Uploaded byyuliana_mar
PPT, PDF965 views

Information Security Management. Security solutions copy

The document outlines various information security management solutions, emphasizing the importance of reducing harm from security breaches and the significant financial losses businesses incur due to attacks. It discusses key components of security management, including cryptographic solutions, access control systems, data traffic control, and security analysis processes. Additionally, it introduces frameworks like ISO and NIST that guide organizational security practices.

Embed presentation

Downloaded 47 times
Information Security Management Security Solutions By Yuliana Martirosyan Based on Bell G. Reggard, Information Security Management. Concepts and Practices.
13. Security Solutions Information protection is not a goal in itself but rather the reduction of owner’s harm resulting from it. American Bar association reported a decade ago that hackers caused harm as high as $10 million. FBA reports that business lose $7.5 billion a year to attacks. 13.1 Introduction
13. Security Solutions 13.2 Security Solutions Organization of security solutions Security Solution Cryptography Access Control Traffic Control PhysicalSecurity Analysis Hash Symmetric Cryptography Public-Key Cryptography DS VPN Passwords Authentication Biometrics VPN IP Packet Filter Firewalls IP App Level Firewalls Hybrid Firewall Cyberwall Statefull Insp. Firewall VPN Audit Penetration Security Plan Reviews Risk Analysis Vulnerability Assessment Intrusion Detection Locks Disconnect Backup Higher Availability Clusters Security Mngmt
13. Security Solutions 13.2.1 Security Management 13.2.1.1 Information Security Management This is the most important class of security solutions. It is related to organizational security of the company. There are two main components: 1. Effectiveness in securing the system (ISO 27002) 2. Information Security Management system (ISO 27001) 13.2 Security Solutions
13. Security Solutions 13.2.1 Security Management 13.2.1.2 Simple Network Management Major components used in networking are routers, switches, firewalls and access servers. (Network topology) Routers draw a hierarchy of LANs and autonomous systems to find optimal paths to information recourses worldwide. 13.2 Security Solutions Network Management Data Centers Unicenter from IBM Network Management System tools Open View from HP Enterprise System Management ESM
13. Security Solutions 13.2.2 Cryptographic Solutions 13.2.2.1 Cryptography Hash Functions Symmetric Cryptography Public-Key Cryptography Digital Signatures Virtual Private Networks 13.2.2.1 The Main Cryptographic Mechanisms Symmetric Cryptography: Private Key (AES) Asymmetric Cryptography: Public Key (RSA) 13.2 Security Solutions
13. Security Solutions 13.2.2 Cryptographic Solutions 13.2.2.3 Block and Stream Ciphers in Symmetric Cryptography Symmetric ciphers are now usually implemented using: • Block ciphers: a fixed-length block of plain text is converted into cipher text of the same length • Stream ciphers: data is encrypted bit/byte at a time 13.2.2.4 Digital Signatures Used to or demonstrating the authenticity of a digital message or document. DS algorithms: RSA, DSS, Elliptic Curves Crypto-systems : PGP, S/MIME 13.2 Security Solutions
13. Security Solutions 13.2.2 Cryptographic Solutions 13.2.2.5 Virtual Private Networks (VPN) A virtual private network (VPN) is a computer network that uses a public telecommunication infrastructure such as the Internet to provide remote offices or individual users with secure access to their organization's network. Intranet VPN: several buildings may be connected to a data center (strong encryption) Remote Access VPN laptops that connect intermittently from different locations (authentication) Extranet VPN access corporate resources across various network architectures 13.2 Security Solutions
13. Security Solutions 13.2.2 Cryptographic Solutions 13.2.2.5.1 Dial-Up VPN (PPTP VPN) 13.2 Security Solutions Firewall Intranet
13.2.2 Cryptographic Solutions: PPP VPN implementation 13. Security Solutions 13.2 Security Solutions Firewall Firewall
