Presentation is loading. Please wait.

Presentation is loading. Please wait.

Topic 5: Communication and the Internet

Published byΕὐνίκη Γούναρης Modified over 6 years ago

Similar presentations

Presentation on theme: "Topic 5: Communication and the Internet"— Presentation transcript:

1 Topic 5: Communication and the Internet
Security

2 Communication and the Internet: Security
Network Security We know that a network is a connection of devices over some medium Physical (like cables) or non-physical (like radio waves) This lets devices communicate with each other however they want It also means data is being transmitted along these mediums between devices This data could be sensitive (like bank account information) How can we be sure no one can see this information? Communication and the Internet: Security

3 Communication and the Internet: Security
Network Security To try and mitigate any problems like this, we have network security This is a general term that applies to any technique or device aimed at making network communication safer This includes, but isn’t limited to Stopping data from being seen during transmission (eavesdropping) Stopping communication with questionable devices (firewalls) Stopping people accessing/retrieving sensitive information from a user directly (social engineering) Communication and the Internet: Security

4 Communication and the Internet: Security
Network Security As well as looking at the vulnerabilities we can come across on a network We’ll also look at the specific security measures we can put in place We’re going to look at three security measures specifically Access Control Physical Security Firewalls Communication and the Internet: Security

5 Network Security: Access Control
When a computer is connected to a network, that computer has the capability of Communicating with any device Doing anything it wants on that network This could include downloading questionable software and distributing it to the other devices on the network To mitigate this in some way, we can include access control measures Communication and the Internet: Security

6 Network Security: Access Control
Any measure that “controls access” will restrict what a device can and cannot do Usually based on the level of access they have For example, a common occurrence in school is the use of networked accounts Where you can log into your account on that network Based off of your access level, you could be restricted by Only letting you upload files to other computers (not download) Not being able to communicate with other devices on the network And more Communication and the Internet: Security

7 Network Security: Access Control
The idea of access control can also apply to individual files For example, we could restrict a user account so that it can only read files It won’t be able to write information to files Or even execute other files The amount of control we give from this will depend on the level of access the user has Typically, we can have Guest, Named, and Admin users But the administrator can make as many access groups as they want Communication and the Internet: Security

8 Network Security: Physical Security
Threats to a network are not only virtual In fact, many vulnerabilities are found in the physical world For example, a computer could have sensitive information on it Patient records in a hospital How do we stop any potential ‘hacker’ from walking in and walking away with that computer? That’s where physical security measures come in Communication and the Internet: Security

9 Network Security: Physical Security
We use physical security measures on an almost daily bases With locking doors That same idea applies to devices on a network too! Common physical security measures involves limiting access to the area the device is in Typically with a locked door Could also include locking the device in a cabinet What kind of locks could we have though? Communication and the Internet: Security

10 Network Security: Physical Security
We’re used to seeing key-based locks Where we need to place a key into a slot to unlock the door This could be analogue (using a metal key) Or digital/electronic (like using a keycard) However, there are also locks that don’t require a key, per se They require a fingerprint or eye to be scanned These are biometric locks Communication and the Internet: Security

11 Network Security: Physical Security
Bear in mind that these physical measures are not without their own problems A key-based lock can easily be circumvented by obtaining a copy of that key Biometrics are harder to work around, but not impossible Copies of fingerprints can be obtained using specialised gel Could also potentially get help from a user with correct biometric data Communication and the Internet: Security

12 Network Security: Firewalls
Firewalls help control traffic through a network Often found at the end point of a network Can also be found on individual devices Can come in hardware/software form Hardware: Routers, Wireless Access Points Software: Antivirus, Windows Defender Are ruled based Allow data in a transmission only if they meet the requirements Internet Private Network Communication and the Internet: Security

13 Network Security: Firewalls
Have two different methods for working Packet Filtering Proxy Server Packet Filtering is the rule based system mentioned Allows data through if they meet the requirements Based on source/destination/ports/protocols Proxy Firewalls act as ‘in-betweens’ for the device and a destination All data gets sent through it (changing source IP address to the proxy) Data is also ‘sniffed’ (inspected) to see if it meets requirements Communication and the Internet: Security

14 Network Security: Firewalls
When filtering data, the firewall can do two things Drop the data This is silent Meaning the sending computer won’t notice the data hasn’t gone through Usually looks like a ‘no internet’ error Reject the data Isn’t silent The sending computer will see the data hasn’t been sent Usually shows the reason why the packet was blocked Communication and the Internet: Security

