valency paul, profile picture
Uploaded byvalency paul
PPTX, PDF129 views

6 security

This document discusses various aspects of computer and network security. It covers four fundamental requirements for secure transactions: privacy, integrity, authentication, and non-repudiation. It also discusses security threats like denial-of-service attacks, viruses, and worms. Additionally, it outlines security technologies used to protect communications, like cryptography, digital signatures, SSL, IPSec, and firewalls.

Embed presentation

Download to read offline
> > > Security
• Modern computer security involves the protection of electronic communications and the maintenance of network security. A successful, secure transaction must meet four fundamental requirements: Privacy, integrity, authentication and non repudiation. • The privacy issue is: How do you ensure that the information you transmit over the Internet has not been captured or passed on to a third party without your knowledge?
• The integrity issue is: How do you ensure that the information you send or receive has not been compromised or altered? • The authentication issue is: How do the sender and recipient of a message verify their identities?
• The non repudiation issue is: How do you legally prove that a message was sent or received? In addition to these requirements, network security addresses the issue of availability: How do we ensure that the network and the computer systems to which it connects will remain in operation continuously? • In the next several sections, we will explore Internet security and the technologies and protocols used to secure e-commerce transactions and communications
• Cryptography transforms data by using a cipher, or cryptosystem (a mathematical algorithm for the encryption of messages). • An algorithm is a computer science term for “procedure.” A key (a string of digits that acts as a password in the cipher) makes the data incomprehensible to all but the sender and intended recipients.
• Unencrypted data is known as plain text, whereas encrypted data is called ciphertext. Only the intended recipients should possess the corresponding key to decrypt the ciphertext into plaintext. • Each party in a transaction has both a public key and a private key. • To transmit a message securely, the sender uses the recipient’s public key to encrypt the message. The recipient then decrypts the message using his or her unique private key
• Digital signatures, the electronic equivalent of written signatures, are used in publickey cryptography to solve authentication and integrity problems • A digital signature authenticates the sender’s identity, and, like a written signature, it is difficult to forge. To create a digital signature, a sender first runs a plaintext message through a hash function, which is a mathematical calculation that gives the message a hash value.
• The Secure Sockets Layer (SSL) protocol, developed by Netscape Communications, is a non-proprietary protocol commonly used to secure communications between two computers on the Internet and the Web. • SSL is built into many Web browsers, including Netscape Communicator and Microsoft Internet Explorer, as well as numerous other software • products. Although SSL is not designed specifically to secure online transactions, most e- businesses use the technology for this purpose.
• Wireless Transport Layer Security (WTLS) is the security protocol for the Wireless Application • Protocol (WAP). WAP is a standard used for wireless communications on mobile phones and other wireless devices. WTLS secures connections between wireless devices and application servers. It provides wireless technology with data integrity, privacy, authentication and denial-of-service security.
• Organizations are taking advantage of the existing Internet infrastructure to create Virtual Private Networks (VPNs), which link multiple networks, wireless users, customers and other remote users. • A VPN is created by establishing a “secure tunnel” between multiple networks. • Internet Protocol Security (IPSec) is one of the technologies used to secure the “tunnel” through which the data passes
> > > Security Attacks
• Recent cyberattacks on e-businesses have made the front-pages of newspapers worldwide. • Denial-of-service attacks (DoS), viruses and worms have cost companies billions of dollars. • Typically, a denial-of-service attack occurs when a network or server is flooded with data packets. • The influx of data greatly increases the traffic on the network, overwhelming the servers and making it impossible for legitimate users to download information
• A distributed denial-of-service attack occurs when an unauthorized user gains illegitimate control of a network of computers (usually by installing viruses on the computers) and then uses all the computers simultaneously to attack. These attacks cause networked computers to crash or disconnect from the network, making services unavailable for legitimate users.
• Viruses are computer programs—often sent as e-mail attachments or disguised as audio clips, video clips and games—that attach to, or overwrite other programs in efforts to replicate themselves. Viruses can corrupt files or even wipe out a hard drive. The spread of a virus occurs through sharing “infected” files embedded in e-mail attachments, documents or programs.
• worms are similar to viruses, a worm can spread and infect files on its own over a network; worms do not need to be attached to another program to spread. • One of the most famous viruses to date is the ILOVEYOU virus which hit in May 2000, costing organizations and individuals billions of dollars. Viruses and worms are not limited to computers. • In June 2000, a worm named Timofonica that was propagated through e-mail quickly made its way into the cell-phone network in Spain, sending prank calls and leaving text messages on subscribers’ phones
• Who is responsible for viruses and denial-of-service attacks? Most often the responsible parties are referred to as hackers or crackers. Hackers and crackers are usually skilled programmers. • According to some, hackers break into systems just for the thrill of it, without causing harm to the compromised systems, whereas crackers have malicious intent. However, regardless of an attack’s consequences, hackers and crackers break the law by accessing or damaging private information and computers. • Many vendors offer antivirus utilities that help protect computers against viruses and other threats
• The goal of network security is to allow authorized users access to information and services while preventing unauthorized users from gaining access to, and possibly corrupting, the network. • A basic tool used in network security is the firewall, which protects a local area network (LAN) from intruders outside the network.
END

