Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1.

Published byBenjamin York Modified over 8 years ago

Similar presentations

Presentation on theme: "Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1."— Presentation transcript:

1 Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1

2 ■ Confidentiality o Ability to hide information from unauthorized access. ■ Integrity o Maintaining consistency, accuracy and trustworthiness of data over its entire lifecycle. ■ Availability o Information requested is readily available to authorized entity NASWA's Information Technology Support Center 2 CIA TRIAD CIA triad no longer adequately address security of changing technology environment

3  Identity & Access Management o An enterprise access management system with the capability of identity provisioning, identifying and authorizing users and systems  Intrusion Prevention System Confidentiality NASWA's Information Technology Support Center 3 Security ControlIRS 1075 GuidanceNIST Reference IA-7: Cryptographic Module Authentication The information system uses mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication. NIST 800-53 - Recommended Security Controls for Federal Information Systems. FIPS 140-2 – Security Requirements for Cryptographic Modules

4  Public Key Infrastructure o An enterprise PKI infrastructure to assure cryptography during data acquisition, transit and rest. o Non Repudiation – digital signature, encryption and checksum using hash o Transport Layer Security (TLS)/Secured Socket Layer (SSL)  Nonce o Avoid replay attacks  Auditing o Logging,  Social Engineering NASWA's Information Technology Support Center 4 Integrity

5 Security ControlIRS 1075 GuidanceNIST Reference SC-8: Transmission IntegrityThe information system protects the integrity of transmitted information. NIST 800-52 – guidance on the use of Transport Layer Security (TLS) NIST 800-77 – guidance on the use of Ipsec SC-9: Transmission ConfidentialityThe information system protects the confidentiality of transmitted information. NIST 800-52 – guidance on the use of Transport Layer Security (TLS) NIST 800-77 – guidance on the use of IPsec NIST 800-77 – guidance on the use of Ipsec SC-12: Cryptographic Key Establishment and Management When cryptography is required and employed within the information system, the organization establishes and manages cryptographic keys using automated mechanisms with supporting procedures or manual procedures. NIST 800-56 – guidance on cryptographic key establishment NIST 800-57 – guidance on cryptographic key management NIST 800-77 – guidance on the use of Ipsec SC-13: Use of CryptographyValidation certificates issued by the NIST Cryptographic Module Validation Program (including FIPS 140-1, FIPS 140-2, and future amendments) remain in effect and the modules remain available for continued use and purchase until a validation certificate is specifically revoked. FIPS 140-2 – Security Requirements for Cryptographic Modules NIST 800-77 – guidance on the use of Ipsec SC-17: Public Key Infrastructure Certificates User certificates, each agency either establishes an agency certification authority cross-certified with the Federal Bridge Certification Authority at medium assurance or higher or uses certificates from an approved, shared service provider, as required by OMB Memorandum 05-24 NIST 800-32 – guidance on public key technology NASWA's Information Technology Support Center 5 Integrity Security Controls

6  Enterprise Monitoring systems o Intrusion Detection System – NIST 800-94 o Vulnerability assessment tools – NIST 800-39 o Malicious software detection systems – NIST 800-39  Risk Management – NIST 800-39 o Enterprise patch management NIST 800-40 o Enterprise Firewall management NIST 800-41 o Configuration management NIST 800-128 NASWA's Information Technology Support Center 6 Availability

7  Tools o CA Site minder o Oracle Access Manager o IBM o Dell o Sail Point o ForgeRock (Open Source) NASWA's Information Technology Support Center 7 Identity and Access Management

8  OpenSSL  NetBeans NASWA's Information Technology Support Center 8 Public Key Infrastructure

9 NASWA's Information Technology Support Center 9 Non Repudiation

10 NASWA's Information Technology Support Center 10 Intrusion detection and prevention systems

11 NASWA's Information Technology Support Center 11 Capabilities of IDS

12 NASWA's Information Technology Support Center 12 Questions

Download ppt "Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Public Key Infrastructure (PKI) Hosting Services.

Public Key Infrastructure (PKI) Hosting Services.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
NETWORK SECURITY.

NETWORK SECURITY.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Securing Information Systems

Securing Information Systems
Information Security Technological Security Implementation and Privacy Protection.

Information Security Technological Security Implementation and Privacy Protection.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Information Security Update CTC 18 March 2015 Julianne Tolson.

Information Security Update CTC 18 March 2015 Julianne Tolson.
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.

Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL
Federal Aviation Administration Federal Aviation Administration 1 Presentation to: Name: Date: Federal Aviation Administration AMHS Security Security Sub-Group.

Federal Aviation Administration Federal Aviation Administration 1 Presentation to: Name: Date: Federal Aviation Administration AMHS Security Security Sub-Group.

Similar presentations

Ads by Google