Presentation is loading. Please wait.

Presentation is loading. Please wait.

The secure internet application for business education on the website The 85 th SIEC/ISBE International Conference 2013 in Berlin, Germany, August 5-9,

Published byDarcy Watson Modified over 9 years ago

Similar presentations

Presentation on theme: "The secure internet application for business education on the website The 85 th SIEC/ISBE International Conference 2013 in Berlin, Germany, August 5-9,"— Presentation transcript:

1 The secure internet application for business education on the website The 85 th SIEC/ISBE International Conference 2013 in Berlin, Germany, August 5-9, 2013 Sok Hwan Cho, Ph D.(KAIM, South Korea) Sok Pal Cho, Ph. D.(Sungkyul University, South Korea)

2 Index 1.Network ConceptNetwork Concept 1.1 Network Component 1.2 Network Interconnection 1.3 Internet 1.4 Paradigm Shifts of B.E 2.Threats in InternetsThreats in Internets 2.1 Vulnerabilities of terminals on the Internet 2.2 Network Vulnerabilities 2.3 Preventing from external attackers 3.Secure Internet ApplicationSecure Internet Application 3.1 Information Ambiguity (Ambiguousness) 3.2 Firewall or Demilitarized Zone 3.3 Secure Channels - 4. Conclusion

3 A network is the interconnection of a set of terminals capable of communication. In this definition, a device can be a host such as a large computer, desktop, laptop, workstation, cellular phone, or security system. A terminal in this definition can also be a connecting device such as a router a switch, a modem that changes the form of data, and so on. 1. Network

4 Five components on the website 1.1 Network components

5 An internet is two or more networks that can communicate with each other. It is composed of thousands of interconnected networks. 1.3 The Internet Understanding about terminals. The basic components of network>

6 1.4 Paradigm Shifts of education on the network Teacher oriented educationlearner oriented education Group education, Community education, Uniformed education Distributed education, Individual ordered education, Lifelong education Network Off-line education : physical classroom education, On-line education : website education; distance learning, e-m-u-/learning

7 2. Threats of Internet a kind of threats; – Unauthorized access. – Malicious software; Virus, Worm, Trojan Code – Software failure. – Denial of service. – Modification by unauthorized person. – Calamity. – Interception by unauthorized person. – Etc. Annoying learning activities

8 2.1 Vulnerabilities of Terminal on the Internet Hardware Interception (Theft) Interruption (Denial of Service) Modification Fabrication (Substitution) Software Interruption (Deletion) Fabrication Modification Interception data Interruption (Loss) Interception Modification Fabrication

9 2.3 Network Vulnerabilities1 TargetVulnerability Authentication failures -Impersonation -Eavesdropping -Spoofing -Session hijacking Programming flaws -Buffer overflow -Addressing errors -Parameter modification, time-of-check to time-of- use errors -Malicious active code: Java, Active -Malicious code: virus, worm, Trojan horse

10 If A1 send a message to B3(A1  B3), it may be routed hosts C or D. Host C may provide acceptable security, but not D. Figure Uncertain Message Routing in a Network Network B Network A Host C Host D Host B3 Host A1 2.3.2 Network Vulnerabilities(Uncertain Message)

11 In an impersonation(imitate), an attacker has several choices: Guess the identity and authentication details of the target. Pick up the identity and authentication details of the target from a previous communication or from wiretapping. Circumvent or disable the authentication mechanism at the target computer. Use a target that will not be authenticated. Use a target whose authentication data are known. 2.3.4 Network Vulnerabilities(Impersonation)

12 A malicious middleman intercepts the response key and can then eavesdrop on, or even decrypt, modify, and re-encrypt any subsequent communications between two terminals. 2.3.6 Network Vulnerabilities(Interception) User 1 Key Distributor Malicious Interceptor Figure Key Interception by a Man-in-the-Middle Attack User 2

