Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT443 – Network Security Administration Week 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT

Published byMarsha Willa Heath Modified over 9 years ago

Similar presentations

Presentation on theme: "IT443 – Network Security Administration Week 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT"— Presentation transcript:

1 IT443 – Network Security Administration Week 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT abird@cs.umb.edu http://it443-s14-bird.wikispaces.umb.edu/ Door Key: 643478* Office – McCormick 3rd floor 607 (617.287.3827) Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm 1

2 Basic Information Textbook: –Network Security: Private Communications in a Public World –by Charlie Kaufman, Radia Perlman and Mike Speciner –2 nd Edition, Prentice Hall, ISBN 0-13-046019-2 Location and time of classes –Section 1 Web Lab S-3-028 Monday and Wednesday 4:00pm to 5:15pm –Section 2 IT Lab S-3-143 Tuesday and Thursday 5:30 to 6:45pm 2

3 Course Outline Network Basics Cryptography Basics Authentication Public Key Infrastructure IPsec SSL/TLS Firewall / Intrusion Detection Email Security Wireless security / Worm (backup) 3

4 Course Work 6~7 Lab Assignments (50%) –Team of 2 students –Lab Notebook (Individual) –Lab report (Individual) Written Projects (25%) Final Exam (25%) 4

5 Potential Labs Understanding network packets Encryption/decryption Password cracking Intrusion detection System monitoring Implementing certificate Implementing VPN Configuring a firewall Wireless security / Worm (backup) 5

6 Policies Lab reports –Partial points will be given for incomplete work –Late submissions will be accepted for reduced credit. Honor code No makeup exam without prior permission Accommodations –Ross Center for Disability Service Campus Center Room 211, 617.287.7430 6

7 Some Network Security Websites CERT @ Carnegie Mellon University –http://www.cert.org/http://www.cert.org/ Trend Micro Threat Tracker –http://apac.trendmicro.com/apac/http://apac.trendmicro.com/apac/ CERT @ Dept of Homeland Security –http://www.us-cert.gov/http://www.us-cert.gov/ Symantec Threat Explorer –http://us.norton.com/security_response/threatexplorer/index.jsphttp://us.norton.com/security_response/threatexplorer/index.jsp 7

8 Some Postulates about Network Security You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking! If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) (p41 in the text) Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide. (p245 in the text) 8

9 Introduction to Network Security Security threats –Malware: Virus, worm, spyware –Spam –Botnet –DDoS attacks –Phishing –Cross-site scripting (XSS) –Theft and/or Whistleblowers –… 9

10 Introduction to Network Security Security breaches in 2011 –Sony's PlayStation Network (77M clients) –Epsilon (60M clients) –Fidelity National ($13M loss) –Sega's online gaming network (1.3M clients) –Citigroup (210K clients) –MA Executive Office of Labor and Workforce Development (210K records) –SF Subway, Health Net, … 10

11 Contributing Factors Lack of awareness of threats and risks of information systems –Security measures are often not considered until an Enterprise has been penetrated by malicious users Wide-open network policies –Many Internet sites allow wide-open Internet access Lack of security in TCP/IP protocol suite –Most TCP/IP protocols not built with security in mind Complexity of security management and administration Software vulnerabilities –Example: buffer overflow vulnerabilities Cracker skills keep improving 11

12 Security Objectives (CIA) 12

13 Security Objectives (CIA) Confidentiality — Prevent/detect/deter improper disclosure of information Integrity — Prevent/detect/deter improper modification of information Availability — Prevent/detect/deter improper denial of access to services provided by the system 13

14 OSI Security Architecture ITU-T X.800 “Security Architecture for OSI” Defines a systematic way of defining and providing security requirements It provides a useful, if abstract, overview of concepts we will study 14

15 Aspects of Security 3 aspects of security: –security attack Any action that compromises the security of information owned by an organization –security mechanism A process that is designed to detect, prevent, or recover from a security attack –security service Counter security attacks: make use of one or more security mechanisms to provide the service 15

16 Threat Model and Attack Model Threat model and attack model need to be clarified before any security mechanism is developed Threat model –Assumptions about potential attackers –Describes the attacker’s capabilities Attack model –Assumptions about the attacks –Describe how attacks are launched 16

17 Passive Attacks 17

18 Active Attacks 18

19 Security Mechanism (X.800) Specific security mechanisms: –encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Pervasive security mechanisms: –trusted functionality, security labels, event detection, security audit trails, security recovery 19

20 Security Service Enhance security of data processing systems and information transfers of an organization Intended to counter security attacks Using one or more security mechanisms Often replicates functions normally associated with physical documents –For example, have signatures, dates; need protection from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed 20

21 Security Service Authentication - assurance that communicating entity is the one claimed Access Control - prevention of the unauthorized use of a resource Data Confidentiality –protection of data from unauthorized disclosure Data Integrity - assurance that data received is as sent by an authorized entity Non-Repudiation - protection against denial by one of the parties in a communication Availability – resource accessible/usable 21

22 For Next Time Prepare a 500 word essay on the topic: –In your view what is meant by the term “Network Security”? –An essay is not a research paper but is a written work expressing and defending your views! –What do you think about the topic and why! Be prepared to discuss the topic on Wednesday. We will be having a class discussion and you (each and every one) will be expected to participate! 22

Download ppt "IT443 – Network Security Administration Week 1 – Introduction Instructor: Alfred J Bird, Ph.D., NBCT"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.

ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Prof. Giovambattista Ianni - 2013.  10 ECTS (5 Theory + 5 Lab.)  Suggested material:  W. Stallings, Cryptography and Network Security  W. Stallings,

Prof. Giovambattista Ianni  10 ECTS (5 Theory + 5 Lab.)  Suggested material:  W. Stallings, Cryptography and Network Security  W. Stallings,
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Computer and Information Security

Computer and Information Security
Computer and Information Security Jen-Chang Liu, 2004

Computer and Information Security Jen-Chang Liu, 2004
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html.

Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum
“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)

“Network Security” Introduction. My Introduction Obaid Ullah Owais Khan Obaid Ullah Owais Khan B.E (I.T) – Hamdard University(2003), Karachi B.E (I.T)
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Pertemuan 02 Aspek dasar keamanan Jaringan dan ketentuan baku OSI

Pertemuan 02 Aspek dasar keamanan Jaringan dan ketentuan baku OSI
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google