Transcript Security

Security
Presented by : Qing Ma
Introduction
• Security overview
• security threats
• password security, encryption and
network security as specific
Security overview
• Why do we need security?
Security is basic requirement because
global computing is inherently
insecure.
• Also Information security
computer security protects the
information you stored in the computer
Security overview
• What are you trying to protect?
You should analyze your system to
know what you protecting and why
you are protecting it. What value it has,
and who has responsibility for your
data and other assets.
Security threats
• A security threat can be as simple as
interfering with your network normal
operation or actively cracking you
security and changing or taking control
of network resources.
Security threats
The major types of threats are:
• denial OS service(DoS)attack
• buffer overflow
• Trojan horses
• intruders and physical security
• intercepted transmissions
• social engineering
• lack of user support
Password security and encryption
What is encryption?
• Transform original information into
altered information of random text
• intruder can not read password in the
file, even if file security is breached
• original password not preserved in the
memory , when login just do the
compare
Password security and encryption
• Shadow password file:store encrypted
password data in file, which has the most
restrictive protection .
• Cryptographic keys:
private key--use both to encrypt and to
decrypt information
public key system--use two keys with
private one encrypt a message, with public
one decrypt by the recipient
Password security and encryption
• Shell and file access
telnet--use the standard user list for the
OS, no encryption or authentication
ftp--has basic authentication and access
privilege protection
SSh(secure shell)--a protocol that lets
you log in and execute commands on
another machine over network
Password security and encryption
Secure socket layer(SSL)--developed by Netscape
that sits above the TCP/IP layer but below the
higher protocols(http,ftp,ldap)
provide standard way for authentication
• secure files options
SCP--part of SSH, provide authentication
and encryption
ftp over SSH--render insecure utility more
protected
SSL ftp--prevent packet sniffing
Network security
• Why network security
network security is becoming more and
more important as people spend more
time connected. What makes it worse
is that information can be leaked from
the inside of your network to the
internet.
Network security
Protocols
• protocol allow user to think at the high level
of a communication.
• The software and hardware create a
protocol stack, which is layered architecture
for communication.
• Two protocol stack: OSI(open system
interconnection) and TCP/IP(transmission
control protocol and internet protocol
Network security
Network ISO/OSI model
• application layer
• presentation layer
• session layer
• transport layer
• network layer
• data link layer
• physical layer
Network security
Trusted/untrusted system
• communication between trusted and
untrusted networks must have rules
associated with it.
• A trusted system is inside a security
perimeter.
• Information outside the trusted network
treated as single sensitivity level.
Network security
• A gateway controls traffic from inside and
outside.
• The function of gateway is label and filter
data.
Firewall
a firewall is a system designed to prevent
unauthorized access to or from a private
network.
firewall
• How does it work?
It is used to prevent unauthorized internet
users form accessing private networks
connected to the internet and intranet. All
messages entering or leaving the intranet
pass through the firewall, which examines
each message and blocks those that don’t
meet the specified security criteria.
firewall
• Fig1 firewall/proxy server
firewall
How does a proxy server work?
• Run at the application level of network
protocol stack for each different type of
services
• control internal users access the Internet and
Internet users access the inside the world
• return response to request from inside the
firewall
firewall
Defensive strategies
• firewall is perimeter defense system with
“choke point”
• monitor and block access at choke points
• separate department and implement
encryption throughout your organization
• firewall do not protect against leaks
firewall
• Fig2 firewall provide perimeter defenses
with choke points, like medieval castles
firewall
Classifying firewalls
• screening router(packet filters)
• proxy server gateway
circuit-level gateway
application-level gateway
• stateful inspection techniques
firewall
• Fig 3 a screening router
firewall
• Fig4 a proxy server
firewall
Firewall policies
• block all traffic, then allow specific services
on case-by-case basis
• network traffic and from outside networks
such as the Internet must pass through the
firewall. The traffic must be filtered to
allow only authorized packets to pass
firewall
• Never use a firewall for genera-purpose file
storage or to run programs, except for those
required by the firewall
• do not allow any passwords or internal
addresses to cross the firewall
• accept the fact that you might need to
completely restore public systems from
backup in the event of an attack