IT443 – Network Security Administration Week 1 – Introduction
description
Transcript of IT443 – Network Security Administration Week 1 – Introduction
![Page 1: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/1.jpg)
1
IT443 – Network Security AdministrationWeek 1 – Introduction
Instructor: Alfred J Bird, Ph.D., [email protected]
http://it443-s14-bird.wikispaces.umb.edu/
Door Key: 643478*
Office – McCormick 3rd floor 607 (617.287.3827)Office Hours – Tuesday and Thursday, 4:00 pm to 5:15pm
![Page 2: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/2.jpg)
2
Basic Information• Textbook:
– Network Security: Private Communications in a Public World– by Charlie Kaufman, Radia Perlman and Mike Speciner– 2nd Edition, Prentice Hall, ISBN 0-13-046019-2
• Location and time of classes– Section 1
• Web Lab S-3-028• Monday and Wednesday 4:00pm to 5:15pm
– Section 2• IT Lab S-3-143• Tuesday and Thursday 5:30 to 6:45pm
![Page 3: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/3.jpg)
3
Course Outline• Network Basics• Cryptography Basics• Authentication• Public Key Infrastructure• IPsec• SSL/TLS• Firewall / Intrusion Detection• Email Security• Wireless security / Worm (backup)
![Page 4: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/4.jpg)
4
Course Work• 6~7 Lab Assignments (50%)
– Team of 2 students– Lab Notebook (Individual)– Lab report (Individual)
• Written Projects (25%)• Final Exam (25%)
![Page 5: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/5.jpg)
5
Potential Labs• Understanding network packets• Encryption/decryption• Password cracking• Intrusion detection• System monitoring• Implementing certificate• Implementing VPN• Configuring a firewall• Wireless security / Worm (backup)
![Page 6: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/6.jpg)
6
Policies• Lab reports
– Partial points will be given for incomplete work – Late submissions will be accepted for reduced
credit.• Honor code• No makeup exam without prior permission• Accommodations
– Ross Center for Disability Service• Campus Center Room 211, 617.287.7430
![Page 7: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/7.jpg)
7
Some Network Security Websites• CERT @ Carnegie Mellon University
– http://www.cert.org/
• Trend Micro Threat Tracker– http://apac.trendmicro.com/apac/
• CERT @ Dept of Homeland Security– http://www.us-cert.gov/
• Symantec Threat Explorer– http://us.norton.com/security_response/threatexplorer/index.jsp
![Page 8: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/8.jpg)
8
Some Postulates about Network Security
• You can never prove something perfect, all you can do is fail to prove that it has some faults! Keep looking!
• If a lot of smart people have failed to solve the problem, then it probably won’t be solved (soon!) (p41 in the text)
• Security people need to remember that most people regard security as a nuisance rather than as needed protection and left to their own devices they often carelessly give up the security that someone worked so hard to provide. (p245 in the text)
![Page 9: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/9.jpg)
9
Introduction to Network Security• Security threats
– Malware: Virus, worm, spyware– Spam– Botnet– DDoS attacks– Phishing– Cross-site scripting (XSS)– Theft and/or Whistleblowers– …
![Page 10: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/10.jpg)
10
Introduction to Network Security• Security breaches in 2011
– Sony's PlayStation Network (77M clients)– Epsilon (60M clients)– Fidelity National ($13M loss)– Sega's online gaming network (1.3M clients)– Citigroup (210K clients)– MA Executive Office of Labor and Workforce
Development (210K records)– SF Subway, Health Net, …
![Page 11: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/11.jpg)
11
Contributing Factors• Lack of awareness of threats and risks of information
systems– Security measures are often not considered until an Enterprise
has been penetrated by malicious users• Wide-open network policies
– Many Internet sites allow wide-open Internet access• Lack of security in TCP/IP protocol suite
– Most TCP/IP protocols not built with security in mind• Complexity of security management and administration• Software vulnerabilities
– Example: buffer overflow vulnerabilities• Cracker skills keep improving
![Page 12: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/12.jpg)
12
Security Objectives (CIA)
![Page 13: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/13.jpg)
13
Security Objectives (CIA)• Confidentiality — Prevent/detect/deter
improper disclosure of information
• Integrity — Prevent/detect/deter improper modification of information
• Availability — Prevent/detect/deter improper denial of access to services provided by the system
![Page 14: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/14.jpg)
14
OSI Security Architecture
• ITU-T X.800 “Security Architecture for OSI”
• Defines a systematic way of defining and providing security requirements
• It provides a useful, if abstract, overview of concepts we will study
![Page 15: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/15.jpg)
15
Aspects of Security• 3 aspects of security:
– security attack• Any action that compromises the security of
information owned by an organization– security mechanism
• A process that is designed to detect, prevent, or recover from a security attack
– security service• Counter security attacks: make use of one or more
security mechanisms to provide the service
![Page 16: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/16.jpg)
16
Threat Model and Attack Model• Threat model and attack model need to be
clarified before any security mechanism is developed
• Threat model– Assumptions about potential attackers– Describes the attacker’s capabilities
• Attack model– Assumptions about the attacks– Describe how attacks are launched
![Page 17: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/17.jpg)
17
Passive Attacks
![Page 18: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/18.jpg)
18
Active Attacks
![Page 19: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/19.jpg)
19
Security Mechanism (X.800)
• Specific security mechanisms:– encipherment, digital signatures, access controls,
data integrity, authentication exchange, traffic padding, routing control, notarization
• Pervasive security mechanisms:– trusted functionality, security labels, event
detection, security audit trails, security recovery
![Page 20: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/20.jpg)
20
Security Service• Enhance security of data processing systems
and information transfers of an organization• Intended to counter security attacks• Using one or more security mechanisms
• Often replicates functions normally associated with physical documents– For example, have signatures, dates; need protection
from disclosure, tampering, or destruction; be notarized or witnessed; be recorded or licensed
![Page 21: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/21.jpg)
21
Security Service• Authentication - assurance that communicating entity is the one
claimed
• Access Control - prevention of the unauthorized use of a resource
• Data Confidentiality –protection of data from unauthorized disclosure
• Data Integrity - assurance that data received is as sent by an authorized entity
• Non-Repudiation - protection against denial by one of the parties in a communication
• Availability – resource accessible/usable
![Page 22: IT443 – Network Security Administration Week 1 – Introduction](https://reader035.fdocuments.us/reader035/viewer/2022062305/56816662550346895dd9f065/html5/thumbnails/22.jpg)
22
For Next Time• Prepare a 500 word essay on the topic:
– In your view what is meant by the term “Network Security”?
– An essay is not a research paper but is a written work expressing and defending your views!
– What do you think about the topic and why!
• Be prepared to discuss the topic on Wednesday. We will be having a class discussion and you (each and every one) will be expected to participate!