Presentation is loading. Please wait.

Presentation is loading. Please wait.

COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.

Similar presentations


Presentation on theme: "COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003."— Presentation transcript:

1 COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003

2 Introduction to Internet Security It is a challenge to assure security in information systems – networked, embedded, and plain computation systems. There are a variety of security policies in the world; they come in many flavors ( for example, authentication before access, integrity of information, and confidentiality of information)

3 Web connections. The browser,. The server,. The connection between the two. The user, via his browser, connects to a remote Web server and requests a document. The server returns the document, and the browser displays it.

4 From the user’s point of view. The remote server is owned and operated by the organization that it seems to be owned by.. The documents that the server returns are free from dangerous viruses and malicious intent.. The remote server will not record or distribute information that the user considers private, such as his Internet browsing habits.

5 From the Webmaster’s point of view. The user will not attempt to break into the Web server computer system or alter the contents of the Web site.. The user will not try to gain access to documents that she is not privy to.. The user will not try to crash the server, making it unavailable for others to use. If the user has identified herself, she is who she claims to be.

6 From both parties’ views. The network connection is free from third-party eavesdroppers listening in on the communications line.. The information sent between browser and server is delivered intact, free from tampering by third parties.

7 Document Confidentiality To protect private information from being disclosed to third parties. Cryptography enables confidential information to be transmitted from location to location across insecure networks

8 Cryptographic Systems 1. Plaintext - human-readable or in a format that anyone with the proper software can use. 2. Ciphertext - human-unreadable, encrypted message 3. Cyphtographic algorithm - mathematical operation used to convert plaintext into cipertext 4. Key - to encrypt and/or decrypt the message, only people who know the correct key can decrypt a piece of ciphertext. Algorithm Plaintext Ciphertext

9 CLIENT-SIDE SECURITY. These are security measures that protect the user’s privacy and the integrity of her computer.. Technological solutions include safeguards to protect users against computer viruses and other malicious software, as well as measures that limit the amount of personal information that browsers can transmit without the user’s consent.. Organizations can prevent employees’ Web browsing activities from compromising the secrecy of the company’s confidential information or the integrity of its local area network.

10 SSL. Secure Sockets Layer (SSL),. a flexible and general-purpose encryption system,. dramatically reduces the risk by emptying the browser-server data stream.. reliably identifying the party at the other end of the network link.

11 How SSL protects an online transaction

12 SERVER-SIDE SECURITY. To protect the Web server and the machine it runs on from break-ins, site vandalism, and denial–of- service attacks. denial–of-service attacks : attacks that make the Web site unavailable from normal use.. Technological solutions : firewall systems, operating system security measures.

13 Windows NT Web Servers. Windows NT Server - coordinate the activities of other machines, - provide remote access services, - run Windows name resolution, - host the Internet Information Server. Windows NT Workstation - most of the server functions disabled - Microsoft Internet Information Server can’t run on NT Workstation

14 Steps for securing a Window NT Web server 1. Apply all service patches. 2. Fix the file system permissions. 3. Fix the registry access permissions 4. Remove or disable all extraneous network services. 5. Add the minimum number of user accounts necessary to maintain the server. 6. Install the server software and adjust file and directory permissions to restrict unnecessary access. 7. Remove or disable unnecessary Web server features, CGI scripts, and extensions. 8. Monitor system and server log files.

15 UNIX Web Servers UNIX is a multi-user system : A single machine supports several or hundreds of users. Each has a unique home directory and environment. Each is protected against interference from the others by a system of access permissions. Files, programs, devices, and other system resources are all protected by access control.

16 UNIX Web Servers User and group access rights are the basis for UNIX system, including those that provide Internet services, runs with the permission of some user or another.

17 Steps for setting up a UNIX Web server secure 1. Apply vendor operating system patches. 2. Turn off unessential services. 3. Add the minimum number of user accounts 4. Get the file and directory permissions right. Ideally you should take these steps off-line before you physically plug the system into the network.

18 CONCLUSION. Internet security is the practice of protecting and preserving private resources and information on the Internet,. It is a challenging topic among executives and managers of computer corporations.. Together, network security and a well-implemented security policy can provide a highly secure solution.


Download ppt "COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003."

Similar presentations


Ads by Google