Upload
randolf-weaver
View
212
Download
0
Embed Size (px)
Citation preview
MD703 Class 9 Agenda
• Computer Security
• SSL encryption and Internet security
• Network Security
• Chapter 3 Review
• Chapter 8 Review
Computer Security Basics
• Identification/Authentication/Access• Audit logs and traces• Directory Services
– LDAP, AD– Groups and attributes
• Access Control– Function vs “row-level”– Roles: groups of people– ACL: groups of permissions
• Virus and Intrusion Detection– Castles and Roads
Computer Security Threats
• Viruses
• Spoofing/Phishing
• Zombies
• Relaying
• Spyware
• Snooping
• Ransom-ware
Encryption
• “Encrypt” vs “encode”
• Asymmetric keys
• Public / private keys
• Digital Certificates
• SSL / HTTPS
• Secured Transactions
PKI Process
PKI Service
PKIClient
Send Public key
Return encoded symmetric key
Send login req using sym key
Conduct work
Time’s up! Send new sym key info
Network Security Basics
• Single sign-on– Directory services– Trusted machines
• Firewalls– Routers as firewalls– True firewalls
• Multicast Routing• Virtual Private Network• DMZ
– 2-router model
Single Sign-on
SecurityServer
ApplicationServer
User/Client
12 3
4
5 1: Login to SS
2: Get token
3: login to AS
(pass token)
4: AS chk’s token
5: SS ok’s token
Router / Firewall
FirewallRouter
AcceptList
/Exclude
list
From: 12.3.4.68
To: 136.167.2.34
Type: Telnet
From: 136.167.2.34To: 12.3.4.68Type: Telnet
Routed Network Design
Router136.167.2
I-net router136.167
Client LAN Client LAN
Router136.167.10
Campus Backbone
Multicast
Router136.167.2
I-net router136.167
PC
Campus Backbone
PC PC
Subscribe? YNY
VPN / Remote Access
• Goals
• VPN Mechanism
• VPN Problems
• Proxy Server
VPN Model
Router136.167.2
VPN Server
PC
Campus Backbone
PC
Rmt PC
Subscribe? YNY
Encrypted link
DMZ Model
Internet router
(to/from DMZ only)
Internal Services External Services
DMZ
Intranet router
(to/fromDMZ only)
Chapter 3: Review
• British Railways Case–Where is value add
• Commoditizing IT– Impact on strategy
• Working in/out/across
Chapter 8: Review
• Operations Issues: sustainable advantage
• Outsourcing
• Transaction Costing
• Information Security
Discussion Questions
• Which aspects of IT/IS are of strategic concern and which are not?
• What IT/IS factors weight a decision toward outsourcing? Is it commodity-status only?