Security

Presented by : Qing Ma

Introduction

• Security overview

• security threats

• password security, encryption and network security as specific

Security overview

• Why do we need security?

Security is basic requirement because global computing is inherently insecure.

• Also Information security

computer security protects the information you stored in the computer

Security overview

• What are you trying to protect?

You should analyze your system to know what you protecting and why you are protecting it. What value it has, and who has responsibility for your data and other assets.

Security threats

• A security threat can be as simple as interfering with your network normal operation or actively cracking you security and changing or taking control of network resources.

Security threats

The major types of threats are:• denial OS service(DoS)attack• buffer overflow• Trojan horses• intruders and physical security• intercepted transmissions• social engineering• lack of user support

Password security and encryption

What is encryption?

• Transform original information into altered information of random text

• intruder can not read password in the file, even if file security is breached

• original password not preserved in the memory , when login just do the compare

Password security and encryption

• Shadow password file:store encrypted password data in file, which has the most restrictive protection .

• Cryptographic keys:

private key--use both to encrypt and to decrypt information

public key system--use two keys with private one encrypt a message, with public one decrypt by the recipient

Password security and encryption

• Shell and file access

telnet--use the standard user list for the OS, no encryption or authentication

ftp--has basic authentication and access privilege protection

SSh(secure shell)--a protocol that lets you log in and execute commands on another machine over network

Password security and encryption

Secure socket layer(SSL)--developed by Netscape that sits above the TCP/IP layer but below the higher protocols(http,ftp,ldap)

provide standard way for authentication• secure files options

SCP--part of SSH, provide authentication and encryption

ftp over SSH--render insecure utility more protected

SSL ftp--prevent packet sniffing

Network security

• Why network security

network security is becoming more and more important as people spend more time connected. What makes it worse is that information can be leaked from the inside of your network to the internet.

Network security

Protocols

• protocol allow user to think at the high level of a communication.

• The software and hardware create a protocol stack, which is layered architecture for communication.

• Two protocol stack: OSI(open system interconnection) and TCP/IP(transmission control protocol and internet protocol

Network security

Network ISO/OSI model• application layer• presentation layer• session layer• transport layer• network layer• data link layer• physical layer

Network security

Trusted/untrusted system

• communication between trusted and untrusted networks must have rules associated with it.

• A trusted system is inside a security perimeter.

• Information outside the trusted network treated as single sensitivity level.

Network security

• A gateway controls traffic from inside and outside.

• The function of gateway is label and filter data.

Firewall a firewall is a system designed to prevent

unauthorized access to or from a private network.

firewall

• How does it work?

It is used to prevent unauthorized internet users form accessing private networks connected to the internet and intranet. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that don’t meet the specified security criteria.

firewall

• Fig1 firewall/proxy server

firewall

How does a proxy server work?

• Run at the application level of network protocol stack for each different type of services

• control internal users access the Internet and Internet users access the inside the world

• return response to request from inside the firewall

firewall

Defensive strategies

• firewall is perimeter defense system with “choke point”

• monitor and block access at choke points

• separate department and implement encryption throughout your organization

• firewall do not protect against leaks

firewall

• Fig2 firewall provide perimeter defenses with choke points, like medieval castles

firewall

Classifying firewalls

• screening router(packet filters)

• proxy server gateway

circuit-level gateway

application-level gateway

• stateful inspection techniques

firewall

• Fig 3 a screening router

firewall

• Fig4 a proxy server

firewall

Firewall policies

• block all traffic, then allow specific services on case-by-case basis

• network traffic and from outside networks such as the Internet must pass through the firewall. The traffic must be filtered to allow only authorized packets to pass

firewall

• Never use a firewall for genera-purpose file storage or to run programs, except for those required by the firewall

• do not allow any passwords or internal addresses to cross the firewall

• accept the fact that you might need to completely restore public systems from backup in the event of an attack