Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 40 Internet Security.

Published byCecilia Campbell Modified over 7 years ago

Similar presentations

Presentation on theme: "Chapter 40 Internet Security."— Presentation transcript:

1 Chapter 40 Internet Security

2 Learning objectives In this chapter you will learn:
how a firewall and proxy server can be used to protect a network how public/private key encryption is used to protect data how digital certificates and signatures are used to authenticate websites to understand the risk posed by Trojans, viruses and worms and how to protect against them.

3 Overview There are some inherent risks when using the Internet.
These often relate to the potential threat of someone discovering personal or sensitive information about individuals and organisations and the information being misused. There is also an increasing risk from worms, Trojans and viruses which can cause network failure, corruption of files or denial of service. There are a number of measures that can be employed to either prevent or minimise the risks from these threats.

4 Firewall A firewall describes the technique used to protect an organisation’s network from unauthorised access by users outside the network. A firewall can be constructed using hardware, software or a combination of both. The most secure firewalls tend to be those constructed from both hardware and software.

5 Proxy server One security measure that can be used at this stage is a proxy server. The word proxy means ‘on behalf of’ so in this context it is a server that acts on behalf of another computer. By routing through a proxy server there is no direct connection between the computer on the LAN and the Internet.

6 Private / public key encryption
Encryption techniques make use of a key, which is a string of numbers or characters that are used as a code to encrypt and then decrypt the message. Typically, the key may be 128-bit or 256-bit, enabling billions of permutations for the way in which data can be encrypted. Without the key, the message cannot be understood. Symmetric key encryption uses a key to encrypt and then decrypt the data. The key must be known to sender and receiver.

7 Asymmetric key encryption
Asymmetric key encryption uses a public and private key. Assuming two computers, A and B: A will have a private key known only to A. A will also have a public key, which is mathematically related to the private key. It is called a public key as anyone can access it . B will also have a private key and a related public key. For A to send a secure message to B, A will first encrypt the message using B’s public key. As the private and public keys are related, the message can only be decrypted by B using B’s private key. As no-one else knows B’s private key, even if the message were intercepted, it could not be decrypted.

8 Digital certificates and signatures
A digital certificate is a means of proving who you are when dealing with people and organisations on the Internet. It is usually used by businesses to authenticate that they are genuine, and is important in the use of asymmetric encryption as a secure way of sharing public keys. Digital certificates, sometimes referred to as SSL (Secure Socket Layer) is another method of ensuring the authenticity of the sender. A digital signature uses mathematical functions and the public/private key method.

9 Trojans A Trojan is a computer program designed to cause harm to a computer system or allow a hacker unauthorised access. It is one of a group of malware, which is short for malicious software. The distinguishing feature of a Trojan is that it is hidden away inside another file and that it is not always obvious that a computer is infected. This gives a hacker the opportunity to access a computer remotely without the knowledge of the user.

10 Viruses A virus is a small malware program that is designed to cause damage to a computer system or the data stored on it. A computer gets infected when the malware installs itself on the computer from a number of sources including pop-ups, attachments or file downloads. The virus itself will be attached to another file but once installed on the host machine, it will activate. The defining feature of a virus is that it replicates itself and can therefore cause extensive damage to individual computers and networks as, like a human virus, it can spread anywhere.

11 Worms Worms also replicate themselves and are designed to spread, exploiting any weaknesses in a computer’s defences. The defining feature of a worm is that it does not need to be attached to another file to infect the computer.

12 How worms spread

13 Protecting against threats – users
Use anti-virus software and anti-malware software and keep it up-to-date. Keep operating system software up-to-date. Use a firewall. Do not open attachments or click on pop-ups from unknown senders. Operate a whitelist of trusted sites. Ensure sites use HTTPS, digital signatures and certificates. Use passwords on programs and files. Encrypt data files.

14 Protecting against threats – programmers
Select a programming language with in-built security features, including tools that check for common security errors. Use recognised encryption techniques for all data stored within the program. Set administrative rights as part of the program and carefully control access and permission rights for different users. Don’t load up lots of Internet services as part of your code unless they are needed. Thoroughly test your code as errors can be exploited, specifically testing for known security issues. Keep code up-to-date in light of new security threats. Never trust the user! Many threats are internal to an organisation and might not be malicious. Major problems can be caused through accidental misuse by a user.

15 Protecting against threats – programmers
Ensure that requests are coming from recognised sources. Use a network firewall and use the packet filtering and stateful inspection techniques as described earlier in this chapter. Use encryption techniques as described earlier and ensure digital certificates and signatures are used and are up-to-date. Keep anti-virus software up-to-date. Update the network operating system regularly.

Download ppt "Chapter 40 Internet Security."

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.

COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
Unit 19 INTERNET SECURITY

Unit 19 INTERNET SECURITY
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  E-mail Virus  Trojan Horse  Phishing 

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.
 a crime committed on a computer network, esp. the Internet.

 a crime committed on a computer network, esp. the Internet.
Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.

Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Similar presentations

Ads by Google