Presentation is loading. Please wait.

Presentation is loading. Please wait.

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

Published byBenjamin Mills Modified over 6 years ago

Similar presentations

Presentation on theme: "CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION"— Presentation transcript:

1 CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION
Mr. In-Seop Lee KT/ITU-T SG 2

2 Importance of Network Security
Background Explosive growth of computers and network To protect data and resources To guarantee the authenticity of data To protect systems Security aspects Security Attacks : An action that compromise the information Security Mechanism : Design to protect,prevent,recover from attacks Security Service : Enhance the security of data,systems ITU-T Workshop on Security - Seoul (Korea), May 2002

3 Relationship between security objectives
Treats Security Requirements Security services Security mechanisms Security algorithms Security objectives ITU-T Workshop on Security - Seoul (Korea), May 2002

4 CONCERNS OF I/T EXECUTIVES
Reliability Complexity of the Transition Unproven Services Increased Telecom Costs Increased Operating Costs Quality of Management Tools Security Lack of Standards Lack of Applications to Exploit Other 75% 73% 64% 69% 62% 61% 60% 48% 1% Source: Information Week. ITU-T Workshop on Security - Seoul (Korea), May 2002

5 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
SECURITY MODEL Information Source Destination NORMAL FLOW A B ITU-T Workshop on Security - Seoul (Korea), May 2002

6 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
SECURITY THREATS INTERRUPTION A B INTERCEPTION B A X AVAILABILITY CONFIDENTIALITY MODIFICATION A B X FABRICATION A B X INTEGRITY AUTHENTICITY ITU-T Workshop on Security - Seoul (Korea), May 2002

7 SECURITY REQUIREMENTS
CONFIDENTIALITY AUTHENTICATION INTEGRITY AVAILABILITY Communications & IT NON-REPUDIATION ITU-T Workshop on Security - Seoul (Korea), May 2002

8 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
SECURITY SERVICES Confidentiality Protection of transmitted data Authentication Assuring that communication is authentic Integrity Assuring that message has originality Non-repudiation Preventing denying message Access Control Limit & control the access Availability Automated or physical countermeasures ITU-T Workshop on Security - Seoul (Korea), May 2002

9 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
MODEL FOR NETWORK SECURITY ITU-T Workshop on Security - Seoul (Korea), May 2002

10 SIX LAYERS OF NETWORK SECURITY
SECURITY AUDITING SECURITY TOOLS SOFTWARE MONITORING PHYSICAL SECURITY NETWORK ADMINISTRATOR ITU-T Workshop on Security - Seoul (Korea), May 2002

11 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
INTERCEPTION Interception Interception of communications occurs where a private communication between two or more parties, sent via a communications handling system, is covertly monitored in order to understand the content. Background In most developed countries, interception of communications is used by the law enforcement, security and intelligence agencies in their work against serious crime and threats to national security, including terrorism. ITU-T Workshop on Security - Seoul (Korea), May 2002

12 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
INTERCEPTION Role Interception plays a crucial role in helping law enforcement agencies to combat criminal activity It is also necessary to protect the human rights, that is, disproportionate, or unfettered, use of interception can have consequences for the rights of individuals ITU-T Workshop on Security - Seoul (Korea), May 2002

13 Secure E-Commerce EXAMPLE
Security & Trust Internet intrinsic not possess an unique control world wide changing traditional “paper-based” transactions not offering an adequate protection,mechanisms ITU-T Workshop on Security - Seoul (Korea), May 2002

14 SECURE E-COMMERCE: Security & Trust
For Buyer & Merchant Trust Business & Legal Relationships Security IT Applications & Systems Correct Biz Legal trustworthy Technical Protections ITU-T Workshop on Security - Seoul (Korea), May 2002

15 STRUCTURING SOLUTIONS
Trust Third party Interactions Security Fraud Controls IT Infrastructure International Legislation Insurance Technology & Management Policy ITU-T Workshop on Security - Seoul (Korea), May 2002

16 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
TECHNICAL SOLUTIONS Mechanisms - Verify the Actors’ Identity - Authorize Access to Resources - Protect Privacy - Keep Confident Sensitive Data Techniques - Firewall, SSL,VPN, IDS, - Authentication, Secure Applications (Web, DBMS, etc.), IPDR and Click Stream Analysis Security Policy ITU-T Workshop on Security - Seoul (Korea), May 2002

17 OPEN PROBLEMS of E-COMMERCE (credibility,efficiency,solvency)
Good’s Quality & Quantity After-sales assistance Privacy Safeguard Buyer’s Solvency Risk Related to the Purchase Business Risk Involved ITU-T Workshop on Security - Seoul (Korea), May 2002

18 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
TRUST SOLUTIONS International Legislation Customer Profile check Payment Methods assessment For Merchants to preserve the merchant public reputation and credibility to guarantee the payments to reduce the merchants’ economical losses due to fraudulent orders. Third Party Interactions Insurance ITU-T Workshop on Security - Seoul (Korea), May 2002

19 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
TRUST SOLUTIONS International Legislation Product Quality Product Delivery For Buyers - verification of process control - process based on information Third Party Interactions Insurance ITU-T Workshop on Security - Seoul (Korea), May 2002

20 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
RISK MANAGEMENT Secure E-commerce Security factors Trust factor Risk Management strategy Managing risks - Scan environments & identify risks Analyze risks & prioritized Define the solution ITU-T Workshop on Security - Seoul (Korea), May 2002

21 ITU-T Workshop on Security - Seoul (Korea), 13-14 May 2002
Conclusions Security Solutions Business loss Threats Investment costs Trust Solutions Thank you very much !!! ITU-T Workshop on Security - Seoul (Korea), May 2002

Download ppt "CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Building Confidence in E-government Services ITU-T Workshop on.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.

Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
An Introduction to Information Assurance COEN 150 Spring 2007.

An Introduction to Information Assurance COEN 150 Spring 2007.
Information Assurance and Security: Overview. Information Assurance “Measures that protect and defend information and information systems by ensuring.

Information Assurance and Security: Overview. Information Assurance “Measures that protect and defend information and information systems by ensuring.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus - 2007.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus
PART THREE E-commerce in Action Norton University E-commerce in Action.

PART THREE E-commerce in Action Norton University E-commerce in Action.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Similar presentations

Ads by Google