Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 6 Networked Application Security IT 202—Internet Applications Based on notes developed by Morgan Benton.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 6 Networked Application Security IT 202—Internet Applications Based on notes developed by Morgan Benton."— Presentation transcript:

1 Lecture 6 Networked Application Security IT 202—Internet Applications Based on notes developed by Morgan Benton

2 For Today What is security? What is being secured? What are the ways to do it? Physical Electronic Social

3 What is Security? Refers to our desire to restrict access to resources to only those people who are authorized to consume or handle them

4 Components of Any Security Architecture Includes: Authentication—the process of discovering that a person is who he/she says he/she is Authorization—the granting of privileges based on the identity of the person (which has been confirmed using Authentication above)

5 Components of Security Architectures (continued) Definition of what resources are being secured Establishing barriers to access for those resources, which may be: Physical—walls, guards, dogs, ID badges Electronic—encryption algorithms, passwords, firewalls, etc. Social—training in appropriate use of resources

6 Tradeoffs in Creating Security Architectures An important decision for application developers is choosing an appropriate level of security for the application Adding security mechanisms adds complexity, processing overhead, increased points of failure, and therefore increased costs to creating, operating, maintaining a system

7 The Cost of Security The goal is not to create the “perfect” system that will keep out any intruder, but mainly it’s to make the cost of accessing the resources higher than the value of the resources to those who might try to obtain them illegally Finding an appropriate balance between cost and security is the challenge you’ll face

8 The Goal for this Lecture To give you enough understanding of security architectures so that you can make your own decision about what levels of security are appropriate for systems that you will build

9 Question 1: What to secure? What resources do you possess? What is their value to you and to others? YouOthers Critical Important Unimportant

10 What to secure? For networked applications the primary resources you have are: Data Processing capacity Bandwidth What is the value to your operation of each of these resources?

11 Question 2: What could happen? It is important to have a good idea of what could happen to your resources so that you’ll know what to protect against. e.g you don’t wear kevlar at home (at least I hope!)

12 What could happen to your data? Stolen Corrupted Destroyed

13 What could happen to your processing capacity? ‘Evil’ processes such as viruses can take up processing capacity.

14 What could happen to your bandwidth? People can steal your bandwidth particularly with wireless networks.

15 How to implement your security Three main aspects: Physical Electronic Social

16 Physical Security Protection of: Servers Transmission systems Clients (as much as you can) Protection from Theft Break-ins Vandalism or destruction Natural Disasters

17 Electronic Security Data Encryption Authentication and Authorization of users Firewalls Protocol TCP/IP is the main protocol for networked applications. It by itself is not secure Run other secure protocols on top of TCP/IP such as SSL, TLS, and PCT.

18 Social Security People are the weakest link People have bad passwords Store passwords in poor locations Take data out of secure locations, i.e. home. Give out information to other people knowingly or unknowingly

19 Public Key Encryption E-mail is not secure PGP was developed in the early 90’s and since then many public key encryption technologies have been developed Here’s an example of the process…

Download ppt "Lecture 6 Networked Application Security IT 202—Internet Applications Based on notes developed by Morgan Benton."

Similar presentations

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
Information Security Policies and Standards

Information Security Policies and Standards
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.

October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.

Security Presented by : Qing Ma. Introduction Security overview security threats password security, encryption and network security as specific.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Similar presentations

Ads by Google