13. Security Solutions 13.2.2 Cryptographic Solutions 13.2.2.5.2 Layer Two Tunnel Protocol (L2TP) Layer Two Tunneling Protocol (L2TP) is a combination of PPTP and Layer 2 Forwarding. The main rival to PPTP for VPN tunneling was Cisco’s L2F. 13.2.2.5.1 Internet Protocol Security (IPSEC) IPsec is a collection of protocols that provide low-level network security. IPsec exists at the network layer. 13.2 Security Solutions
13. Security Solutions 13.2.3 Access Control Access control is a system which enables an authority to control access to areas and resources in a given physical facility or computer-based information system. The three most widely recognized models are: • Discretionary Access Control (DAC) • Mandatory Access Control (MAC) • Role Based Access Control (RBAC) 13.2 Security Solutions
13. Security Solutions 13.2.3 Access Control Access Control Technologies: • Passwords, tokens, smart cards, encrypted keys • Authentication • Biometrics • VPN 13.2 Security Solutions
13. Security Solutions 13.2.3 Access Control Authentication Encryption can be used not only to hide data from prying eyes. For example, cryptographic method, Tripwire. It build database of cryptographic checksums for selected files. Attempts to unauthorized access to data will be detected by Tripwire Biometrics Fingerprints, Facial Recognition, Hand geometry, DNA 13.2 Security Solutions
13. Security Solutions 13.2.4 Data Traffic Control Security Rules: Rule1: Trust Inside Rule 2: Least privilege Rule 3: Selective blocking Opposite of Rule 2 Firewalls: Network firewalls Application firewalls Stateful inspection firewalls 13.2 Security Solutions
13. Security Solutions 13.2.5 Security Analysis Security Testing: Penetration testing External Source Penetration Test Internal source penetration Test Target system penetration test Vulnerability Assessment The process of identifying and quantifying weaknesses of the system, and determine their effect. Analyze threats that potentially can cause compromise, spoofing, or denial of service. 13.2 Security Solutions
13. Security Solutions 13.2.5 Security Analysis: Security Review • System, Network and Topology evaluation • Administration checklist • File servers and workstations • Individual accountability • Disaster recovery • Connectivity • E-mail Controls • Policy Review • Logical Security • Managerial security • Physical Security 13.2 Security Solutions
13. Security Solutions 13.2.5 Security Analysis Forensic Investigation • Use of sterile media • Hardware investigation • Original data • Write protected media • Deleted, hidden or recored files • File revision documentation • Data manipulation • Files’ organization • Potential evidence • Report generation 13.2 Security Solutions
13. Security Solutions 13.2.5 Security Analysis Security Audit • Planning the audit • Auditing • Report and post-mortem • Action 13.2 Security Solutions
Security Control Management Class, Family and Identifier Class Family Identifier Management Risk Assessment RA Management Planning PL Management System and Services Acquisition SA Management Certification, Accreditation, and Security Assessment CA 13. Security Solutions 13.3 The NIST Security Solution Taxonomy
Class Family Identifier Operational Personnel Security PS Operational Physical and Environmental Protection PE Operational Contingency Planning CP Operational Configuration Management CM Operational Maintenance MA Operational System and Information Integrity SI Operational Media Protection MP Operational Incident Response IR Operational Awareness and Training AT 13. Security Solutions 13.3 The NIST Security Solution Taxonomy Security Control Technical Class, Family and Identifier
Security Control Technical Class, Family and Identifier Class Family Identifier Operational Identification and Authentication IA Operational Access Control AC Operational Audit and Accountability AU Operational System and Communications Protection SC 13. Security Solutions 13.3 The NIST Security Solution Taxonomy
1 Risk Assessment and Treatment 2 Security Policy 3 Organization of Information Security 4 Asset Management 5 Human Resources Security 6 Physical Security 7 Communications and Ops Management 8 Access Control 9 Information Systems Acquisition, Development, Maintenance 10 Information Security Incident management 11 Business Continuity 12 Compliance 13. Security Solutions 13.4 The ISO Security Taxonomy

