Presentation is loading. Please wait.

Presentation is loading. Please wait.

Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.

Published byAustin Daniel Modified over 10 years ago

Similar presentations

Presentation on theme: "Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002."— Presentation transcript:

1 Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002

2 Assumptions Ubiquitous networking within facility - universal access Connectivity to the Internet - MIT doesn’t run firewalls - how to set limits on access Curious students - want to see inside everything Uses –Research - both networking research and support for wide variety of other research- adaptability –Infrastructure of facility - utilities of building, computing services, others?? - stability, trustworthiness, privacy

3 Kinds of things we know how to do Network encryption at the link level, network (IP level), even transport (TCP, etc.) level Authentication (e.g. using key exchange or other mechanisms) Key or certification management (PGP, etc.) Firewalls: blocking traffic based on filtering at the transport layer

4 What to notice about these Tend to be rather static Tend to take offline setup with human intervention Not human friendly Elements that may provide similar high level functionality may do it very differently, without concern to substitute-ability

5 Is there a different way to think about these issues? YES! Layering: protocols designed to provide some model of connectivity among different “end- points” Modularity: separation of realization of functions, often used to design, implement, improve or replace independently Abstraction: hiding details of implementation behind a more formal definition of functionality and interface

6 Layering Solve parts of problem at different layers - allow them to complement each other Example: providing privacy –Link level encryption: allows for co-design with link level coding, might be more efficient –Network level: can assume link level encryption, but needs to build privacy across composed links –Transport level needs to guarantee privacy from network level end-point through operating system to transport end-point –Application level may need to allow for human friendly access, interpretation, management, etc.

7 Modularity Provides separation of units of functionality Allows for improvement. Upgrade, substitution of elements without impact on others Example: encryption algorithms. If found to have flaws or compromised, could be replaced without replacing whole layer implementation

8 Abstraction Defining model at some point that masks models from which it is created Allows for new bases of assumptions about behaviors. Example: in privacy example, allows for assumption by transport layer that network layer provides IP address to IP address privacy, rather than elements strung together

9 Conclusion Abstraction is what is really necessary – For human policy and decision-making, without necessarily intervention in low level details – For authentication, authorization, confidentiality, extensibility and stability

Download ppt "Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.

Virtual Private Networks COSC541 Project Jie Qin & Sihua Xu October 11, 2014.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.

1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.

October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
Chapter 12 Network Security.

Chapter 12 Network Security.
PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.

PROTOCOLS AND ARCHITECTURE Lesson 2 NETS2150/2850.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
Implementing a Distributed Firewall

Implementing a Distributed Firewall
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Introduction. Contents  Network Management Overview Sample Scenario where NM is Applied 5 Management Functions Importance to Business Processes  Network.

Introduction. Contents  Network Management Overview Sample Scenario where NM is Applied 5 Management Functions Importance to Business Processes  Network.
Abstraction and Control of Transport Networks (ACTN) BoF

Abstraction and Control of Transport Networks (ACTN) BoF
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Similar presentations

Ads by Google