Topic 5: Communication and the Internet

Slides:



Advertisements
Similar presentations
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Advertisements

Implications and Security Issues of the Internet By Neelesh Patel.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Department Of Computer Engineering
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
General Awareness Training
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
Firewall Technologies Prepared by: Dalia Al Dabbagh Manar Abd Al- Rhman University of Palestine
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Computer Security By Duncan Hall.
CHAPTER 7 Unexpected Input. INTRODUCTION What is Unexpected Input? Something (normally user-supplied data) that is unexpected happen to an application.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Information Systems Design and Development Security Precautions Computing Science.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Virtual Local Area Networks In Security By Mark Reed.
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
Some Great Open Source Intrusion Detection Systems (IDSs)
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Defense In Depth: Minimizing the Risk of SQL Injection
Chapter 40 Internet Security.
Modularity Most useful abstractions an OS wants to offer can’t be directly realized by hardware Modularity is one technique the OS uses to provide better.
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
Outline Basic concepts in computer security
Memory Management.
Working at a Small-to-Medium Business or ISP – Chapter 8
Information Systems Development
The Linux Operating System
Ways to protect yourself against hackers
Systems Security Keywords Protecting Systems
Lesson Objectives Aims Key Words
Wireless Network Security
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.
Lesson Objectives Aims You should be able to:
^ About the.
Introduction to Networking
Introduction to Networking
Introduction to Networking
Introduction to Computers
Firewalls.
Unit 4 IT Security.
Security of a Local Area Network
Teaching Computing to GCSE
Security in Networking
Networks.
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Risk of the Internet At Home
Unit 27: Network Operating Systems
Intercept X for Server Early Access Program Sophos Tester
OMNIXX to OPENFOX CONVERSION LESSONS LEARNED
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Topic 5: Communication and the Internet
Computer Security Firewalls November 19, 2018 ©2004, Bryan J. Higgs.
Microsoft Office Access 2003
IS4680 Security Auditing for Compliance
Computer Security CIS326 Dr Rachel Shipsey.
By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.
Firewall Installation
Test 3 review FTP & Cybersecurity
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
6. Application Software Security
Computer Security CIS326 Dr Rachel Shipsey.
Chapter 5 Computer Security
Presentation transcript:

Topic 5: Communication and the Internet Protection Techniques

Protecting Against Vulnerabilities We saw how we can use different tools and techniques to both find and exploit vulnerabilities Either in a network, or through a person If we are the systems administrator for a network, we would need to know how to protect against these ‘attacks’ We have to think about security from The software design/implementation stage All the way to connecting devices together on a network Communication and the Internet: Protection Techniques

Communication and the Internet: Protection Techniques Software Design One of the most vulnerable aspects of a device is the software run on it Depending on what this software will do, we need to take considerations into possible vulnerabilities Will the software require Internet access at all? Will the software require any authentication? Will users have different levels of access? Will the software store any data (sensitive or otherwise)? Communication and the Internet: Protection Techniques

Communication and the Internet: Protection Techniques Software Design Each of these considerations (and others) will require different approaches to make sure They don’t open the software/system up to any exploitation One of the most common ways of this happening is bad programming practices Communication and the Internet: Protection Techniques

Communication and the Internet: Protection Techniques Software Design Most large programming projects will have multiple developers working on it at once While most of the developers may have good programming practices And keep any potential vulnerabilities in mind There may be the few developers that don’t do this They write bad quality code And they don’t bear in mind potential vulnerabilities Communication and the Internet: Protection Techniques

Communication and the Internet: Protection Techniques Software Design The following can be considered bad quality in any code What Why Not including proper, descriptive comments With multiple developers working on a project, descriptive comments (saying why something is happening, not what) help other developers understand what one developer implemented (and what not to change about it) Not including any documentation If writing an API for another developer to use, proper documentation lets them know everything they can and cannot do with the API Not using accepted naming standards If other developers are looking at work someone had done, using naming standards can help them understand whether something is a class, function, or variable Lack of modularisation We use modules (functions and methods) to help keep logical segments of code in short, easy to read, easy to test chunks – this makes creating and testing programs easier, as we only need to understand individual modules (not trying to comprehend a whole program at once) No encryption for sensitive data (like passwords) Any program that stores sensitive data locally, and unencrypted, is a big security vulnerability. Keeping data encrypted means that, even if someone gets hold of that data, they won’t immediately be able to understand the data itself Communication and the Internet: Protection Techniques

Security Measures So how we can prevent bad coding practices (and general vulnerabilities) from creeping into programs? We have quite a few options available to us, including the following These also include general security measures for computer/network vulnerabilities as well Code reviews Modular testing Audit trails Using secure operating systems Communication and the Internet: Protection Techniques

Security Measures: Code Reviews A code review is when one (or more) developers look through all the recent changes to a program Usually carried out by more senior developers than the ones who developed the changes They scour through all the changes, and look for any potential bad programming practices Can be a costly procedure (as it can take a lot of time to look through everything) Can be automated (called an automated review) by specialist programs Finds most common problems (and highlights them), but can’t find them all Also fairly expensive, but removes any time costs Communication and the Internet: Protection Techniques

Security Measures: Modular Testing As well as reviewing code regularly, we can test code too Can be carried out after any module has been created Known as modular testing As modules (procedures/functions) are the ‘building blocks’ of a program A problem in a module can affect the whole program We can test any individual module after it has been created to look for potential vulnerabilities Such as leaving memory addresses open for being read Communication and the Internet: Protection Techniques

Security Measures: Audit Trails We can also set up a program in such a way that it logs any processes that it carries out Such as what input was given to it at a certain point Can include timestamps and address information in this log as well Which will include specific IP addresses of devices making requests to the program Including the time those requests were made This is known as an audit trail Communication and the Internet: Protection Techniques

Security Measures: Audit Trails Audit trails aren’t specific to individual programs We can implement them for entire devices as well In this case, the audit trail will contain information about Requests sent to the device (including their protocol and address information) Any changes made on the device (such as adding/removing users) If a cyberattack on a device is successful, audit trail help technicians work out What was attacked What data was retrieved Where the attack came from Communication and the Internet: Protection Techniques

Security Measures: Secure Operating Systems The amount of security we can rely on (when making/using programs) can also depend on the operating system used Some operating systems are designed with different purposes in mind Some are made specifically for network/program security These will be made much harder to ‘attack’ due to the extra security features they may employ When implementing a device (with the intent of public network connectivity), choice of operating system is crucial Communication and the Internet: Protection Techniques

Effective Network Security The final area of protection revolves around the network itself Including the usage of it Keeping a network secure relies on effective management Which includes training all users on the network/user policies Includes keeping software up-to-date (as vulnerabilities are often ‘patched out’ Managers can also setup monitoring software (on the computers and on the firewall) To keep an eye on any incoming/outgoing requests Also to alert managers when something shady happens Communication and the Internet: Protection Techniques

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.