More Related Content

PDF
Cybersecurity 101 - Auditing Cyber Security
byEryk Budi Pratama
 
PPT
Information Security Management.Introduction
byyuliana_mar
 
PPT
Information security management v2010
byjoevest
 
PDF
Simplifying the data privacy governance quagmire building automated privacy ...
byAvinash Ramineni
 
PPTX
Security and management
byArtiSolanki5
 
PDF
Personal Data Protection in Indonesia
byEryk Budi Pratama
 
PPTX
Information security
byLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
PPT
Information security
byrazendar79
 
Cybersecurity 101 - Auditing Cyber Security
byEryk Budi Pratama
 
Information Security Management.Introduction
byyuliana_mar
 
Information security management v2010
byjoevest
 
Simplifying the data privacy governance quagmire building automated privacy ...
byAvinash Ramineni
 
Security and management
byArtiSolanki5
 
Personal Data Protection in Indonesia
byEryk Budi Pratama
 
Information security
byLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Information security
byrazendar79
 

What's hot

PPTX
Aspects of data security
bySaranSwathi1
 
PPTX
Introduction to information security
byjayashri kolekar
 
PPT
Introduction to Information Security
byDr. Loganathan R
 
PPTX
Data security
byAbdulBasit938
 
PPTX
Data Security Explained
byHappiest Minds Technologies
 
PPTX
Information security group presentation ppt
byvaishalshah01
 
PDF
Introduction to security
byMukesh Chinta
 
PPTX
Is6120 data security presentation
byJamesDempsey1
 
PPTX
Introduction to information security
byKATHEESKUMAR S
 
PPT
Information security
byLJ PROJECTS
 
PPTX
what is data security full ppt
byShahbaz Khan
 
PPTX
Information security
byavinashbalakrishnan2
 
PDF
INFORMATION SECURITY: THREATS AND SOLUTIONS.
byNi
 
PDF
The importance of information security
byethanBrownusa
 
PPTX
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
PPTX
Information security principles
byDan Morrill
 
DOCX
The CIA Triad - Assurance on Information Security
byBharath Rao
 
PPT
Information Security
byDhilsath Fathima
 
PPT
002.itsecurity bcp v1
byMohammad Ashfaqur Rahman
 
PDF
Information security for dummies
byIvo Depoorter
 
Aspects of data security
bySaranSwathi1
 
Introduction to information security
byjayashri kolekar
 
Introduction to Information Security
byDr. Loganathan R
 
Data security
byAbdulBasit938
 
Data Security Explained
byHappiest Minds Technologies
 
Information security group presentation ppt
byvaishalshah01
 
Introduction to security
byMukesh Chinta
 
Is6120 data security presentation
byJamesDempsey1
 
Introduction to information security
byKATHEESKUMAR S
 
Information security
byLJ PROJECTS
 
what is data security full ppt
byShahbaz Khan
 
Information security
byavinashbalakrishnan2
 
INFORMATION SECURITY: THREATS AND SOLUTIONS.
byNi
 
The importance of information security
byethanBrownusa
 
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
Information security principles
byDan Morrill
 
The CIA Triad - Assurance on Information Security
byBharath Rao
 
Information Security
byDhilsath Fathima
 
002.itsecurity bcp v1
byMohammad Ashfaqur Rahman
 
Information security for dummies
byIvo Depoorter
 

Viewers also liked

PPTX
Marcos seguridad-v040811
byfaau09
 
PDF
Práctica calificada 2
byKramer Garay Gómez
 
PDF
Information Security Intelligence
byguest08b1e6
 
PDF
Lecture5
byMajid Taghiloo
 
PPTX
Security concepts
byartisriva
 
PPT
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
byEric Vanderburg
 
PPTX
360suite Business Objects Xi3 New Security Concepts
bySebastien Goiffon
 
PPTX
NIST IT Standards for Local Governments 2010
byDonald E. Hester
 
PDF
Understanding Information Security
bySanjaya K Saxena
 
PPTX
PACE-IT: Basic Network Concepts (part 2)
byPace IT at Edmonds Community College
 
