Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Slides:

Advertisements

Similar presentations

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Advertisements

Crime and Security in the Networked Economy Part 4.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

Management’s Role in Information Security V.T. Raja, Ph.D., Oregon State University.

Saad Haj Bakry, PhD, CEng, FIEE 1 Service Level Agreements: SLAs Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

Network Management Functions

ISO Information Security Management

Network Security Policy

Chapter 17 Controls and Security Measures

Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.

Security+ Guide to Network Security Fundamentals

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Lecture 10 Security and Control.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

FIT3105 Security and Identity Management Lecture 1.

Risks, Controls and Security Measures

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

E-Commerce Security and Fraud Issues and Protections

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

Saad Haj Bakry, PhD, CEng, FIEE 1 Introduction to Network Management Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Saad Haj Bakry, PhD, CEng, FIEE 1 Information Security for e -Business Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Security. Introduction to Security Why do we need security? What happens if data is lost? –Wrong business decisions through lack of information –Long-term.

Securing Information Systems

Saad Haj Bakry, PhD, CEng, FIEE 1 Principles of Information Security Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

MANAGEMENT & LEGAL IMPLICATIONS OF eCOMMERCE Security.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Internet Security for Small & Medium Business Week 6

Saad Haj Bakry, PhD, CEng, FIEE 1 Economic Evaluations Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

C8- Securing Information Systems

Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Security Content 1. Requirements of Security 2. Private Key, Public Key, Digital Signature 3. Security Protocols (SSL, SET) 4. Security Attack, Network.

The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”

CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.

Saad Haj Bakry, PhD, CEng, FIEE 1 Security Policy Issues Saad Haj Bakry, PhD, CEng, FIEE.

LEGAL CHALLENGES & STRATEGIES IN E-PROCUREMENT IN CONSTRUCTION

ACM 511 Introduction to Computer Networks. Computer Networks.

IT in Business Issues in Information Technology Lecture – 13.

1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.

CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.

Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

Saad Haj Bakry, PhD, CEng, FIEE 1 Network Management Support Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

E NGINEERING STUDIES IN T ELECOMMUNICATIONS S ECURITY School of Communication Engineering.

Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Security Requirements for Business Communication HENRIQUE DE CONTI.

Security and Ethics Safeguards and Codes of Conduct.

Safe’n’Sec IT security solutions for enterprises of any size.

UNIT-4 Computer Security Classification 2 Online Security Issues Overview Computer security – The protection of assets from unauthorized access, use,

Cyber Threat Dr. John P. Abraham Professor University of Texas Pan American.

Information Management System Ali Saeed Khan 29 th April, 2016.

LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.

Securing Information Systems

Securing Information Systems

Lecture 5. Security Threats

Network Management Functions

Securing Information Systems

Presentation transcript:

Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY

Saad Haj Bakry, PhD, CEng, FIEE 2 Security Profile Security Problems Security Challenges Security Protection Risk / Cost Balance. Objectives / Contents Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 3 Security Profile T PO Technology Organization People Environment Challenges Accidental Malicious Protection Technical Administrative Problems Sources of Challenges and Protection Measures Target of Protection Solutions: Cost / Balance Information Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 4 Security Profile: Basic Levels The Internet Level: World Wide Users The Extranet Level: Partners / Suppliers / Customers The Intranet Level: Intra-organization Uses The Personal Level Security Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 5 Security Profile: Sublevels System Level: Banking Services Level: Account Management Application Level: Stock Market Transaction Level: Buying Security Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 6 ProblemDescription Accessibility Who access: system / service. Availability System / service readiness. Reliability Identity / repudiation / legal information Integrity Alteration / loss of information (&SW) Confidentiality Disclosure of private information. Trust Disaster recovery. “Cost” “Challenges” versus “Protection” Security Problems Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 7 Challenge Generation: : Internal / External Deliberate (Hackers) Non-DeliberateAccidental Financial Gain Espionage: Industrial / Political Anarchy Culture/ Ideology Learning Acceptance / Respect Curiosity / Thrill Ignorance Work (Professional) Environment Challenges: People / Organization (1) Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 8 ChallengeProblem TheftVarious problems Illegal AccessAccessibility Copy RightsReliability NoiseAvailability / Integrity VirusesAvailability / Reliability / Integrity / Trust Cryptanalysis Confidentiality / Integrity Repudiation / Illegal Information (Webs): Reliability DestructionTrust Challenges: People / Organization (2) Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 9 Challenges: Environment ChallengeProblem Natural NoiseIntegrity Power FailureAvailability DisasterTrust Work Regulations (Cyber Crimes)Various Problems Management Policy Practice Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 10 ChallengeProblem Design Logical Deficiencies Availability & other Problems Protocol (SW) Un-robustness: Failure Tolerance ManagementFault / Performance Management Challenges: Technology Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 11 Protection ToolsProblem Access Systems: System Management User Number (Public) Accessibility: Different Levels Passwords (Private) Biometric Measures Anti-Virus Systems Detecting / Cleaning Viruses Availability / Integrity / Trust Firewalls Illegal Information & Confidential Information Reliability / Confidentiality Traffic Padding Control of Traffic VolumeConfidentiality Quality Systems Design / Fault ToleranceAvailability Standby Systems Disaster RecoveryTrust Protection: Technology (1) Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 12 CryptographyProblem Symmetric Secrete Key / Public-Private Keys Confidentiality Management: Key Distribution / Key Agreement Hash Function: Message Testing Integrity Digital Signature: Authentication of Identity Reliability Time-Stamping: Non-Repudiation (Proof of Transaction) Public Key Infrastructure: Digital Certificates Security Protocols: Applications Protection: Technology (2) Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 13 IssueMeasureProblem People Access Rights: Selection Accessibility Availability Reliability Integrity Confidentiality Trust “Cost” Awareness: Users / Staff Practice: Behaviour Environment International / National: Cyber-Crime Rules Private: Regulations Organization Security Policy: Vision Management: Operation Protection: People / Organization / Environment Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 14 Cost Issues IssueFact Virus Damage The damage of the “I Love Virus” (May 2000) was estimated to be “$ billion” with the majority of the damage done in the first few hours. (The virus destroyed files and sent itself to others through MS Outlook Address Book) Spending on Data Security Estimated by “IDC” (International Data Corporation). “$ 6.2 billion” (1999) / “$ 14.8 billion” (2003) Building a “Digital Certificate Infrastructure” Estimated by “Identrus” ( Consortium of Global Financial Companies) for financial organizations to provide trusted B-to-B e-Commerce. “$ 5 – 10 million” Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 15 Balance: Risk (loss) v. Cost (security) Balance Risk Cost Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 16 Profile:  Basic Factors: Technology / Organization / People / Environment  Levels: User / Intranet / Extranet / Internet  Sublevels: Application / Service / System  Security Problems: Challenges versus Protection Problems: Accessibility / Availability / Reliability / Integrity / Confidentiality / Trust / “Cost” Challenges (Organization / People) : Theft / Illegal Access / Copy Rights / Noise / Viruses / Cryptanalysis / Repudiation / Illegal Information / Destruction Remarks (1) Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 17 Challenges (Environment) : Natural / Professional Challenges (Technology) : Design / Management Protection (Technology) : Access / Anti-Virus / Firewalls / Traffic Padding / Quality Systems / Standby Systems / Cryptography Services. Protection (People) : Access / Awareness / Practice Protection (Environment) : Cyber crime / Regulations Protection (Organization) : Policy / Management Cost : Risk (Loss) versus Security (Cost. Remarks (2) Security Challenges & Protection Measures

Saad Haj Bakry, PhD, CEng, FIEE 18 References L.A. Worbel, Disaster Recovery Planning for Telecommunications, Artech House (US), Telecommunications Management: Network Security, The National Computing Centre Limited, UK, D.Minoli, Telecommunications Technology Handbook, Artech House(US), F. Botto, Dictionary of e-Business, Wiley (UK), H.M. Deitel, P.J. Deitel, K. Steinbuhler, e-Business and e-Commerce for Managers, Prentice-Hall (USA), 2001 S.H. Bakry, F.H. Bakry, “Identifying information network profiles for planning management”, International Journal of Network Management, Vol. 10, No. 6, Nov. / Dec. 2000, pp Security Challenges & Protection Measures