Transcript Chapter 4: The Internet and Security

THE INTERNET AND SECURITY
Chapter 4
SIX MAJOR ROLES AND GOALS OF
IT
 1.
Increase employee productivity by reducing time,
errors and costs using
 2.
Enhance decision making
 3.
Improve team collaboration
 4.
Create business partnerships and alliances
 5.
Enable global reach all over the world taking into
consideration the culture of each nation or society.
 6.
Facilitate organizational transformation as the
organization evolves and responds to the ever-changing
marketplace.
2
KEY TERMS
______________________
Transmission of all forms of communication including digital
data, voice, fax, sound, and video from one location to another
over some type of network
______________________
A group of computers and peripheral devices connected by
a communication channel capable of sharing information
and other resources among users
______________________
Is the carrying capacity of a telecommunications
network. (i.e. the size of the telecommunications channel
or pipeline)
4-3
SAMPLE OF INTERPERSONAL USE OF
TELECOMMUNICATIONS
Email with teeth
4-4
SAMPLE OF INTERPERSONAL USE OF
TELECOMMUNICATIONS
4-5
SAMPLE OF BUSINESS USE OF
TELECOMMUNICATIONS
4-6
SAMPLE OF BUSINESS USE OF
TELECOMMUNICATIONS
4-7
HISTORY OF THE INTERNET
NSFNET 1986(National Science Foundation Network)
• Connected to ARPANET and many others (BITNET, CSNET,
etc) to become a major component of the Internet
Internet Support
• Ongoing support comes from many universities, federal and
state governments, and national international research
institutions and industry
4-8
ARPANET 1960 (Advanced Research Project Agency Network)
HOW THE INTERNET WORKS – PACKET SWITCHING
Warriors
Packet Switching
• Allows millions of users to send large and small chucks of
data across the Internet concurrently
• Based on the concept of turn taking, packets from each user
are alternated in the shared network (below)
• Networks connected to the Internet use this concept
4-9
HOW THE INTERNET WORKS – TCP/IP &
ROUTERS
TCP/IP Approach
TCP – Transmission Control Protocol
IP – Internet Protocol
Routers
• Connect one network to another
• Identify each device on a network as unique using IP protocol
• Serve as the “Traffic Cop” directing packets to their destination
4-10
HOW THE INTERNET WORKS – CONNECTING NETWORKS
Example: Sending a message from Computer A to D
2 (Router)
Reads IP Address of
packet, routes message to
Network 2 and Computer
D
1 (Computer A)
3 (Computer D)
TCP - Breaks message
into data packets
IP - Adds address of
destination Computer D
TCP - Checks
for missing packets,
reassembles message,
discards duplicate
packets
4-11
HOW THE INTERNET WORKS – WEB
ADDRESSES & DOMAINS
IP Address
• Each domain is associated
with one or more IP addresses
• Format: a 32-bit address
written as 4 numbers (from 0255) separated by periods
Example: 1.160.10.240
Domain
• Identifies the Website (host)
• Comes in many suffixes such
as:
.edu
.org
.mil
.net
(educational institutions)
(organizations; non-profit)
(military)
(network organizations)
Example: microsoft.com
(URL) Uniform Resource Locator
• Identifies particular Web pages within a domain
Example: http://www.microsoft.com/security/default.mspx
4-12
HOW THE INTERNET WORKS – MANAGING
Internet Registry THE INTERNET
• Central repository of all Internet-related information
• Provides central allocation of all network system identifiers
• Managed by Internet Assigned Numbers Authority (IANA)
Domain Name System (DNS)
• Maintained by the Internet Registry
• Used to associates hosts or domains with IP addresses
• Root DNS database is replicated across the Internet
InterNic Registration Service
• Assigns Internet Domains and IP addresses
• Internet Corp. for Assigned Names and Number (ICANN) has
responsibility for managing IP addresses, domain names, and
root server system management
4-13
HOW THE INTERNET WORKS – CONNECTING
TO THE INTERNET
Modem (stands for Modulate/Demodulate)
Internet Service Provider (ISP)
Network Access Points (NAPs)
Internet Backbone
4-14
NETWORK CONNECTION TYPES
POTS (Plain Old Telephone Service)
ISDN (Integrated Services Digital Network)
DSL (Digital Subscriber Line)
Cable Modem
IoS (Internet over Satellite)
Wireless
• Fixed wireless
• Mobile wireless
4-15
NETWORK CONNECTION TYPES
T1/T3 (Trunk Level 1 or 3)
ATM (Asynchronous Transfer Mode)
SONET (Synchronous Optical Network)
4-16
CURRENT STATE OF THE INTERNET
4-17
WORLD WIDE WEB
4-18
HTTP (Hypertext Transfer Protocol)
• A _____________ used to process user
requests for displaying Web pages from a
Web server
Web Servers
• A special computer that is specifically
designed to store and “_____________”
Web pages
• This machine contains special
_____________ and _____________ to
perform its many specialized functions
INFORMATION SYSTEM SECURITY
Managerial Methods
Several techniques are commonly used to manage information
systems security:
• _____________ Assessment
• Controlling _____________
• Organizational Policies and Procedures
• Backups and _____________
4-19
_____________
Precautions taken to keep all aspects of information systems
safe from unauthorized access
INFORMATION SYSTEM SECURITY –
MANAGERIAL TECHNIQUES
Assessing Risk
Security Audit
• Risk Analysis
• Alternatives based on Risk Analysis:
• Risk Reduction
• Risk _____________
• Risk Transference –
Controlling Access
Keeping information safe by only allowing access to those that
require it to do their jobs
• _____________ –
• Access Control –
4-20
INFORMATION SYSTEM SECURITY –
MANAGERIAL TECHNIQUES
_____________ Policies and Procedures
• Acceptable Use Policies – formally document how systems
should be used, for what, and penalties for non-compliance
_____________ and _____________ Recovery
• Backups – taking periodic snapshots of critical systems data and
storing in a safe place or system (e.g. backup tape)
• Disaster Recovery Plans – spell out detailed procedures to be used
by the organization to restore access to critical business systems
(e.g. viruses or fire)
• Disaster Recovery – executing Disaster Recovery procedures
using backups to restore the system to the last backup if it was
totally lost
4-21
Identity theft
STATE OF IS SECURITY - SECURITY THREATS
Security Threats& TECHNOLOGIES
• _____________ Theft –
• _____________ _____________–
• Others: Spyware, Spam, Wireless Access, Viruses
Security Technologies
Companies and research organizations continue to develop and
refine technologies to prevent security breaches. Some Include:
• _____________
• _____________
• _____________ and Encryption
4-22
IS SECURITY: TECHNOLOGY
4-23
_____________
A system of software, hardware or both designed to detect
intrusion and prevent unauthorized access to or from a private
network
Firewall Techniques
• Packet Filter – examine each packet entering and leaving network
and accept/reject based on rules
• Application Level Control – Performs certain security measures
based on a specific application (e.g. file transfer)
• Circuit Level Control – detects certain types of connections or
circuits on either side of the firewall
• Proxy Server – acts as, or appears as, an alternative server that
hides the true network addresses
FIREWALL CAPABILITY
Firewall can