PDF
Creando un Laboratorio para Evaluar UX - SG Next 2016
byVictor M. Gonzalez
 
PDF
Spanish technical report cmmi v 1 3
byrjsernaque
 
PDF
Brasil oportunidades
byAaronDeejay Montoya Paiva
 
PDF
American revolution
byleed60218
 
PPTX
Evaluación Conferencia 2013 JPH.
byMario Arturo Cervantes Miranda
 
DOCX
Pie los equipos de trabajo en los talleres del ies la rosaleda
byMª Isabel Pérez Ortega
 
PPT
Isidro Laso Ballesteros (DG Information Society and Media) Internet Architect...
byFIA2010
 
PDF
Alubox CATALOG GENERAL 2013 CUTII POSTALE IMPORT
byMail Box Production
 
PDF
MultitudInvisible. Seminario Cultura y Medio Ambiente (Nicaragua)
byCulturAmbiente AC
 
PPTX
Beneficios del aula invertida
byReduca
 
Marcos seguridad-v040811
byfaau09
 
Práctica calificada 2
byKramer Garay Gómez
 
Information Security Intelligence
byguest08b1e6
 
Lecture5
byMajid Taghiloo
 
Security concepts
byartisriva
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
byEric Vanderburg
 
360suite Business Objects Xi3 New Security Concepts
bySebastien Goiffon
 
NIST IT Standards for Local Governments 2010
byDonald E. Hester
 
Understanding Information Security
bySanjaya K Saxena
 
PACE-IT: Basic Network Concepts (part 2)
byPace IT at Edmonds Community College
 
Creando un Laboratorio para Evaluar UX - SG Next 2016
byVictor M. Gonzalez
 
Spanish technical report cmmi v 1 3
byrjsernaque
 
Brasil oportunidades
byAaronDeejay Montoya Paiva
 
American revolution
byleed60218
 
Evaluación Conferencia 2013 JPH.
byMario Arturo Cervantes Miranda
 
Pie los equipos de trabajo en los talleres del ies la rosaleda
byMª Isabel Pérez Ortega
 
Isidro Laso Ballesteros (DG Information Society and Media) Internet Architect...
byFIA2010
 
Alubox CATALOG GENERAL 2013 CUTII POSTALE IMPORT
byMail Box Production
 
MultitudInvisible. Seminario Cultura y Medio Ambiente (Nicaragua)
byCulturAmbiente AC
 
Beneficios del aula invertida
byReduca
 

Similar to Information Security Management. Security solutions copy

PPTX
Cybersecurity and digital Security fundamentals for students
byyogenderjalal2000
 
PDF
ch01.pdf
bySamtech6
 
PDF
CNS - Chapter1
byJeevananthamArumugam
 
PDF
Ericas-Security-Plus-Study-Guide
byErica StJohn
 
PPT
Network security and protocols
byOnline
 
PPTX
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
PPTX
Cyber Risks Implementation on an IP MPLS Network
byGabriel E Ozique
 
PPTX
Unit 1
byKRAMANJANEYULU1
 
PPTX
abc.pptx
byBhargaviGorde1
 
PPTX
9780840024220 ppt ch05
byKristin Harrison
 
PDF
network security.pdf
byKIYALIBAN1
 
PDF
CyberSecurity101.pdf
byDhananjaySingh23178
 
PDF
1 info sec+risk-mgmt
bymadunix
 
PDF
Ccna sec 01
byEduclentMegasoftel
 
PPT
2.4.1 - Intro to Cyber Security for students.ppt
byrameshselvarajkkp
 
PPT
ch_01 Introduction.ppt ( information cyber security)
bykhatuajitendra2003
 
PPT
VIT311 Network Security Essentials Unit 1.ppt
byssuser000e54
 
PDF
IAS1-FINALS.pdf for bsit students who are studying information technology
byLesbertBayanay
 