More Related Content

PPTX
Ethical hacking ppt
byNitesh Dubey
 
PPTX
Network security
byEshrak Rahman
 
PPTX
Network Security
byManoj Singh
 
PPTX
Introduction to Information Security
byRubal Sagwal
 
PPTX
Cyber Crime
byArnav Chowdhury
 
PPTX
Cyber security # Lec 1
byKabul Education University
 
PPTX
Cyber Crime
byAfnanHusain
 
PPTX
Cyber Space Operation- Offensive Cyber Space Operation
byRubal Sagwal
 
Ethical hacking ppt
byNitesh Dubey
 
Network security
byEshrak Rahman
 
Network Security
byManoj Singh
 
Introduction to Information Security
byRubal Sagwal
 
Cyber Crime
byArnav Chowdhury
 
Cyber security # Lec 1
byKabul Education University
 
Cyber Crime
byAfnanHusain
 
Cyber Space Operation- Offensive Cyber Space Operation
byRubal Sagwal
 

What's hot

PPTX
Presentation on Cyber Security
byAnand Kater
 
PPTX
Network security (vulnerabilities, threats, and attacks)
byFabiha Shahzad
 
PPTX
Cyber attack
byManjushree Mashal
 
PPT
Computer Security
byVaibhavi Patel
 
PPTX
Mohammed tariq alsharhan
byAhmed Sleem
 
PPT
Internet Security
byMitesh Gupta
 
PPTX
Cyber security
bySabir Raja
 
PPTX
Computer security and privacy
byHaider Ali Malik
 
PPTX
Data Network Security
byAtif Rehmat
 
PPT
Hacking
byLutfulM
 
PPTX
cyber security and forensic tools
bySonu Sunaliya
 
PPTX
Network security
byJasleen Kaur (Chandigarh University)
 
PPTX
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
PPTX
Seminar (network security)
byGaurav Dalvi
 
PPTX
Ethical hacking and cyber security intro
byAbhilash Ak
 
PPTX
Introduction to information security
byS.M. Towhidul Islam
 
PPTX
Network security
byNkosinathi Lungu
 
PPTX
Network security & cryptography
byKiran Patil
 
PPT
E secuity
byarpit sadana
 
PPTX
Presentation1 new (1) (1)cf
bytoamma
 
Presentation on Cyber Security
byAnand Kater
 
Network security (vulnerabilities, threats, and attacks)
byFabiha Shahzad
 
Cyber attack
byManjushree Mashal
 
Computer Security
byVaibhavi Patel
 
Mohammed tariq alsharhan
byAhmed Sleem
 
Internet Security
byMitesh Gupta
 
Cyber security
bySabir Raja
 
Computer security and privacy
byHaider Ali Malik
 
Data Network Security
byAtif Rehmat
 
Hacking
byLutfulM
 
cyber security and forensic tools
bySonu Sunaliya
 
Network security
byJasleen Kaur (Chandigarh University)
 
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
Seminar (network security)
byGaurav Dalvi
 
Ethical hacking and cyber security intro
byAbhilash Ak
 
Introduction to information security
byS.M. Towhidul Islam
 
Network security
byNkosinathi Lungu
 
Network security & cryptography
byKiran Patil
 
E secuity
byarpit sadana
 
Presentation1 new (1) (1)cf
bytoamma
 

Viewers also liked

PPTX
Normal distribution and hypothesis testing
byLorelyn Turtosa-Dumaug
 
PPT
Obras analisadas: EVT
byccurvos
 
PPTX
8 天使之笔 – part 3
byRachel Yu Liu
 
PDF
D6.1 -ship-structure_-_final
bySeba Bayram
 
PDF
prezentare engleza 2
byAlina-Victoria Mihalache
 
PPTX
Sarah and frances vocab
byMrs. Stewart's Classroom
 
PPT
解构主义设计
byedward286
 
PPTX
Challenges in global warming
byrcgoudabloemendaal
 
DOC
N.Saravanan
byTurbo Saravanan
 
PDF
Piccola storia di provincia
byMichela Mamprin
 
PPTX
Abraham maslow
byDavid García Montero
 
PDF
Social Branding - Gerd Leonhard (Media Futures Group) at #CSMM
byArjen Strijker
 
