Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research.

Published byErnest Day Modified over 9 years ago

Similar presentations

Presentation on theme: "Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research."— Presentation transcript:

1 Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research

2 How secure are you? Security: The quality or state of being sure-to be free from danger Physical security –Protect physical items or areas from unauthorized access and misuse Digital security –Communications Protection of communication media, technology and content –Network Network components and connection and content –Information

3 Characteristics of (good) Information Availability –Access information without interference or obstruction Accuracy –Free from mistakes or errors Authenticity –Being genuine or original Confidentiality –Nor disclosed to unauthorized individuals or systems Integrity –Whole, complete and uncorrupted Utility –Having value for some purpose Possession –Having ownership or control

4 National Security Telecommunication and Information Systems Security Committee (NSTISSC) Three dimension model Each dimension had three values –Protect (Information)Availability, Integrity, Confidentiality –Use (Management)Policy, Education, Technology –In (Utilization)Storage, Processing, Transmission –Examples: Firewall technology,

5 Threats ( an object or other entity that represent a constant danger to an asset ) Acts of human error or failure –Accidents, user mistakes Compromises to intellectual property –Piracy, copyright infringement Deliberate acts of espionage or trespass –Unauthorized access or trespass Deliberate acts of information extortion –Blackmail or information disclosure Deliberate acts of sabotage or vandalism –Destruction of system or information

6 Threats (continued) Deliberate acts of thefts –Illegal confiscation of equipment or information Deliberate software attacks –Virus, worms, macros Forces of nature –Fire, flood, earthquake, lighting, tsunami Deviations in quality of service –ISP, Power supply, WAN, LAN Technical hardware failure or errors –Equipment failure Technical software failure or errors –Bugs, code problems Technological obsolescence –Outdated technologies

7 Software attacks –Malicious Code Virus –Macro virus –Boot virus Warms –Hoaxes –Trojan Horses(Backdoor) –Password crack Brute Force; try every possible combination Dictionary –Denial of service

8 continued –Spoofing: change packet headers –Spam –Mail bombing –Snuffers: monitor data traveling over a network

9 How to protect your data Data Back up –Off side hard drives, CDROM, tapes Electricity back up –Uninterrupted power supply User authentication –User name/password –Password generators –Biometrics

10 More –Cryptographer methods Substitution cipher –ABC to DEF (3 character substitution) Transposition cipher Exclusive OR cipher

11 In class exercise Key: IS Encrypted text: ZGJWZL Method: Substitution Cipher Original text?

12 Time to crack encrypted message 8 bits, 1/256, 0.000032 seconds 16 bits, 1/65536, 0.008192 seconds 24 bits, 1/16777216, 2097 seconds … 128 bits, 1/3.4 028E38, 5.25E21 years

13 Cryptography –Single key, Symmetric Encryption Same key Challenge: sending the key to the receiver –Public key infrastructure (PKI), Asymmetric Encryption Dual key encryption –Digital signature: to verify information transferred Authentication Sender’s private key to encrypt, if the sender’s public key can decrypt: verified

14 More Firewalls –Un-trusted network vs. trusted network –Packet filtering VPN –Turn Internet into a private network –Characteristics Encapsulation Encryption Authentication –Two modes Transport mode (client to server) Tunnel mode (server to server) –Secure Socket Layer –Secure HTTP ( an application of SSL)

Download ppt "Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research."

Similar presentations

Threats and Protection Mechanisms

Threats and Protection Mechanisms
Ethics, Privacy and Information Security

Ethics, Privacy and Information Security
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
The Need for Security Chapter 2.

The Need for Security Chapter 2.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.

Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice HallCopyright © 2009 Pearson Education, Inc. Slide 5-1 Online Security and Payment Systems.

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice HallCopyright © 2009 Pearson Education, Inc. Slide 5-1 Online Security and Payment Systems.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
IS Network and Telecommunications Risks

IS Network and Telecommunications Risks
Lecture 10 Security and Control.

Lecture 10 Security and Control.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Risks, Controls and Security Measures

Risks, Controls and Security Measures
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Computer and Network Security Risanuri Hidayat, Ir., M.Sc.

Computer and Network Security Risanuri Hidayat, Ir., M.Sc.

Similar presentations

Ads by Google