PPT
IS Security Presentation
byRenjith K P
 
PPT
formintroduction to ISF.ppt ination security fundamentals
byarfatdell
 
Cybersecurity and digital Security fundamentals for students
byyogenderjalal2000
 
ch01.pdf
bySamtech6
 
CNS - Chapter1
byJeevananthamArumugam
 
Ericas-Security-Plus-Study-Guide
byErica StJohn
 
Network security and protocols
byOnline
 
Cybersecurity
byEng Hasan Shamroukh CISCO Exams Author
 
Cyber Risks Implementation on an IP MPLS Network
byGabriel E Ozique
 
Unit 1
byKRAMANJANEYULU1
 
abc.pptx
byBhargaviGorde1
 
9780840024220 ppt ch05
byKristin Harrison
 
network security.pdf
byKIYALIBAN1
 
CyberSecurity101.pdf
byDhananjaySingh23178
 
1 info sec+risk-mgmt
bymadunix
 
Ccna sec 01
byEduclentMegasoftel
 
2.4.1 - Intro to Cyber Security for students.ppt
byrameshselvarajkkp
 
ch_01 Introduction.ppt ( information cyber security)
bykhatuajitendra2003
 
VIT311 Network Security Essentials Unit 1.ppt
byssuser000e54
 
IAS1-FINALS.pdf for bsit students who are studying information technology
byLesbertBayanay
 
IS Security Presentation
byRenjith K P
 
formintroduction to ISF.ppt ination security fundamentals
byarfatdell
 

Recently uploaded

PDF
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
PPTX
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
PDF
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
PDF
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
PDF
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
Agent to agent service discovery using HashiCorp Consul and Vault
byBram Vogelaar
 
PDF
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
PDF
apidays Paris 2025 | Zero Trust By Design
byapidays
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PPTX
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
Agent to agent service discovery using HashiCorp Consul and Vault
byBram Vogelaar
 
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
apidays Paris 2025 | Zero Trust By Design
byapidays
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 

