Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Policy

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security Policy"— Presentation transcript:

1 Network Security Policy
PRESENTATIONS IN NETWORK SECURITY Network Security Policy Saad Haj Bakry, PhD, CEng, FIEE Saad Haj Bakry, PhD, CEng, FIEE

2 Network Security Policy
Objectives / Contents Network Security Profile Policy Development Framework Policy Development Process Internet Security Sources Saad Haj Bakry, PhD, CEng, FIEE

3 Network Security Profile
Network Security Policy Network Security Profile T P O Technology Organization People Environment Sources of Challenges and Protection Measures Target of Protection Information Information Protection Technical Administrative Challenges Accidental Malicious Problems Solutions: Cost / Balance Saad Haj Bakry, PhD, CEng, FIEE

4 Network Security Policy The Intranet Level: “Security Policy”
Profile: Basic Levels The Internet Level: World Wide Users The Extranet Level: Partners / Suppliers / Customers The Intranet Level: “Security Policy” Intranet User Level Security Saad Haj Bakry, PhD, CEng, FIEE

5 Network Security Policy
Profile: Sublevels System Level: Organization Organization Service Level Service Application Level Application Transaction Level Security Saad Haj Bakry, PhD, CEng, FIEE

6 Profile: Security Problems
Network Security Policy Profile: Security Problems Problem Description Accessibility Who access: system / service. Availability System / service readiness. Reliability Identity / repudiation / legal information Integrity Alteration / loss of information (&SW) Confidentiality Disclosure of private information. Trust Disaster recovery. “Cost” “Challenges” versus “Protection” Saad Haj Bakry, PhD, CEng, FIEE

7 Profile: Challenges / Problems / Protection
Network Security Policy Profile: Challenges / Problems / Protection Issues Challenges Protection Security Technology Organization / People Environment Design Management Illegal Access Viruses Repudiation Cryptanalysis Theft Destruction Natural Professional Quality Systems Access Systems Anti-Virus Firewalls Traffic Control Cryptographic Systems Standby Systems Awareness / Rights / Practice Policy / Management Laws / Regulations: Cyber-Crime Rules Accessibility Availability Reliability Integrity Confidentiality Trust “Risk / Cost” Saad Haj Bakry, PhD, CEng, FIEE

8 Profile: Cryptography Systems
Network Security Policy Profile: Cryptography Systems Cryptography Security Symmetric Secrete Key / Public-Private Keys Confidentiality Management: Key Distribution / Key Agreement Hash Function: Message Testing Integrity Digital Signature: Authentication of Identity Reliability All the above Time-Stamping: Non-Repudiation (Proof of Transaction) Public Key Infrastructure: Digital Certificates Security Protocols: Applications Saad Haj Bakry, PhD, CEng, FIEE

9 Policy Development Framework
Network Security Policy Policy Development Framework Cooperative / Continuous Development Base Time Scale Priorities / Choice Risk / Cost Environment Security Profile Architecture: * Network / Services Architecture Organization Requirement Current State: * Structure / Function Tools Development Target State: * Case (*) Related Structure Saad Haj Bakry, PhD, CEng, FIEE

10 Policy Development Process
Network Security Policy Policy Development Process Prepare “Base” Establish “Case” Investigate “Development” Identify “Target State” Implementation Testing Re-Evaluate R Cooperative Development People Involved Environment Information Organization Using Computer Tools Evaluation Methods: Risk / Cost / Priorities / Choice Practical Work Saad Haj Bakry, PhD, CEng, FIEE

11 Process: Choosing from Alternative Options
Network Security Policy Process: Choosing from Alternative Options IDENTIFY CRITERIA / DECIDE ON WEIGHTS GET CHOICES / SET GRADES EVALUATE SCORES OTHER VIEWPOINTS L CHOICE Saad Haj Bakry, PhD, CEng, FIEE

12 Process: Risk (loss) v. Cost (security)
Network Security Policy Process: Risk (loss) v. Cost (security) Balance Risk Cost Saad Haj Bakry, PhD, CEng, FIEE

