the internet and security
DESCRIPTION
The Internet and Security. Chapter 4. Top ten things I do with a computer. 1. 2. 3. 4. 5. 6. 7 8 9 10 11. Key Terms. Telecommunications - PowerPoint PPT PresentationTRANSCRIPT
THE INTERNET AND SECURITY
Chapter 4
3
TOP TEN THINGS I DO WITH A COMPUTER 1.
2. 3. 4. 5. 6. 7 8 9 10 11
4-4
KEY TERMSTelecommunicationsTransmission of all forms of communication including digital data, voice, fax, sound, and video from one location to another over some type of network
NetworksA group of computers and peripheral devices connected by a communication channel capable of sharing information and other resources among users
BandwidthIs the carrying capacity of a telecommunications network. (i.e. the size of the telecommunications channel or pipeline)
4-5
SAMPLE OF INTERPERSONAL USE OF TELECOMMUNICATIONS
Email with teeth
4-6
SAMPLE OF INTERPERSONAL USE OF TELECOMMUNICATIONS
4-7
SAMPLE OF BUSINESS USE OF TELECOMMUNICATIONS
telecommute
4-8
SAMPLE OF BUSINESS USE OF TELECOMMUNICATIONS
4-9
HISTORY OF THE INTERNET
ARPANET 1960 (Advanced Research Project Agency Network)
NSFNET 1986(National Science Foundation Network)• Connected to ARPANET and many others (BITNET, CSNET,
etc) to become a major component of the Internet
Internet Support• Ongoing support comes from many universities, federal and
state governments, and national international research institutions and industry
4-10
HOW THE INTERNET WORKS – PACKET SWITCHINGPacket Switching
• Allows millions of users to send large and small chucks of data across the Internet concurrently
• Based on the concept of turn taking, packets from each user are alternated in the shared network (below)
• Networks connected to the Internet use this concept
Warriors
4-11
HOW THE INTERNET WORKS – TCP/IP & ROUTERS
TCP – Transmission Control Protocol
IP – Internet Protocol
Routers• Connect one network to another• Identify each device on a network as unique using IP protocol• Serve as the “Traffic Cop” directing packets to their destination
TCP/IP Approach
4-12
HOW THE INTERNET WORKS – CONNECTING NETWORKS
(Computer A) TCP - Breaks message into data packetsIP - Adds address of destination Computer D
Example: Sending a message from Computer A to D
(Computer D) TCP - Checks for missing packets, reassembles message,discards duplicatepackets
(Router) Reads IP Address of packet, routes message to Network 2 and Computer D
1 3
2
4-13
HOW THE INTERNET WORKS – WEB ADDRESSES & DOMAINS
Domain• Identifies the Website (host)• Comes in many suffixes such
as:.edu (educational
institutions).org (organizations; non-
profit).mil (military).net (network organizations)
Example: microsoft.com(URL) Uniform Resource Locator• Identifies particular Web pages within a domain
Example: http://www.microsoft.com/security/default.mspx
IP Address• Each domain is associated
with one or more IP addresses• Format: a 32-bit address
written as 4 numbers (from 0-255) separated by periods
Example: 1.160.10.240
4-15
HOW THE INTERNET WORKS – CONNECTING TO THE INTERNET
Modem (stands for Modulate/Demodulate)
Internet Service Provider (ISP)
Network Access Points (NAPs)
Internet Backbone
4-16
NETWORK CONNECTION TYPES
DSL (Digital Subscriber Line)
POTS (Plain Old Telephone Service)
ISDN (Integrated Services Digital Network)
Wireless• Fixed wireless• Mobile wireless
Cable Modem
IoS (Internet over Satellite)
4-17
WORLD WIDE WEBHTTP (Hypertext Transfer Protocol)• A protocol used to process user requests
for displaying Web pages from a Web server
Web Servers• A special computer that is specifically
designed to store and “serve up” Web pages
• This machine contains special hardware and software to perform its many specialized functions
4-18
INFORMATION SYSTEM SECURITY
IS SecurityPrecautions taken to keep all aspects of information systems safe from unauthorized access
Managerial MethodsSeveral techniques are commonly used to manage information systems security:
• Risk Assessment• Controlling Access• Organizational Policies and Procedures • Backups and Recovery
4-19
INFORMATION SYSTEM SECURITY – MANAGERIAL TECHNIQUES
Assessing RiskSecurity Audit
• Risk Analysis• Alternatives based on Risk Analysis:
• Risk Reduction• Risk Acceptance• Risk Transference –
Controlling AccessKeeping information safe by only allowing access to those that require it to do their jobs