Information Security Management. Security solutions copy

  • 1.
    Information Security Management Security Solutions ByYuliana Martirosyan Based on Bell G. Reggard, Information Security Management. Concepts and Practices.
  • 2.
    13. Security Solutions Informationprotection is not a goal in itself but rather the reduction of owner’s harm resulting from it. American Bar association reported a decade ago that hackers caused harm as high as $10 million. FBA reports that business lose $7.5 billion a year to attacks. 13.1 Introduction
  • 3.
    13. Security Solutions 13.2Security Solutions Organization of security solutions Security Solution Cryptography Access Control Traffic Control PhysicalSecurity Analysis Hash Symmetric Cryptography Public-Key Cryptography DS VPN Passwords Authentication Biometrics VPN IP Packet Filter Firewalls IP App Level Firewalls Hybrid Firewall Cyberwall Statefull Insp. Firewall VPN Audit Penetration Security Plan Reviews Risk Analysis Vulnerability Assessment Intrusion Detection Locks Disconnect Backup Higher Availability Clusters Security Mngmt
  • 4.
    13. Security Solutions 13.2.1Security Management 13.2.1.1 Information Security Management This is the most important class of security solutions. It is related to organizational security of the company. There are two main components: 1. Effectiveness in securing the system (ISO 27002) 2. Information Security Management system (ISO 27001) 13.2 Security Solutions
  • 5.
    13. Security Solutions 13.2.1Security Management 13.2.1.2 Simple Network Management Major components used in networking are routers, switches, firewalls and access servers. (Network topology) Routers draw a hierarchy of LANs and autonomous systems to find optimal paths to information recourses worldwide. 13.2 Security Solutions Network Management Data Centers Unicenter from IBM Network Management System tools Open View from HP Enterprise System Management ESM
  • 6.
    13. Security Solutions 13.2.2Cryptographic Solutions 13.2.2.1 Cryptography Hash Functions Symmetric Cryptography Public-Key Cryptography Digital Signatures Virtual Private Networks 13.2.2.1 The Main Cryptographic Mechanisms Symmetric Cryptography: Private Key (AES) Asymmetric Cryptography: Public Key (RSA) 13.2 Security Solutions
  • 7.
    13. Security Solutions 13.2.2Cryptographic Solutions 13.2.2.3 Block and Stream Ciphers in Symmetric Cryptography Symmetric ciphers are now usually implemented using: • Block ciphers: a fixed-length block of plain text is converted into cipher text of the same length • Stream ciphers: data is encrypted bit/byte at a time 13.2.2.4 Digital Signatures Used to or demonstrating the authenticity of a digital message or document. DS algorithms: RSA, DSS, Elliptic Curves Crypto-systems : PGP, S/MIME 13.2 Security Solutions
  • 8.
    13. Security Solutions 13.2.2Cryptographic Solutions 13.2.2.5 Virtual Private Networks (VPN) A virtual private network (VPN) is a computer network that uses a public telecommunication infrastructure such as the Internet to provide remote offices or individual users with secure access to their organization's network. Intranet VPN: several buildings may be connected to a data center (strong encryption) Remote Access VPN laptops that connect intermittently from different locations (authentication) Extranet VPN access corporate resources across various network architectures 13.2 Security Solutions
  • 9.
    13. Security Solutions 13.2.2Cryptographic Solutions 13.2.2.5.1 Dial-Up VPN (PPTP VPN) 13.2 Security Solutions Firewall Intranet
  • 10.
    13.2.2 Cryptographic Solutions:PPP VPN implementation 13. Security Solutions 13.2 Security Solutions Firewall Firewall
  • 11.
    13. Security Solutions 13.2.2Cryptographic Solutions 13.2.2.5.2 Layer Two Tunnel Protocol (L2TP) Layer Two Tunneling Protocol (L2TP) is a combination of PPTP and Layer 2 Forwarding. The main rival to PPTP for VPN tunneling was Cisco’s L2F. 13.2.2.5.1 Internet Protocol Security (IPSEC) IPsec is a collection of protocols that provide low-level network security. IPsec exists at the network layer. 13.2 Security Solutions