PPT
Presentation1
byNur Hazira Azahari
 
Normal distribution and hypothesis testing
byLorelyn Turtosa-Dumaug
 
Obras analisadas: EVT
byccurvos
 
8 天使之笔 – part 3
byRachel Yu Liu
 
D6.1 -ship-structure_-_final
bySeba Bayram
 
prezentare engleza 2
byAlina-Victoria Mihalache
 
Sarah and frances vocab
byMrs. Stewart's Classroom
 
解构主义设计
byedward286
 
Challenges in global warming
byrcgoudabloemendaal
 
N.Saravanan
byTurbo Saravanan
 
Piccola storia di provincia
byMichela Mamprin
 
Abraham maslow
byDavid García Montero
 
Social Branding - Gerd Leonhard (Media Futures Group) at #CSMM
byArjen Strijker
 
Presentation1
byNur Hazira Azahari
 

Similar to 6 security

PPT
E-COMMERCE SECURITY (2).ppt
byHemlata Gangwar
 
PPT
Electronic commerce security seventh annual edition
bypathanaazim
 
PPT
E-COMMERCE SECURITY (1).ppt VI6R7UTGT6T5FRKDLKUTY
bysubhamkumar56644
 
PPT
E-COMMERCE SECURITY , e bussines nvjfffbjurgrujgkmdgnfblguisrljkfbbjsreio[q3g...
bysubhamkumar56644
 
PDF
E Commerce security
byMayank Kashyap
 
PPTX
Ecommerce_Ch4.pptx
byAYNETUTEREFE1
 
PPT
E commerce security
byShakti Singh
 
PPT
Securing E-Commerce Networks Presentation.ppt
byanshikagoel52
 
PDF
wireless networking chapter three WAN.pdf
byamarehope21
 
PPTX
INTERNETSECURITY with the different threats
byPrabinPathak5
 
PPTX
Security in Computer System
byManesh T
 
PPT
Computer Systems Security
bydrkelleher
 
PPT
Computersystemssecurity 090529105555-phpapp01
byMiigaa Mine
 
PDF
Security in computer systems fundamentals
byManesh T
 
PPT
Technical seminar on Security
bySTS
 
PPT
Security
bymajstors
 
PPT
Chapter1 intro network_security_sunorganised
byBule Hora University
 
PPTX
Security in e commerce
byakhand Akhandenator
 
PPT
1 network securityIntroduction - MSC.ppt
bybilqesahmed608
 
PPTX
Computer Security Chapter 1
byTemesgen Berhanu
 
E-COMMERCE SECURITY (2).ppt
byHemlata Gangwar
 
Electronic commerce security seventh annual edition
bypathanaazim
 
E-COMMERCE SECURITY (1).ppt VI6R7UTGT6T5FRKDLKUTY
bysubhamkumar56644
 
E-COMMERCE SECURITY , e bussines nvjfffbjurgrujgkmdgnfblguisrljkfbbjsreio[q3g...
bysubhamkumar56644
 
