1 / 17

THE NEED FOR NETWORK SECURITY

THE NEED FOR NETWORK SECURITY. Hunar & Nawzad & Kovan & Abdulla & Aram. PRESENTATION OBJECTIVES. Understand information security services Be aware of vulnerabilities and threats Realize why network security is necessary What are the elements of a comprehensive security program.

kata
Télécharger la présentation

THE NEED FOR NETWORK SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. THE NEED FORNETWORK SECURITY Hunar & Nawzad & Kovan & Abdulla & Aram

  2. PRESENTATION OBJECTIVES • Understand information security services • Be aware of vulnerabilities and threats • Realize why network security is necessary • What are the elements of a comprehensive security program The Need for Web Security

  3. TRENDS FOR INFORMATION • More information is being created, stored, processed and communicated using computers and networks • Computers are increasingly interconnected, creating new pathways to information assets • The threats to information are becoming more widespread and more sophisticated • Productivity, competitiveness, are tied to the first two trends • Third trend makes it inevitable that we are increasingly vulnerable to the corruption or exploitation of information INFORMATION IS THE MOST VALUABLE ASSET The Need for Web Security

  4. Information Security Services • Confidentiality • Integrity • Authentication • Nonrepudiation • Access Control • Availability The Need for Web Security

  5. SERVICES Information Security Services • Confidentiality • Maintaining the privacy of data • Integrity • Detecting that the data is not tampered with • Authentication • Establishing proof of identity • Nonrepudiation • Ability to prove that the sender actually sent the data • Access Control • Access to information resources are regulated • Availability • Computer assets are available to authorized parties when needed The Need for Web Security

  6. What Is The Internet? • Collection of networks that communicate • with a common set of protocols (TCP/IP) • Collection of networks with • no central control • no central authority • no common legal oversight or regulations • no standard acceptable use policy • “wild west” atmosphere The Need for Web Security

  7. Why Is Internet Security a Problem? • Security not a design consideration • Implementing change is difficult • Openness makes machines easy targets • Increasing complexity The Need for Web Security

  8. Common Network Security Problems • Network eavesdropping • Malicious Data Modification • Address spoofing (impersonation) • ‘Man in the Middle’ (interception) • Denial of Service attacks • Application layer attacks The Need for Web Security

  9. VIRUSES Risk Threat Discovered Protection TROJ_SIRCAM.A New !! Latest DAT W32.Navidad 11/03/2000 11/06/2000W95.MTX 8/17/2000 8/28/2000W32.HLLW.QAZ.A 7/16/2000 7/18/2000VBS.Stages.A 6/16/2000 6/16/2000VBS.LoveLetter 5/04/2000 5/05/2000VBS.Network 2/18/2000 2/18/2000Wscript.KakWorm 12/27/1999 12/27/1999W32.Funlove.4099 11/08/1999 11/11/1999PrettyPark.Worm 6/04/1999 6/04/1999Happy99.Worm 1/28/1999 1/28/1999 The Need for Web Security

  10. Consider that… • 90% of companies detected computer security breaches in the last 12 months • 59% cited the Internet as the most frequent origin of attack • 74% acknowledged financial losses due to computer breaches • 85% detected computer viruses Source: Computer Security Institute The Need for Web Security

  11. HACKERS WHO ARE THE OPPONENTS? • 49% are inside employees on the internal network • 17% come from dial-up (still inside people) • 34% are from Internet or an external connection to another company of some sort The Need for Web Security

  12. THE MOST COMMON EXCUSES • No one could possibly be interested in my information • Anti-virus software slows down my processor speed too much. • I don't use anti-virus software because I never open viruses or e-mail attachments from people I don't know. • So many people are on the Internet, I'm just a face in the crowd. No one would pick me out. • I'm busy. I can't become a security expert--I don't have time, and it's not important enough The Need for Web Security

  13. Principles ELEMENTS OF A COMPREHENSIVE SECURITY PROGRAM • Have Good Passwords • Use Good Antiviral Products • Use Good Cryptography • Have Good Firewalls • Have a Backup System • Audit and Monitor Systems and Networks • Have Training and Awareness Programs • Test Your Security Frequently The Need for Web Security

  14. CRYPTOGRAPHY Necessity is the mother of invention, and computer networks are the mother of modern cryptography. Ronald L. Rivest • Symmetric Key Cryptography • Public Key Cryptography • Digital Signatures The Need for Web Security

  15. Visible IP Address PC Servers Internal Network Host Firewall A system or group of systems that enforces an access control policy between two networks. The Need for Web Security

  16. The Need for Web Security

  17. THANK YOU I have questions… The Need for Web Security

More Related