Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010
LANs share data, processing and communication As the area a LAN spans becomes greater, so does the chance of interception Information security – Protecting data traveling throughout the network Authentication, confidentiality, access control Mail v
Distributed File Sharing Client access control to server Protected server to unprotected client Remote computing Authentication and access restrictions Messaging services Confidentiality and integrity of messages Home
Goals of stored, processed and transmitted data Confidentiality Integrity Availability Goals of information sharing Authentication of senders and receivers Home
Access Unauthorized Inappropriate Disclosure Data Traffic Unauthorized Modification LAN Spoofing LAN Disruption Home
Authentication Access control Confidentiality Integrity Non-repudiation Logging and Monitoring Home
Estimate losses Use or dependency Analyze threats and vulnerabilities Determine security mechanisms Reduce risk to acceptable level
Define the Scope and Boundary and Methodology Identify and Value Assets Identify Threats and Determine Likelihood Measure Risk Select Appropriate Safeguards Implement and Test Safeguards Accept Residual Risk (Federal Information Processing Standards, 1994) Home
Federal Information Processing Standards. (1994). Guideline for The Analysis Local Area Network Security. Federal Information Processing Standards Publication 191, 6-30