Focus for security _____________
Enforce security _____________
Log internet _____________
Limit _____________

keeps one section of intranet separate from another
Firewall can not




Protect
Protect
Protect
Protect
against
against
against
against
malicious _____________
connections that do not go through it
new _____________
_____________
24

SECURITY THREAT: SPYWARE, SPAM, AND
COOKIES
_____________
Any software that covertly gathers information about a user
through an Internet connection without the user’s knowledge
_____________
Electronic junk mail or junk newsgroup postings usually for
purpose of advertising some product and/or service
_____________
A message passed to a browser from a Web server. Used by
legitimate programs to store state and user information
4-25
Biometrics
SECURITY TECHNOLOGY: _____________
_____________
A sophisticated authentication technique used to restrict
access to systems, data and/or facilities
• Uses biological characteristics to identify individuals such
as fingerprints, retinal patterns in the eye, etc. that are not
easily counterfeited
4-26
SECURITY THREAT: ACCESS TO WIRELESS
Unauthorized Access to Wireless Networks
With the prevalence in use of wireless networks this threat is
increasing
• Problems - _____________ _____________ - an attacker
accesses the network, intercepts data from it, and can use network
services and/or send attack instructions without entering the
building
• Prevention - _____________ between network and user
devices
4-27
28
On 8 February, 1587 Elizabeth I of England
SECURITY TECHNOLOGY: VPN AND
_____________
_____________
The process of encoding messages before they enter the
network or airwaves, and then decoding at the receiving
end
• _____________ - known and used to scramble messages
(SSL)
• _____________ - not known and used by receiver to
descramble
• _____________– a third party that issues keys
4-29
HOW ENCRYPTION WORKS
4-30
VIRTUAL PRIVATE NETWORK

Virtual private network (VPN): a secure _____________
between two points across the Internet
_____________ : the process by which VPNs transfer information
by encapsulating traffic in IP packets over the Internet
31
SECURITY THREAT: VIRUSES
Viruses
Programs that can attack a computer and/or a network and delete
information, disable software, use up system resources, etc.
Prevention Steps:
AntiVirus software:
No Disk Sharing –
Delete Suspicious Email Messages –
Report Viruses –
4-32