COEN 350 Network Security Introduction. Computer Networks OSI Reference Model Application Layer Presentation Layer Session Layer Transport Layer Network.

Slides:

Advertisements

Similar presentations

Advertisements

Click to continue Network Protocols. Click to continue Networking Protocols A protocol defines the rules of procedures, which computers must obey when.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Firewalls and Intrusion Detection Systems

International Standards Organization Open Systems Interconnect (OSI) Reference Model Advanced Computer Networks.

PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.

Protocols and the TCP/IP Suite Chapter 4 (Stallings Book)

Protocols and the TCP/IP Suite

Chapter 1 Read (again) chapter 1.

Networks: OSI Reference Model 1 International Standards Organization Open Systems Interconnect (OSI) Reference Model.

04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.

Circuit & Application Level Gateways CS-431 Dick Steflik.

OSI Model 7 Layers 7. Application Layer 6. Presentation Layer

COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.

DISCLAIMER:  If you think you know it all, don’t shout out the answers! Go here:  game.shtml

Fundamentals of Computer Networks ECE 478/578 Lecture #2 Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University of Arizona.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

OSI Model Routing Connection-oriented/Connectionless Network Services.

Review: – computer networks – topology: pair-wise connection, point-to-point networks and broadcast networks – switching techniques packet switching and.

Presentation on Osi & TCP/IP MODEL

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

CSI315 Web Development Technologies Continued. Communication Layer information needs to get from one place to another –Computer- Computer –Software- Software.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Network protocols

Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.

Section 2.31 The TCP/IP reference model the de facto Internet standard demonstrates arbitrary nature of layers –various models are possible –OSI & TCP/IP.

© McLean HIGHER COMPUTER NETWORKING Lesson 1 – Protocols and OSI What is a network protocol Description of the OSI model.

Unit27-networking BTEC NAT – UNIT 27 NETWORKING OSI MODEL Unit Leader:Dave Bell

Spring 2006Computer Networks1 Chapter 2 Network Models.

Network Security Lecture 20 Presented by: Dr. Munam Ali Shah.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

OSI Model Data Communications. 7 layer “research” model ApplicationPresentationSessionTransportNetworkLinkPhysical.

Computer Security Workshops Networking 101. Reasons To Know Networking In Regard to Computer Security To understand the flow of information on the Internet.

Spring 2006Computer Networks1 Chapter 2 Network Models.

Data Communications and Networks

William Stallings Data and Computer Communications

CHAPTER 4 PROTOCOLS AND THE TCP/IP SUITE Acknowledgement: The Slides Were Provided By Cory Beard, William Stallings For Their Textbook “Wireless Communication.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

1 Chapter 4. Protocols and the TCP/IP Suite Wen-Shyang Hwang KUAS EE.

Net 221D:Computer Networks Fundamentals

Protocol Layering Chapter 11.

THE NETWORKS Theo Chakkapark. Open System Interconnection  The tower of power!  The source of this power comes from the model’s flexibility.

The OSI Model A Framework for Communications David A. Abarca July 19, 2005.

Another Model?! The TCP/IP Reference Model By: Allan Johnson.

Advanced Higher Computing Computer Networking Topic 1: Network Protocols and Standards.

The OSI Model An ISO (International standard Organization) that covers all aspects of network communications is the Open System Interconnection (OSI) model.

Lecture 1 on Networking ITNT Network protocols Protocol suites are collections of protocols that enable network communication from one host through.

TCP/IP Protocol Suite Suresh Kr Sharma 1 The OSI Model and the TCP/IP Protocol Suite Established in 1947, the International Standards Organization (ISO)

Mr. Sathish Kumar. M Department of Electronics and Communication Engineering I’ve learned that people will forget what you said, people will forget what.

Securing Access to Data Using IPsec Josh Jones Cosc352.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Lecture 4 : Network Architectures (cont..) 1. 2 Summary of OSI Layers.

COEN 350 Network Security Introduction. Computer Networks OSI Reference Model Application Layer Presentation Layer Session Layer Transport Layer Network.

Networking Using the OSI Model.

Introduction to Technology Infrastructure

OSI model vs. TCP/IP MODEL

Internet and Intranet Fundamentals

COEN 350 Network Security Introduction.

Introduction to Technology Infrastructure

Network Architecture for Cyberspace

Unit 8 Network Security.

OSI Reference Model Unit II

OSI Model 7 Layers 7. Application Layer 6. Presentation Layer

Introduction to Networking Security

Presentation transcript:

COEN 350 Network Security Introduction

Computer Networks OSI Reference Model Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer

OSI Reference Model Useful to establish terminology Not implemented Upper layer implemented in terms of lower layer.

OSI Reference Model Application Layer Locus of applications that use networking P2P HTTP ftp Presentation Layer Encodes application data into a canonical form Decodes it into system-dependent format at the receiving end.

OSI Reference Model Session Layer Extra functions over reliable one-to-one connection RPC Transport Layer Reliable communication stream between a pair of systems. IP, UDP, TCP, ICMP

OSI Reference Model Network Layer Computes paths across an interconnected mesh of links and packet switches Forwards packets over multiple links from source to destination

OSI Reference Model Data Link Layer Organizes physical layer’s bits into packets and controls who on a shared link gets each packet. Physical Layer Delivers an unstructured stream of bits across a single link of some sort.

TCP/IP Suite

Protocol Layers and Security Security measures often layer network protocols. Protect contents of packages is protection at layer 2. Still allows traffic analysis. IPSec protects (encrypts) packages at layer 4 Does not work with NAT.

Goals Authentication Who are you? Authorization Are you allowed to do that? Integrity Is this the real message? Privacy Does anyone else know about it?

Zone of Control The zone that needs to be secured in order to prevent eavesdropping. Physical access needs to be prevented. Tempest program (US military) All computer systems radiate information. Possible to reconstruct image on a monitor from 20 ft. Wireless access point rated for e.g. 50 ft radius for receiving data. Special antenna (built from a Pringles box, etc.) can read traffic from a mile away. Define a perimeter of a commercial wired network: Need to include backdoor channels like modems, etc. Tempest: Set of standards for limiting electric or electromagnetic radiation emanations from electronic equipment. Shortcut for filed of compromising emanations / Emissions Security

Legal Issues Patent Law First inventor has the right to invention. In other countries: First one to file. Patents issued based on what inventors present regarding Novelty (  Prior Art) Importance (“Aha” effect) Patent process flawed since Reagan under-funding, but slowly getting better Patent decision needs to be made within a day. Many cryptography algorithms are / were patented. Are now moving into the public domain. Still, many standards are built around patented methods. Kerberos uses secret key encryption instead of public key encryption.

Legal Issues Export Control Cryptographic algorithms and tools were considered to be restricted technology. Treated like ammunition. Taking a laptop to Mexico for a week-end could be a violation of export control. Government gave up after PGP fiasco Zimmermann invented PGP 1.0 in PGP fell under the ammunition clause. Zimmermann circumvented export restriction by publishing code in book form (under first amendment protection) Book was intended to be bought by exactly one person in Norway to scan in code and publish PGP outside of US (for free downloads).

Legal Issues Key Escrow Cryptography algorithms became unbreakable in the nineties. Prevent wiretaps, computer forensics, etc. National security efforts sponsored Clipper: 1993 Encryption chip with secret key. User gets chip, secret key is broken up and stored at two different agencies. Two different agencies needed to cooperate to recover secret key. Considered to be almost impossible if cooperation were legal and impossible if cooperation were illegal. Government gave up.