“Network Security &
Information Security
Maintenance”
Independent Study (CS450)
Under the guidance of:
Smitesh.D.Patravali...
Contents
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering
2
Introduction :Network Security
O Definition :
Network security consists of the provisions
and policies adopted by a networ...
Fundamental Security
Objectives
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & E...
Security Attacks, Mechanism
& Services
O Security Attacks :
Any action that compromises the security of
information owned ...
Security Attacks,
Mechanism & Services
June 10,2013
Department of Computer Science & EngineeringDepartment of Computer Sci...
Security Attacks,
Mechanism & Services
O Authentication
Peer-Entity
Data Origin
O Access Control
O Confidentiality
Connect...
Security services..Contd..
O Data Integrity
Connection integrity with recovery
Connection integrity without recovery
Conne...
Security Attacks, Mechanism &
ServicesO Security Mechanisms :
A process (or a device incorporating such a process) that is...
Internetwork Security Model
O A message is to be transferred from one party to
another across some sort of Internet servic...
This general model shows that there are four basic
tasks in designing a particular security service:
O1. Design an algorit...
Internet Standards & RFC’s
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engine...
Information Security
Maintenance
O Once an organization has improved the security posture of the
organization, the securit...
Security Management Models
Management models are frameworks that structure
the tasks of managing a particular set of activ...
ISO Model Contd….
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 15
The Maintenance Model
June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering...
Conclusion
O Hence, we can conclude that the need for security in
communicating networks is mandatory & the
techniques pro...
www.Wikepeadia.com.
Network Security Essentials ,Fourth Edition
by William Stallings.
Principles of Information Securit...
Thank you!!!
June 10,2013Department of Computer Science & Engineering 19
Upcoming SlideShare
Loading in …5
×

Network security & information security maintainence modified

263
-1

Published on

S

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
263
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
24
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Network security & information security maintainence modified

  1. 1. “Network Security & Information Security Maintenance” Independent Study (CS450) Under the guidance of: Smitesh.D.Patravali By, KeerthanKumar Shetty 2SD10CS403 CSE 8 ‘B’ SDMCET June 10,2013 Department of Computer Science &Department of Computer Science & EngineeringEngineering 1
  2. 2. Contents June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 2
  3. 3. Introduction :Network Security O Definition : Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. O Need for Network Security : • Protect vital information while still allowing access to those who need it Ex-Trade secrets, Business records, etc. • Provide authentication and access control for resources June 10,2013 DepartmentDepartment of Computer Science & Engineeringof Computer Science & Engineering 3
  4. 4. Fundamental Security Objectives June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 4
  5. 5. Security Attacks, Mechanism & Services O Security Attacks : Any action that compromises the security of information owned by an organization ,group or an individual. 2 types of Security Attacks June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 5
  6. 6. Security Attacks, Mechanism & Services June 10,2013 Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 6
  7. 7. Security Attacks, Mechanism & Services O Authentication Peer-Entity Data Origin O Access Control O Confidentiality Connection Confidentiality Connectionless Confidentiality Selective Confidentiality Traffic flow Confidentiality June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 7
  8. 8. Security services..Contd.. O Data Integrity Connection integrity with recovery Connection integrity without recovery Connectionless integrity Selective field Connection Integrity Selective field Connectionless Integrity O Non Repudiation Non Repudiation, origin Non Repudiation, Destination June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 8
  9. 9. Security Attacks, Mechanism & ServicesO Security Mechanisms : A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. June 10,2013 Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 9
  10. 10. Internetwork Security Model O A message is to be transferred from one party to another across some sort of Internet service. O The two parties, who are the principals in this transaction, must cooperate for the exchange to take place. O A logical information channel is established by defining a route through the Internet from source to destination and by the cooperative use of communication protocols (e.g., TCP/IP) by the two principals. Network Security Model June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 10
  11. 11. This general model shows that there are four basic tasks in designing a particular security service: O1. Design an algorithm for performing the security- related transformation. Thealgorithm should be such that an opponent cannot defeat its purpose. O2. Generate the secret information to be used with the algorithm. O3. Develop methods for the distribution and sharing of the secret information. O4. Specify a protocol to be used by the two principals that makes use of the securityalgorithm and the secret information to achieve a particular security service. June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 11 Internetwork Security Model
  12. 12. Internet Standards & RFC’s June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 12
  13. 13. Information Security Maintenance O Once an organization has improved the security posture of the organization, the security group must turn its attention to the maintenance of security readiness O Information security must constantly monitor the threats, assets, and vulnerabilities O The team also reviews external information to stay on top of the latest general and specific threats to its information security O It is more expensive to reengineer the information security profile again and again June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 13
  14. 14. Security Management Models Management models are frameworks that structure the tasks of managing a particular set of activities or business functions. ISO Model The ISO management model is a five-layer approach that provides structure to the administration and management of networks and systems The core ISO model addresses management and operation thorough five topics: O Fault management O Configuration and Change management O Accounting management O Performance management O Security management June 10,2013 Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 14
  15. 15. ISO Model Contd…. June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 15
  16. 16. The Maintenance Model June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 16
  17. 17. Conclusion O Hence, we can conclude that the need for security in communicating networks is mandatory & the techniques provided to maintain information security are more reliable & implementing the same can serve our purpose in achieving higher security to our Information & network. June 10,2013Department of Computer Science & EngineeringDepartment of Computer Science & Engineering 17
  18. 18. www.Wikepeadia.com. Network Security Essentials ,Fourth Edition by William Stallings. Principles of Information Security by Michael D Whitman. June 10,2013Department of Computer Science & Engineering 18 References
  19. 19. Thank you!!! June 10,2013Department of Computer Science & Engineering 19

×