Presentation is loading. Please wait.

Presentation is loading. Please wait.

Workshop 3 Tutor: William Yeoh

Published bySusanna Reeves Modified over 9 years ago

Similar presentations

Presentation on theme: "Workshop 3 Tutor: William Yeoh"— Presentation transcript:

1 Workshop 3 Tutor: William Yeoh gingsun.yeoh@UniSA.edu.au
School of Computer and Information Science Secure and High Integrity System (INFT 3002) Workshop 3 Tutor: William Yeoh

2 Task: Your group is a small newly formed IT Security Consultancy and recently have been employed on your first case Abraham is a health administrator (MD) but he has no modern technical understanding of IT security issues. Abraham has had no problems with IT Security until very recently when the Hospital’s network was subject to a series of attacks. In the period of 3 days, the Hospital’s website was defaced, a serious virus infected the Hospital’s and large quantities of data were corrupted Abraham wonders why this is happening and he questions whether there is a link to his company’s partnership with a large Health Insurance Company. He is also concerned to find out who might be attacking his network and why. He is very anxious to grow his business and knows that he needs quickly to implement some security measures so as to pass an external audit (he has had nothing more than some proprietary and outdated anti-virus software until now).

3 Organisation Structure

4 Today’s task 5. How can he protect his network? Currently it is a simple LAN, some databases, a mail server and a web server but he wants to add some E-Commerce functionality very soon. What will happen when his staff use wireless enabled PDA’s for the collection of patient data? 6. Why might hackers be attacking his network; why would they be interested in his company?

5 He wants to add some E-Commerce functionality, How?

6 Three Tier Architectures
LAN Backend Layer Mid-tier Layer Web Server Layer Applications server Load-balancing DNS Mainframe Mail server Web server Router ERP System DB server Internet Database

7 Three-Tier Client/Server
A three-tier architecture builds on the traditional two-tier approach. Three-tier architecture usually represents either of :- (1) first tier is the client, the second tier is the Web server, and the third tier consists of applications and their databases. (2) first tier is the web server layer, second tier is a mid-tier layer with servers, third tier is a backend layer with backend systems (see diagram) Important aspect is that there is another layer between the front-end (request source) and a service layer (eg with applications or databases)

8 Technologies Suggestion and Justification for e-commerce functionality
Demilitarized Zone (DMZ) - partitioning the internal network from the Internet. - prevents outside users from getting direct access to sensitive data such as database and legacy information Router - as traffic cop adjudicating and managing inbound and outbound traffic flow Hardware based Firewall - more hacker proof

9 Technologies Suggestion and Justification for e-commerce functionality
Intrusion Detection System (IDS) - IDS evaluates a suspected intrusion and signals an alarm Load Balancer - load balancing switches can distribute the load equally among the servers. -the failure of any one machine does not cause a problem -easy to add capacity in an incremental way Web server - how well it works with the operating system and other servers, -its ability to handle server-side programming, security characteristics

10 Technologies Suggestion and Justification for e-commerce functionality
Application server - J2EE AS, J2EE platform that enables full leverage Java Servlets, JSPs, EJBs and JMS Anti-virus software - periodical update of virus definition to protect network and prevent Trojan infections Mainframe - very large processing capacity, used to serve distributed users and Web application servers in network Legacy systems - the temporary databases from the operations

11 What will happen when his staff use wireless enabled PDA’s for the collection of patient data?
Nichols and Lekkas (2002) defined four types: Wireless system with a fixed supporting infrastructure Wireless system communicating directly through satellites only Fully mobile wireless data networks Wireless system with no supporting infrastructure

12 Threats Looking more specifically at Wireless PDAs, the threats are:
Jamming Interception Physical vulnerabilities (such as handsets requiring low-power security measures)

13 Wired equivalent privacy (WEP)
In order for WLAN transmissions to be as secure as LAN transmission, WEP is part of the wireless standard and may be enabled for a WLAN. It is RSA data encryption travelling in a network as radio waves instead of via cable. It is implemented in the MAC (medium access control) layer of which is common to all nodes in a WLAN. The principal shortcoming of WEP is that the keys are static and must somehow be manually shared between the various nodes of the WLAN.

14 Virtual private network (VPN) tunnelling
VPN tunnelling is a security measure which may overlay all of this to provide a higher level of security. It works by creating a secure virtual “tunnel” on top of from the one party right through to their access point.

15 Q6. Why might hackers be attacking his network; why would they be interested in his company?
Reasons (& who) for hacking: To make profit- prof hackers, selling sensitive data to third parties For satisfaction – neutral hackers, to prove their capability For policy& price setting - Insurance companies, for decision support &profits

16 dissaticfaction – disgruntled employee, for revenge
Business competition – competitor, may employ hackers/spy, for decision making

17 Q &A Group Discussions

Download ppt "Workshop 3 Tutor: William Yeoh"

Similar presentations

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
FIREWALLS Chapter 11.

FIREWALLS Chapter 11.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Firewall Configuration Strategies

Firewall Configuration Strategies
8.

8.
Business Continuity and DR, A Practical Implementation Mich Talebzadeh, Consultant, Deutsche Bank

Business Continuity and DR, A Practical Implementation Mich Talebzadeh, Consultant, Deutsche Bank
Chapter 12 Network Security.

Chapter 12 Network Security.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
1 Pertemuan 13 Servers for E-Business Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >

1 Pertemuan 13 Servers for E-Business Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi: >
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.

NETWORKS Lauren Hickman Patrick McCamy Morgan Pace Noah Ryder.
The Architecture of Transaction Processing Systems

The Architecture of Transaction Processing Systems
NETWORK SECURITY.

NETWORK SECURITY.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.

Similar presentations

Ads by Google