  • 12.
    13. Security Solutions 13.2.3Access Control Access control is a system which enables an authority to control access to areas and resources in a given physical facility or computer-based information system. The three most widely recognized models are: • Discretionary Access Control (DAC) • Mandatory Access Control (MAC) • Role Based Access Control (RBAC) 13.2 Security Solutions
  • 13.
    13. Security Solutions 13.2.3Access Control Access Control Technologies: • Passwords, tokens, smart cards, encrypted keys • Authentication • Biometrics • VPN 13.2 Security Solutions
  • 14.
    13. Security Solutions 13.2.3Access Control Authentication Encryption can be used not only to hide data from prying eyes. For example, cryptographic method, Tripwire. It build database of cryptographic checksums for selected files. Attempts to unauthorized access to data will be detected by Tripwire Biometrics Fingerprints, Facial Recognition, Hand geometry, DNA 13.2 Security Solutions
  • 15.
    13. Security Solutions 13.2.4Data Traffic Control Security Rules: Rule1: Trust Inside Rule 2: Least privilege Rule 3: Selective blocking Opposite of Rule 2 Firewalls: Network firewalls Application firewalls Stateful inspection firewalls 13.2 Security Solutions
  • 16.
    13. Security Solutions 13.2.5Security Analysis Security Testing: Penetration testing External Source Penetration Test Internal source penetration Test Target system penetration test Vulnerability Assessment The process of identifying and quantifying weaknesses of the system, and determine their effect. Analyze threats that potentially can cause compromise, spoofing, or denial of service. 13.2 Security Solutions
  • 17.
    13. Security Solutions 13.2.5Security Analysis: Security Review • System, Network and Topology evaluation • Administration checklist • File servers and workstations • Individual accountability • Disaster recovery • Connectivity • E-mail Controls • Policy Review • Logical Security • Managerial security • Physical Security 13.2 Security Solutions
  • 18.
    13. Security Solutions 13.2.5Security Analysis Forensic Investigation • Use of sterile media • Hardware investigation • Original data • Write protected media • Deleted, hidden or recored files • File revision documentation • Data manipulation • Files’ organization • Potential evidence • Report generation 13.2 Security Solutions
  • 19.
    13. Security Solutions 13.2.5Security Analysis Security Audit • Planning the audit • Auditing • Report and post-mortem • Action 13.2 Security Solutions
  • 20.
    Security Control ManagementClass, Family and Identifier Class Family Identifier Management Risk Assessment RA Management Planning PL Management System and Services Acquisition SA Management Certification, Accreditation, and Security Assessment CA 13. Security Solutions 13.3 The NIST Security Solution Taxonomy
  • 21.
    Class Family Identifier OperationalPersonnel Security PS Operational Physical and Environmental Protection PE Operational Contingency Planning CP Operational Configuration Management CM Operational Maintenance MA Operational System and Information Integrity SI Operational Media Protection MP Operational Incident Response IR Operational Awareness and Training AT 13. Security Solutions 13.3 The NIST Security Solution Taxonomy Security Control Technical Class, Family and Identifier
  • 22.
    Security Control TechnicalClass, Family and Identifier Class Family Identifier Operational Identification and Authentication IA Operational Access Control AC Operational Audit and Accountability AU Operational System and Communications Protection SC 13. Security Solutions 13.3 The NIST Security Solution Taxonomy
  • 23.
    1 Risk Assessmentand Treatment 2 Security Policy 3 Organization of Information Security 4 Asset Management 5 Human Resources Security 6 Physical Security 7 Communications and Ops Management 8 Access Control 9 Information Systems Acquisition, Development, Maintenance 10 Information Security Incident management 11 Business Continuity 12 Compliance 13. Security Solutions 13.4 The ISO Security Taxonomy

