Presentation is loading. Please wait.

Presentation is loading. Please wait.

ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.

Similar presentations


Presentation on theme: "ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools."— Presentation transcript:

1 ASHRAY PATEL Protection Mechanisms

2 Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools Cryptography and Encryption

3 Access Control Regulates the admission of users into trusted areas of the organization  Logical access to information  Physical access to organizations facilities Maintained by means of a collection of policies, programs to carry out those policies, and technology to enforce policy Access control involves four processes:  Identification  Authentication  Authorization  Accountability

4 Identification A mechanism that provides information about an unverified entity that wants to be granted access ID must be a unique value that can be traced to one and only one person within the security domain Elements that make ID’s unique within security domain  First and last name  Picture  Department codes  Random numbers  Or special characters

5 Authentication Process to validating a persons purported identity Ensures the entity requesting access is the entity it claims to be Three types of authentication mechanisms:  Knowledge factors: Something the user knows  Ownership factors: Something the user has  Inherence factors: Something the user is or does Some places require strong authentication- usually require 2 different types of authentication mechanisms

6 Knowledge Factor Methods Username/Password is the most common in work places and schools Pass Phrase Personal identification number Challenge response Weakness: is that any of these can often be stolen, accidentally revealed, or forgotten by the user

7 Ownership Method Factors Photo Id Key Cards- swipe or scan to get authentication Wrist Bands Security Token Cell phone hardware token Cell Phone software token  hardware/software tokens acts like an electronic key to access something.

8 Inherence Method Factors Fingerprints Retina scans Iris scans Signatures Face/voice recognition Hand patterns Palm vein authentication

9 Authorization Process that determines if a user has been specifically and explicitly authorized by the proper authority to perform a function Authorization can be handled in 3 ways:  Authorization for each authenticated user : in which the system performs an authentication process to verify each entity and then grants access to resources to only that entity  Authorization for members in a group: in which the system matches authenticated entities to a list of group memberships and then grants access to resources bases on group’s access rights  Authorization across multiple systems: in which a central authentication and authorization system verifies entity ID’s and grants a set of credentials to the verifies entity

10 Accountability Ensures that all actions on a system can be attributed to an authenticated identity Actions could be ones that the entity is authorized for: such as modifying data, Or could include unauthorized attempts: such as modifying data that is beyond access level Accountability is accomplished by implementing system logs and database journals

11 Managing Access Control Access control policy: which specifies how access rights are granted to entities and groups Policy must include:  Reviewing all access rights periodically  Granting access rights  Changing access rights when needed  Revoking access rights

12 Firewalls A network security system that controls the incoming and outgoing network traffic Can filter based on: IP address, type of packet, port request, and other elements presented in packet Examines for packets for compliance with or violation of rules configured into firewalls database

13 Managing Firewalls Training  Read manuals and get educated on the firewall Uniqueness  Each brand of firewall is different, so you must learn what differences the firewalls you are using have Responsibility  Each and every person in security has a responsibility to keep the firewall updated and safe from hackers Administration  Must have administration hired to help with the firewalls

14 Scanning and Analysis Tools Used to find vulnerabilities is systems, holes in security components, and other unsecured points Different types of scanners and tools:  Port Scanners  Vulnerability Scanners  Packet Sniffers  Content Filters  Trap and trace

15 Port Scanners Are a group of utility software applications that can identify computers that are active on a network, as well as the active ports and services on those computers The functions and roles fulfilled by the machines Can scan for specific computers, protocols, resources, or conduct generic scans The more specific the scanner is, the more detailed and useful the information is provided

16 Vulnerability Scanners Variants of port scanners, are capable of scanning networks for very detailed information It can identify exposed user names and groups, show open network shares, and expose configuration problems Can also show what firewalls and OS/version is running

17 Packet Sniffers Is a network tool that collects and analyzes copies of packets from the network Can provide a administrator with valuable information to help diagnose and resolve networking issues  Can examine both live network traffic and previously captured data  Including language filtering  TCP session reconstruction utility

18 Content Filters Is a software program that allows administrators to restrict content that comes into a network Such as: web sites with nonbusiness related material  Pornography websites  Entertainment websites Can also keep spam e-mails away

19 Trap and Trace Application that entice individuals who are illegally perusing the internal areas of a network by providing simulated rich content areas but distract the attacker while the software notifies the administrator of the intrusion Then the administrator determine the identity of someone discovered in the unauthorized areas of the network or systems

20 Cryptography and Encryption Is the set of processes involved in encoding and decoding messages so that others cannot understand them Encryption: is the process of converting an original message into a form that cannot be used by unauthorized individuals Messages are decoded by algorithms and keys used to perform the encryption

21 References Management of Information Security- Whitman and Mattord http://en.wikipedia.org/wiki/Authentication http://searchsecurity.techtarget.com/feature/Protec tion-Mechanisms http://searchsecurity.techtarget.com/feature/Protec tion-Mechanisms


Download ppt "ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools."

Similar presentations


Ads by Google