View
220
Download
0
Category
Preview:
Citation preview
7/29/2019 MELJUN CORTES Communication Security
1/16
Lesson 10 - 1
ADCS
CS219/1098/V3
Chapter 10
Advanced Topics (2)
Chapter Objectives:
Communications Security
To understand the weaknesses
of the Internet/WWW,
conventional encryption and
public key encryption, the
misconception people have of
public key encryption
To understand what a firewall is,the factors to take into
consideration when designing
firewalls, and the UNIX/Internet
security architecture and
password management
7/29/2019 MELJUN CORTES Communication Security
2/16
Lesson 10 - 2
ADCS
CS219/1098/V3
Chapter 10
Advanced Topics (2)
Chapter Objectives:
Project Management
To understand the importanceand function of a project
manager, the different project
team structures and the major
activities in project management
7/29/2019 MELJUN CORTES Communication Security
3/16
Lesson 10 - 3
ADCS
CS219/1098/V3
Communications Security
The Internet and WWWvulnerabilities
Proliferation and use of Internet
Internet & WWW
Need for Internet security
management
Internet worm
Breach in credit files
Illegal access
7/29/2019 MELJUN CORTES Communication Security
4/16
Lesson 10 - 4
ADCS
CS219/1098/V3
Two Techniques:
Conventional Encryption
1. Original message is known
as plaintext
2. Apply encryption and key to
get ciphertext
3. Transmission to the recipient
4. Decryption ciphertext with
key
Data Encryption
7/29/2019 MELJUN CORTES Communication Security
5/16
Lesson 10 - 5
ADCS
CS219/1098/V3
Security of conventional
encryption depends on certain
factors:
Resist brute force
Maintain secrecy of the key
7/29/2019 MELJUN CORTES Communication Security
6/16
Lesson 10 - 6
ADCS
CS219/1098/V3
Public Key Encryption
1. Generates encryption and
decryption keys
2.Public key is made available,
companion key is kept private
3.A encrypts plaintext using Bspublic key
4.B decrypts message with its
private key
7/29/2019 MELJUN CORTES Communication Security
7/16
Lesson 10 - 7
ADCS
CS219/1098/V3
Conventional Encryption
versus Public KeyEncryption
Public key encryption is NOTmore secured than conventional
encryption
Public key encryption is NOT a
general purpose technique
Key distribution in public key
system is as complicated
7/29/2019 MELJUN CORTES Communication Security
8/16
Lesson 10 - 8
ADCS
CS219/1098/V3
Fundamental Encryption
Principles
Incorporate redundancy inencrypted messages
Prevent intruders from playing
back old messages
7/29/2019 MELJUN CORTES Communication Security
9/16
Lesson 10 - 9
ADCS
CS219/1098/V3
Firewalls
A firewall is a mechanism toprotect one network from another
by preventing unauthorised users
from accessing computing
resources on a private network
Design considerations for
firewalls:
Trade off between security and
ease of use
Restating conditions for design
Prohibit activities that are not
expressly permitted
Permit activities that are not
expressly prohibited
7/29/2019 MELJUN CORTES Communication Security
10/16
7/29/2019 MELJUN CORTES Communication Security
11/16
Lesson 10 - 11
ADCS
CS219/1098/V3
Layer 7
Defines the entire security
program
Layer 6
The people in contact with the
network
7/29/2019 MELJUN CORTES Communication Security
12/16
Lesson 10 - 12
ADCS
CS219/1098/V3
Password Management
1 Try using the users name, initials,
account names and other relevant
personal information as passwords
2 Try using words from various
dictionaries, including names of
people and places
3 Try using permutations of the words
in step 2, including various
combinations of cases, reversing the
order and embedding numbers into
the word
4 Try foreign words that are commonly
used. This is especially relevant for
foreign users
5 Try word pairs
7/29/2019 MELJUN CORTES Communication Security
13/16
Lesson 10 - 13
ADCS
CS219/1098/V3
Approaches to Password
Management
Using password checker
Forcing periodic change of
passwords
Assign passwords
Use physical devices
Proactive checking
7/29/2019 MELJUN CORTES Communication Security
14/16
Lesson 10 - 14
ADCS
CS219/1098/V3
Project Management
The Project Manager
Qualities of ideal project
manager
Technical competency
Ability to lead
Effective planner
Ability to control
Sensitivity to the environment
7/29/2019 MELJUN CORTES Communication Security
15/16
Lesson 10 - 15
ADCS
CS219/1098/V3
Duties of the project manager
Work with the steering
committee
Communicate with the users
Planning and staff the project
Monitor & report project
progress
Adjust to changes
7/29/2019 MELJUN CORTES Communication Security
16/16
Lesson 10 - 16
ADCS
CS219/1098/V3
Project teams
Hierarchical team
Chief programmer team
Adaptive team
Project management activities
Estimating
Organising
Controlling
Recommended