11MCC

Data SecurityData Security

22MCC

Topics to be coveredTopics to be covered Encryption Firewalls Virtual Private Network Authentication Digital Certification

Digital Certificate Certification Authorities Digital Signatures

Internet Virus Online Data Security Assistants

33MCC

EncryptionEncryption

The translation of data into a secret code. Encryption is the most effective way to achieve data security.

To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it.

Unencrypted data is called plain text; encrypted data is referred to as cipher text.

There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.

44MCC

FirewallFirewall

A combination of hardware and software that secures access to and from the LAN.

A firewall blocks unwanted access to the protected network while giving the protected network access to networks outside of the firewall.

An organization will typically install a firewall to give users access to the internet while protecting their internal information.

55MCC

Public/ExternalPublic/ExternalInternet UsersInternet Users

Intranet

ClientsClients

ServersServersERP

Legacy Legacy systemssystems

E-mail E-mail serversservers

Web servers

DatabasesDatabases

FirewallsFirewalls

5

Sample usage of FirewallSample usage of Firewall

66MCC

Virtually Private Network Virtually Private Network (VPN)(VPN)

VPN is a secure network on the Internet using the tunneling schemes

“tunnels” are secure data flows w/ cryptography and authorization algorithms

The major objective of a VPN is to use the Internet as an inexpensive WAN backbone

77MCC

VPNs (cont:)VPNs (cont:)

When two sites are connected across a VPN, each must have a VPN-capable router, firewall, or VPN access device installed

When VPN is used to link mobile clients with Internet dial-up connections, the laptops must be equipped with VPN client software equipped with the addresses and associated encryption keys for corporate host sites

88MCC

Tunneling Internet

Extranet

IntranetFirewall

Intranet

Firewall

Usage of the VPNsUsage of the VPNs

SuppliersVPN

Distributors VPN

Customers

VPN

99MCC

AuthenticationAuthentication

Determines a user's identity, as well as determining what a user is authorized to access.

The most common form of authentication is user name and password, although this also provides the lowest level of security.

VPNs use digital certificates and digital signatures to more accurately identify the user.

1010MCC

Digital CertificateDigital Certificate

Electronic counterparts to driver licenses, passports. Certificates are the framework for identification

information, and bind identities with public keys.They provide a foundation for

identification , authentication and non-repudiation.

Enable individuals and organizations to secure business and personal transactions across communication networks.

1111MCC

Certification AuthoritiesCertification Authorities

Trusted organization that issues certificates and maintains status information about certificates.

Certification Practice Statement

Certification Authority’sPrivate Key

X.509 v3Format

Certificate

CA’s DigitalSignature

Generate DigitalSignature

1212MCC

How Digital Certificates work? Generate Public and Private Keys. Get Certificate from the CA Sign the document/page using the private key. Send signed document over open networks along

with the CA’s certificate. Recipient verifies using the signing CA’s public key Trust Chain and Fingerprints

1313MCC

Types of CertificatesTypes of Certificates

Root or Authority certificates These are self signed by the CA that created them Institutional authority certificates Also called as “campus certificates” Client certificates These are also known as end-entity certificates, identity certificates,or personal certificates. Web server certificates used for secure communications to and from Web servers

1414MCC

Digital SignatureDigital Signature

An electronic signature that can be used to authenticate the identity of the sender of a message, or of the signer of a document.

It can also be used to ensure that the original content of the message or document that has been conveyed is unchanged.

1515MCC

Internet Virus IssueInternet Virus Issue

Computer virusComputer virus A virus is a type of program that can replicate

itself by making (possibly modified) copies of itself.

A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable disk

1616MCC

Internet Virus Issue (cont)Internet Virus Issue (cont) Macro virus

Macro viruses are a special case of viruses. Instead of infecting software program files directly, macro viruses infect Microsoft Office documents and templates.

Worm computer worms are malicious programs that copy

themselves from system to system, rather than sensitive legal files.

Trojan horse Trojans, another form of malware, are generally

agreed upon as doing something other than the user expected, with that “something” defined as malicious.

1717MCC

Internet Virus Issue (cont)Internet Virus Issue (cont) Hybrids

In fact, most dangerous software combines the features of several types. One of the first successful e-mail attacks, the Happy99 Virus, wasn't merely a virus.

Malware Taken as a group, these many types of software

are called "malicious software", because they modify your computer's files without asking and attempt to perform some kind of annoying or dangerous activity.

Spam "Spamming [the sending of unsolicited email] is the

scourge of electronic-mail and newsgroups on the Internet.

1818MCC

Virus EncyclopediaVirus Encyclopedia

1.File Viruses, DOS2.Boot Viruses3.

Multipartite (File and Boot) Viruses

4.Multi-Platform Viruses5.NewExe Viruses6.Macro Viruses 7.Virus Constructors8.Windows HLP Viruses9.Java Viruses

10.Trojan horses11.Script Viruses12.Internet Worms13.Virus Hoaxes and Non- Viruses14.Palm15.Malware16.Jokes17. Worms18. Spam

1919MCC

Top Ten Virus ListTop Ten Virus List

2020MCC

1. Install anti-virus software and keep the virus definitions up to date.

2. Don't automatically open attachments

3. Scan all incoming email attachments

4. Get immediate protection

5. Update your anti-virus software frequently.

6. Avoid downloading files you can't be sure are safe

7. Don't boot from a floppy disk

8. Don't share floppies

9. Scan floppies before using them

10. Use common sense

Golden Tips to prevent VirusGolden Tips to prevent Virus

2121MCC

Main Features of AntiVirusMain Features of AntiVirus

Provides complete e-mail Eliminates all types of viruses   Easy to use: install and forget Automatic virus definitions updates   Uses powerful virus scanning engines   Provides complete e-mail protection Creates detailed scan reports ..etc

2222MCC

Powerful Anti-VirusPowerful Anti-VirusVirus Encyclopedia

http://www.antivirus.com/vinfo/virusencyclo/ Virus pattern downloads http://www.antivirus.com/download/pattern.asp Subscribe to email alerts on Virus http://www.antivirus.com/vinfo/ Online virus scanner, Housecall                           

http://housecall.antivirus.com/ Real-time Virus Tracking

http://wtc.trendmicro.com/wtc/ Mcafee Security

http://www.mcafee.comNortan Antivirus

http://symantec.com

2323MCC

2424MCC

www.cert.orgwww.cert.org

2525MCC

www.mmcert.org.mm

2626MCC

Thanks You!

e-mail : unyeinoo@mcc.net.mm MCC-

IT@myanmar.com.mm Tel : 245758, 245762