Real world application  Protocols  Paul Simmonds ICI Plc. & Jericho Forum Board.

Slides:



Advertisements
Similar presentations
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Advertisements

Enabling Secure Internet Access with ISA Server
Real world application Corporate Wireless Networking Andrew Yeomans DrKW & Jericho Forum Board.
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.
GW Introduction to Google Drive Security and Smart Sharing Practices.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Iron Mountain’s Continuity Service ©2006 Iron Mountain Incorporated. All rights reserved. Iron Mountain and the design of the mountain are registered.
Collaboration Oriented Architecture COA Position Paper An Overview Adrian Seccombe Board of Management, Jericho Forum ® CISO & Snr Enterprise Information.
Prepare for the future  The de-perimeterised “road-warrior”  Paul Simmonds ICI Plc. & Jericho Forum Board.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
SSH: An Internet Protocol By Anja Kastl IS World Wide Web Standards.
Future Work Needed Kenneth Wade Najim Yaqubie. Outline 1.Model is simple 2.Too many assumptions 3.Conflicting internal architectures 4.Security Challenges.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
All Organizations Need to Share and Communicate Information...
Integration of Applications MIS3502: Application Integration and Evaluation Paul Weinberg Adapted from material by Arnold Kurtz, David.
Update and Discussions on Technology Initiatives TSAG Meeting 4/11/02.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Electronic Data Interchange (EDI)
Open System Benefits Why It’s the Best Choice?. 2 Open Systems Offer Features/Benefits End Users Want  Seamless interoperability of system level control.
Real world application  Voice over IP  John Meakin Standard Chartered Bank & Jericho Forum Board.
AGENT RESPONSIBILITIES 1)Keep license current 2)Learn REA system 3)Follow REA rules and regulations 4)Pay for any licensing requirements 5)Pay and maintain;
The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.
Virtual Private Network prepared by Rachna Agrawal Lixia Hou.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Managing Client Access
Course 201 – Administration, Content Inspection and SSL VPN
Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
Web Services Security. Introduction Developing standards for Web Services security – XML Key Management Specification (XKMS) – XML Signature – XML Encryption.
Surviving in a hostile world  The myth of fortress applications  Tomas Olovsson CTO, Appgate Professor at Goteborg University, Sweden.
OSP201 Security and complexity are often inversely proportional. Security and usability are often inversely proportional. Security is an investment,
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Electronic Commerce & Marketing. What is E-Commerce? Business communications and transactions over networks and through computers, specifically –The buying.
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
The Jericho Forum’s Architecture for De-Perimeterised Security Presentation at CACS 2007 Auckland Prof. Clark Thomborson 10 th September 2007.
Jericho’s Architecture for De-Perimeterised Security Presentation at ISACA/IIA Wellington Prof. Clark Thomborson 27 th July 2007.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Frequently Asked Questions NCSC Product Certification Payroll Anytime, Anywhere!
Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.
Setting the Foundations  The Jericho Forum “Commandments”  Nick Bleech Rolls Royce & Jericho Forum Board.
Geneva, Switzerland, September 2014 Considerations for implementing secure enterprise mobility Eileen Bridges Aetna GIS Director.
SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.
ERP Implementation Fundamentals Richard Byrom Oracle Consultant, Speaker and Author
 Introduction – Consumer Market  Benefits – Operational Cost & Flexibility  Challenges – Quality of Service & Securing VOIP  Legal Issuers  Risk.
Ins and Outs of Authenticating Users Requests to IIS 6.0 and ASP.NET Chris Adams Program Manager IIS Product Unit Microsoft Corporation.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
Jericho Commandments, Future Trends, & Positioning.
Emergency Services Workshop, 21th-24 th of October, Vienna, Austria Page 1 IP-Based Emergency Applications and Services for Next Generation Networks PEACE.
Integration integration of all the information flowing through a company – financial and accounting, human resource information, supply chain information,
COA Masterclass The introduction! Paul Simmonds Board of Management, Jericho Forum ® ex.CISO, ICI Plc.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.
Firewalls Priyanka Verma & Jessica Wong. What is it? n A firewall is a collection of security measures designed to prevent unauthorised electronic access.
IETF sec - 1 Security Work in the IETF Scott Bradner Harvard University
Electronic Data Interchange
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
E-commerce Architecture Ayşe Başar Bener. Client Server Architecture E-commerce is based on client/ server architecture –Client processes requesting service.
100% Exam Passing Guarantee & Money Back Assurance
Data and Applications Security Developments and Directions
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Page 1 Fundamentals of Information Systems.
Web Services Security.
Secure Patient Communications Get Connected Knowledge Forum
Virtual Private Network
Collaboration Oriented Architecture COA Position Paper An Overview
Presentation transcript:

