* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Authentication and Access Control
Survey
Document related concepts
Next-Generation Secure Computing Base wikipedia , lookup
Post-quantum cryptography wikipedia , lookup
Cyberwarfare wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Distributed firewall wikipedia , lookup
Airport security wikipedia , lookup
Unix security wikipedia , lookup
Wireless security wikipedia , lookup
Cyberattack wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Information security wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Mobile security wikipedia , lookup
Security-focused operating system wikipedia , lookup
Computer security wikipedia , lookup
Transcript
Information Security Information Security in Today’s World Abdalla Al-Ameen Assistant Prof. Computer Science and information Dept. College of Arts and Science in WadiAddawasir Salman Bin Abdulaziz University K.S.A Web site :http://faculty.sau.edu.sa/a.alameen Email: [email protected] Information Security Protecting Your PC, Privacy and Self “The minute you dial in to your Internet service provider or connect to a DSL or cable modem, you are casting your computer adrift in a sea of millions of other computers – all of which are sharing the world's largest computer network, the Internet. Most of those computers are cooperative and well behaved, but some are downright nasty. Only you can make sure your computer is ready for the experience.” Daniel Appleman, Always Use Protection, A Teen's Guide to Safe Computing, (2004 – Apress) 2 Information Security Objectives: this seminar aims to cover the following topics Computer Security definition Information Security Topic areas Core Security Concepts Why Study Computer Security? The Importance of Information Security Security Services Challenges Latest Trends Overview of Existing Security Systems Protecting one Computer Protecting a Wireless Local Area Network (WLAN) What Can We Do? Information Security Introduction Information security is defined as methods and technologies for deterrence (scaring away hackers), protection, detection, response, recovery and extended functionalities OR Process by which digital information assets are protected 4 Information Security Information Assurance A broader category than computer security, information security, etc. Concerned with the • Security of information in system • Quality/Reliability of information in system 5 Information Security What Information Security Topic areas? Policies and procedures, authentication, attacks, remote access, E-mail, Web, wireless, devices, media/medium, secure architectures, IDSes/IPSes, operating systems, secure code, Cryptography, physical security, digital media analysis… 6 Information Security Core Security Concepts Vulnerability, Exploit, Threat • Vulnerability – a weakness in some aspect of a system • Exploit – a known method for taking advantage of a vulnerability • Threat – the likelihood of some agent using an exploit to compromise security – Note: not all users/groups are equal threats to various systems • “Hackers” more of a threat to popular web sites, businesses • Disgruntled employees more of a threat to isolated businesses 7 Information Security Generic Security Principles Generic Security System Deterrence (Scare away) Protection Detection Response Recovery Information while in transmission Information while in storage Hacker Hardware 8 Information Security Why Study Computer Security? Increasingly important issue for: • Computer system and network administrators • Application programmers Security issues follow technology • Desktop systems, wireless networks, handheld devices Security issues affect software, laws, profits and businesses 9 Information Security The Importance of Information Security Prevents data theft Avoids legal consequences of not securing information Maintains productivity Foils cyberterrorism Thwarts identity theft 10 Information Security Security Services : Confidentiality Confidentiality Authentication To keep a message secret to those that are not authorized to read it Access Control Integrity Non-repudiation Availability 11 Information Security Security Services: Authentication Confidentiality Authentication Access Control To verify the identity of the user / computer Integrity Non-repudiation Availability 12 Information Security Security Services: Access Control Confidentiality Authentication Access Control Integrity To be able to tell who can do what with which resource Non-repudiation Availability 13 Information Security Security Services: Integrity Confidentiality Authentication Access Control Integrity Non-repudiation To make sure that a message has not been changed while on Transfer, storage, etc Availability 14 Information Security Security Services: Non-repudiation Confidentiality Authentication Access Control Integrity Non-repudiation To make sure that a user/server can’t deny later having participated in a transaction Availability 15 Information Security Security Services: Availability Confidentiality Authentication Access Control Integrity Non-repudiation Availability To make sure that the services are always available to users. 