• Authentication –• Access Control –
4-20
INFORMATION SYSTEM SECURITY – MANAGERIAL TECHNIQUES
Organizational Policies and Procedures• Acceptable Use Policies – formally document how systems should be used, for what, and penalties for non-compliance
Backups and Disaster Recovery• Backups – taking periodic snapshots of critical systems data and
storing in a safe place or system (e.g. backup tape)• Disaster Recovery Plans – spell out detailed procedures to be
used by the organization to restore access to critical business systems (e.g. viruses or fire)
• Disaster Recovery – executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost
4-21
STATE OF IS SECURITY - SECURITY THREATS & TECHNOLOGIES
Security TechnologiesCompanies and research organizations continue to develop and refine technologies to prevent security breaches. Some Include:• Firewalls• Biometrics• VPN and Encryption
Security Threats• Identity Theft – • Denial of Service – • Others: Spyware, Spam, Wireless Access, Viruses
Identity theft
4-22
IS SECURITY: TECHNOLOGY
Firewall Techniques• Packet Filter – examine each packet entering and leaving
network and accept/reject based on rules• Application Level Control – Performs certain security measures
based on a specific application (e.g. file transfer)• Circuit Level Control – detects certain types of connections or
circuits on either side of the firewall• Proxy Server – acts as, or appears as, an alternative server that
hides the true network addresses
FirewallsA system of software, hardware or both designed to detect intrusion and prevent unauthorized access to or from a private network
23
FIREWALL CAPABILITYFirewall can Focus for security decisions Enforce security policy Log internet activity Limit exposure
keeps one section of intranet separate from another
Firewall can not Protect against malicious insiders Protect against connections that do not go
through it Protect against new threats Protect against viruses
4-24
SECURITY THREAT: SPYWARE, SPAM, AND COOKIES
CookiesA message passed to a browser from a Web server. Used by legitimate programs to store state and user information
SpywareAny software that covertly gathers information about a user through an Internet connection without the user’s knowledge
SpamElectronic junk mail or junk newsgroup postings usually for purpose of advertising some product and/or service
4-25
SECURITY TECHNOLOGY: BIOMETRICS
Biometrics• A sophisticated authentication technique used to restrict
access to systems, data and/or facilities
• Uses biological characteristics to identify individuals such as fingerprints, retinal patterns in the eye, etc. that are not easily counterfeited
Biometrics
4-26
SECURITY THREAT: ACCESS TO WIRELESS
Unauthorized Access to Wireless NetworksWith the prevalence in use of wireless networks this threat is increasing• Problems - Drive-by hacking - an attacker accesses the network, intercepts data from it, and can use network services and/or send attack instructions without entering the building • Prevention - Encryption between network and user devices
27
On 8 February, 1587 Elizabeth I of England signed Mary's death warrant, and she was executed at Fotheringay Castle. The execution did not go well for Mary as the executioner was unable to sever her neck with one blow, and was forced to use a grinding motion on her to complete the task.
All because of weak encryption.
4-28
SECURITY TECHNOLOGY: VPN AND ENCRYPTION
Encryption•The process of encoding messages before they enter the network or airwaves, and then decoding at the receiving end
•Public Key - known and used to scramble messages (SSL)•Private Key - not known and used by receiver to descramble
•Certificate Authority – a third party that issues keys
4-29
HOW ENCRYPTION WORKS
30
VIRTUAL PRIVATE NETWORK
Virtual private network (VPN): a secure connection between two points across the Internet
Tunneling: the process by which VPNs transfer information by encapsulating traffic in IP packets over the Internet
4-31
SECURITY THREAT: VIRUSES
VirusesPrograms that can attack a computer and/or a network and delete information, disable software, use up system resources, etc.
Prevention Steps:
AntiVirus software:
No Disk Sharing –
Delete Suspicious Email Messages –
Report Viruses –