2. Text Book and Reference Books Network Security Essentials: Applications and Standards - William Stallings Cryptography and Network Security Principles and Practices -William Stallings Network security: PRIVATE communication in a PUBLIC world - Kaufman, Perlman, and Speciner
5. Course Outline (2/2) Network and system security applications Authentication Applications: Kerberos Email security: PGP (Pretty Good Privacy) IP security: IPSEC Web and E-commerce: Secure Socket Layer Firewalls Intrusion detection Malicious Software
6. Information Security Protection of information from theft, corruption, or collapse by unauthorized activities/untrustworthy individuals and unplanned events respectively, while allowing the information and property to remain accessible to its intended users.
7. Information Security – Computer Security & Network Security Computer Security A collection of tools designed to protect data stored on a machine. Network Security Security measures needed to protect data during transmission. No distinct boundaries between the two.
8. Understanding the Terminology through Example (1/5) User A transmits a file to user B. The file contains sensitive information that is to be protected from disclosure. User C, who is not authorized to read the file, is able to monitor the transmission and capture a copy of the file during its transmission. CONFIDENTIALITY Assuring information will be kept secret, with access limited to appropriate (authorized) persons.
9. Understanding the Terminology through Example (2/5) A network manager, D, transmits a message to a computer, E, under its management. The message instructs computer E to update a file to include the identities of a number of new users who are to be given access to that computer. User F intercepts the message, alter its contents to add or delete entries, and then forwards the message to E, which accepts the message as coming from manager D and updates its authorization file accordingly. INTEGRITY (MESSAGE INTEGRITY) Assuring information will not be accidentally or maliciously altered or destroyed.
10. Understanding the Terminology through Example (3/5) Denial of Service (DoS) attacks can bring down networks, servers, or applications. A hacker or disgruntled employee could delete important data. AVAILABILITY Assuring information and communications services will be ready for use when expected.
11. Understanding the Terminology through Example (4/5) In continuation with example 2, rather than intercepting a message, user F constructs its own message with the desired entries and transmits that message to E as if it had come from manager D. Computer E accepts that message as coming from manager D and updates its authorization file accordingly. AUTHENTICATION (ORIGIN INTEGRITY) To positively verify the identity of an entity, often as a prerequisite to allowing access to resources in a system.
12. Understanding the Terminology through Example (5/5) A message is sent from a customer to a stockbroker with instructions for various transactions. Subsequently, the investments lose value and the customer denies sending the message. NON-REPUDIATION Method by which the sender of data is provided with proof of delivery and the recipient is assured of the sender’s identity, so that neither can later deny having processed the data.
13. Revisiting the Definition Protection of information from theft, corruption, or collapse by unauthorized activities/untrustworthy individuals and unplanned events respectively, while allowing the information and property to remain accessible to its intended users. CONFIDENTIALITY, INTEGRITY & AVAILABILITY