16 Information Security Challenges A number of trends illustrate why security is becoming increasingly difficult: •Speed of attacks •Sophistication of attacks •Faster detection of weaknesses •Distributed attacks •Difficulties of patching 17 Information Security Latest Trends - Identity Theft Crime of the 21st century Involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and destroy their credit rating National, state, and local legislation continues to be enacted to deal with this growing problem. 18 Information Security Latest Trends - Identity Theft - continued Phishing is a method used by identity thieves to take financial information from a computer user The word “phishing” was made up by hackers as a cute word to use for the concept of fishing for information One of the most profitable forms of spamming Often used in conjunction with spoofed Web sites 19 Information Security Latest Trends - Malicious Software (Malware) Designed to operate without the computer user’s permission May change or destroy data May operate hardware without authorization Can hijack your Web browser Might steal information or otherwise cheat a computer user or organization 20 Information Security Malware: • Includes computer viruses, worms, trojan horses, bots, spyware, adware, etc • Software is considered malware based on the intent of the creator rather than any particular features 21 Information Security Malware Trends Spyware Keyloggers Rootkits Mobile malware Combined attack mechanisms 22 Information Security Malware Trends - Spyware Advertisement-focused applications that, much like computer worms, install themselves on systems with little or no user interaction While such an application may be legal, it is usually installed without the user’s knowledge or informed consent A user in an organization could download and install a useful (often “free”) application from the Internet and in doing so, install a spyware component 23 Information Security Spyware: • Spyware can collect many different types of information about a user: – Records the types of websites a user visits – Records what is typed by the user to intercept passwords or credit card numbers – Used to launch “pop up” advertisements • Many legitimate companies incorporate forms of spyware into their software for purposes of advertisement(Adware) 24 Information Security Spyware Example 25 Information Security Spyware Example (add-on toolbars) 26 Information Security Malware Trends - Keyloggers Used to capture user’s keystrokes: •Also known as Keystoke Logging Hardware and software-based Useful purposes: •Help determine sources of errors on system •Measure employee productivity on certain clerical tasks 27 Information Security Keystroke Logging: • Can be achieved by both hardware and software means • Hardware key loggers are commercially available devices which come in three types: – Inline devices that are attached to the keyboard cable – Devices installed inside standard keyboards – Keyboards that contain the key logger already built-in • Writing software applications for keylogging is trivial, and like any computer program can be distributed as malware (virus, trojan, etc.) 28 Information Security Malware Trends - Rootkits Is a set of software tools intended to hide running processes, files or system data, thereby helping an intruder to maintain access to a system while avoiding detection Often modify parts of the operating system or install themselves as drivers or kernel modules Are known to exist for a variety of operating systems Are difficult to detect 29 Information Security Malware Trends - Mobile Malware Increase in the number of mobile phone viruses being written But , Insignificant compared to the much larger number of viruses being written which target Windows desktop computers 30 Information Security Malware Trends - Combined Attack Mechanisms SPAM with spoofed Web sites Trojans installing bot software Trojans installing backdoors برنامج آلي 31 Information Security Spam: • Spamming is the abuse of electronic messaging systems to send unsolicited, undesired bulk messages • Spam media includes: – e-mail spam (most widely recognized form) – instant messaging spam – Usenet newsgroup spam – Web search engine spam – spam in blogs – mobile phone messaging spam 32 Information Security Spam Example 33 Information Security Phishing: • A criminal activity using social engineering techniques. • An attempt to acquire sensitive data, such as passwords and credit card details, by appearing as a trustworthy person or business in an electronic communication. • Typically carried out using email or an instant message 34 Information Security Phishing Example Points to “bad” IP Address! 