SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.

Slides:



Advertisements
Similar presentations
Internet Protocol Security (IP Sec)
Advertisements

Guide to Network Defense and Countermeasures Second Edition
IUT– Network Security Course 1 Network Security Firewalls.
NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Local Wireless Network - An wireless Access Point (AP) which is the bridge the ethernet network and the wireless network -The AP protect its wireless network.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
HIPAA Security Standards What’s happening in your office?
Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
Security+ Guide to Network Security Fundamentals
Firewalls and Intrusion Detection Systems
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Internet/Intranet firewall security – policy, architecture and transaction services Written by Ray Hunt This presentation will Examines Policies that influence.
And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.
Network Security (Firewall) Instructor: Professor Morteza Anvari Student: Xiuxian Chen ID: Term: Spring 2001.
24-1 Last time □ Message Integrity □ Authentication □ Key distribution and certification.
Securing Information Systems
SEC835 Database and Web application security Information Security Architecture.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
FIREWALL Mạng máy tính nâng cao-V1.
Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
Firewalls A note on the use of these ppt slides:
8: Network Management1 Firewalls. 8: Network Management2 Firewalls Two firewall types: m packet filter m application gateways To prevent denial of service.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 12 Network Security (2)
Internet and Intranet Fundamentals Class 9 Session A.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
TCP/IP Protocols Contains Five Layers
Information Systems Ethics (Cyberethics) Dr. Robert Chi Department of Information Systems California State University, Long Beach.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Firewall Tutorial Hyukjae Jang Nc lab, CS dept, Kaist.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
IS3220 Information Technology Infrastructure Security
K. Salah1 Security Protocols in the Internet IPSec.
IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Securing Interconnect Networks By: Bryan Roberts.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos
Computer Data Security & Privacy
Introduction to Networking
Securing Information Systems
Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.
IS4680 Security Auditing for Compliance
INFORMATION SYSTEMS SECURITY and CONTROL
Introduction to Network Security
Mohammad Alauthman Computer Security Mohammad Alauthman
Session 20 INST 346 Technologies, Infrastructure and Architecture
Presentation transcript:

SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk

CorporationCorporation Protections needed against attacks, such as: Why Is Security so Important? Key Compromise (prevented by dynamic keys) Key Compromise (prevented by dynamic keys) Data Integrity Attacks (prevented by stronger security like IPSec) Data Integrity Attacks (prevented by stronger security like IPSec) Data Confidentiality Attacks (prevented by higher encryption levels) Data Confidentiality Attacks (prevented by higher encryption levels) Man-in-the-middle Attacks (prevented by mutual authentication) Man-in-the-middle Attacks (prevented by mutual authentication) Brute Force Attacks (prevented by complex encryption algorithms) Brute Force Attacks (prevented by complex encryption algorithms) Hardware Theft (prevented by user authentication, vs. device) Hardware Theft (prevented by user authentication, vs. device)

Security Requirements and Management: Outline:Outline: 1.Security Mgmt framework 2.Identity and Access Mgmt. 2.Threat Mgmt. 3.Security resource Information Mgmt. 4.Fire Walls 5.Risk Assessment

Security Management Framework : Define Policy Define Scope Assess risks Manage Risks Select Controls Statement of applicability Information assets Results and conclusions Control options Selected controls Threats, Vulnerabilities, Impacts, Approach, Assurance required AS/NZS 4444, Additional controls Documented outcomes

Access Control Management:

Threat Management: Identify Threats Establish Information System Controls Perform Regular Audits of Information System Human Error Computer Abuse and Crime Natural and Political Disasters Hardware and Software Failures Ensure Security, Privacy and Confidentiality through: General Controls Application Controls Check Effectiveness and Efficiency Of System Controls with: Financial Audits Operational Audits Source: Zwass, p. 517

Security Resource Management:

Firewalls: 1. Application gateways: Filters packets on application data as well as on IP/TCP/UDP fields.Filters packets on application data as well as on IP/TCP/UDP fields. host-to-gateway telnet session gateway-to-remote host telnet session application gateway router and filter 2. Packet Filtering: Internal network is connected to Internet through a router. Router manufacturer provides options for filtering packets, based on: source IP address destination IP address TCP/UDP source and destination port numbers ICMP message type TCP SYN and ACK bits Two firewall types: 1. packet filter 2. application gateways

Risk Assessment Process Flow:

Attack Sophistication vs Intruder Technical Knowledge

Conclusion: The art of Security Management requires attention to the smallest detail while never losing sight of the big picture.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.