Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Chapter 1:
Introduction

1
Technology History
Technology History
Security Use
Security Use
Security Layer
Security Layer
Why Security?
Why Security?
...
A Technology play role
and
influence in community service

3
Consumer Market
First, Let us look at the Evolution of Communications

4
Extracted from : Next Generation Home Networks: D...
Consumer Market
80-90s: A New World Called Internet

•
•

The start of the Internet
for masses using dial-up:
Phone line i...
Consumer Market
2000 – 2003: The Beginning of the Always-On Concept
•

Emergence of the ADSL
technology:
– Higher bandwidt...
Consumer Market
2003 – 2005: Emergence of Basic Home Networks and Triple Play Services
•

•

xDSL
20+ Mbps

Emergence of t...
Consumer Market
2005 – 2015: The Digital Connected Home
•

Many multi-service devices
in the home:
– All using IP as a
fou...
Example of Network Infrastructure
BTU

Residential Gateway (RG)
Broadband Termination Unit (BTU)

9
Technology History
Technology History
Security Use
Security Use
Security Layer
Security Layer
Why Security?
Why Security?
...
We will see now where a security mechanism is
mbed on technology.

Security use in daily basis.

11
Services

DATA

VOICE

IMAGE
12
Security use in daily basis 1 - biometric

13
Security use in daily basis 2 - Business

14
Security use in daily basis 3 – Voice Communication

15
Security use in daily basis 4 – Integration Operation

16
Security use in daily basis 5 – Operating System

17
Security use in daily basis 6 – WEB

18
Technology History
Technology History
Security Use
Security Use
Security Layer
Security Layer
Why Security?
Why Security?
...
Let me share with you on OSI layers
and
Internet layers
20
Seventh layers OSI Model
Application

Application
OSI Model

Network process to application

Presentation

Data Unit

Laye...
Five Layers TCP/IP Model

Application

Transport

Application
DHCP • DNS • FTP • Gopher • HTTP • IMAP4 • IRC • NNTP • XMPP...
Five Layers TCP/IP Model

Refer to the TCP/IP Presentation Slides

23
Before I explain to you on security layer
Let review back the slides that presenting on
“security use in daily basis”
24
What is behind of these applications?
What is a mechanism that make it secure?

25
Security Layer *

Applications

Protocol

Cryptography

Applications:
Web, email, any application use security
mechanism

...
Security versus OSI & TCP/IP Model
OSI

TCP/IP

Application

Application

Presentation

Application
Presentation

Security...
Technology History
Technology History
Security Use
Security Use
Security Layer
Security Layer
Why Security?
Why Security?
...
Concept

Why we want security?
Let review back the slides that presenting on
“security use in daily basis”

29
Could you explain to me why we need security?

30
Why We Need Security
Privacy

The protection of data from unauthorized disclosure.

Integrity

The assurance that data rec...
Technology History
Technology History
Security Use
Security Use
Security Layer
Security Layer
Why Security?
Why Security?
...
Hacking - 1

33
Hacking - 2

DATA CENTER

34
Type of Attacks

Passive

Active

Passive attacks are in the nature of eavesdropping on,
or monitoring of, transmissions. ...
Passive Attack
Release of Message Contents

