Presentation is loading. Please wait.

Presentation is loading. Please wait.

CLIENT/SERVER COMPUTING ENVIRONMENT

Published byCarla Ferreyra Cáceres Modified over 6 years ago

Similar presentations

Presentation on theme: "CLIENT/SERVER COMPUTING ENVIRONMENT"— Presentation transcript:

1 CLIENT/SERVER COMPUTING ENVIRONMENT
SECURITY ISSUES IN CLIENT/SERVER COMPUTING ENVIRONMENT FengChen Aug.31,2000

2 Reliability and security is a concern for any computer system
Reliability and security is a concern for any computer system. These issues require special attention when considering a change from mainframe to client/server technologies. Since mainframes are very secure because they are generally placed in 'glass rooms' with hardened infrastructure and controlled access, while client/server systems are distributed and therefore more difficult to secure.

3 Confidentiality Integrity Availability
Basic Components of Security Management Confidentiality Integrity Availability

4 Software-Threats--Trojan Horse Data-Driven Attacks Denial of Service
Possible Threats & Types of Attacks Impersonation Sniffing Software-Threats--Trojan Horse Data-Driven Attacks Denial of Service

5 Physical Security Software security Security Solutions locks and keys
security guards Software security Authentication Encryption Kerberos Others

6 Password Retinal Image Username & Password Finger Print Security Token
Authentication Be performed to ensure a user or program has specific access to resource or data Network Authentication BASIC Password Retinal Image Finger Print Algorithm in “Smart” Card Physical Location (IP Address) Username & Password Security Token

7 Shared Key Encryption:
One key both encrypts and decrypts Public/Private Key Encryption Public/Private Key Encryption Signature: One key encrypts, another different but related key for decrypts A combination of these two methods allows for mutual authentication.

8 Kerberos Kerberos is an authentication and session encryption system. How it Works? A separate ticket granting server gives a ticket to a user or application. This ticket can then be used for any number of resources on the network . If a client wants to talk to a server, both the client and the server will talk to the authentication server to establish that the client is authorized.

9 The security is only as strong as its weakest link
General Security Issues The security is only as strong as its weakest link A flawed security is worse than no security at all It is always better to use several security systems together than only one Security by obscurity doesn’t work

10 Client/Server THE FUTURE

11 As computing becomes more ubiquitous and more pervasive, client/server computing will become the dominant implementation strategy. Convergence of standards will result in better applications integration and interoperability. Authentication and security issues will be resolved sooner rather than later: the enormous interest in exploiting the commercial potential of the Internet will propel this process.

Download ppt "CLIENT/SERVER COMPUTING ENVIRONMENT"

Similar presentations

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.

1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.
Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.

Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.

Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.
Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.

Chapter 3 Mohammad Fozlul Haque Bhuiyan Assistant Professor CITI Jahangirnagar University.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135

Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:

Similar presentations

Ads by Google