Bob Travica

1

Class 24Class 24

System SecuritySystem Security

Updated 2013

Bob Travica

Outline

• Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access, theft)

• Intrusion detection system• Firewall• Encryption • Digital certificate • Secure Sockets Layer/Transport Layer Security• Defenses against internal security threats

2

Bob Travica

Systems Vulnerability

• Digital data: Can be duplicated/changed without being

detected

• Network-related challenges:

– Connected to LANs, WANs (Internet)

– Anyone from inside/outside the organization can attempt

to infiltrate information systems

• Electronic data pros: Integration, universal access vs.

security con: Greater risk of unauthorized access, security

vulnerability of IS

3

Bob Travica

Security Threats - External

4

Data theftData theft

Defense: Encryption

False identity(spoofing/phishing)False identity(spoofing/phishing)

Malware(virus, worm)

Malware(virus, worm)

Power supply failure,

Natural disasterPower supply failure,

Natural disaster

Defense: Plan, facilities

Defense: Caution!

Defense: Anti-virus software,Firewall

SniffingSniffing

Defense: Intrusion detection system

Bob Travica

55

Defenses

For Malware, defense is Firewall.

Placed between internal LANs and external networks

Uses rules that dictate what comes in and what

goes out.

Can be built into operating system.

For data theft, defense is Intrusion Detection System.

Automatically detects suspicious network traffic

Bob Travica

• Encryption = Scrambling of messages to prevent authorized parties to read them.

• Encryption is a defense against sniffing communications channel.• Single key encryption – Sender and receiver use the same private key for

encryption and decryption• Double key encryption – Sender and Receiver use a combination of a

public and a private key:

– Digital Certificate - public key and a proof of its validity issued by a certificate authority (e.g., VeriSign); licensed annually.

6

Defenses: Encryption

Encrypt with Recipient’s Public Key

Decrypt with Recipient’s Private Key

Digital Certificate Digital Certificate

Digital Signaturecan beapplied

Certificate Authority

Bob Travica

Defenses on the Internet

– Communication between client and server on the Internet happen over Secure Socket Layer (SSL) (current name: Transport Layer Security)- Internet protocol for securing data transfer.

– Negotiations about security, encryption, public key transfers – all happens on SSL/TSL.

– Supported by operating systems and Web browsers and servers.

– Wireless networks are more difficult to protect. If you use a wireless LAN at home you are on the Internet as soon as you connect a computer to a router!

7

Bob Travica

88

Internal Security Threats & Defenses

Theft (stealing data hardware, software)

Unauthorized access to data (read, change, delete)

Human error (leaving data unprotected, poor & lost passwords, not locking data/hardware/software)

Defenses:Physical securingManaging access to data (system administrators)Training, supervision