Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of Data Communications Security Concepts

Published byMillicent Thornton Modified over 6 years ago

Similar presentations

Presentation on theme: "Overview of Data Communications Security Concepts"— Presentation transcript:

1 Overview of Data Communications Security Concepts
Version 1.0 March, 2003 Bill Woodcock Packet Clearing House

2 Context What to Protect What to Allow Types of Attacks What you can do

3 Mauritius on the World Stage
SAFE cable system Connects to South Africa, India, and Malaysia STM768 total capacity, less than one year old Cyber-city initiative First-class IT hosting facility Regional center for banking and finance Prosperous economy, strong work ethic Already highly educated population New computer education programs

4 Risks, Costs, and Benefits
As Mauritius comes to the world’s attention, both risks and potential benefit increase dramatically. The time to put your house in order is now, before it receives close scrutiny. A well-prepared country will attract business and investors.

5 What to Protect Physical security Cryptographic security
Computing resources Storage (live and backups) Communications and remote access Support (power and cooling) Cryptographic security Hiding content Authenticating parties Protection against replays and man-in-the-middle Code execution and permissions Open source code (patches) Execution space and account structure Social engineering

6 What to Protect Define tight perimeters Compartmentalize Modularize
Physical: secure rooms, not buildings People: delete old accounts, manage permissions Compartmentalize Firewalls: one per class of device Code: executes chroot with own uid Permissions: role accounts, sudo Modularize Code: auditable building-blocks, not monoliths People: cross-train and understand overall goals Physical: standard components, spares, images Firewalls: central management of rulesets, namespace

7 What to Allow Differential threshold of difficulty to authorized and unauthorized users How to authenticate? “Something you have and something you know.” Password, phrase, PIN, or challenge-response Key, token, modulator, or biometric property

8 What to Allow Permissions depend upon context Temporal: Physical:
Some hours of the day or days of the week While they’re employed or contracted Physical: While they’re present in a facility Together with another user Complex: Depending upon pattern of prior actions

9 Types of Attacks Physical: Infrastructure destruction
Theft of components Wiretapping and eavesdropping Vandalism

10 Types of Attacks Communications: Man-in-the-middle Denial of service
Port scanning Stepping-stones and impersonation

11 Types of Attacks Code: Incompetence and DoS against labor
Buffer overflows Permissions bootstrapping Worms and self-replication Viri and trojan horses Zombies and 0wn3rship

12 Types of Attacks People: Social engineering Co-option Moles or plants
Inside jobs

13 What Can You Do? Define clear and specific policy
90% of security is human resources 9% is host configuration 1% is firewalls Only create policy which can be followed Only create policy which can be enforced

14 Why CEOs Must Lead Most serious security compromises come from within the organization. Most are failures of morale, alertness, or moral fiber on the part of employees. These problems can only be solved through good corporate culture. CEOs set the moral and ethical example which guide the corporation’s culture.

15 Bill Woodcock

Download ppt "Overview of Data Communications Security Concepts"

Similar presentations

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.

Attacks Framework Attacks Physical Access Attacks -- Wiretapping Server Hacking Vandalism Dialog Attacks -- Eavesdropping Impersonation Message Alteration.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
4 Information Security.

4 Information Security.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Recovering from an Attack Version 0.1 March, 2003 Bill Woodcock Packet Clearing House.

Recovering from an Attack Version 0.1 March, 2003 Bill Woodcock Packet Clearing House.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.

1 McGraw-Hill/Irwin Copyright © 2004, The McGraw-Hill Companies, Inc. All rights reserved. Ethical Challenges Ethics Principles of right and wrong that.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.

Eleventh Edition 1 Introduction to Information Systems Essentials for the Internetworked E-Business Enterprise Irwin/McGraw-Hill Copyright © 2002, The.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Similar presentations

Ads by Google