35 Information Security Latest Trends - Ransomware Type of malware that encrypts the victim’s data, demanding ransom for its returning. Cryptovirology predates ransomware 36 Information Security Overview of Existing Security Systems : Firewalls Used even for Deterring (Scaring attackers) Firewalls Designed to prevent malicious packets from entering Software based Runs as a local program to protect one computer (personal firewall) or as a program on a separate computer (network firewall) to protect the network Hardware based separate devices that protect the entire network (network 37 firewalls) Information Security Overview of Existing Security Systems : Detection Intrusion Detection Systems Intrusion Detection System (IDS) Examines the activity on a network Goal is to detect intrusions and take action Two types of IDS: Host-based IDS Installed on a server or other computers (sometimes all) Monitors traffic to and from that particular computer Network-based IDS Located behind the firewall and monitors all network traffic 38 Information Security Overview of Existing Security Systems : Network Address Translation (NAT) Network Address Translation (NAT) Systems Hides the IP address of network devices Located just behind the firewall. NAT device uses an alias IP address in place of the sending machine’s real one “You cannot attack what you can’t see” 39 Information Security Overview of Existing Security Systems : Proxy Servers Proxy Server Operates similar to NAT, but also examines packets to look for malicious content Replaces the protected computer’s IP address with the proxy server’s address Protected computers never have a direct connection outside the networkThe 40 proxy server intercepts requests. Acts “on behalf of” the requesting client Information Security Adding a Special Network called Demilitarized Zone (DMZ) Demilitarized Zones (DMZ) Another network that sits outside the secure network perimeter. Outside users can access the DMZ, but not the secure network Some DMZs use two firewalls. This prevents outside users from even accessing the internal firewall Provides an additional layer of security 41 Information Security Overview of Existing Security Systems : Virtual Private Networks (VPN) Virtual Private Networks (VPNs) A secure network connection over a public network • Allows mobile users to securely access information • Sets up a unique connection called a tunnel 42 Information Security Overview of Existing Security Systems : Virtual Private Networks (VPN) 43 Information Security Overview of Existing Security Systems : Honeypots Honeypots Computer located in a DMZ and loaded with files and software that appear to be authentic, but are actually imitations 44 Intentionally configured with security holes Goals: Direct attacker’s attention away from real targets; Examine the techniques used by hackers Information Security Overview of Existing Security Systems : Secure Socket Layer (SSL) SSL is used for securing communication between clients and servers. It provid es mainly confidentiality, integrity and authentication Establish SSL connection communication protected Client 45 WWW Server Summary (continued) Information Security Protecting one Computer Operating system hardening is the process of making a PC operating system more secure • • • • • • • Patch management Antivirus software – to protect your pc from viruses Antispyware software Firewalls – to deter (scare), protect Setting correct permissions for shares Intrusion detection Systems – to detect intrusions Cryptographic systems 46 Information Security Protecting a Wireless Local Area Network (WLAN) 47 Information Security Security in a Wireless LAN WLANs include a different set of security issues Steps to secure: • • • • • • Turn off broadcast information MAC address filtering Encryption Password protect the access point Physically secure the access point Use enhanced WLAN security standards whenever possible • Use cryptographic systems 48 Information Security What Can We Do? Security Assessment • Identify areas of risk • Identify potential for security holes, breakdown • Identify steps to mitigate Security Application • Multi-layered Approach (there is no single solution) • Policies and Procedures Security Awareness • Not just for the geeks! • Security Training at all levels (external and/or internal) • Continuing education and awareness – not a one-time shot! • Make it part of the culture 49 Information Security What Can We Do? Security Awareness • Not just for the geeks! • Security Training at all levels (external and/or internal) • Continuing education and awareness – not a one-time shot! • Make it part of the culture 50 Information Security References 1. 2. 3. 4. 5. 6. http://en.wikipedia.org/wiki/Security visited at 14-11-2013 Allen, Julia, (2012) The CERT Guide to System and Network Security Practices, Addison-Wesley, New York Ratzan, Lee, (2012) Understanding Information Systems, American Library Association, Chicago The Information Security Process: Prevention,Detection and Response, James LaPiedra ,GIAC practical repository, SANS Institute, http://www.giac.org/practical/gsec visited at 14-11-2013 InformIT Reference Guides ,http://www.informit.com/isapi/articles/index.asp, visited at 15-11-2014 Information Security Thank you for coming!!