CLIENT/SERVER COMPUTING ENVIRONMENT

Slides:

Advertisements

Similar presentations

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Advertisements

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Akshat Sharma Samarth Shah

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.

Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.

Security Issues and Challenges in Cloud Computing

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:

Wireless Security: A Search for Public and Secure Wireless networks Kory Kirk.

Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.

Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.

Security Mark A. Magumba. Definitions Security implies the minimization of threats and vulnerabilities A security threat is a harmful event or object.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

18-jan-962. ETH-W4 (ra)1 security on the Web l security l authentication l privacy.

Chapter 21 Distributed System Security Copyright © 2008.

Kerberos. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open source or in supported commercial software.

 Focus on various part of the operating system can achieve the security and protection according to the organization’s requirement.  External and internal.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

KERBEROS SYSTEM Kumar Madugula.

9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.

1 SUBMITTED BY- PATEL KUMAR C.S.E(8 th - sem). SUBMITTED TO- Mr. DESHRAJ AHIRWAR.

1 Cryptography CSS 329 Lecture 12: Kerberos. 2 Lecture Outline Kerberos - Overview - V4 - V5.

Security Protecting information data confidentiality

Securing Information Systems

Key management issues in PGP

Web Applications Security Cryptography 1

Virtual Private Networks

Secure Sockets Layer (SSL)

Module 8: Securing Network Traffic by Using IPSec and Certificates

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Kerberos Kerberos is a network authentication protocol and it is designed to provide strong authentication for client server applications. It uses secret.

Securing Information Systems

Security in Networking

Introduction to z/OS Security Lesson 4: There’s more to it than RACF

9.2 SECURE CHANNELS Medisetty Swathy.

برنامج أمن أنظمة الحاسب

Network Security – Kerberos

Kerberos Kerberos is an authentication protocol for trusted hosts on untrusted networks.

Strong Password Authentication Protocols

CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9

An Introduction to Cloud Computing

How to Mitigate the Consequences What are the Countermeasures?

Security Risanuri Hidayat 21 February 2019 security.

Module 8: Securing Network Traffic by Using IPSec and Certificates

Kerberos Part of project Athena (MIT).

CDK: Chapter 7 TvS: Chapter 9

Chapter 8.5 AUTHENTICATION AND KEY DISTRIBUTION

Designing IIS Security (IIS – Internet Information Service)

COEN 351 Authentication.

Presentation transcript:

CLIENT/SERVER COMPUTING ENVIRONMENT SECURITY ISSUES IN CLIENT/SERVER COMPUTING ENVIRONMENT FengChen Aug.31,2000

Reliability and security is a concern for any computer system Reliability and security is a concern for any computer system. These issues require special attention when considering a change from mainframe to client/server technologies. Since mainframes are very secure because they are generally placed in 'glass rooms' with hardened infrastructure and controlled access, while client/server systems are distributed and therefore more difficult to secure.

Confidentiality Integrity Availability Basic Components of Security Management Confidentiality Integrity Availability

Software-Threats--Trojan Horse Data-Driven Attacks Denial of Service Possible Threats & Types of Attacks Impersonation Sniffing Software-Threats--Trojan Horse Data-Driven Attacks Denial of Service

Physical Security Software security Security Solutions locks and keys security guards Software security Authentication Encryption Kerberos Others

Password Retinal Image Username & Password Finger Print Security Token Authentication Be performed to ensure a user or program has specific access to resource or data Network Authentication BASIC Password Retinal Image Finger Print Algorithm in “Smart” Card Physical Location (IP Address) Username & Password Security Token

Shared Key Encryption: One key both encrypts and decrypts Public/Private Key Encryption Public/Private Key Encryption Signature: One key encrypts, another different but related key for decrypts A combination of these two methods allows for mutual authentication.

Kerberos Kerberos is an authentication and session encryption system. How it Works? A separate ticket granting server gives a ticket to a user or application. This ticket can then be used for any number of resources on the network . If a client wants to talk to a server, both the client and the server will talk to the authentication server to establish that the client is authorized.

The security is only as strong as its weakest link General Security Issues The security is only as strong as its weakest link A flawed security is worse than no security at all It is always better to use several security systems together than only one Security by obscurity doesn’t work

Client/Server THE FUTURE

As computing becomes more ubiquitous and more pervasive, client/server computing will become the dominant implementation strategy. Convergence of standards will result in better applications integration and interoperability. Authentication and security issues will be resolved sooner rather than later: the enormous interest in exploiting the commercial potential of the Internet will propel this process.