1 / 32

The Internet and Security

The Internet and Security. Chapter 4. six major roles and goals of IT. 1. Increase employee productivity by reducing time, errors and costs using 2. Enhance decision making 3. Improve team collaboration 4. Create business partnerships and alliances

haroun
Télécharger la présentation

The Internet and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Internet and Security Chapter 4

  2. six major roles and goals of IT • 1. Increase employee productivity by reducing time, errors and costs using • 2. Enhance decision making • 3. Improve team collaboration • 4. Create business partnerships and alliances • 5. Enable global reach all over the world taking into consideration the culture of each nation or society. • 6. Facilitate organizational transformation as the organization evolves and responds to the ever-changing marketplace.

  3. Key Terms ______________________ Transmission of all forms of communication including digital data, voice, fax, sound, and video from one location to another over some type of network ______________________ A group of computers and peripheral devices connected by a communication channel capable of sharing information and other resources among users ______________________ Is the carrying capacity of a telecommunications network. (i.e. the size of the telecommunications channel or pipeline)

  4. Email with teeth Sample of Interpersonal Use of Telecommunications

  5. Sample of Interpersonal Use of Telecommunications

  6. Sample of Business Use of Telecommunications

  7. Sample of Business Use of Telecommunications

  8. History of the Internet • ARPANET 1960 (Advanced Research Project Agency Network) • NSFNET1986(National Science Foundation Network) • Connected to ARPANET and many others (BITNET, CSNET, etc) to become a major component of the Internet • Internet Support • Ongoing support comes from many universities, federal and state governments, and national international research institutions and industry

  9. Warriors How the Internet Works – Packet Switching • Packet Switching • Allows millions of users to send large and small chucksof data across the Internet concurrently • Based on the concept of turn taking, packets from each user are alternated in the shared network (below) • Networks connected to the Internet use this concept

  10. How the Internet Works – TCP/IP & Routers TCP/IP Approach TCP – Transmission Control Protocol IP – Internet Protocol • Routers • Connect one network to another • Identify each device on a network as unique using IP protocol • Serve as the “Traffic Cop” directing packets to their destination

  11. How the Internet Works – Connecting Networks Example: Sending a message from Computer A to D 2 (Router) Reads IP Address of packet, routes message to Network 2 and Computer D 3 1 (Computer A) TCP - Breaks message into data packets IP - Adds address of destination Computer D (Computer D) TCP - Checks for missing packets, reassembles message, discards duplicate packets

  12. How the Internet Works – Web Addresses & Domains • Domain • Identifies the Website (host) • Comes in many suffixes such as: • .edu (educational institutions) • .org (organizations; non-profit) • .mil (military) • .net (network organizations) • Example: microsoft.com • IP Address • Each domain is associated with one or more IP addresses • Format: a 32-bit address written as 4 numbers (from 0-255) separated by periods • Example: 1.160.10.240 • (URL) Uniform Resource Locator • Identifies particular Web pages within a domain • Example: http://www.microsoft.com/security/default.mspx

  13. How the Internet Works – Managing the Internet • Internet Registry • Central repository of all Internet-related information • Provides central allocation of all network system identifiers • Managed by Internet Assigned Numbers Authority (IANA) • Domain Name System (DNS) • Maintained by the Internet Registry • Used to associates hosts or domains with IP addresses • Root DNS database is replicated across the Internet • InterNic Registration Service • Assigns Internet Domains and IP addresses • Internet Corp. for Assigned Names and Number (ICANN) has responsibility for managing IP addresses, domain names, and root server system management

  14. How the Internet Works – Connecting to the Internet Modem (stands for Modulate/Demodulate) Internet Service Provider (ISP) Network Access Points (NAPs) Internet Backbone

  15. Network Connection Types POTS (Plain Old Telephone Service) ISDN (Integrated Services Digital Network) DSL (Digital Subscriber Line) Cable Modem IoS (Internet over Satellite) • Wireless • Fixedwireless • Mobilewireless

  16. Network Connection Types T1/T3 (Trunk Level 1 or 3) ATM (Asynchronous Transfer Mode) SONET (Synchronous Optical Network)