15 Security Issues: Cloud Storage
Data contained within a LAN isn’t the only place where data is vulnerable A large majority of users (individuals or organisations) are relying on cloud storage these days Where data is uploaded to an external file host Keeps the data saved there Possibly synced locally on a device as well Lets us access our files across multiple devices Communication and the Internet: Security

16 Security Issues: Cloud Storage
Although cloud storage has many advantages over local storage, there are some security risks involved with using it Risk Explanation No control over the data Once the data we’re backing up is sent from our LAN (which we can control the privacy settings of) to the cloud’s LAN, the privacy of that data is up to them. Unauthorised users may see the data we’re uploading. Potential data leak Hackers could gain access to a cloud storage’s file store, gaining access to all the files within (including the ones we’re backing up). Device syncing If a device is syncing all the data, sensitive or otherwise, from a network then all a person has to do is steal that device to gain access to that data. Eavesdropping Data is continuously sent back and forth between a device and the cloud storage. One only needs to eavesdrop on this communication to see all the data. Communication and the Internet: Security

17 Security Issues: Cloud Storage
We could work around these problems by making use of a local file storage solution instead Like a local FTP server This means the administrator of the LAN has full control over the security of that FTP server and the network Mitigating any potential eavesdropping or hacking issues Could then use a proxy to access the LAN securely from outside the network Communication and the Internet: Security

18 Security Issues: Phishing
Not all security issues are virtual or physical Not even computer or device related The most common cause of problems is the user There are a few security issues from the user’s side Known as social engineering To err is human – Alexander Pope Communication and the Internet: Security

19 Security Issues: Phishing
One of these is known as phishing Phishing scams are electronic communications disguised as something harmless Usually asking for sensitive information, like addresses or passwords Relies on the victim’s ignorance (usually catching out people new to ) Communication and the Internet: Security

20 Security Issues: Shoulder Surfing
Another social engineering tactic is known as shoulder surfing This is the physical-world equivalent of eavesdropping A person could look (literally) over the should of a user While they are logging in to a website The person could make a note of the details used (like usernames/passwords) Most common in public places Like internet cafes Communication and the Internet: Security

21 Security Issues: Pharming
Similar to phishing, there is also pharming However, is actually code installed on the victim’s computer Rather than a link sent to the user via This code redirects victim to fraudulent websites when certain domains are detected on a web browser For example, going to a fake Apple website rather than the correct one Called pharming as “phishing without a lure” Communication and the Internet: Security

22 Security Issues: Unpatched Software
Sometimes software that is released have a few vulnerabilities in them Very often, these are “patched-out” However, sometimes software isn’t patched Usually by the user choosing not to patch/update the software on their device In these cases, a hacker could make use of the vulnerability on that software to potentially gain access to sensitive data Or even the device itself A patch is an update created by the creator of the software (usually for fixing a problem or vulnerability) Communication and the Internet: Security

23 Security Issues: USB Devices
Even devices we plug into our computers aren’t entirely safe! USB devices (like memory sticks) can be tampered with by hackers Can have software ‘built into’ them Which is silently installed on the computer When the USB device is plugged into the computer Sensitive data is then sent to the hacker USB devices are notorious as security vulnerabilities, because they circumvent all network security steps built in So often IT administrators in business have a no USB policy Communication and the Internet: Security

24 Security Issues: Digital Devices
There is also the issue of digital devices being stolen A digital device is any device that contains a computer or microcontroller This includes mobile phones, tablets, and PDAs (Personal Digital Assistants) These digital devices could contain sensitive information on them Especially phones, which could also have contact information of other people We can protect against this by adding passwords to all devices Both password-protecting any login accounts on the device And, if possible, encrypting the whole device itself Communication and the Internet: Security

25

Download ppt "Topic 5: Communication and the Internet"

Similar presentations

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Data Security GCSE ICT.

Data Security GCSE ICT.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
1. Self Awareness You should only access your accounts and private informations from a safe location (only at home as necessary if at all possible) where.

1. Self Awareness You should only access your accounts and private informations from a safe location (only at home as necessary if at all possible) where.
Year 9 Autumn Assessment Computer system/Information security-Planning, Communicating, Information. By Louis Smith-Lassey 9k 9Y1.

Year 9 Autumn Assessment Computer system/Information security-Planning, Communicating, Information. By Louis Smith-Lassey 9k 9Y1.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Phishing scams Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Computer Security! Emma Campbell, 8K VirusesHackingBackups.

Computer Security! Emma Campbell, 8K VirusesHackingBackups.
Topic 5: Basic Security.

Topic 5: Basic Security.
Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.

Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Similar presentations

Ads by Google