1 / 22

IT443 – Network Security Administration Week 1 – Introduction

IT443 – Network Security Administration Week 1 – Introduction. Instructor: Alfred J Bird, Ph.D., NBCT abird@cs.umb.edu http:// it443-s14-bird.wikispaces.umb.edu / Door Key: 643478* Office – McCormick 3rd floor 607 (617.287.3827) Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm.

shilah
Télécharger la présentation

IT443 – Network Security Administration Week 1 – Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT443 – Network Security AdministrationWeek 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT abird@cs.umb.edu http://it443-s14-bird.wikispaces.umb.edu/ Door Key: 643478* Office – McCormick 3rd floor 607 (617.287.3827) Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm

  2. Basic Information • Textbook: • Network Security: Private Communications in a Public World • by Charlie Kaufman, Radia Perlman and Mike Speciner • 2nd Edition, Prentice Hall, ISBN 0-13-046019-2 • Location and time of classes • Section 1 • Web Lab S-3-028 • Monday and Wednesday 4:00pm to 5:15pm • Section 2 • IT Lab S-3-143 • Tuesday and Thursday 5:30 to 6:45pm

  3. Course Outline • Network Basics • Cryptography Basics • Authentication • Public Key Infrastructure • IPsec • SSL/TLS • Firewall / Intrusion Detection • Email Security • Wireless security / Worm (backup)

  4. Course Work • 6~7 Lab Assignments (50%) • Team of 2 students • Lab Notebook (Individual) • Lab report (Individual) • Written Projects (25%) • Final Exam (25%)

  5. Potential Labs • Understanding network packets • Encryption/decryption • Password cracking • Intrusion detection • System monitoring • Implementing certificate • Implementing VPN • Configuring a firewall • Wireless security / Worm (backup)

  6. Policies • Lab reports • Partial points will be given for incomplete work • Late submissions will be accepted for reduced credit. • Honor code • No makeup exam without prior permission • Accommodations • Ross Center for Disability Service • Campus Center Room 211, 617.287.7430

  7. Some Network Security Websites • CERT @ Carnegie Mellon University • http://www.cert.org/ • Trend Micro Threat Tracker • http://apac.trendmicro.com/apac/ • CERT @ Dept of Homeland Security • http://www.us-cert.gov/ • Symantec Threat Explorer • http://us.norton.com/security_response/threatexplorer/index.jsp

  8. Some Postulates about Network Security • You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking! • If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) (p41 in the text) • Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide. (p245 in the text)

  9. Introduction to Network Security • Security threats • Malware: Virus, worm, spyware • Spam • Botnet • DDoS attacks • Phishing • Cross-site scripting (XSS) • Theft and/or Whistleblowers • …

  10. Introduction to Network Security • Security breaches in 2011 • Sony's PlayStation Network (77M clients) • Epsilon (60M clients) • Fidelity National ($13M loss) • Sega's online gaming network (1.3M clients) • Citigroup (210K clients) • MA Executive Office of Labor and Workforce Development (210K records) • SF Subway, Health Net, …

  11. Contributing Factors • Lack of awareness of threats and risks of information systems • Security measures are often not considered until an Enterprise has been penetrated by malicious users • Wide-open network policies • Many Internet sites allow wide-open Internet access • Lack of security in TCP/IP protocol suite • Most TCP/IP protocols not built with security in mind • Complexity of security management and administration • Software vulnerabilities • Example: buffer overflow vulnerabilities • Cracker skills keep improving

  12. Security Objectives (CIA)

  13. Security Objectives (CIA) • Confidentiality — Prevent/detect/deter improper disclosure of information • Integrity — Prevent/detect/deter improper modification of information • Availability — Prevent/detect/deter improper denial of access to services provided by the system

  14. OSI Security Architecture • ITU-T X.800 “Security Architecture for OSI” • Defines a systematic way of defining and providing security requirements • It provides a useful, if abstract, overview of concepts we will study

  15. Aspects of Security • 3 aspects of security: • security attack • Any action that compromises the security of information owned by an organization • security mechanism • A process that is designed to detect, prevent, or recover from a security attack • security service • Counter security attacks: make use of one or more security mechanisms to provide the service

  16. Threat Model and Attack Model • Threat model and attack model need to be clarified before any security mechanism is developed • Threat model • Assumptions about potential attackers • Describes the attacker’s capabilities • Attack model • Assumptions about the attacks • Describe how attacks are launched

  17. Passive Attacks

  18. Active Attacks

  19. Security Mechanism (X.800) • Specific security mechanisms: • encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization • Pervasive security mechanisms: • trusted functionality, security labels, event detection, security audit trails, security recovery

  20. Security Service • Enhance security of data processing systems and information transfers of an organization • Intended to counter security attacks • Using one or more security mechanisms • Often replicates functions normally associated with physical documents • For example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed

  21. Security Service • Authentication - assurance that communicating entity is the one claimed • Access Control - prevention of the unauthorized use of a resource • Data Confidentiality –protection of data from unauthorized disclosure • Data Integrity - assurance that data received is as sent by an authorized entity • Non-Repudiation- protection against denial by one of the parties in a communication • Availability– resource accessible/usable

  22. For Next Time • Prepare a 500 word essay on the topic: • In your view what is meant by the term “Network Security”? • An essay is not a research paper but is a written work expressing and defending your views! • What do you think about the topic and why! • Be prepared to discuss the topic on Wednesday. We will be having a class discussion and you (each and every one) will be expected to participate!

More Related