bob travica 1 class 24 system security updated 2013
TRANSCRIPT
Bob Travica
1
Class 24Class 24
System SecuritySystem Security
Updated 2013
Bob Travica
Outline
• Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access, theft)
• Intrusion detection system• Firewall• Encryption • Digital certificate • Secure Sockets Layer/Transport Layer Security• Defenses against internal security threats
2
Bob Travica
Systems Vulnerability
• Digital data: Can be duplicated/changed without being
detected
• Network-related challenges:
– Connected to LANs, WANs (Internet)
– Anyone from inside/outside the organization can attempt
to infiltrate information systems
• Electronic data pros: Integration, universal access vs.
security con: Greater risk of unauthorized access, security
vulnerability of IS
3
Bob Travica
Security Threats - External
4
Data theftData theft
Defense: Encryption
False identity(spoofing/phishing)False identity(spoofing/phishing)
Malware(virus, worm)
Malware(virus, worm)
Power supply failure,
Natural disasterPower supply failure,
Natural disaster
Defense: Plan, facilities
Defense: Caution!
Defense: Anti-virus software,Firewall
SniffingSniffing
Defense: Intrusion detection system
Bob Travica
55
Defenses
For Malware, defense is Firewall.
Placed between internal LANs and external networks
Uses rules that dictate what comes in and what
goes out.
Can be built into operating system.
For data theft, defense is Intrusion Detection System.
Automatically detects suspicious network traffic
Bob Travica
• Encryption = Scrambling of messages to prevent authorized parties to read them.
• Encryption is a defense against sniffing communications channel.• Single key encryption – Sender and receiver use the same private key for
encryption and decryption• Double key encryption – Sender and Receiver use a combination of a
public and a private key:
– Digital Certificate - public key and a proof of its validity issued by a certificate authority (e.g., VeriSign); licensed annually.
6
Defenses: Encryption
Encrypt with Recipient’s Public Key
Decrypt with Recipient’s Private Key
Digital Certificate Digital Certificate
Digital Signaturecan beapplied
Certificate Authority
Bob Travica
Defenses on the Internet
– Communication between client and server on the Internet happen over Secure Socket Layer (SSL) (current name: Transport Layer Security)- Internet protocol for securing data transfer.
– Negotiations about security, encryption, public key transfers – all happens on SSL/TSL.
– Supported by operating systems and Web browsers and servers.
– Wireless networks are more difficult to protect. If you use a wireless LAN at home you are on the Internet as soon as you connect a computer to a router!
7
Bob Travica
88
Internal Security Threats & Defenses
Theft (stealing data hardware, software)
Unauthorized access to data (read, change, delete)
Human error (leaving data unprotected, poor & lost passwords, not locking data/hardware/software)
Defenses:Physical securingManaging access to data (system administrators)Training, supervision