Read contents of
message from Bob
to Alice

Traffic Analysis

Observe pattern ...
Active Attack - 1
Masquerade

Message from Hacker
that appears to be from Bob

Replay*

Capture message from
Bob to Alice;...
Active Attack - 2
Modification of messages

Modifies message from Bob to Alice

Denial of Service

disrupts service provid...
How Do You Want Protect Your Network System

Thank You
See You Next Week

39
Upcoming SlideShare
Loading in …5
×

SYSTEM SECURITY - Chapter 1 introduction

440 views

Published on

Published in: Education
  • Be the first to comment

  • Be the first to like this

SYSTEM SECURITY - Chapter 1 introduction

  1. 1. Chapter 1: Introduction 1
  2. 2. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 2
  3. 3. A Technology play role and influence in community service 3
  4. 4. Consumer Market First, Let us look at the Evolution of Communications 4 Extracted from : Next Generation Home Networks: Driving a New Society?
  5. 5. Consumer Market 80-90s: A New World Called Internet • • The start of the Internet for masses using dial-up: Phone line is shared between the PC and the phone – Emergence of the ISP concept with AOL,… New concept: Content available to everybody • • Modem • • First Internet boom: “New economy concept” Phone Line 28 – 56kbps 5 Extracted from : Next Generation Home Networks: Driving a New Society?
  6. 6. Consumer Market 2000 – 2003: The Beginning of the Always-On Concept • Emergence of the ADSL technology: – Higher bandwidth than dial-up: typically 64k to 384kbps – “Always on” concept; i.e., no busy signal • Device per service – One phone – One PC ADSL 64 – 384 kbps 6 Extracted from : Next Generation Home Networks: Driving a New Society?
  7. 7. Consumer Market 2003 – 2005: Emergence of Basic Home Networks and Triple Play Services • • xDSL 20+ Mbps Emergence of the new DSL and xPON technologies: – Higher bandwidth than ADSL: typically 20Mbps per home First signs of home networks with the digitalization of the Home: – Digital Camera, Camcorder, Playstation, DVD, iPOD… 7 Extracted from : Next Generation Home Networks: Driving a New Society?
  8. 8. Consumer Market 2005 – 2015: The Digital Connected Home • Many multi-service devices in the home: – All using IP as a foundation • Virtualization of Content: – Access content anywhere/anytime, whether it is home-based (Personal) or networkbased (Public) • Communications and Entertainment 8 Extracted from : Next Generation Home Networks: Driving a New Society?
  9. 9. Example of Network Infrastructure BTU Residential Gateway (RG) Broadband Termination Unit (BTU) 9
  10. 10. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 10
  11. 11. We will see now where a security mechanism is mbed on technology. Security use in daily basis. 11
  12. 12. Services DATA VOICE IMAGE 12
  13. 13. Security use in daily basis 1 - biometric 13
  14. 14. Security use in daily basis 2 - Business 14
  15. 15. Security use in daily basis 3 – Voice Communication 15
  16. 16. Security use in daily basis 4 – Integration Operation 16
  17. 17. Security use in daily basis 5 – Operating System 17
  18. 18. Security use in daily basis 6 – WEB 18
  19. 19. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 19
  20. 20. Let me share with you on OSI layers and Internet layers 20
  21. 21. Seventh layers OSI Model Application Application OSI Model Network process to application Presentation Data Unit Layer Function Application Application Application Network process to application Presentation Host Layers Session Presentation Data Presentation Data representation and encryption Session Interhost communication Segments Transport End-to-end communications and reliability (TCP) Network Packets Network Path determination and logical addressing (IP) Media Data Link Layers Frames Data Link Physical addressing (MAC & LLC) Bits Physical Media, Signal and binary transmission 21
  22. 22. Five Layers TCP/IP Model Application Transport Application DHCP • DNS • FTP • Gopher • HTTP • IMAP4 • IRC • NNTP • XMPP • MIME • POP3 • SIP • SMTP • SNMP • SSH • TELNET • RPC • RTP • RTCP • TLS/SSL • SDP • SOAP • VPN • PPTP • L2TP • GTP • Presentation TCP • UDP • DCCP • SCTP • Internet IP (IPv4 • IPv6) • IGMP • ICMP • RSVP • BGP • RIP • OSPF • ISIS • IPsec • ARP • RARP • Data Link 802.11 • ATM • DTM • Ethernet • FDDI • Frame Relay • GPRS • EVDO • HSPA • HDLC • PPP • Physical Ethernet physical layer • ISDN • Modems • PLC • SONET/SDH • G.709 • Wireless • 22
  23. 23. Five Layers TCP/IP Model Refer to the TCP/IP Presentation Slides 23
  24. 24. Before I explain to you on security layer Let review back the slides that presenting on “security use in daily basis” 24
  25. 25. What is behind of these applications? What is a mechanism that make it secure? 25
  26. 26. Security Layer * Applications Protocol Cryptography Applications: Web, email, any application use security mechanism Protocol: SSL, TLS Algorithm: Symmetric, Asymmetric (i.e.:Cipher, DES, AES) * This approach is totally under my knowledge and experience, is not a standard, just to understand 26 the layer concept.
  27. 27. Security versus OSI & TCP/IP Model OSI TCP/IP Application Application Presentation Application Presentation Security Applications Session Transport Transport Network Internet Data Link Data Link Physical Physical Protocol Cryptography 27
  28. 28. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 28
  29. 29. Concept Why we want security? Let review back the slides that presenting on “security use in daily basis” 29
  30. 30. Could you explain to me why we need security? 30
  31. 31. Why We Need Security Privacy The protection of data from unauthorized disclosure. Integrity The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion. Authentication The assurance that the communicating entity is the one that it claims to be. Provides protection against denial by one of the entities Nonrepudation involved in a communication of having participated in all or part of the communication. Security Services (X.800) 31
  32. 32. Technology History Technology History Security Use Security Use Security Layer Security Layer Why Security? Why Security? Attack/Hack Attack/Hack 32
  33. 33. Hacking - 1 33
  34. 34. Hacking - 2 DATA CENTER 34
  35. 35. Type of Attacks Passive Active Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being transmitted. Two types of passive attacks are release of message contents and traffic analysis. Active attacks involve some modification of the data stream or the creation of a false stream and can be subdivided into four categories: masquerade, replay, modification of messages, and denial of service. 35
  36. 36. Passive Attack Release of Message Contents Read contents of message from Bob to Alice Traffic Analysis Observe pattern of messages from Bob to Alice 36
  37. 37. Active Attack - 1 Masquerade Message from Hacker that appears to be from Bob Replay* Capture message from Bob to Alice; later replay message to Alice * An attack in which a service already authorized and completed is forged by another "duplicate request" in an attempt to repeat authorized commands. 37
  38. 38. Active Attack - 2 Modification of messages Modifies message from Bob to Alice Denial of Service disrupts service provided by server 38
  39. 39. How Do You Want Protect Your Network System Thank You See You Next Week 39

×