Transcript Protection Mechanisms

Protection Mechanisms
ASHRAY PATEL
Roadmap
 Access Control
 Four access control processes
 Managing access control
 Firewalls
 Scanning and Analysis tools
 Cryptography and Encryption
Access Control
 Regulates the admission of users into trusted areas of the
organization
Logical access to information
 Physical access to organizations facilities

 Maintained by means of a collection of policies,
programs to carry out those policies, and technology to
enforce policy
 Access control involves four processes:
Identification
 Authentication
 Authorization
 Accountability

Identification
 A mechanism that provides information about an
unverified entity that wants to be granted access
 ID must be a unique value that can be traced to one
and only one person within the security domain
 Elements that make ID’s unique within security
domain
First and last name
 Picture
 Department codes
 Random numbers
 Or special characters

Authentication
 Process to validating a persons purported identity
 Ensures the entity requesting access is the entity it
claims to be
 Three types of authentication mechanisms:



Knowledge factors: Something the user knows
Ownership factors: Something the user has
Inherence factors: Something the user is or does
 Some places require strong authentication- usually
require 2 different types of authentication
mechanisms
Knowledge Factor Methods
 Username/Password is the most common in work




places and schools
Pass Phrase
Personal identification number
Challenge response
Weakness: is that any of these can often be stolen,
accidentally revealed, or forgotten by the user
Ownership Method Factors
 Photo Id
 Key Cards- swipe or scan to get authentication
 Wrist Bands
 Security Token
 Cell phone hardware token
 Cell Phone software token
 hardware/software tokens acts like an electronic key to access
something.
Inherence Method Factors
 Fingerprints
 Retina scans
 Iris scans
 Signatures
 Face/voice recognition
 Hand patterns
 Palm vein authentication
Authorization
 Process that determines if a user has been
specifically and explicitly authorized by the proper
authority to perform a function
 Authorization can be handled in 3 ways:
Authorization for each authenticated user : in which the system
performs an authentication process to verify each entity and then
grants access to resources to only that entity
 Authorization for members in a group: in which the system
matches authenticated entities to a list of group memberships and
then grants access to resources bases on group’s access rights
 Authorization across multiple systems: in which a central
authentication and authorization system verifies entity ID’s and
grants a set of credentials to the verifies entity

Accountability
 Ensures that all actions on a system can be
attributed to an authenticated identity
 Actions could be ones that the entity is authorized
for: such as modifying data,
 Or could include unauthorized attempts: such as
modifying data that is beyond access level
 Accountability is accomplished by implementing
system logs and database journals
Managing Access Control
 Access control policy: which specifies how access
rights are granted to entities and groups
 Policy must include:




Reviewing all access rights periodically
Granting access rights
Changing access rights when needed
Revoking access rights
Firewalls
 A network security system that controls the
incoming and outgoing network traffic
 Can filter based on: IP address, type of packet, port
request, and other elements presented in packet
 Examines for packets for compliance with or
violation of rules configured into firewalls database
Managing Firewalls
 Training
 Read manuals and get educated on the firewall
 Uniqueness
 Each brand of firewall is different, so you must learn what
differences the firewalls you are using have
 Responsibility
 Each and every person in security has a responsibility to keep
the firewall updated and safe from hackers
 Administration
 Must have administration hired to help with the firewalls
Scanning and Analysis Tools
 Used to find vulnerabilities is systems, holes in
security components, and other unsecured points
 Different types of scanners and tools:





Port Scanners
Vulnerability Scanners
Packet Sniffers
Content Filters
Trap and trace
Port Scanners
 Are a group of utility software applications that can
identify computers that are active on a network, as
well as the active ports and services on those
computers
 The functions and roles fulfilled by the machines
 Can scan for specific computers, protocols,
resources, or conduct generic scans
 The more specific the scanner is, the more detailed
and useful the information is provided
Vulnerability Scanners
 Variants of port scanners, are capable of scanning
networks for very detailed information
 It can identify exposed user names and groups, show
open network shares, and expose configuration
problems
 Can also show what firewalls and OS/version is
running
Packet Sniffers
 Is a network tool that collects and analyzes copies of
packets from the network
 Can provide a administrator with valuable
information to help diagnose and resolve networking
issues



Can examine both live network traffic and previously captured
data
Including language filtering
TCP session reconstruction utility
Content Filters
 Is a software program that allows administrators to
restrict content that comes into a network
 Such as: web sites with nonbusiness related material


Pornography websites
Entertainment websites
 Can also keep spam e-mails away
Trap and Trace
 Application that entice individuals who are illegally
perusing the internal areas of a network by providing
simulated rich content areas but distract the attacker
while the software notifies the administrator of the
intrusion
 Then the administrator determine the identity of
someone discovered in the unauthorized areas of the
network or systems
Cryptography and Encryption
 Is the set of processes involved in encoding and
decoding messages so that others cannot understand
them
 Encryption: is the process of converting an original
message into a form that cannot be used by
unauthorized individuals
 Messages are decoded by algorithms and keys used
to perform the encryption
References
 Management of Information Security- Whitman and
Mattord
 http://en.wikipedia.org/wiki/Authentication
 http://searchsecurity.techtarget.com/feature/Protec
tion-Mechanisms