Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Slides:



Advertisements
Similar presentations
Saad Haj Bakry, PhD, CEng, FIEE 1 TMN: Telecommunications Management Networks Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
Advertisements

Network Management Functions
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
ISO Information Security Management
Network Security Policy
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
IS Network and Telecommunications Risks
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Protocols and the TCP/IP Suite
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
EE 4272Spring, 2003 EE4272: Computer Networks Instructor: Tricia Chigan Dept.: Elec. & Comp. Eng. Spring, 2003.
Computer Network Architecture and Programming
Introduction To Networking
Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
OSI Model 7 Layers 7. Application Layer 6. Presentation Layer
Introduction (Pendahuluan)  Information Security.
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Saad Haj Bakry, PhD, CEng, FIEE 1 Introduction to Network Management Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
4/11/40 page 1 Department of Computer Engineering, Kasetsart University Introduction to Computer Communications and Networks CONSYL Computer and.
Chapter 5: TCP/IP and OSI Business Data Communications, 6e.
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
SNMP: Simple Network Management Protocol
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Saad Haj Bakry, PhD, CEng, FIEE 1 Information Security for e -Business Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
Saad Haj Bakry, PhD, CEng, FIEE 1 Principles of Information Security Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
Networks A network is a collection of computers and devices connected together via communications devices and transmission media Advantages of a network.
OSI AND TCP/IP MODELS. Outline Introduction OSI Model TCP/IP Model IPv4 vs. IPv6.
Review: – computer networks – topology: pair-wise connection, point-to-point networks and broadcast networks – switching techniques packet switching and.
CSI315 Web Development Technologies Continued. Communication Layer information needs to get from one place to another –Computer- Computer –Software- Software.
ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.
Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.
William Stallings Data and Computer Communications 7 th Edition Data Communications and Networks Overview Protocols and Architecture.
Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Introduction Slide 1 A Communications Model Source: generates.
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
The OSI Model.
Saad Haj Bakry, PhD, CEng, FIEE 1 Security Policy Issues Saad Haj Bakry, PhD, CEng, FIEE.
Review 2 Chapters 7, 8, 9. 2  Define a network and its purpose.  Explain how communications technologies are used in our every day lives.  Understand.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
ACM 511 Introduction to Computer Networks. Computer Networks.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,
William Stallings Data and Computer Communications
Rehab AlFallaj.  OSI Model : Open system Interconnection.  is a conceptual model that characterizes and standardizes the internal functions of a communication.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
CHAPTER 4 PROTOCOLS AND THE TCP/IP SUITE Acknowledgement: The Slides Were Provided By Cory Beard, William Stallings For Their Textbook “Wireless Communication.
Open System Interconnection Describe how information from a software application in one computer moves through a network medium to a software application.
Sy Le CS 147.  Process of transferring information between computers virtually anywhere in the world.
Computer and Data Communications Read Chapters 1 & 2.
N ETWORKING Standards and Protocols. S TANDARDS AND P ROTOCOLS The OSI Model.
Voice Over Internet Protocol (VoIP) Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Presentation 5 – VoIP and the OSI Model.
Advanced Higher Computing Computer Networking Topic 1: Network Protocols and Standards.
1. Introduction and Background Network Performance and Quality of Service.
The OSI Model. Understanding the OSI Model In early 1980s, manufacturers began to standardize networking so that networks from different manufacturers.
CS457 Introduction to Information Security Systems
Networking Using the OSI Model.
CompTIA Security+ Study Guide (SY0-401)
Part I. Overview of Data Communications and Networking
Network Management Functions
CompTIA Security+ Study Guide (SY0-401)
Protocols and the TCP/IP Suite
Protocols and the TCP/IP Suite
EEC4113 Data Communication & Multimedia System Chapter 1: Introduction by Muhazam Mustapha, July 2010.
OSI Reference Model Unit II
OSI Model 7 Layers 7. Application Layer 6. Presentation Layer
Presentation transcript:

Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY

Saad Haj Bakry, PhD, CEng, FIEE 2 Information & Data. Networks. Security. Security Policy Issues. Objectives / Contents Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 3 Information / Data (1) ISO Information Processing Vocabulary TermDefinition Data The representation of facts, concepts and instructions in a formalized manner suitable for communication, interpretation, or processing. Information The meaning that is currently assigned to data by means of conventions applied to that data. Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 4 ISO Information Processing Vocabulary TermDefinition Data Quality The correctness, timeliness, accuracy, completeness, relevance, and accessibility that make data appropriate for use. Information / Data (2) Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 5 ISO Information Processing Vocabulary TermDefinition Data IntegrityThe data quality that exists as long as accidental or malicious destruction, alteration, or loss of data does not occur Data Corruption / Contamination The violation of data integrity. Information / Data (3) Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 6 Networks (1) ISO Information Processing Vocabulary TermDefinition Functional Unit The entity of hardware, or software, or both capable of accomplishing a specific purpose. Data SourceThe functional unit that originates data for transmission. Data SourceThe functional unit that accepts transmitted data. Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 7 Networks (2) ISO Information Processing Vocabulary TermDefinition DTE: Data Terminal Equipment The part of a data station that serves as a data source, data sink, or both. DCE: Data Circuit Terminating (Communication) Equipment In a data station, the equipment that provides the signal conversion and coding between the DTE and the (communication) line. Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 8 Networks (3) ISO Information Processing Vocabulary TermDefinition NodeIn a data network, a point where one or more functional units interconnects channels or data circuits. Data Network An arrangement of data circuits and switching facilities for establishing connections between DTEs Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 9 Network (4): Structure H H Host / DTE Nodes Users N N N N N N N N C OMMUNICATIONS S UBNETWORK: H H H H H H H H H H U U U U U U U U U U U U U U A CCESS / S ERVICES S UBNETWORK DTE DCE DTEDCE Nodes Data Network Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 10 Networks (5) ISO Information Processing Vocabulary TermDefinition Data Transmission The conveying of data from one place for reception elsewhere by telecommunication means. Data Transmission Channel A means of one way transmission Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 11 Networks (6) ISO Information Processing Vocabulary TermDefinition Data Communications Transfer of information between functional units by means of data transmission according to a protocol. Protocol A set of semantic and syntactic rules that determines the behaviour of functional units in achieving communications Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 12 Networks (7): ISO-OSI Protocols A PPLICATION P RESENTATION S ESSION T RANSPORT` N ETWORK D ATA L INK P HYSICAL A PPLICATION P RESENTATION S ESSION T RANSPORT` N ETWORK D ATA L INK P HYSICAL COMMUNICATION MEDIUM P HYSICAL D ATA L INK N ETWORK COMMUNICATION SUBNETWORK COMMUNICATION MEDIUM P EER L EVELS Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 13 Networks (8) Internet Vocabulary TermDefinition Internet A global network of computer networks based on TCP/IP protocols. It has the World Wide Web as its foundation Intranet A private (company) network based on Internet technologies, featuring the same client-server architecture. Extranet An Intranet extended to users outside the company (partners, providers, customers) Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 14 Network (9) The Internet Level Potential World Wide Business Activities The Internet Level Potential World Wide Business Activities The Extranet Level Partners / Suppliers / Customers “Business Activities” The Extranet Level Partners / Suppliers / Customers “Business Activities” The Intranet Level Intra-organization Activities The Intranet Level Intra-organization Activities Security Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 15 Network (10): Internet Protocols Application User Interface: / http / ftp /… TCP / UDP Transmission Control Protocol User Datagram Protocol ICMP Internet Control Message Protocol Address Resolution Protocol Internet Protocol: Addressing / Routing / Congestion Control IP ARP Data Link Point-to-Point Control: LAN / WAN Physical Communication Interface: T-R / Links Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 16 Security (1) ISO Information Processing Vocabulary TermDefinition SecurityThe condition of being secure or the condition of being protected from or exposed danger. PrivacyThe state or quality of being private. Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 17 ISO Information Processing Vocabulary Computer System Security The technological and the administrative safeguards established and applied to data processing to protect hardware, software, and data from accidental or malicious destruction or disclosure. Security (2) Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 18 Security (3): Analysis of Definition IssueDescription Object (to be protected) Hardware / Software / Data Challenges (source) Accidental / Malicious Effect (protection from) Destruction / Disclosure Means (of protection) Technological / Administrative Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 19 Security (4) ISO Information Processing Vocabulary Privacy Protection The implementation of appropriate administrative, technical, and physical safeguards to ensure the security and confidentiality of data records, and to protect both security and confidentiality against any threat or hazard that could result in substantial harm, embarrassment, inconvenience or unfairness to any individual about whom such information is maintained. Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 20 IssueDescription Object (to be protected) Information / Data: Records (associated with individuals, or organizations: privacy) Challenge (to object) Security / Privacy Effect (protection from) Threat & hazard that could result in harm, embarrassment, inconvenience, or unfairness Means (of protection) Physical / Administrative / Technical Security (5): Analysis of Definition Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 21 Security (6) ISO Information Processing Vocabulary TermDefinition CryptographyA discipline involving principles, means, and methods for changing data so that it is not readable. CryptanalysisAn attack on one of the principles, means, or methods (to recover readability) Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 22 Security (7) ISO Information Processing Vocabulary TermDefinition Encryption / Enciphering The process of changing data (plain text) so that it becomes unreadable (cipher text). Decryption / Deciphering The process of transforming cipher text back into plain text. Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 23 Policy (1): Security Levels ISO Security Perimeters / Levels Around the Network Perimeter of trust : Trusted users (no hackers) Trusted system (reliability / testing) Around the Process Passport rules Vaccination for processes programs & applications Layered Perimeters On each layer (ISO layered protocols ): Peer entity (same level) services Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 24 Policy (2): Information Security Goals ISO-OSI Special Interest Group on Security Information Security Goals Protection of data against: undetected loss and repetition unauthorized modification unauthorized disclosure Data is Sequenced Sealed Private Ensuring correct identity of sender & receiver Signed by Sender Stamped by Receiver Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 25 Intranet-Extranet-Internet Flow / Flooding Security of Information Flow Protection from undesired data streams entering the Intranet (Private / National Networks) Firewalls Protection of private data streams from leaking out of the Intranet Protection from denial of service : Flooding “undesired generation of data”. Anti-Virus Policy (3): Goals Information Flow Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 26 Challenges on: HW / SW / Information Security / Privacy ISO Network Security Scope  Technology (Systems)  Administration / Management (Organization)  People (Users / Hackers)  Accidental / Malicious. Policy Recommendations: ISO / Internet Remarks / Understanding Understanding Network Security: the ISO Principles

Saad Haj Bakry, PhD, CEng, FIEE 27 References M.D. Abrams and A.B. Jeng, “Network security protocol reference model, and the trusted system evaluation criteria”, IEEE Network Magazine, Vol.1, No.2, pp 34-39, April D.K. Branstad, “Considerations for security in the OSI architecture”, IEEE Network Magazine, Vol.1, No.2, pp 34-39, April S.H. Bakry, “Security issues in computer networks”, Middle East Communications, Vol. 5, No. 12, pp , December D.Minoli, Telecommunications Technology Handbook, Artech House(US), ISO Dictionary of Computer Science: The Standardized Vocabulary (23882), ISO, F. Botto, Dictionary of e-Business, Wiley (UK), H.M. Deitel, P.J. Deitel, K. Steinbuhler, e-Business and e-Commerce for Managers, Prentice-Hall (USA), 2001 Understanding Network Security: the ISO Principles

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.