Editor's Notes

  • #4 We organize information security solutions into six classes: security management, cryptography, access control, data traffic control, security analysis, and physical security.
  • #6 Sophisticated computer management systems, called system controllers, have been around for decades. This units were hooked up in mainframes in data centers. OpenView has built-in IP network management standard Simple Network Management Protocol (SNMP). ESM: fuziness in the area separating networks and computers from the development of the client-serve technology that moved data from data centers to internetworking topology.
  • #7 Symmetric Algorithm main parts are:            Plaintext          Encryption Algorithm          Secret Key – the main secret          Cipher Text          Decryption
  • #8 Modern symmetric block encryption algorithms are mainly based on the Feistel block cipher structure. Feistel proposed the use of a cipher that alternates substitutions and permutations. In fact, this is a practical application of a proposal by Claude Shannon to develop a product cipher that alternates confusion and diffusion functions. Diffusion, when each cipher text digit is affected by many plaintext digits. Confusion, when the relationship between the statistics of the cipher text and the value of the encryption key is as complex as possible.   Block ciphers include DES, IDEA, SAFER, Blowfish… Also I would like to mention that the Skipjack -- this last being the algorithm used in the US National Security Agency (NSA) Clipper chip, used for U. S. government's Escrowed Encryption Standard (EES), is block cipher.
  • #9 Intranet VPN This is considered "client transparent" VPN. It is usually implemented for networks within a common network infrastructure but across various physical locations. For instance several buildings may be connected to a data center, that they can access securely through private lines. Those VPNs need to be especially secure with strong encryption and meet strict performance and bandwidth requirements. Remote Access VPN Here VPN is "client initiated". It is intended for remote users that need to connect to their corporate LAN from various point of connections. It is intended for telecommuters and salesmen equipped with laptops that connect intermittently from different locations (homes, hotels, conference halls...). The key factor here is flexibility as performance and bandwidth are usually minimal and less of an issue. More than encryption, authentication will be the main security concern. Extranet VPN In this case VPN uses the Internet as main backbone. It usually addresses a wider scale of users and locations, enabling users to access corporate resources across various network architectures. They rely on VPN standards to ensure maximum compatibility while trying not to overly compromise security.
  • #10 Computers can use the PPTP protocol to securely connect to a private network as a remote access client by using a public data network such as the Internet. In other words, PPTP enables on-demand, virtual private networks over the Internet or other public TCP/IP-based data networks. PPTP can also be used by computers connected to a LAN to create a virtual private network across the LAN. PPTP is configured by adding virtual devices referred to as virtual private networks (VPNs) to the RAS and Dial-Up Networking. Most PPTP sessions are started by a client dialing up an ISP network access server.
  • #11 The Point-to-Point Protocol (PPP) is a data link layer protocol which encapsulates other network layer protocols for transmission on synchronous and asynchronous communication lines. Two precise definitions of "point-to-point" in the context of data communications follow: A network configuration in which a connection is established between two, and only two points. The connection may include switching facilities. A circuit connecting two points without the use of any intermediate terminal or computer. The PPP protocol is used to create the dial-up connection between the client and network access server and performs the following three functions: Establishes and ends the physical connection. The PPP protocol uses a sequence defined in RFC 1661 to establish and maintain connections between remote computers. Authenticates users. PPTP clients are authenticated by using the PPP protocol. Clear text, encrypted, or Microsoft encrypted authentication can be used by the PPP protocol. Creates PPP datagrams that contain encrypted IPX, NetBEUI, or TCP/IP packets . PPP creates datagrams which contain one or more encrypted TCP/IP, IPX, or NetBEUI data packets. Because the network packets are encrypted, all traffic between a PPP client and a network access server is secure.
  • #12 Layer Two Tunneling Protocol (L2TP) is a combination of PPTP and Layer 2 Forwarding (L2F), a technology proposed by Cisco® Systems, Inc. Rather than having two incompatible tunneling protocols competing in the marketplace and causing customer confusion, the IETF mandated that the two technologies be combined into a single tunneling protocol that represents the best features of PPTP and L2F. L2TP is documented in RFC 2661.
  • #13 Access control techniques Access control techniques are sometimes categorized as either discretionary or non-discretionary. The three most widely recognized models are Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role Based Access Control (RBAC). MAC and RBAC are both non-discretionary. (DAC) is an access policy determined by the owner of an object. The owner decides who is allowed to access the object and what privileges they have. (MAC) is an access policy determined by the system, not the owner. MAC is used in multilevel systems that process highly sensitive data, such as classified government and military information. A multilevel system is a single computer system that handles multiple classification levels between subjects and objects. (RBAC) is an access policy determined by the system, not the owner. RBAC is used in commercial applications and also in military systems, where multi-level security requirements may also exist. RBAC differs from DAC in that DAC allows users to control access to their resources, while in RBAC, access is controlled at the system level, outside of the user's control. Although RBAC is non-discretionary, it can be distinguished from MAC primarily in the way permissions are handled. MAC controls read and write permissions based on a user's clearance level and additional labels. RBAC controls collections of permissions that may include complex operations such as an e-commerce transaction, or may be as simple as read or write. A role in RBAC can be viewed as a set of permissions.
  • #16 The principle of least privilege states that only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary. Network firewalls protect the perimeter of a network by watching traffic that enters and leaves. An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall. Stateful firewall (any firewall that performs stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection state will be allowed by the firewall; others will be rejected.
  • #17 A penetration test is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities. External testing(Black box) refers to attacks on the organization's network perimeter using procedures performed from outside the organization's systems, that is, from the Internet or Extranet. Internal testing (White box) penetration test evaluates the efficacy of a network’s internal protection. Network configurations, source codes and the occasional password are provided in the white box penetration test.
  • #21 Security controls in the security control catalog (NIST SP 800-53, Appendix F) have a well-defined organization and structure. The security controls are organized into classes and families for ease of use in the control selection and specification process. There are three general classes of security controls (i.e., management, operational, and technical18). Each family contains security controls related to the security function of the family. A standardized, two-character identifier is assigned to uniquely identify each control family. Table summarizes the classes and families in the security control catalog and the associated family identifiers.
  • #23 An agency has the flexibility to tailor the security control baseline in accordance with the terms and conditions set forth in the standard. Tailoring activities include: (i) the application of scoping guidance; (ii) the specification of compensating controls; (iii) the specification of agency-defined parameters in the security controls, where allowed. The system security plan should document all tailoring activities.