13 Web Site Defacement(damage) – One of the most widely known attacks is the web site defacement attack. – Web sites are designed so that their code is downloaded, enabling an attacker to obtain the full hypertext document and all programs directed to user in the loading process. – The download process essentially gives the attacker the blueprints to the web site. 2.3.7 Network Vulnerabilities (Website vulnerabilities) Hypertext:

14 Echo-Chargen (connection flooding) – Chargen is a protocol that generates a stream of packets; – The attackers sets up a Chargen process on host A, and if host A sends a packet to destination host B, B reply to A with echo packet; – Namely host A produces a stream of packets continuously to host B and host B reply to A, then A and B puts in an endless loop. send a stream of packet echo packet Host A Set up “Chargen” Host B Endless loop 2.3.8 Network Vulnerabilities(Denial of Service)

15 2.3.10 Distributed Denial of Service(DDoS) To perpetrate a distributed denial-of-service(or DDoS) attack, an attacker does two things. ① The attacker plants a Trojan horse on a target machine. That Trojan horse does not cause any harm to the target machine. The Trojan horse file may be named for a popular editor or entered into the list of processes(daemons)activated at startup. ② The attacker repeats this process with many targets. Each of these target systems becomes what is know as a zombie. The target systems carry out their normal work, unaware of the resident zombie. Ref)Trojan horse 에 대한 유래 설명

16 Cryptosystem is a system for encryption and decryption. encryptiondecryption Original plaintext plaintextciphertext 3.1.2 Cryptosystem

17 3.2.1 Introduction of I&A ( Individual I&A) Individual I&A determines the individual learner or user interacting with a process. In example is logging on a computer as shown figure. I&A system Which of the learner that I know are you? Individual identification and authentication representation

18 3.2.2 I&A Procedure I&A service is requested by a using function, which has the responsibility of passing information to the I&A service to determine an identifier and authenticators. Using function I&A service Learner, User Request I&A service I&A result Request ID, authenticator Claimed ID, authenticator Generic interaction model of I&A service Permit

19 3.2.3 Type of I&A Three general strategies exist to satisfy I&A requirements: automated I&A, physical I&A and procedural I&A. - Physical and procedural I&A includes measures such as a human guard reviewing ID badges, or a sign-in procedure. - Automated I&A design encompasses computer-based measures such as user IDs and password.

20 Firewall or DMZ B.E Application Server B.E State Server B.E DB server B.E Web server Cache Memory Attacker 3.3 Protecting using a firewall or DMZ

21 A packet filter firewall intercepts all traffic coming and going from a port P and inspects its packets - Data from coming or going to mistrusted address are rejected. request Packet filter firewall External host Local host P Internet 3.3.1 Packet filter firewall

22 3.4 Secure Internet Application for business education Secure Channels; for sensitive communication across a public network, create encrypted secure channels to ensure that data remains confidential in transit. Demilitarized zone; separates the business functionality and information from the Web servers. -Protection Reverse Proxy; protects the server software at the level of the application protocol. Known partners; identify partner by Identification and Authentication.

23 Users (Learner, Teachers, etc.) I&A with E/D 1 st step: E/D: Encryption/Decryption 2 nd step: Firewall(Packet, Proxy, State full) 2 nd step: I&A: Identification & Authentication ISP: Information Service Provider E/D Learning Contents 3.4.1 Secure Internet 1

24 4. Conclusion ▣ Secure internet channel provides;  Protecting user from attackers on the cyber space  Better securing the e, m, u-learning systems that store, process, or transmit the information of learning contents  More learning opportunities  Improving interactions.  Improving higher quality  Enabling well-informed LMS(Learning Management System)

Download ppt "The secure internet application for business education on the website The 85 th SIEC/ISBE International Conference 2013 in Berlin, Germany, August 5-9,"

Similar presentations

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.

Introduction to Firewall Technologies. Objectives Upon completion of this course, you will be able to: Understand basic concepts of network security Master.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Similar presentations

Ads by Google