E Commerce security
byMayank Kashyap
 
Ecommerce_Ch4.pptx
byAYNETUTEREFE1
 
E commerce security
byShakti Singh
 
Securing E-Commerce Networks Presentation.ppt
byanshikagoel52
 
wireless networking chapter three WAN.pdf
byamarehope21
 
INTERNETSECURITY with the different threats
byPrabinPathak5
 
Security in Computer System
byManesh T
 
Computer Systems Security
bydrkelleher
 
Computersystemssecurity 090529105555-phpapp01
byMiigaa Mine
 
Security in computer systems fundamentals
byManesh T
 
Technical seminar on Security
bySTS
 
Security
bymajstors
 
Chapter1 intro network_security_sunorganised
byBule Hora University
 
Security in e commerce
byakhand Akhandenator
 
1 network securityIntroduction - MSC.ppt
bybilqesahmed608
 
Computer Security Chapter 1
byTemesgen Berhanu
 

6 security

  • 1.
  • 2.
    • Modern computersecurity involves the protection of electronic communications and the maintenance of network security. A successful, secure transaction must meet four fundamental requirements: Privacy, integrity, authentication and non repudiation. • The privacy issue is: How do you ensure that the information you transmit over the Internet has not been captured or passed on to a third party without your knowledge?
  • 3.
    • The integrityissue is: How do you ensure that the information you send or receive has not been compromised or altered? • The authentication issue is: How do the sender and recipient of a message verify their identities?
  • 4.
    • The nonrepudiation issue is: How do you legally prove that a message was sent or received? In addition to these requirements, network security addresses the issue of availability: How do we ensure that the network and the computer systems to which it connects will remain in operation continuously? • In the next several sections, we will explore Internet security and the technologies and protocols used to secure e-commerce transactions and communications
  • 5.
    • Cryptography transformsdata by using a cipher, or cryptosystem (a mathematical algorithm for the encryption of messages). • An algorithm is a computer science term for “procedure.” A key (a string of digits that acts as a password in the cipher) makes the data incomprehensible to all but the sender and intended recipients.
  • 6.
    • Unencrypted datais known as plain text, whereas encrypted data is called ciphertext. Only the intended recipients should possess the corresponding key to decrypt the ciphertext into plaintext. • Each party in a transaction has both a public key and a private key. • To transmit a message securely, the sender uses the recipient’s public key to encrypt the message. The recipient then decrypts the message using his or her unique private key
  • 7.
    • Digital signatures,the electronic equivalent of written signatures, are used in publickey cryptography to solve authentication and integrity problems • A digital signature authenticates the sender’s identity, and, like a written signature, it is difficult to forge. To create a digital signature, a sender first runs a plaintext message through a hash function, which is a mathematical calculation that gives the message a hash value.
  • 8.
    • The SecureSockets Layer (SSL) protocol, developed by Netscape Communications, is a non-proprietary protocol commonly used to secure communications between two computers on the Internet and the Web. • SSL is built into many Web browsers, including Netscape Communicator and Microsoft Internet Explorer, as well as numerous other software • products. Although SSL is not designed specifically to secure online transactions, most e- businesses use the technology for this purpose.
  • 9.
    • Wireless TransportLayer Security (WTLS) is the security protocol for the Wireless Application • Protocol (WAP). WAP is a standard used for wireless communications on mobile phones and other wireless devices. WTLS secures connections between wireless devices and application servers. It provides wireless technology with data integrity, privacy, authentication and denial-of-service security.
  • 10.
    • Organizations aretaking advantage of the existing Internet infrastructure to create Virtual Private Networks (VPNs), which link multiple networks, wireless users, customers and other remote users. • A VPN is created by establishing a “secure tunnel” between multiple networks. • Internet Protocol Security (IPSec) is one of the technologies used to secure the “tunnel” through which the data passes
  • 11.
  • 12.
    • Recent cyberattackson e-businesses have made the front-pages of newspapers worldwide. • Denial-of-service attacks (DoS), viruses and worms have cost companies billions of dollars. • Typically, a denial-of-service attack occurs when a network or server is flooded with data packets. • The influx of data greatly increases the traffic on the network, overwhelming the servers and making it impossible for legitimate users to download information
  • 13.
    • A distributeddenial-of-service attack occurs when an unauthorized user gains illegitimate control of a network of computers (usually by installing viruses on the computers) and then uses all the computers simultaneously to attack. These attacks cause networked computers to crash or disconnect from the network, making services unavailable for legitimate users.
  • 14.
    • Viruses arecomputer programs—often sent as e-mail attachments or disguised as audio clips, video clips and games—that attach to, or overwrite other programs in efforts to replicate themselves. Viruses can corrupt files or even wipe out a hard drive. The spread of a virus occurs through sharing “infected” files embedded in e-mail attachments, documents or programs.
  • 15.
    • worms aresimilar to viruses, a worm can spread and infect files on its own over a network; worms do not need to be attached to another program to spread. • One of the most famous viruses to date is the ILOVEYOU virus which hit in May 2000, costing organizations and individuals billions of dollars. Viruses and worms are not limited to computers. • In June 2000, a worm named Timofonica that was propagated through e-mail quickly made its way into the cell-phone network in Spain, sending prank calls and leaving text messages on subscribers’ phones
  • 16.
    • Who isresponsible for viruses and denial-of-service attacks? Most often the responsible parties are referred to as hackers or crackers. Hackers and crackers are usually skilled programmers. • According to some, hackers break into systems just for the thrill of it, without causing harm to the compromised systems, whereas crackers have malicious intent. However, regardless of an attack’s consequences, hackers and crackers break the law by accessing or damaging private information and computers. • Many vendors offer antivirus utilities that help protect computers against viruses and other threats
  • 17.
    • The goalof network security is to allow authorized users access to information and services while preventing unauthorized users from gaining access to, and possibly corrupting, the network. • A basic tool used in network security is the firewall, which protects a local area network (LAN) from intruders outside the network.
  • 18.