Sreerag cs network security

610 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
610
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Sreerag cs network security

  1. 1. MODULE 2 - NETWORK SECURITY E - COMMERCE <ul><li>CLIENT SERVER NETWORK SECURITY </li></ul><ul><li>CLIENT SERVER SECURITY THREATS </li></ul>PRESENTED BY - SREERAG GOPINATH P.C SEMESTER VIII COMPUTER SCIENCE & ENGG. SJCET, PALAI
  2. 2. SECURITY THREATS A Security threat is a circumstance, condition, or event with the potential to cause economic hardship to data or network resources in the form of - destruction, - disclosure, - modification of data, - denial of service, and / or - fraud, waste or abuse. Confidence, reliability and protection of information against security threats is a crucial prerequisite for the functioning of e-commerce.
  3. 3. SECURITY CONCERNS <ul><li>The discussion of security concerns in e-commerce can be divided into two broad types : </li></ul><ul><li>Client-server security </li></ul><ul><li>Uses authorization methods to make sure only valid users & programs have access to information resources such as databases. </li></ul><ul><li>Access control mechanisms – password protection, encrypted smart cards, biometrics, and firewalls. </li></ul><ul><li>Data & Transaction Security </li></ul><ul><li>Ensures privacy & confidentiality in electronic messages & data packets. </li></ul><ul><li>Includes authentication of remote users in network transactions. </li></ul><ul><li>Aim to defeat any attempt to assume another identity in data communication. </li></ul><ul><li>Preventive measures – data encryption using cryptographic methods. </li></ul>
  4. 4. CLIENT SERVER NETWORK SECURITY Client server Network security <ul><li>User maneuverability </li></ul><ul><li>Easy access </li></ul><ul><li>Site security </li></ul><ul><li>Confidentiality </li></ul>B A L A N C I N G & SYSTEM ADMINISTRATORS HAVE A HARD TIME
  5. 5. WHY PAY ATTENTION TO SECURITY? INTERNET 10000 networks- Unlimited number of hackers? CORPORATE LAN OR WAN SUBNET CORPORATE NETWORK
  6. 6. CLIENT SERVER SECURITY PROBLEMS <ul><li>Client-server network security problems manifest themselves in three ways: </li></ul><ul><li>Physical security holes </li></ul><ul><li>Result when individuals gain unauthorized access to a computer. </li></ul><ul><li>Software security holes </li></ul><ul><li>Result when badly written programs or “privileged” software are “compromised” </li></ul><ul><li>into doing things they shouldn’t. </li></ul><ul><li>“sendmail hole” (1988), “rlogin hole” </li></ul><ul><li>Inconsistent usage holes </li></ul><ul><li>Result when a system administrator assembles a combination of hardware & software such that the system is seriously flawed from a security point of view . </li></ul>
  7. 7. REDUCING CLIENT SECURITY THREATS <ul><li>The problem with e-commerce </li></ul><ul><li>If consumers connect a computer to the Internet, they can easily log into it from anywhere the network reaches. Without proper access control, anyone else can too . </li></ul><ul><li>Therefore, protection mechanisms become unavoidable in e-commerce. </li></ul><ul><li>Protection (authorization / access control) </li></ul><ul><li>Grants privileges to the system or resource by checking user-specific information </li></ul><ul><li>such as passwords. </li></ul><ul><li>File level – OS provides mechanisms like Access Control Lists , specifying the resources various users and groups are entitled to. </li></ul>
  8. 8. PROTECTION METHODS <ul><li>Trust-based Security </li></ul><ul><li>Security Through Obscurity </li></ul><ul><li>Password Schemes </li></ul><ul><li>Biometric Systems </li></ul>
  9. 9. TRUST BASED SECURITY <ul><li>The approach is to trust everyone and do nothing extra for protection </li></ul><ul><li>No access restrictions of any kind </li></ul><ul><li>Assume all users are trustworthy and competent in their use of the shared network. </li></ul><ul><li>Worked in the past, but is dangerous today </li></ul>
  10. 10. SECURITY THROUGH OBSCURITY (STO) <ul><li>Notion that any network can be secure as long as nobody outside its management group is allowed to find out anything about its operational details and users are provided information on a need-to-know basis . </li></ul><ul><li>Ex: Hiding accounts & passwords in binary files or scripts. </li></ul><ul><li>Provides a false sense of security by hiding information. </li></ul><ul><li>Quite successful with stand-alone systems that ran OSs like IBM MVS or CMS and DEC VAX. </li></ul><ul><li>Limited usefulness in the UNIX world - mobility </li></ul><ul><li>- users with greater knowledge & computing power </li></ul>
  11. 11. PASSWORD SCHEMES <ul><li>Erects a first-level barrier to accidental intrusion. </li></ul><ul><li>Do little about deliberate attack. </li></ul><ul><li>Weaknesses of passwords - Simple or familiar words  Dictionary comparison </li></ul><ul><li>- Unencrypted transfer  Eavesdropping </li></ul><ul><li>- Writing down, sharing </li></ul><ul><li>Countering these threats - Creating One time passwords  Smart Cards </li></ul><ul><li> Randomized tokens </li></ul><ul><li> Challenge-response </li></ul><ul><li>systems </li></ul>
