1
IT443 – Network Security AdministrationWeek 1 – Introduction
Instructor: Alfred J Bird, Ph.D., [email protected]
http://it443-s14-bird.wikispaces.umb.edu/
Door Key: 643478*
Office – McCormick 3rd floor 607 (617.287.3827)Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm
2
Basic Information
• Textbook:– Network Security: Private Communications in a Public World– by Charlie Kaufman, Radia Perlman and Mike Speciner– 2nd Edition, Prentice Hall, ISBN 0-13-046019-2
• Location and time of classes– Section 1
• Web Lab S-3-028• Monday and Wednesday 4:00pm to 5:15pm
– Section 2• IT Lab S-3-143• Tuesday and Thursday 5:30 to 6:45pm
3
Course Outline
• Network Basics• Cryptography Basics• Authentication• Public Key Infrastructure• IPsec• SSL/TLS• Firewall / Intrusion Detection• Email Security• Wireless security / Worm (backup)
4
Course Work
• 6~7 Lab Assignments (50%)– Team of 2 students– Lab Notebook (Individual)– Lab report (Individual)
• Written Projects (25%)• Final Exam (25%)
5
Potential Labs
• Understanding network packets• Encryption/decryption• Password cracking• Intrusion detection• System monitoring• Implementing certificate• Implementing VPN• Configuring a firewall• Wireless security / Worm (backup)
6
Policies
• Lab reports– Partial points will be given for incomplete work – Late submissions will be accepted for reduced
credit.
• Honor code• No makeup exam without prior permission• Accommodations
– Ross Center for Disability Service• Campus Center Room 211, 617.287.7430
7
Some Network Security Websites
• CERT @ Carnegie Mellon University– http://www.cert.org/
• Trend Micro Threat Tracker– http://apac.trendmicro.com/apac/
• CERT @ Dept of Homeland Security– http://www.us-cert.gov/
• Symantec Threat Explorer– http://us.norton.com/security_response/threatexplorer/index.jsp
8
Some Postulates about Network Security
• You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking!
• If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) (p41 in the text)
• Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide. (p245 in the text)
9
Introduction to Network Security
• Security threats– Malware: Virus, worm, spyware– Spam– Botnet– DDoS attacks– Phishing– Cross-site scripting (XSS)– Theft and/or Whistleblowers– …
10
Introduction to Network Security
• Security breaches in 2011– Sony's PlayStation Network (77M clients)– Epsilon (60M clients)– Fidelity National ($13M loss)– Sega's online gaming network (1.3M clients)– Citigroup (210K clients)– MA Executive Office of Labor and Workforce
Development (210K records)– SF Subway, Health Net, …
11
Contributing Factors• Lack of awareness of threats and risks of information
systems– Security measures are often not considered until an Enterprise
has been penetrated by malicious users
• Wide-open network policies– Many Internet sites allow wide-open Internet access
• Lack of security in TCP/IP protocol suite– Most TCP/IP protocols not built with security in mind
• Complexity of security management and administration• Software vulnerabilities
– Example: buffer overflow vulnerabilities
• Cracker skills keep improving
12
Security Objectives (CIA)
13
Security Objectives (CIA)
• Confidentiality — Prevent/detect/deter improper disclosure of information
• Integrity — Prevent/detect/deter improper modification of information
• Availability — Prevent/detect/deter improper denial of access to services provided by the system
14
OSI Security Architecture
• ITU-T X.800 “Security Architecture for OSI”
• Defines a systematic way of defining and providing security requirements
• It provides a useful, if abstract, overview of concepts we will study
15
Aspects of Security
• 3 aspects of security:– security attack
• Any action that compromises the security of information owned by an organization
– security mechanism• A process that is designed to detect, prevent, or
recover from a security attack
– security service• Counter security attacks: make use of one or more
security mechanisms to provide the service
16
Threat Model and Attack Model
• Threat model and attack model need to be clarified before any security mechanism is developed
• Threat model– Assumptions about potential attackers– Describes the attacker’s capabilities
• Attack model– Assumptions about the attacks– Describe how attacks are launched
17
Passive Attacks
18
Active Attacks
19
Security Mechanism (X.800)
• Specific security mechanisms:– encipherment, digital signatures, access controls,
data integrity, authentication exchange, traffic padding, routing control, notarization
• Pervasive security mechanisms:– trusted functionality, security labels, event
detection, security audit trails, security recovery
20
Security Service
• Enhance security of data processing systems and information transfers of an organization
• Intended to counter security attacks• Using one or more security mechanisms
• Often replicates functions normally associated with physical documents– For example, have signatures, dates; need protection
from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
21
Security Service• Authentication - assurance that communicating entity is the one
claimed
• Access Control - prevention of the unauthorized use of a resource
• Data Confidentiality –protection of data from unauthorized disclosure
• Data Integrity - assurance that data received is as sent by an authorized entity
• Non-Repudiation - protection against denial by one of the parties in a communication
• Availability – resource accessible/usable
22
For Next Time
• Prepare a 500 word essay on the topic:– In your view what is meant by the term “Network
Security”?– An essay is not a research paper but is a written work
expressing and defending your views! – What do you think about the topic and why!
• Be prepared to discuss the topic on Wednesday. We will be having a class discussion and you (each and every one) will be expected to participate!