280 likes | 750 Views
Security. Presented by : Qing Ma. Introduction. Security overview security threats password security, encryption and network security as specific. Security overview. Why do we need security? Security is basic requirement because global computing is inherently insecure.
E N D
Security Presented by : Qing Ma
Introduction • Security overview • security threats • password security, encryption and network security as specific
Security overview • Why do we need security? Security is basic requirement because global computing is inherently insecure. • Also Information security computer security protects the information you stored in the computer
Security overview • What are you trying to protect? You should analyze your system to know what you protecting and why you are protecting it. What value it has, and who has responsibility for your data and other assets.
Security threats • A security threat can be as simple as interfering with your network normal operation or actively cracking you security and changing or taking control of network resources.
Security threats The major types of threats are: • denial OS service(DoS)attack • buffer overflow • Trojan horses • intruders and physical security • intercepted transmissions • social engineering • lack of user support
Password security and encryption What is encryption? • Transform original information into altered information of random text • intruder can not read password in the file, even if file security is breached • original password not preserved in the memory , when login just do the compare
Password security and encryption • Shadow password file:store encrypted password data in file, which has the most restrictive protection . • Cryptographic keys: private key--use both to encrypt and todecrypt information public key system--use two keys with private one encrypt a message, with public one decrypt by the recipient
Password security and encryption • Shell and file access telnet--use the standard user list for the OS, no encryption or authentication ftp--has basic authentication and access privilege protection SSh(secure shell)--a protocol that lets you log in and execute commands on another machine over network
Password security and encryption Secure socket layer(SSL)--developed by Netscape that sits above the TCP/IP layer but below the higher protocols(http,ftp,ldap) provide standard way for authentication • secure files options SCP--part of SSH, provide authentication and encryption ftp over SSH--render insecure utility more protected SSL ftp--prevent packet sniffing
Network security • Why network security network security is becoming more and more important as people spend more time connected. What makes it worse is that information can be leaked from the inside of your network to the internet.
Network security Protocols • protocol allow user to think at the high level of a communication. • The software and hardware create a protocol stack, which is layered architecture for communication. • Two protocol stack: OSI(open system interconnection) and TCP/IP(transmission control protocol and internet protocol
Network security Network ISO/OSI model • application layer • presentation layer • session layer • transport layer • network layer • data link layer • physical layer
Network security Trusted/untrusted system • communication between trusted and untrusted networks must have rules associated with it. • A trusted system is inside a security perimeter. • Information outside the trusted network treated as single sensitivity level.
Network security • A gateway controls traffic from inside and outside. • The function of gateway is label and filter data. Firewall a firewall is a system designed to prevent unauthorized access to or from a private network.
firewall • How does it work? It is used to prevent unauthorized internet users form accessing private networks connected to the internet and intranet. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that don’t meet the specified security criteria.
firewall • Fig1 firewall/proxy server
firewall How does a proxy server work? • Run at the application level of network protocol stack for each different type of services • control internal users access the Internet and Internet users access the inside the world • return response to request from inside the firewall
firewall Defensive strategies • firewall is perimeter defense system with “choke point” • monitor and block access at choke points • separate department and implement encryption throughout your organization • firewall do not protect against leaks
firewall • Fig2 firewall provide perimeter defenses with choke points, like medieval castles
firewall Classifying firewalls • screening router(packet filters) • proxy server gateway circuit-level gateway application-level gateway • stateful inspection techniques
firewall • Fig 3 a screening router
firewall • Fig4 a proxy server
firewall Firewall policies • block all traffic, then allow specific services on case-by-case basis • network traffic and from outside networks such as the Internet must pass through the firewall. The traffic must be filtered to allow only authorized packets to pass
firewall • Never use a firewall for genera-purpose file storage or to run programs, except for those required by the firewall • do not allow any passwords or internal addresses to cross the firewall • accept the fact that you might need to completely restore public systems from backup in the event of an attack