Transcript chapter ten
Business Data Communications,
Fourth Edition
Chapter 10: Network Security
Learning Objectives
• Describe the security duties of a network
administrator
• List the types of physical security used on
a computer network
• Describe a device that can be used for
physical security
• List three types of software security
• Describe two types of encryption
Chapter 10: Network Security
2
Learning Objectives
• List three encryption standards
• Describe digital signatures and digital
certificates
• Define the Secure Sockets Layer
• List the differences between a virus and a
worm
• Describe firewalls
Chapter 10: Network Security
3
Introduction
• Security is extremely important in today’s
network environment
• Hackers can be a serious problem for both
corporate and private computers
• Physical and software security are used
• Network administrator develops and
implements security systems
Chapter 10: Network Security
4
Physical Security
• Can use a locked room for computers
• Remote clients not as easily locked up
• Today’s open environment with PCs
everywhere presents a problem
• Handhelds and laptops connected to
corporate networks are of particular
concern
Chapter 10: Network Security
5
Physical Security
• Measures to Control Physical Access to
Networks
–
–
–
–
Fingerprint device
Video camera
Movement detection devices
Medium
• Wires are more secure than wireless
• Fiber optic most secure of wired systems
– Encryption used to encode data
– Dial-in access is a problem
Chapter 10: Network Security
6
Physical Security
• Data/Network Security Equipment
– Fingerprint/voiceprint devices to prevent
access
– Callback unit
• Blocks unauthorized network access
• Used with dial-up lines
• Computer calls user back at predetermined
number
• Will not work with mobile computer that uses
different phone number
Chapter 10: Network Security
7
Software Security
• IDs and Passwords
– Assigned to users, must be protected
– Need to use password that is not obvious
– Should be changed periodically
• Some systems force users to change them
– Network software monitors use and reports on
attempted unauthorized access
– Applications can require IDs as well
Chapter 10: Network Security
8
Software Security
• Encryption
– Scrambling data before transmission
– Uses encryption key
– Plaintext versus cipher text
Chapter 10: Network Security
9
Software Security
• Encryption
– Symmetric key encryption
•
•
•
•
•
•
One key used by both ends of transmission
Data Encryption Standard (DES) (56 bits)
Triple DES – more secure (112 bits)
Blowfish (32 to 448 bits)
International Data Encryption Algorithm (128 bit)
Clipper Chip
Chapter 10: Network Security
10
Chapter 10: Network Security
11
Software Security
• Encryption
– Public Key Encryption
• Two keys are used (public & private keys)
• RSA is most common form
• Pretty Good Privacy (shareware)
– Elliptic Curve Cryptography (ECC)
• Uses logarithm to create key
Chapter 10: Network Security
12
Digital Signatures
• Used for verification of files transmitted
over a network
• Impossible to counterfeit
• Digital Certification
– E-Signature – Actual handwritten signature
attached to a document
• Makes a document legal
Chapter 10: Network Security
13
Chapter 10: Network Security
14
Chapter 10: Network Security
15
Digital Signatures
• Digital Certification
– Digital Certificates – Verifies a persons
identity using multiple forms of identification
• Combined with digital signature
– Wireless networks use encryption, digital
signatures and digital certificates to secure
data
Chapter 10: Network Security
16
Chapter 10: Network Security
17
Secure Sockets Layer (SSL)
• Allows security of credit card numbers for
e-commerce
• URL starts with https://
• Software is on the server and client PC
(included with most browsers now)
• Many sites also encrypt information before
it is sent over the Internet
Chapter 10: Network Security
18
Chapter 10: Network Security
19
Security Issues
• Forms of Computer Attacks
– Virus
– Worm
• Internet Worm – 1988
– Antivirus software needed, with updates
– Denial of Service (DoS) attacks
Chapter 10: Network Security
20
Chapter 10: Network Security
21
Security Issues
• Firewalls
– Software program
– Determines if user/software can access a
system
– Used in corporate networks and home
computers
– Trojan Horse – hidden program that executes
by a trigger
Chapter 10: Network Security
22
Chapter 10: Network Security
23
Chapter 10: Network Security
24
Security Issues
• Firewalls
– Packet-level firewall
• Determines if packets should pass to the network
• IP Spoofing – intruder appears to be from a valid
address on the network
– Application-level firewall
• Prevents unauthorized access to applications
– Proxy Server
• Creates artificial addresses so to the outside, it
looks like only one server exists on the corporate
network, rather than several
Chapter 10: Network Security
25
Chapter 10: Network Security
26
Chapter 10: Network Security
27
Summary
• Network security is high priority issue
• Physical security is one level of defense
• Software security is used extensively
– Several types of encryption are used
• Digital signatures and digital certificates
are used to verify a user’s identity
Chapter 10: Network Security
28
Summary
• Viruses and worms are a threat
• Denial of service attacks have become a
problem
• Firewalls protect a network from outside
access
Chapter 10: Network Security
29
Chapter 10 Complete