MD703 Class 9 Agenda Computer Security SSL encryption and Internet security Network Security Chapter...

MD703 Class 9 Agenda

• Computer Security

• SSL encryption and Internet security

• Network Security

• Chapter 3 Review

• Chapter 8 Review

Computer Security Basics

• Identification/Authentication/Access• Audit logs and traces• Directory Services

– LDAP, AD– Groups and attributes

• Access Control– Function vs “row-level”– Roles: groups of people– ACL: groups of permissions

• Virus and Intrusion Detection– Castles and Roads

Computer Security Threats

• Viruses

• Spoofing/Phishing

• Zombies

• Relaying

• Spyware

• Snooping

• Ransom-ware

Encryption

• “Encrypt” vs “encode”

• Asymmetric keys

• Public / private keys

• Digital Certificates

• SSL / HTTPS

• Secured Transactions

PKI Process

PKI Service

PKIClient

Send Public key

Return encoded symmetric key

Send login req using sym key

Conduct work

Time’s up! Send new sym key info

Network Security Basics

• Single sign-on– Directory services– Trusted machines

• Firewalls– Routers as firewalls– True firewalls

• Multicast Routing• Virtual Private Network• DMZ

– 2-router model

Single Sign-on

SecurityServer

ApplicationServer

User/Client

5 1: Login to SS

2: Get token

3: login to AS

(pass token)

4: AS chk’s token

5: SS ok’s token

Router / Firewall

FirewallRouter

AcceptList

/Exclude

From: 12.3.4.68

To: 136.167.2.34

Type: Telnet

From: 136.167.2.34To: 12.3.4.68Type: Telnet

Routed Network Design

Router136.167.2

I-net router136.167

Client LAN Client LAN

Router136.167.10

Campus Backbone

Multicast

Router136.167.2

I-net router136.167

Campus Backbone

Subscribe? YNY

VPN / Remote Access

• Goals

• VPN Mechanism

• VPN Problems

• Proxy Server

VPN Model

Router136.167.2

VPN Server

Campus Backbone

Rmt PC

Subscribe? YNY

Encrypted link

DMZ Model

Internet router

(to/from DMZ only)

Internal Services External Services

Intranet router

(to/fromDMZ only)

Chapter 3: Review

• British Railways Case–Where is value add

• Commoditizing IT– Impact on strategy

• Working in/out/across

Chapter 8: Review

• Operations Issues: sustainable advantage

• Outsourcing

• Transaction Costing

• Information Security

Discussion Questions

• Which aspects of IT/IS are of strategic concern and which are not?

• What IT/IS factors weight a decision toward outsourcing? Is it commodity-status only?

MD703 Class 9 Agenda Computer Security SSL encryption and Internet security Network Security Chapter...

Documents

Quadrennial Homeland Security Review

CHAPTER 3 U.S.-CHINA SECURITY, POLITICS, AND ......(329) CHAPTER 3 U.S.-CHINA SECURITY, POLITICS, AND FOREIGN AFFAIRS SECTION 1: YEAR IN REVIEW: SECURITY, POLITICS, AND FOREIGN AFFAIRS

Cryptography and Network Security Chapter Chapter 22farajian/slides/network security/ns... · 2018. 10. 21. · Cryptography and Network Security Chapter Chapter 22 Fourth Edition

Government Security Review

Security Review After Action Review

SimpliSafe Home Security Review

Computer Security Review

Chapter 14 – Security Engineering Lecture 1 Chapter 14 Security Engineering1

Chapter 11 Security Protocols - · PDF fileChapter 11 Security Protocols Network Security Threats Security and Cryptography Network Security Protocols Cryptographic Algorithms . Chapter

Phantom Security Review v1Final

ADS Security Review

Texas National Security Review

Security Awareness: Applying Practical Security in Your World Chapter 3: Chapter 3: Organizational Security

CHAPTER II REVIEW OF RESEARCH AND LITERATUREshodhganga.inflibnet.ac.in/bitstream/10603/28842/7/07_chapter 2.pdf · Sudhindra bhat: security analysis ... CHAPTER – II REVIEW OF RESEARCH

CompTIA Security Review

CPI Security review

Security Review Overview

© 2003 ISACA Chapter 1 Information Security Governance 2003 CISM ™ Review Course

ADT Home Security Review

CHAPTER 2: Review of Literature - Shodhgangashodhganga.inflibnet.ac.in/bitstream/10603/53383/7/07_chapter 2.pdf · CHAPTER 2: Review of Literature The right to social security is