MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

Slides:

Advertisements

Similar presentations

Network Management Applications

Advertisements

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT

Lecture 1: Overview modified from slides of Lawrie Brown.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

Security Controls – What Works

Security+ Guide to Network Security Fundamentals

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

Chapter 12 Network Security.

MJ08-A/07041 Session 08 SNMP V3 Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

1 Pertemuan 09 Model Fungsional Matakuliah: H0372/Manajemen Jaringan Tahun: 2005 Versi: 1/0.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

SNMPv3 Yen-Cheng Chen Department of Information Management National Chi Nan University

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

SEC835 Database and Web application security Information Security Architecture.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Introduction (Based on Lecture slides by J. H. Wang)

Cryptography and Network Security

BUSINESS B1 Information Security.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

Introduction to Computer Security1 Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st semester University of.

Today’s Lecture Covers < Chapter 6 - IS Security

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.

Chapter 21 Distributed System Security Copyright © 2008.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Information Security What is Information Security?

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Module 11: Designing Security for Network Perimeters.

Network Security & Accounting

1 by Behzad Akbari Fall 2008 In the Name of the Most High Network Management Applications.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Chapter 40 Network Security (Access Control, Encryption, Firewalls)

Chapter 9 Networking & Distributed Security (Part C)

7.6 Secure Network Security / G.Steffen1. In This Section Threats to Protection List Overview of Encrypted Processing Example.

CPT 123 Internet Skills Class Notes Internet Security Session B.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.

SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.

IS3220 Information Technology Infrastructure Security

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.

CS457 Introduction to Information Security Systems

Ch. 11 – Cipher Techniques Dr. Wayne Summers

Security network management

Mohammad Alauthman Computer Security Mohammad Alauthman

Session 1 – Introduction to Information Security

Presentation transcript:

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used for Network Management course at Universitas Bina Nusantara

MJ10/07042 Security Management Security threats Policies and Procedures Resources to prevent security breaches Firewalls Cryptography Authentication and Authorization Client/Server authentication system Message transfer security Network protection security

MJ10/07043 Security Threats SNMPv3 addressed security threats using USM (user-based security model) USM has two modules: Authentication module Data integrity Data origin Privacy module Data confidentiality Message timeliness Message protection

MJ10/07044 References: Formal statement of rules for protecting organization’s technology and assets (RFC 2196) Introduction to Firewalls (NIST) Orange Book by National Computer Security Center (NCSC) rates computers based on security design features

MJ10/07045 Secured Communication Network Secured Network A Server A Client A Firewall Gateway Router Network B Client B Firewall secures traffic in and out of Network A Security breach could occur by intercepting the message going from B to A, even if B has permission to access Network A Most systems implement authentication with user id and password Authorization is by establishment of accounts

MJ10/07046 Firewalls Protects a network from external attacks Controls traffic in and out of a secure network Could be implemented in a router, gateway, or a special host Benefits Reduces risks of access to hosts Controlled access Eliminates annoyance to the users Protects privacy (e.g. finger) Hierarchical implementation of policy and and technology (e.g. finger)

MJ10/07047 Cryptography Secure communication requires Integrity protection: ensuring that the message is not tampered with Authentication validation: ensures the originator identification Security threats Modification of information Masquerade Message stream modification Disclosure Hardware and software solutions Most secure communication is software based

MJ10/07048 Authentication and Authorization Authentication verifies user identification Client/server environment Ticket-granting system Authentication server system Cryptographic authentication Messaging environment e-commerce Authorization grants access to information Read, read-write, no-access Indefinite period, finite period, one-time use

MJ10/07049 SNMPv3 Security Privacy Module USM authKey USM Authentication Module wholeMsg password authoritativeSnmpEngineId scopedPDU Encryption Key Encrypted scopedPDU authenticated wholeMsg HMAC Gen. Authentication key equivalent to DEK in PEM or private key in PGP Authentication key generated using user password and SNMP engine id Authentication key may be used to encrypt message USM prepares the whole message including scoped PDU HMAC, equivalent of signature in PEM and PGP, generated using authentication key and the whole message Authentication module provided with authentication key and HMAC to process incoming message

MJ10/ Service Level Management SLA management of service equivalent to QoS of network SLA defines Identification of services and characteristics Negotiation of SLA Deployment of agents to monitor and control Generation of reports SLA characteristics Service parameters Service levels Component parameters Component-to-service mappings