emerging c-s threats
TRANSCRIPT
-
8/2/2019 Emerging C-S Threats
1/20
NETWORK SECURITY
AND FIREWALLS
-
8/2/2019 Emerging C-S Threats
2/20
EMERGING THREATS IN C-S ARCHITECTURE
Introduction :-
Software agent: mobile code (executable program )that
resembles virus threat. To prevent them firewalls are used
to filter incoming packets.
These threats can be categorized into following:
a.) threats to local computing environment from mobile
software.
b.) access control and threats to servers that include
impersonation, eavesdropping, denial of service, packet
replay, and packet modification.
-
8/2/2019 Emerging C-S Threats
3/20
Continue
Software agents & malicious code:o Client programs interpret data downloaded from internet and
in absence of checks on imported data as the downloadeddata passes through interpreter programs on clients machine
without his knowledge, can affect the system.
o Clients threats also arise from malicious code such as viruses,
worms, trojan horses,logic bombs etc.
o Malicious code is associated with both stand alone PCs and
networked systemso To prevent such threats the client must do scan for malicious
code and executable programs.
-
8/2/2019 Emerging C-S Threats
4/20
Continued
Threats to servers:
o These are more prone to attacks which exploits the bugs in
server software.
o
Vulnerable software running, usage of popluar programs,eavesdropping the conversation, spoofing the system etc.
enhances the attacking chances.
o DoS, eavesdropping,service overloading, message
overloading, packet replay are common threats.
o To prevent them access to accounts, protect from
unauthorized access must be done.
-
8/2/2019 Emerging C-S Threats
5/20
FIREWALLS AND NETWORK SECURITY
Its a barrier between corporate work and outside network
It can be computer or router that monitors the traffic
The device allows insiders to access services outside while
allowing restricted access to outsiders Its located at gateway and internal gateways
-
8/2/2019 Emerging C-S Threats
6/20
What it does
It provides several level of security:
o Screen packets and filter the network traffic
o allow/restrict access to certain applications
o Firewalls range from simple traffic logging systems that recordall network traffic to complex one such as screening of
packets
o Most secure are application gateways and provide proxy
services to userso In case of heavy traffic, hardened firewall machines are set
up.
-
8/2/2019 Emerging C-S Threats
7/20
IP Packet screening routers
Static traffic routing service placed between network service
providers router and internal network
Rules screens the IP packets
Firewall router filters incoming packets to permit or deny IPpackets based on rules.
Preventive Measures:
o Screening rules are difficult to specify
o Not easily flexibleo If it is circumvented, the rest of network is open to attack
-
8/2/2019 Emerging C-S Threats
8/20
Proxy application gateways
It is a special server that runs on a firewall machine.
Their primary use is access to applications such as www from
within a secure perimeter, so each request from client go
through proxy on firewall rather going directly to servers.
It allows organisation users to access application proxy and
disallow external hackers.
It accepts the request from inside and forward it to remote
server outside the firewall and returns to the client
Proxies do not include complex network code and can manage
network functions such as auditing,access to services etc.
Proxy act as intermediate having capability to mitigate attacks
-
8/2/2019 Emerging C-S Threats
9/20
Hardened firewall hosts
This type of firewalls requires inside/outside users to connect
to trusted applications on the firewall itself before connecting
further.
These are configured to protect against unauthorized
interactive logins.
It is created such that only that operate it can access it and it
provides auditing, logging and monitoring to check remote
access
Its advantage is concentration of security, information
hiding,centralized service management
-
8/2/2019 Emerging C-S Threats
10/20
Data and message security
Data and message security
Data security
Packet sniffing : monitorsnetwork by compromisinghost and installing sniffer
program
Message security
Threats to message securityare:
Confidentiality, integrity andauthentication
-
8/2/2019 Emerging C-S Threats
11/20
Encryption as basis for data and message
security
Encryption
Secret/symmetric crptography
Asymmetriccryptography
DES,RSA anddigital
certificates
-
8/2/2019 Emerging C-S Threats
12/20
Encryption/encipher
It means to convert plaintext into a scrambled
text which cannot be read by anyone.
-
8/2/2019 Emerging C-S Threats
13/20
Single-key/symmetric
It involves the encryption and decryption by using single key
that is shared between transmitter and reciever.
It suffers from problem of key distribution.
The generation, transmission and storage of keys is called key
management.
In business environment it is impossible that key management
is flawless. Therefore this method is impractical
-
8/2/2019 Emerging C-S Threats
14/20
Asymmetric/public key
It involves usage of 2 keys: private and public keys
Information encrypted with private key can only be
opened by public key and vice versa.
The private key is secret whereas public key is knownto everyone.
These keys are maintained in central repository so no
problem of key-distribution, the private key is mainconcern to management
-
8/2/2019 Emerging C-S Threats
15/20
DES
It is the implementation of secret-key cryptography
It operates on 64-bit of blockof message. And uses
56-bit key
Designed for hardware implementation
It deploys more than one stage of encryption
This can be cracked so its advanced version like des3,
desx are used
-
8/2/2019 Emerging C-S Threats
16/20
RSA algorithm
It is a public key cryptographic system required for
encryption and authentication
This is hard to crack, as long prime number
multiplication is used It is used in wide variety products, platforms and
industries e.g. www browsers,on ethernet networks,
secure telephones
-
8/2/2019 Emerging C-S Threats
17/20
Digital signatures
In business transcations , authnticatio refres to use of
digital signatures that verifies digital document.
It is neede for proliferation of e-commerce
The recipient, as well as third party verifies that thedocument did originate from the person hose
signature are attached and that document is not
altered since it signed.
-
8/2/2019 Emerging C-S Threats
18/20
Encrypted documents and email
Email users who desire confidentiality and
authentication uses encryption
Pretty good privacy and privacy enhanced mail are
commonly used methods
-
8/2/2019 Emerging C-S Threats
19/20
Privacy enhanced mail
It includes encryption, authentication and key
management and allows use of both single-
key/double-key cryptosystems.
It uses DES for encryption and RSA forauthentiaction.
-
8/2/2019 Emerging C-S Threats
20/20
Pretty good privacy
It is implementation of public key cryptography
based on RSA and encrypts email and is rapidly used
in ecomm applications.
Also uses hash algorithms, MD5,to form a digitalsignature.
Emailtyping
MD5
generatedigital
signature
Digitalsignatureencryptedwith RSA
using privatekey