  37. Encrypt by one key and decrypt by another key. • Private key & Public key. • An individual's public key is not secret and is available for anyone to use, but a private key is used only by the individual to whom it was assigned.

  38. Why do we need Public key?

More Related