13 Process: Risk / Cost Examples
Network Security Policy Process: Risk / Cost Examples Issue Fact Virus Damage The damage of the “I Love Virus” (May 2000) was estimated to be “$ billion” with the majority of the damage done in the first few hours. (The virus destroyed files and sent itself to others through MS Outlook Address Book) Spending on Data Security Estimated by “IDC” (International Data Corporation). “$ 6.2 billion” (1999) / “$ 14.8 billion” (2003) Building a “Digital Certificate Infrastructure” Estimated by “Identrus” ( Consortium of Global Financial Companies) for financial organizations to provide trusted B-to-B e-Commerce. “$ 5 – 10 million” Saad Haj Bakry, PhD, CEng, FIEE

14 Important “Security” Webs (1/3)
Network Security Policy Important “Security” Webs (1/3) Subject Web RSA Algorithm PGP (Pretty Good Privacy): MIT P-K “Web of Trust” Web.mit.edu/network/pgp.html Time-stamping US Legislation in Information Security Certification Authorities Saad Haj Bakry, PhD, CEng, FIEE

15 Important “Security” Webs (2/3)
Network Security Policy Important “Security” Webs (2/3) Subject Web Netscape SSL: Secure Socket Layer developer.netscape.com/tech/ security/ss1/protocol.html PCI: Peripheral Component Interconnect cards infamily.htm SET: Secure Electronic Transaction Saad Haj Bakry, PhD, CEng, FIEE

16 Important “Security” Webs (3/3)
Network Security Policy Important “Security” Webs (3/3) Subject Web MS Authenticode msdn.microsoft.com/workshop/ security/authcode/signfaq.asp security/authcode/authwp.asp Firewalls Kerberos Magazines Saad Haj Bakry, PhD, CEng, FIEE

17 Network Security Policy
Remarks Security Profile: Basic Factors: Technology / Organization / People / Environment Levels: User / Intranet / Extranet / Internet Sublevels: Application / Service / System Challenges / Protection / Security Measures Development Framework / Process: Base: Organization / Network / Security Profile Case: Requirements / Tools / Current State Development: Risk / Cost / Priorities / Cost Target / Implementation / Testing / Cooperative Development Saad Haj Bakry, PhD, CEng, FIEE

18 Network Security Policy
References L.A. Worbel, Disaster Recovery Planning for Telecommunications, Artech House (US), 1990. Telecommunications Management: Network Security, The National Computing Centre Limited, UK, 1992. D.Minoli, Telecommunications Technology Handbook, Artech House(US), 1991. F. Botto, Dictionary of e-Business, Wiley (UK), 2000. H.M. Deitel, P.J. Deitel, K. Steinbuhler, e-Business and e-Commerce for Managers, Prentice-Hall (USA), 2001 S.H. Bakry, F.H. Bakry, “Identifying information network profiles for planning management”, International Journal of Network Management, Vol. 10, No. 6, Nov. / Dec. 2000, pp Saad Haj Bakry, PhD, CEng, FIEE

Download ppt "Network Security Policy"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.

E-Business Risks Chapter Seven. E-Business Models EDI Web pages The online environment Distributed e-business and intranets Supply chain linkage Collaborative.
ISO Information Security Management

ISO Information Security Management
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures

Risks, Controls and Security Measures
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Saad Haj Bakry, PhD, CEng, FIEE 1 Understanding Network Security: the ISO Principles Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.

Chapter 12 USING TECHNOLOGY TO ENHANCE BUSINESS PROCESSES.
Saad Haj Bakry, PhD, CEng, FIEE 1 Basic Security Issues Saad Haj Bakry, PhD, CEng, FIEE.

Saad Haj Bakry, PhD, CEng, FIEE 1 Basic Security Issues Saad Haj Bakry, PhD, CEng, FIEE.
Saad Haj Bakry, PhD, CEng, FIEE 1 The Problem of Choice Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.

Saad Haj Bakry, PhD, CEng, FIEE 1 The Problem of Choice Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK M ANAGEMENT.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Saad Haj Bakry, PhD, CEng, FIEE 1 Security Challenges and Protection Measures Saad Haj Bakry, PhD, CEng, FIEE P RESENTATIONS IN N ETWORK S ECURITY.

Similar presentations

Ads by Google