Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High.

Published byJoy Alison Lucas Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High."— Presentation transcript:

1 1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High

2 2 Outline Background Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork Security Internet standards and RFCs

3 3 Background Information Security requirements have changed in recent times Traditionally provided by physical and administrative mechanisms Many daily activities have been shifted from physical world to cyber space Use of computers Protect files and other stored information Use of networks and communications links Protect data during transmission The focus of many funding agencies in US DOD, NSF, DHS, etc. ONR: game theory for cyber security

4 4 Definitions Computer Security Generic name for the collection of tools designed to protect data and to thwart hackers Network Security Measures to protect data during their transmission Internet Security (our focus!) Measures to protect data during their transmission over a collection of interconnected networks

5 5 Security Trends

6 6 OSI Security Architecture ITU-T X.800 “Security Architecture for OSI”  A systematic way of defining and providing security requirements  Provides a useful, if abstract, overview of concepts we will study ITU-T: International Telecommunication Union Telecommunication Standardization Sector OSI: Open Systems Interconnection

7 7 3 Aspects of Info Security Security Attack  Any action that compromises the security of information. Security Mechanism  A mechanism that is designed to detect, prevent, or recover from a security attack. Security Service  A service that enhances the security of data processing systems and information transfers. Makes use of one or more security mechanisms.

8 8 Security Attacks Threat & attack  Often used equivalently There are a wide range of attacks  Two generic types of attacks Passive Active

9 9 Security Attack Classification

10 10 Security Attacks Interruption: This is an attack on availability Interception: This is an attack on confidentiality Modification: This is an attack on integrity Fabrication: This is an attack on authenticity

11 11 3 Primary Security Goals Integrity Confidentiality Availability

12 12

13 13 Security Services X.800  A service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers Confidentiality (privacy) Authentication (who created or sent the data) Integrity (has not been altered) Non-repudiation (the order is final) Access control (prevent misuse of resources) Availability (permanence, non-erasure)  Denial of Service Attacks  Virus that deletes files

14 14 Security Mechanism Features designed to detect, prevent, or recover from a security attack No single mechanism that will support all services required One particular element underlies many of the security mechanisms in use:  Cryptographic techniques  Hence we will focus on this topic first

15 15 Security Mechanisms (X.800) Specific security mechanisms:  Encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization Pervasive security mechanisms:  Trusted functionality, security labels, event detection, security audit trails, security recovery

16 16 Model for Network Security

17 17 Model for Network Security Using this model requires us to: 1. design a suitable algorithm for the security transformation 2. generate the secret information (keys) used by the algorithm 3. develop methods to distribute and share the secret information 4. specify a protocol enabling the principals to use the transformation and secret information for a security service

18 18 Model for Network Access Security

19 19 Model for Network Access Security Using this model requires us to implement: 1. Authentication  select appropriate gatekeeper functions to identify users 2. Authorization  implement security controls to ensure only authorized users access designated information or resources Trusted computer systems may be useful to help implement this model

20 20 Methods of Defense Encryption Software Controls  Access limitations in a data base or in operating system  Protect each user from other users Hardware Controls  Smartcard (ICC, used for digital signature and secure identification) Policies  Frequent changes of passwords Physical Controls

21 21 Internet standards and RFCs Three organizations in the Internet society  Internet Architecture Board (IAB) Defining overall Internet architecture Providing guidance to IETF  Internet Engineering Task Force (IETF) Actual development of protocols and standards  Internet Engineering Steering Group (IESG) Technical management of IETF activities and Internet standards process

22 22 Internet RFC Publication Standardization Process

23 23 Recommended Reading Pfleeger, C. Security in Computing. Prentice Hall, 1997. Mel, H.X. Baker, D. Cryptography Decrypted. Addison Wesley, 2001.

Download ppt "1 Network Security: Introduction Behzad Akbari Fall 2009 In the Name of the Most High."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Prof. Giovambattista Ianni - 2013.  10 ECTS (5 Theory + 5 Lab.)  Suggested material:  W. Stallings, Cryptography and Network Security  W. Stallings,

Prof. Giovambattista Ianni  10 ECTS (5 Theory + 5 Lab.)  Suggested material:  W. Stallings, Cryptography and Network Security  W. Stallings,
Cryptography and Network Security Chapter 1

Cryptography and Network Security Chapter 1
1 Network Security Ola Flygt Växjö University +46 470 70 86 49.

1 Network Security Ola Flygt Växjö University
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Blekinge Institute of Technology, Sweden

Blekinge Institute of Technology, Sweden
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
Computer and Information Security

Computer and Information Security
Computer and Information Security Jen-Chang Liu, 2004

Computer and Information Security Jen-Chang Liu, 2004
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,

Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown Editied by R. Newman.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html.

Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum

Similar presentations

Ads by Google