  17. Current State of the Internet

  18. World Wide Web • HTTP (Hypertext Transfer Protocol) • A _____________used to process user requests for displaying Web pages from a Web server • Web Servers • A special computer that is specifically designed to store and “_____________”Web pages • This machine contains special _____________and _____________ to perform its many specialized functions

  19. Information System Security _____________ Precautions taken to keep all aspects of information systems safe from unauthorized access • Managerial Methods • Several techniques are commonly used to manage information systems security: • _____________Assessment • Controlling _____________ • Organizational Policies and Procedures • Backups and _____________

  20. Information System Security – Managerial Techniques • Assessing Risk • Security Audit • Risk Analysis • Alternatives based on Risk Analysis: • Risk Reduction • Risk _____________ • Risk Transference – • Controlling Access • Keeping information safe by only allowing access to those that require it to do their jobs • _____________ – • Access Control –

  21. Information System Security – Managerial Techniques • _____________ Policies and Procedures • Acceptable Use Policies – formally document how systems should be used, for what, and penalties for non-compliance • _____________ and _____________ Recovery • Backups – taking periodic snapshots of critical systems data and storing in a safe place or system (e.g. backup tape) • Disaster Recovery Plans – spell out detailed procedures to be used by the organization to restore access to critical business systems (e.g. viruses or fire) • Disaster Recovery – executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost

  22. Identity theft State of IS Security - Security Threats & Technologies • Security Threats • _____________ Theft– • _____________ _____________– • Others: Spyware, Spam, Wireless Access, Viruses • Security Technologies • Companies and research organizations continue to develop and refine technologies to prevent security breaches. Some Include: • _____________ • _____________ • _____________ and Encryption

  23. IS Security: Technology _____________ A system of software, hardware or both designed to detect intrusion and prevent unauthorized access to or from a private network • Firewall Techniques • Packet Filter – examine each packet entering and leaving network and accept/reject based on rules • Application Level Control – Performs certain security measures based on a specific application (e.g. file transfer) • Circuit Level Control – detects certain types of connections or circuits on either side of the firewall • Proxy Server – acts as, or appears as, an alternative server that hides the true network addresses

  24. Firewall Capability Firewall can • Focus for security _____________ • Enforce security _____________ • Log internet _____________ • Limit _____________ • keeps one section of intranet separate from another Firewall can not • Protect against malicious _____________ • Protect against connections that do not go through it • Protect against new _____________ • Protect against _____________

  25. Security Threat: Spyware, Spam, and Cookies _____________ Any software that covertly gathers information about a user through an Internet connection without the user’s knowledge _____________ Electronic junk mail or junk newsgroup postings usually for purpose of advertising some product and/or service _____________ A message passed to a browser from a Web server. Used by legitimate programs to store state and userinformation

  26. Biometrics Security Technology: _____________ • _____________ • A sophisticated authentication technique used to restrict access to systems, data and/or facilities • Uses biological characteristics to identify individuals such as fingerprints, retinal patterns in the eye, etc. that are not easily counterfeited

  27. Security Threat: Access to Wireless • Unauthorized Access to Wireless Networks • With the prevalence in use of wireless networks this threat is increasing • Problems - _____________ _____________ - an attacker accesses the network, intercepts data from it, and can use network services and/or send attack instructions without entering the building • Prevention - _____________between network and user devices

  28. On 8 February, 1587 Elizabeth I of England

  29. Security Technology: VPN and _____________ • _____________ • The process of encoding messages before they enter the network or airwaves, and then decoding at the receiving end • _____________ - known and used to scramble messages (SSL) • _____________ - not known and used by receiver to descramble • _____________– a third party that issues keys

  30. How Encryption Works

  31. Virtual private network • Virtual private network (VPN): a secure _____________ between two points across the Internet • _____________ : the process by which VPNs transfer information • by encapsulating traffic in IP packets over the Internet

  32. Security Threat: Viruses Viruses Programs that can attack a computer and/or a network and delete information, disable software, use up system resources, etc. Prevention Steps: AntiVirussoftware: No Disk Sharing – Delete Suspicious Email Messages – Report Viruses –

More Related