Real world application  Protocols  Paul Simmonds ICI Plc. & Jericho Forum Board

Problem  Image an enterprise where; –You have full control over its network –No external connections or communication No Internet No No connections to third-parties –Any visitors to the enterprise have no ability to access the network –All users are properly managed and they abide by enterprise rules with regard to information management and security

Problem  In the real world nearly every enterprise; –Uses computers regularly connected to the Internet; Web connections, , IM etc. –Employing wireless communications internally –The majority of their users connecting to services outside the enterprise perimeter  In this de-perimeterised world the use of inherently secure protocols is essential to provide protection from the insecure data transport environment.

Why should I care?  The Internet is insecure, and always will be  It doesn’t matter what infrastructure you have, it is inherently insecure  However, enterprises now wish; –Direct application to application integration –To support just-in-time delivery –To continue to use the Internet as the basic transport medium.  Secure protocols should act as fundamental building blocks for secure distributed systems –Adaptable to the needs of applications –While adhering to requirements for security, trust and performance.

Secure Protocols  New protocols are enabling secure application to application communication over the Internet  Business-to-business protocols; more specifically ERP system-to-ERP system protocols that include the required end-entity authentication and security to provide the desired trust level for the transactions  They take into account the context, trust level and risk.

Recommendation/Solution  While there may be some situations where open and insecure protocols are appropriate (public facing “information” web sites for example)  All non-public information should be transmitted using appropriately secure protocols that integrate closely with each application.

Protocol Security & Attributes  Protocols used should have the appropriate level of data security, and authentication  The use of a protective security wrapper (or shell) around an application protocol may be applicable;  However the use of an encrypted tunnel negates most inspection and protection and should be avoided in the long term.

The need for open standards  The Internet uses insecure protocols –They are de-facto lowest common denominator standards –But are open and free for use  If all systems are to interoperate – regardless of Operating System or manufacturer and be adopted in a timely manner then it is essential that protocols must be open and remain royalty free.

Secure “out of the box”  An inherently secure protocol is; –Authenticated –Protected against unauthorised reading/writing –Has guaranteed integrity  For inherently secure protocols to be adopted then it is essential that; –Systems start being delivered preferably only supporting inherently secure protocols; or –With the inherently secure protocols as the default option

Proprietary Solutions  Vendors are starting to offer hybrid protocol solutions that support –multiple security policies –system/application integration –degrees of trust between organisations and communicating parties (their own personnel, customers, suppliers etc.)  Resulting in proprietary solutions that are unlikely to interoperate, and whose security may be difficult to verify  Important to classify the various solutions an organisation uses or is contemplating.

Challenges to the industry 1. If inherently secure protocols are to become adopted as standards then they must be open and interoperable (JFC#3) 2. The Jericho Forum believes that companies should pledge support for making their proprietary protocols fully open, royalty free, and documented 3. The Jericho Forum favours the release of protocol reference implementations under a suitable open source or GPL arrangement 4. The Jericho Forum hopes that all companies will review its products and the protocols and move swiftly to replacing the use of appropriate protocols 5. End users should demand full disclosure of protocols in use as part of any purchase 6. End users should demand that all protocols should be inherently secure 7. End users should demand that all protocols used should be fully open

Good & Bad Protocols Secure Point Solution (use with care) Use & Recommend  AD Authentication  COM  SMTP/TLS  AS2  HTTPS  SSH  Kerberos Insecure Never Use (Retire) Use only with additional security  NTLM Authentication  SMTP  FTP  TFTP  Telnet  VoIP  IMAP  POP  SMB  SNMP  NFS ClosedOpen

Implementing new systems  New systems should only be introduced that either have –All protocols that operate in the Open/Secure quadrant; or –Operate in the Open/Insecure on the basis that anonymous unauthenticated access is the desired mode of operation.

Paper available from the Jericho Forum  The Jericho Forum Position Paper “The need for Inherently Secure Protocols” is freely available from the Jericho Forum website

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.