  12. 12. BIOMETRIC SYSTEMS <ul><li>Most secure level of authorization. </li></ul><ul><li>Involve some unique aspect of a person’s body. </li></ul><ul><li>Past biometric authentication  fingerprint comparison </li></ul><ul><li> palm prints </li></ul><ul><li> retinal patterns </li></ul><ul><li> signature verification </li></ul><ul><li> voice recognition </li></ul><ul><li>Expensive to implement – best suited for controlling physical access than for network or workstation access. </li></ul><ul><li>Inconvenient - High verification time (10-30 seconds) </li></ul><ul><li>Unduly intrusive – user reluctance </li></ul><ul><li>New device variations  Keystroke scan </li></ul><ul><li> IR facial pattern detection </li></ul>
  13. 13. EMERGING CLIENT - SERVER SECURITY THREATS <ul><li>These threats can be divided into two major categories – </li></ul><ul><li>Threats to local computing environment from mobile software , and </li></ul><ul><li>Access control & threats to servers that include  Impersonation </li></ul><ul><li> Eavesdropping </li></ul><ul><li> Denial of Service </li></ul><ul><li>  Packet Replay </li></ul><ul><li>  Packet Modification </li></ul>
  14. 14. SOFTWARE AGENTS & MALICIOUS CODE THREATS <ul><li>Mobile code (software agent) is an executable program that has the ability to move from machine to machine and also to invoke itself without external influence. </li></ul><ul><li>Major security threat derives from the nature of the Internet : </li></ul><ul><li>Client programs interpret data downloaded from arbitrary servers on the Internet. </li></ul><ul><li>Client threats mostly arise from malicious data or code . </li></ul><ul><li>Malicious code refers to  Viruses </li></ul><ul><li> Worms </li></ul><ul><li> Trojan Horses </li></ul><ul><li> Logic Bombs </li></ul><ul><li> Other deviant software programs </li></ul>
  15. 15. MALICIOUS CODE <ul><li>Viruses: computer program that as ability to replicate and spread to other files; most also deliver a “payload” of some sort (may be destructive or benign); include macro viruses, file-infecting viruses and script viruses </li></ul><ul><li>Worms: designed to spread from computer to computer </li></ul><ul><li>Trojan horse: appears to be benign, but then does something other than expected </li></ul><ul><li>Bad applets (malicious mobile code): malicious Java applets or ActiveX controls that may be downloaded onto client and activated merely by surfing to a Web site </li></ul>
  16. 16. MALICIOUS CODE - EXAMPLES
  17. 17. THREATS TO SERVERS <ul><li>Threats to servers consist of  Unauthorized modification of server data </li></ul><ul><li> Unauthorized eavesdropping or modification </li></ul><ul><li> Compromise of a server system by exploiting bugs </li></ul><ul><li> Denial of Service </li></ul><ul><li>  Packet Replay </li></ul><ul><li>Network servers are much more susceptible to impersonation – </li></ul><ul><li>Hackers have potential access to a large number of systems </li></ul><ul><li>Popular UNIX programs – Finger, rsh, ruser  discover account names </li></ul><ul><li>Guess Passwords  Dictionary Attacks </li></ul><ul><li>Eavesdropping – trap user names & passwords  Wiretapping </li></ul><ul><li>  Auxiliary ports </li></ul><ul><li>Prevention - Encryption </li></ul>
  18. 18. DENIAL OF SERVICE ATTACKS <ul><li>The primary goal of any denial of service attack is to prevent the victim’s machine from fulfilling its function, ‘denying’ service to those legitimate users. </li></ul><ul><li>The two most common forms of DoS attacks are – </li></ul><ul><li> Service Overloading </li></ul><ul><li> Message Flooding </li></ul><ul><li>Hard to prevent , but can be reduced by restricting access to critical accounts, resources, and files and protecting them from unauthorized users. </li></ul><ul><li>Important to protect against DoS without denying access to legitimate users . </li></ul>
  19. 19. SERVICE OVERLOADING <ul><li>Service overloading occurs when floods of network requests are made to a server daemon on a single computer. </li></ul><ul><li>These requests can be initiated in a number of ways, many intentional . </li></ul><ul><li>The result of these floods can cause your system to be so busy servicing interrupt requests and network packets that it is unable to process regular tasks in a timely fashion. </li></ul><ul><li>Many requests will be thrown away as there is no room to queue them. If it is a TCP-based service, they will be resent and will add to the load. </li></ul><ul><li>Such attacks can also mask an attack on another machine by preventing audit records and remote login requests from being processed in a timely manner. They deny access to a particular service. </li></ul>
  20. 20. MESSAGE FLOODING <ul><li>Message flooding occurs when a user slows down the processing of a system on the network to prevent the system from processing its normal workload, by &quot;flooding &quot; the machine with network messages addressed to it. </li></ul><ul><li>These may be requests for file service or login, or they may be simple echo-back requests. </li></ul><ul><li>Whatever the form, the flood of messages overwhelms the target so it spends most of its resources responding to the messages . In extreme cases, this flood may cause the machine to crash with errors or lack of memory to buffer the incoming packets. This attack denies access to a network server . </li></ul><ul><li>A server that is being flooded may not be able to respond to network requests in a timely manner. An attacker can take advantage of this behavior by writing a program that answers network requests in the server's place. For example, an attacker could flood an NIS server and then issue his own replies for NIS requests - specifically, requests for passwords. </li></ul>
  21. 21. COUNTERING SERVER THREATS - FIREWALLS INTERNET CORPORATE LAN OR WAN CORPORATE NETWORK STOP
  22. 22. THANK YOU !!!

×